From philipp at hug.cx Thu Mar 1 00:28:59 2001 From: philipp at hug.cx (Philipp Hug) Date: Tue Dec 2 02:33:32 2003 Subject: Again: Win2k, joining domain References: Message-ID: <002d01c0a1e6$9bab78f0$1f0110ac@orca> Hi, > > I also receive this error, but there is neither a machine account for my w2k > box in smbpasswd+/etc/passwd nor it is being created when trying to join the > 2.2-dom. > My config looks like the 2.2 CVS PDC HOWTO example. > You have probably set a wrong adduser script in smb.conf. Try to manually add your pc-account (pc-name + $) to your passwd file (just passwd; not smbpasswd). philipp From philipp at hug.cx Thu Mar 1 00:25:52 2001 From: philipp at hug.cx (Philipp Hug) Date: Tue Dec 2 02:33:32 2003 Subject: Win2K & Samba & PDC References: Message-ID: <001e01c0a1e6$2c639e50$1f0110ac@orca> Hi The following worked for me: -> remove the computer-name from your smbpasswd-file (don't delete it in your passwd file!) -> try to join from your win2k ws now philipp ----- Original Message ----- From: "Jouni Kyl?-Nikkil?" To: Sent: Tuesday, February 27, 2001 8:00 AM Subject: (Archive Copy) Win2K & Samba & PDC > Hi! > > I have a problemn with Win2K and joining in domain. > I have Redhat 7.0 (guinness) installed it runs my samba(2.2.0 alpha > 2)-server. > Everything worked fine with worgroup otions on but when I chagned > my samba-server to be my master domain server Win2K did not could log in. > I have added my username & password to smbpasswd -file + mine computer with > dollar sign. > > My computer sees domain. When windows ask for password & username for > joining to domain it takes few seconds and after that comes error > 'the procedure number is out of range' > or > 'the remote procedure call failed'. > > > When i looked my smb.log file it says: > --- > [2001/02/27 08:55:19, 0] passdb/smbpass.c:startsmbfilepwent_internal(87) > startsmbfilepwent_internal: unable to open file > /usr/local/samba/private/smbpasswd. Error was Permission denied > [2001/02/27 08:55:19, 0] passdb/passdb.c:iterate_getsam21pwrid(325) > unable to open sam password database. > --- > > Why? I have set all permission to my smbpasswd file. It has 'a+wrx'. > I noticed that after windows asked me for password somehow smbpasswd rights > went back to 'u+rx'. What changes this ? Does samba do it itself? > > Windows version is Windows 2000 professional, 5.0.2195 build 2195. > > Does anyone know what could help me ? > > ---- my smb.conf ---- > > [global] > domain logons = Yes > domain master = Yes > > workgroup = WORK > log level = 1 > security = user > socket options = TCP_NODELAY > netbios name = MINE > status = Yes > os level = 65 > encrypt passwords = Yes > preferred master = Yes > interfaces = eth0 > share modes = Yes > name resolve order = bcast host lmhost wins > nt smb support = Yes > nt pipe support = Yes > nt acl support = Yes > announce as = NT > announce version = 4.2 > lm announce = True > lm interval = 60 > keepalive = 300 > log file = /usr/local/samba/smb.log > > [homes] > comment = Home dirs > browseable = No > read only = No > write only = No > > [samba] > comment = Server > path = /files > public = Yes > read only = no > > [netlogon] > path = /etc/samba/netlogons > writable = no > guest ok = no > > -------------------------------- > > Thanks in advance > Jouni > > From rajeeva at research.bell-labs.com Thu Mar 1 00:50:28 2001 From: rajeeva at research.bell-labs.com (Rajeev Agrawala) Date: Tue Dec 2 02:33:32 2003 Subject: hpdj990c and samba References: <3A9C2F93.5C3CE8D2@research.bell-labs.com> Message-ID: <3A9D9CD4.C2FFA97@research.bell-labs.com> Hello Everybody, I have the same problem for hpdj890 also. If anybody else is using NT printing through samba, can he please verify if he has similar problems. TIA, rajeev Rajeev Agrawala wrote: > Hi, > > I am using samba code from the head branch. When I install drivers for > hpdj990c on a samba server and try to use the printer from a NT machine > I get following error message, when I try to display the document > defaults or properties > > "Function address 0x58426a3 caused a protection fault. (exception code > 0xc0000005)" > > However if I install the same drivers on a NT server and use them from > another NT machine, I can use the printer just fine. > > Could you please help/guide me to fix the problem. > > TIA, > > rajeev From slu at firerun.net Thu Mar 1 01:03:21 2001 From: slu at firerun.net (Patrick) Date: Tue Dec 2 02:33:32 2003 Subject: using samba as a pdc References: <000801c0a18f$7ed1ae40$906abb84@hercules> Message-ID: <3A9D9FD8.5D36D76C@firerun.net> Did you try the CVS 2.2 version of samba? Anything prior will not allow PDC functionality for win2k clients. To get Samba2.2: Look at http://us1.samba.org/samba/docs/ and read the Samba2.2 PDC How to, also look at the howto for CVS commands. Patrick Rastin Pries wrote: > Hello, i want to use samba as a pdc. I tested it with win nt4 as > clients. Therewas no problem. When I used Win 2000 clients, the > clients are not ableto "get into" the domain. Is there any possibility > to run win 2000 clientswith a samba pdc? Rastin > Priespries@informatik.uni-wuerzburg.de -------------- next part -------------- HTML attachment scrubbed and removed From massey at rmci.net Thu Mar 1 04:16:04 2001 From: massey at rmci.net (Mike) Date: Tue Dec 2 02:33:32 2003 Subject: SAMBA and RH 7 Message-ID: What are the main differences between settingup SAMBA on RH 7 and 6.2 so I can map a drive from the NT Server to the Linux box. Also when I try and compile the source I get unknow RPM version how can I fix this. Mike /'^'\ ( o o ) -------------------------------------------------------oOOO--(_)--OOOo------ Mike Benzel --------------- "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) .oooO ( ) Oooo. ---------------------------------------------------------\ (----( )------- \_) ) / (_/ From mjs at digitalconscious.com Thu Mar 1 04:11:40 2001 From: mjs at digitalconscious.com (mjs) Date: Tue Dec 2 02:33:32 2003 Subject: log.smb Message-ID: are these messages in my log.smb normal,..can someone shed some light on this [2001/03/01 00:57:49, 1] smbd/files.c:file_init(216) file_init: Information only: requested 10000 open files, 1014 are available. Thanks ____________________________________________ An optimist believes we live in the best of all possible worlds. A pessimist is sure of it! --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.231 / Virus Database: 112 - Release Date: 2/12/2001 From massey at rmci.net Thu Mar 1 04:20:27 2001 From: massey at rmci.net (Mike) Date: Tue Dec 2 02:33:32 2003 Subject: 6.2 RH and SAMBA Message-ID: I have an NT Server that I had a mapped drive to my Linux box using SAMBA, worked great. But for no reason I can find in the man's it stopped working, the logon come up when I reboot the NT server to connect to the Linux box I enter the password and the drive looks connected but I get name not found. The Linux box shows up in the Nethood. My NIC was fine but I changed it and ran all of the IP tests with nothing bad. The script was not changed either...any hints? Mike /'^'\ ( o o ) -------------------------------------------------------oOOO--(_)--OOOo------ Mike Benzel --------------- "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) .oooO ( ) Oooo. ---------------------------------------------------------\ (----( )------- \_) ) / (_/ From schapiro at clerk.pi.huji.ac.il Thu Mar 1 06:10:28 2001 From: schapiro at clerk.pi.huji.ac.il (Schlomo Schapiro) Date: Tue Dec 2 02:33:32 2003 Subject: "One password for all" In-Reply-To: Message-ID: Hi, (maybe OT) I am also currently researching the options Novell gives in integrating Unix & Windows account AND homedirs. Did you have success with the NDS Account Management ? Did you try to SSO, too ? I checked the NFS server so far, but it seems not so good (or I don't understand it) Anyway, Novell is going to publish their own adaption of samba (a CIFS server :-) in "spring", so this might be something interesting to look into. Schlomo PS: Sorry for the OT, but for large mixed networks Novell still has some pluses ... On Wed, 28 Feb 2001, Akop Pogosian wrote: > Is there away to get windows and unix users to use the same password > database for authentication? So far, I have found two Solutions: > > 1. Use pam_ntdom module on the unix hosts, all password/user data > lives on a windows NT PDC. This is not a good solution for us at all > because this is too much hassle just to get a few windows clients > going (our network is mostly unix based). > > 2. Use Novel NDS with their account management software (a bunch of > windows utilities and unix pam modules that make all clients, windows > and unix, authenticate from the same database in NDS). > > 3(?) iPlanet directory server can "synchronize" the passwords with a > windows NT PDC and I don't know how well that works. > > Is there a solution, probably samba based that makes uses a single > password database or does password synchronization completely > transparently, that doesn't involve Windows based PDCs and preferably > other proprietary software? Right now, I am thinking of using Samba > 2.2.x with a wrapper "passwd" script that would take a password from > user and update the unix and windows password data but that just > sounds ugly, but certainly doable (right now our "passwd" command is > already a wrapper script because we need to change the unix password > and the secure RPC password simultaneously, those who use NIS+ would > know what I am talking about ..) > > > -akop > > > > -- Schlomo Schapiro Computation Authority Hebrew University of Jerusalem Tel: ++972 / 2 / 65-84404 Fax: 65-27349 email: schapiro@clerk.pi.huji.ac.il WWW: http://shum.cc.huji.ac.il/~schapiro From barth at cck.uni-kl.de Thu Mar 1 06:11:46 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:32 2003 Subject: Diskspace piechart query Message-ID: <200103010611.HAA26330@fbk.mv.uni-kl.de> You have to complie samba with the configure option --with-quotas. This option may not be supportet on all OSs. Christian From barth at cck.uni-kl.de Thu Mar 1 06:16:35 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:32 2003 Subject: Samba 2.2.0-alpha2 Domain Logon Problem Message-ID: <200103010616.HAA26375@fbk.mv.uni-kl.de> What do you mean by "reset the client"? If this means "reinstall" you have to rejoin it to the domain, because the machine-password is changed during the joining and every once a wiele. Christian From abartlet at pcug.org.au Thu Mar 1 07:05:50 2001 From: abartlet at pcug.org.au (Andrew Bartlett) Date: Tue Dec 2 02:33:32 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: Message-ID: <3A9DF4CE.1E1AE08B@bartlett.house> Steve Langasek wrote: > > On Tue, 27 Feb 2001, Peter Samuelson wrote: > > > > I think I sort of like Andrew's proposal better -- ignore the duplicate > > group names entirely w/r/t sending and receiving security descriptor > > information. (NT doesn't require it, since unlike Unix it doesn't > > assume that every file has a group.) If the client wants to change the > > ACL of a file to have no groups in it, you can use the default > > nobody-group ('nogroup' on my Linux box). > > How do you decide generally which group names should be ignored? I can > certainly think of cases where I might have a file whose gid maps to a group > that conflicts with a username and I /do/ want to show the group in the file > permissions... > > Steve Langasek > postmodern programmer This discussion started on matters of O(n^3) complexity - I was thinking that if users and their private groups were treated as one, including system groups using the same scheme - that this could help reduce 'n', even if we are stuck with an O(n^3) algorithm. The way to tell if a group is a private group is fairly simple - a simple getgrnam call tells you if there are any non-primary members, and if it is the same name as the user, and particularly if its gid is the same as the user's uid then the odds are pretty good that its a private group. A final check would be if no other users have this as their primary gid. The results of these checks could be cached for a short period of time - as the answer (true/false, this is a primary group) isn't likely to change often. The number of checks could be configured by the admin, as they should know how they arranged their system. If you do have a user/group name clash, then and only then do you need to look into name-space issues - some installations might get away with it altogether, I know mine would. This way the security descriptor would not show the group, and if users are looked up before groups, then this should remove some of the complexity from the whole operation. In any case, it would be good to get a list of all groups on a system and not see all the private groups setup for each individual user when all I want to see is admins, staff and students - if you see what I mean. This would also knock out many of the 'system' groups in the process, as they exist only because they don't want to run as 'nogroup' - they are just private groups for that particular system daemon. On an implementation level, the reverse can be also be applied: If a user removes all group permissions on a file (thereby leaving it groupless) it can simply be changed back to that users primary (often private) group - or even nogroup, with group mode 0 if necessary. This would then be relayed back to NT to look as expected - this file has no group permissions. Or am I just talking through my hat? Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au From akopps at CSUA.Berkeley.EDU Thu Mar 1 07:11:12 2001 From: akopps at CSUA.Berkeley.EDU (Akop Pogosian) Date: Tue Dec 2 02:33:32 2003 Subject: "One password for all" In-Reply-To: Message-ID: On Thu, 1 Mar 2001, Schlomo Schapiro wrote: > Hi, > > (maybe OT) > > I am also currently researching the options Novell gives in integrating > Unix & Windows account AND homedirs. > > Did you have success with the NDS Account Management ? Did you try to SSO, > too ? I checked the NFS server so far, but it seems not so good (or I > don't understand it) > > Anyway, Novell is going to publish their own adaption of samba (a CIFS > server :-) in "spring", so this might be something interesting to look > into. > > Schlomo Well, I haven't used NDS with Account Management but the specs sure look cool. Someone I know who used it says that it seems to work fine. As for home dir sharing I don't see why novel has to do anything with it, I am just interested in their directory services related products. -akop From dl at tyfon.net Thu Mar 1 07:35:26 2001 From: dl at tyfon.net (Dan Larsson) Date: Tue Dec 2 02:33:32 2003 Subject: Diskspace piechart query In-Reply-To: <3A9D5CDF.847B7C8B@eeigm.inpl-nancy.fr> Message-ID: On Wed, 28 Feb 2001, Christian Duclou wrote: | Does anyone have the answer ? | C.D. Yes, you have to configure samba to use quotas at compile time. | Regards +------ Dan Larsson | Tel: +46 8 550 120 21 Tyfon Svenska AB | Fax: +46 8 550 120 02 GPG and PGP keys | finger dl@hq1.tyfon.net From aeby at graeff.com Thu Mar 1 07:53:41 2001 From: aeby at graeff.com (Thomas Aeby) Date: Tue Dec 2 02:33:32 2003 Subject: "One password for all" In-Reply-To: Message-ID: On Wed, 28 Feb 2001, Akop Pogosian wrote: > Is there a solution, probably samba based that makes uses a single > password database or does password synchronization completely > transparently, The SFI Director NG (see http://www.sfi-director.org) contains a database (LDAP) based user management where it is possible to update various other system user dbs (like e.g. /etc/passwd, smbpasswd, NIS, ...) from the central store. It's main disadvantage is that while the development progresses fast there is still no release ready yet (sources are available under GPL though). You could also have a look at Ganymede which also offers some means of a centralized user management. > other proprietary software? Right now, I am thinking of using Samba > 2.2.x with a wrapper "passwd" script that would take a password from > user and update the unix and windows password data but that just > sounds ugly, but certainly doable It *is* IMHO ugly but most of the time works fine. > and the secure RPC password simultaneously, those who use NIS+ would > know what I am talking about ..) Hmh, NIS+ ... :-(( Best regards, Tom ---------------------------------------------------------------------------- "I don't know with what weapons World War III will be fought, but World War IV will be fought with sticks and stones." -- Albert Einstein From peter at cadcamlab.org Thu Mar 1 08:03:47 2001 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:33:32 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: <3A9DF4CE.1E1AE08B@bartlett.house> Message-ID: <15006.611.330762.854439@wire.cadcamlab.org> [Andrew Bartlett] > The way to tell if a group is a private group is fairly simple - a > simple getgrnam call tells you if there are any non-primary members Are you sure? The man page on my system does not actually say that. Sure, the usual Unix implementation of getgrnam() only reads /etc/group and not /etc/passwd, but thanks to NSS, many people do not use the usual Unix implementation of getgrnam() anymore. Also consider AIX: the 'mkuser' utility automatically puts you in /etc/group. (I know this because I had to debug it once: I was creating hundreds of users from a script, and managed to exceed the line length limit of some tool that reads /etc/group.) > A final check would be if no other users have this as their primary > gid. So you have to iterate through getpwent() every time? Bad. Remember, systems like NIS are optimized for getpwnam() -- it is *much* more efficient than a loop through getpwent(). (Granted, with a local /etc/passwd file they are equivalent.) > In any case, it would be good to get a list of all groups on a system > and not see all the private groups setup for each individual user > when all I want to see is admins, staff and students - if you see > what I mean. Here's another way to attack the problem. Samba could have a magic NT group name (say 'nogroup') defined to be invisible to clients, and a syntax for a wildcard Unix group name in your group map file. Peter From Volker.Lendecke at SerNet.DE Thu Mar 1 08:39:56 2001 From: Volker.Lendecke at SerNet.DE (Volker Lendecke) Date: Tue Dec 2 02:33:32 2003 Subject: pwdump In-Reply-To: <61011756BBA2D111A6B10000C03782E0B92453@TQS-MAILSERVER>; from Lothar.Belle@tqs.de on Wed, Feb 28, 2001 at 06:59:16AM +0100 References: <61011756BBA2D111A6B10000C03782E0B92453@TQS-MAILSERVER> Message-ID: On Wed, Feb 28, 2001 at 06:59:16AM +0100, Lothar Belle wrote: > We want use your program "pwdump" > unfortunatly we got the error message after start the program: > get_sid: LookupAccountName for size on name Administrators failed. > Error was Zuordnungen von > Kontennamen und Sicherheits-IDs wurden nicht durchgef?hrt > > Pleas can you help me. > Wy doesn?t it work. Your problem is that pwdump contains a check for the group 'Administrators' and thus only works for US Windows NT. Maybe it helps if you rename the group 'Administratoren' or 'Domaenen-Administratoren' to 'Administrators'. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 289 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010301/0abc1cfd/attachment.bin From abartlet at pcug.org.au Thu Mar 1 09:19:46 2001 From: abartlet at pcug.org.au (Andrew Bartlett) Date: Tue Dec 2 02:33:32 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: <3A9DF4CE.1E1AE08B@bartlett.house> <15006.611.330762.854439@wire.cadcamlab.org> Message-ID: <3A9E1432.A1F7CF8C@bartlett.house> Peter Samuelson wrote: > > [Andrew Bartlett] > > The way to tell if a group is a private group is fairly simple - a > > simple getgrnam call tells you if there are any non-primary members > > Are you sure? The man page on my system does not actually say that. > Sure, the usual Unix implementation of getgrnam() only reads /etc/group > and not /etc/passwd, but thanks to NSS, many people do not use the > usual Unix implementation of getgrnam() anymore. I'm not entirely sure what you are saying, but if the getgrnam call returns the user we think is the owner of that group can't we just disregard it? How is that different to it telling us that there are no non-primary members except that we can then be configured to not need the next test? > > Also consider AIX: the 'mkuser' utility automatically puts you in > /etc/group. (I know this because I had to debug it once: I was > creating hundreds of users from a script, and managed to exceed the > line length limit of some tool that reads /etc/group.) I suppose Samba-TNG requiring massive amounts of memory every time it calls getgrnam could be a problem - but this would happen anyway - if we ever call getgrnam that is (wouldn't it?). (I think thats what you were referring to?) > > > A final check would be if no other users have this as their primary > > gid. > > So you have to iterate through getpwent() every time? Bad. Remember, > systems like NIS are optimized for getpwnam() -- it is *much* more > efficient than a loop through getpwent(). (Granted, with a local > /etc/passwd file they are equivalent.) If they are costly then allow them to be disabled - the odds of a group, which is the primary group of a user, and possibly sharing the same number for its uid/gid is IMHO pretty small, particularly if the admin is made aware of the consequences. If the admin wants the extra check, the admin can chose the paranoia check. > > > In any case, it would be good to get a list of all groups on a system > > and not see all the private groups setup for each individual user > > when all I want to see is admins, staff and students - if you see > > what I mean. > > Here's another way to attack the problem. Samba could have a magic NT > group name (say 'nogroup') defined to be invisible to clients, and a > syntax for a wildcard Unix group name in your group map file. > > Peter It just sounds like work. If at all possible, I see no reason to impose the private groups hack on a system that has no need for it - particularly when it gets in the way of a flat namespace. But as I am unlikely to be able to actually write the code to do it, this is most likely the proverbial hot air. -- Andrew Bartlett abartlet@pcug.org.au From eridel.no.spam at kava.be Thu Mar 1 09:45:12 2001 From: eridel.no.spam at kava.be (Eric Delaet) Date: Tue Dec 2 02:33:32 2003 Subject: Problem with oplocks ? In-Reply-To: <200103010616.HAA26375@fbk.mv.uni-kl.de> Message-ID: Today, I had a problem with our Samba 2.0.7 Server. A couple of Win 98 clients weren't able to access some files anymore. The logfile showed [2001/03/01 10:18:56, 0] smbd/oplock.c:request_oplock_break(1204) request_oplock_break: no response received to oplock break request to pid 640 on port 1043 for dev = 806, inode = 5996862 What does this mean ? People can *only* access those files from their Windows workstations. They don't have a valid shell on the Linux box, so there is no way they can edit the file from within the Linux command prompt and Windows at the same time. Although the manual says oplocks improves speed, I temporary disabled oplocks. Regards, Eric. From eiben at busitec.de Thu Mar 1 10:02:24 2001 From: eiben at busitec.de (Henning Eiben) Date: Tue Dec 2 02:33:33 2003 Subject: 2.0.7 <-> TNG In-Reply-To: <3A96A0F1.CF1980B3@gmx.net> Message-ID: <000501c0a236$b6b9af90$9a00a8c0@npc004> > -----Original Message----- > From: Raoul Schroeder [mailto:memphis_ms@gmx.net] > Sent: Friday, February 23, 2001 6:42 PM > To: Henning Eiben > Cc: Simo Sorce; Samba > Subject: Re: 2.0.7 <-> TNG > > > > Well, sounds reasonable ... that's what I already thought ... > Is there any > > way to workaround? > > It's a Windows problem, and I check in W2k, there is no way to > get around this. > You can of course overwrite your "new" TNG profile with the 2.0.7 > profile, but > that smells like manual work. Especially if I switch later back to samba 2.2 or something ... I don't want to update my local profiles every 3 months! -- Henning Eiben eiben@busitec.de busitec GmbH business information technology http://www.busitec.de From roger at labtie.mmt.upc.es Thu Mar 1 10:31:04 2001 From: roger at labtie.mmt.upc.es (roger@labtie.mmt.upc.es) Date: Tue Dec 2 02:33:33 2003 Subject: Samba as a PDC and NIS authentication Message-ID: <3A9E24E8.BC6C2B1B@labtie.mmt.upc.es> hi, We have set up Samba (2.0.7, on a 2.2.17 kernel) as a PDC. Our main problem now is that we would like to unify Windows passwords and Linux passwords taking into account that we are using NIS for Linux authentication. The samba PDC and the NIS Server are on the same machine. We would apreciate any information regarding this pasword unification (Windows with NIS) because we don't know really how to focus the problem (i.e. via scripts, or using any utility, or ?). Thank you very much for your help roger From Rundel at Neuschwender.de Thu Mar 1 10:38:44 2001 From: Rundel at Neuschwender.de (Technik NIT) Date: Tue Dec 2 02:33:33 2003 Subject: user list on clients Message-ID: <001b01c0a23b$cbfb7b40$3422a8c0@workgroup> Hello, world i had a problem with receiving the user list. On my Win2k client i get the list for shares from my suse 7.0 PDC. But not on Win98-Clients. I get the message: The user list is not available at the moment and i should do it later. Another problem is that is only could open my home-dir from win2k and not from win98 The user scipt works fine with samba2.2-alpha2. Can anybody help me? Thanks in advance From lkcl at samba-tng.org Thu Mar 1 10:33:14 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:33 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <15005.26533.9809.364516@wire.cadcamlab.org> Message-ID: it just occurred to me last night, that this is a complete red herring. should really write this up as a white paper. the whole concept of trying to present unix groups as nt groups is a nasty hack. i did it as an exercise to understand what was going on. it combines three principles into one mess: - map username (and map groupname) - SURS. - a SAM database. using these, e.g. there is an implementation of SURS in winbind, you solve the problem. what needs to be done: 1) write a complete SAM database implementation. *IGNORE* unix *TOTALLY* when doing this. no getpwnam, no getgrnam, no getgroups, it has xxxx-all to do with a SAM database 2) write a good SURS implementation. *NOT* the proposals that are floating around that think it's okay to have one-to-many SID<->uid mappings and one-to-many SID<->gid mappings. 3) use map username and re-implement map groupname (map groupname isn't used in samba) now, if you need to make decisions about private groups, about which group names to ignore, etc, that is done in the SURS implementation. a good SURS implementation is to use the same principles that exist in nsswitch, but to add root-only "add new entry" functions. i.e. a series of four set and get functions, sidtouid, uidtosid, sidtogid, gidtosid get and set (root-only on the set), and to have dynamically-named modules in an /etc/sursswitch.conf the current implementation of SURS, which is a good one for appliance-mode type systems where you don't have to worry about users/groups from a unix view-point quite as much, can be split into a module libsurswinbind.so and referenced in /etc/sursswitch.conf. then, if anyone wants to write a SURS module that deals with private groups, they can. if someone wants to write a networked SURS module with a cacheing back-end, they can. if someone wants to write a special module that chews dogfood and whistles the theme tune to 'annie, get your gun', they can [a reference to an entry in the samba survey, from over 4 years ago, if anyone's wondering!!!! :) :)] etc. dr andrew tridgell has agreed with this idea in principle, except he thinks that it would be better to contact the people who are responsible for nsswitch and get them to add the two sets of four get and set functions to nsswitch, which would imply that everyone would need to upgrade their version of nsswitch for this to work. so, essentially, worrying about what method to add to get an experimental learning-curve hack to work less badly is throwing good money after bad. do a proper job, as outlined above, it will save time _and_ be more flexible. luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." On Wed, 28 Feb 2001, Peter Samuelson wrote: > > [me] > > > This whole thing needs caching -- the above sounds like a lot of > > > overhead. > > [Steve Langasek] > > That sounds like over-engineering to me. > > True. If the caching needs to be done it can be done at the libc > level, which I think already happens on many Unices. > > > How do you decide generally which group names should be ignored? I > > can certainly think of cases where I might have a file whose gid maps > > to a group that conflicts with a username and I /do/ want to show the > > group in the file permissions... > > That's a very good point. > > Peter > > > From Christian.Duclou at eeigm.inpl-nancy.fr Thu Mar 1 11:00:43 2001 From: Christian.Duclou at eeigm.inpl-nancy.fr (Christian Duclou) Date: Tue Dec 2 02:33:33 2003 Subject: Samba as a PDC and NIS authentication References: <3A9E24E8.BC6C2B1B@labtie.mmt.upc.es> Message-ID: <3A9E2BDB.D4CB2375@eeigm.inpl-nancy.fr> Hi, I think you should look at LDAP. C.D. roger@labtie.mmt.upc.es wrote: > hi, > > We have set up Samba (2.0.7, on a 2.2.17 kernel) as a PDC. Our main > problem now is that we would like to unify Windows passwords and Linux > passwords taking into account that we are using NIS for Linux > authentication. The samba PDC and the NIS Server are on the same > machine. > > We would apreciate any information regarding this pasword > unification (Windows with NIS) because we don't know really how to focus > the problem (i.e. via scripts, or using any utility, or ?). > > Thank you very much for your help > > roger -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE / F-54010 NANCY - CEDEX - France Phone: +33 383.3683.27 / Fax: +33 383.3683.36 _______________ http://eeigm.inpl-nancy.fr _____________ From lkcl at samba-tng.org Thu Mar 1 10:48:09 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:33 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: Message-ID: > I don't think it really tricks the end-user; for the most part in NT, aren't > the user and group names displayed with icons next to them that indicate the > type of RID they represent? So if I pull up the 'file permissions' dialog box > and see that FOO\vorlon (with a single face next to it) has Full Control (All) > over the file, and FOO\vorlon (with a globe and two faces) only has Read (RX) > access to it, no information has been lost in the translation. The only place > we have difficulty is if we need to textually disambiguate between the group > FOO\vorlon and the user FOO\vorlon. steve, the problem is that as soon as you "dubblclik" on one of those FOO\vorlon names, you will get either the user or the group, and you won't know which, and you can't distnguish which, regardless of which one you dubwclik on. one of them shouldn't be there. anyway, see other messsage. all best, luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From eirvine at tpgi.com.au Thu Mar 1 11:26:19 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:33:33 2003 Subject: Samba as a PDC and NIS authentication References: <3A9E24E8.BC6C2B1B@labtie.mmt.upc.es> Message-ID: <3A9E31DB.C2461C06@tpgi.com.au> Hi, Basically, I use encryted passwords and have to have a smbpasswd file. I also have a web page where students can change their password. This page calls an expect script which changes their NIS password, then changes their smbpasswd. Eddie. roger@labtie.mmt.upc.es wrote: > > hi, > > We have set up Samba (2.0.7, on a 2.2.17 kernel) as a PDC. Our main > problem now is that we would like to unify Windows passwords and Linux > passwords taking into account that we are using NIS for Linux > authentication. The samba PDC and the NIS Server are on the same > machine. > > We would apreciate any information regarding this pasword > unification (Windows with NIS) because we don't know really how to focus > the problem (i.e. via scripts, or using any utility, or ?). > > Thank you very much for your help > > roger From D.Bannon at latrobe.edu.au Thu Mar 1 11:59:53 2001 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:33:33 2003 Subject: "One password for all" In-Reply-To: Message-ID: <3.0.6.32.20010301225953.007c7530@bioserve.latrobe.edu.au> At 02:35 PM 28/2/2001 -0800, Akop Pogosian wrote: >Is there away to get windows and unix users to use the same password >database for authentication? So far, I have found two Solutions: > >1. Use pam_ntdom module on the unix hosts, ..... Well I've used pam_smb very successfully. All passwords (except root) are stored in the smbpasswd list. All authentication (for unix) is done pam->pam_smb->smbpasswd. The users see no difference, I replaced the passwd command with a link to smbpasswd and everything is transparent. Very easy to set up and quite likely more secure (in that things don't work the way buffer overrun exploiters expect). Only suitable for pam aware system of course. Gee, now I need pam for True64 ! There is a bit about it in Samba 2.2 PDC HowTo David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Thu Mar 1 12:03:25 2001 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:33:33 2003 Subject: Changing your samba password from windows In-Reply-To: <012101c0a1aa$893ccf70$2800a8c0@leinet> Message-ID: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> At 09:18 AM 28/2/2001 -0800, Greg J. Zartman, P.E. wrote: > >I'm running samba 2.2 alpha2 as a PDC for Win 2k and win 98 clients. I'm sorry, the FAQ is quite possibly not clear about this for the very good reason that I did not try it ! Certainly works with NT4 but never tested passwd sync with W2000. I can >join machines to the domain and log in with different user accounts with no >problem. What I can't seem to get working is users to change their domain >passwords from the client machines. In Win 2k, and Win NT, this is done by >pressing CTRL-ALT-DEL and then selecting change password. When I try to do >this on a Win2k client, I get the error message "on Win2k, I get this error >on the client "1783: The stub received bad data.". My samba log for this >action says "rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) >_samr_get_dom_pwinfo: Not yet implemented." > >The Samba FAQ seem to indicate that this functionality is possible, but the >log seems to indicate that it is not. Does anyone have any suggestions? > >Thank you. > >Greg J. Zartman, P.E. > > >Attachment Converted: "c:\eudora\attach\Greg J. Zartman1.vcf" > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From dm at hejoe.de Thu Mar 1 14:07:19 2001 From: dm at hejoe.de (Dirk =?iso-8859-1?Q?Maa=DF?=) Date: Tue Dec 2 02:33:33 2003 Subject: "One password for all" References: <3.0.6.32.20010301225953.007c7530@bioserve.latrobe.edu.au> Message-ID: <3A9E5797.45452BC1@hejoe.de> David Bannon wrote: > > Only suitable for pam aware system of course. ... Yes, that is the point. What could someone do who has a lot of SunOS 5.5 WS to integrate? Dirk Maass -- HeJoe GmbH * Neustrelitz * Mecklenburg-Vorpommern Tel. +49 3981 446120 * 0700 HeJoeGmbH Fax. +49 3981 446131 * http://www.hejoe.de From mblinn at peopleplaces.org Thu Mar 1 13:53:58 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question Message-ID: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> Hello everyone! I'm having trouble doing NetBIOS lookups from my samba PDC. Here's the scoop: 1 samba PDC controlling a domain named CVILLE on subnet 192.168.168.0/24 1 samba PDC controlling a domain named MAIN on subnet 192.168.169.0/24 1 NTServer, 192.168.168.3, (Not a PDC or BDC) that shares files The two domains are connected with a VPN using tcp/ip only, and routes are fine. lmhosts file in /usr/local/samba/lib/lmhosts on both samba PDCs AND on NTServer: 192.168.168.2 mail 192.168.168.3 ntserver 192.168.168.2 "MAIN \0x1c" #PRE 192.168.168.2 "MAIN \0x1b" #PRE 192.168.169.2 cvserver 192.168.169.2 "CVILLE \0x1c" #PRE 192.168.169.2 "CVILLE \0x1b" #PRE I want CVILLE and MAIN to remote sync and allow MAIN to be the WINS server, so the applicable entries in each smb.conf are: MAIN: wins support = yes name resolve order = lmhosts bcast CVILLE: wins server = 192.168.168.2 name resolve order = lmhosts bcast When I fire everything up: 1: NT server claims that "No logon server is available" and does not allow incoming connections to shares 2: When I do "nmblookup ntserver" from domain CVILLE it cannot resolve (on 192.168.169.255) Questions: 1: Is there a way to check to see why (if?) samba isn't looking in lmhosts for resolution first? 2: After I get this working, do I need to specifically set the "WINS Server" on my Win9* boxes for resolution from client machines? 3: Could my firewall (chains WIDE open for initial testing, ipchains -L below) be blocking udp traffic between PDCs? 4: Can Bush really get it done? Any help is greatly appreciated, Michael Blinn IT Dude People Places, Inc. Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT all ---f-- anywhere anywhere n/a acctin all ------ anywhere anywhere n/a acctboth all ------ anywhere anywhere n/a inp all ------ anywhere anywhere n/a Chain forward (policy ACCEPT): target prot opt source destination ports MASQ tcp ------ localnet/24 anywhere any -> any MASQ tcp ------ 192.168.169.0/24 anywhere any -> any ACCEPT all ---f-- anywhere anywhere n/a fwd all ------ anywhere anywhere n/a Chain output (policy ACCEPT): target prot opt source destination ports DENY all ------ anywhere 199.95.207.0/24 n/a ACCEPT all ---f-- anywhere anywhere n/a acctout all ------ anywhere anywhere n/a acctboth all ------ anywhere anywhere n/a out all ------ anywhere anywhere n/a Chain acctin (1 references): Chain acctout (1 references): Chain acctboth (2 references): Chain inp (1 references): Chain out (1 references): Chain fwd (1 references): target prot opt source destination ports ACCEPT all ------ cvserver.peopleplaces.org localnet/24 n/a ACCEPT all ------ localnet/24 cvserver.peopleplaces.org n/a ACCEPT all ------ 192.168.169.0/24 localnet/24 n/a ACCEPT all ------ localnet/24 192.168.169.0/24 n/a Chain IpFwAdM! (0 references): target prot opt source destination ports - all ------ anywhere anywhere n/a - all ------ anywhere anywhere n/a -------------- next part -------------- HTML attachment scrubbed and removed From gary at netin.com Thu Mar 1 14:28:21 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> Message-ID: <3A9E5C84.18FABA13@netin.com> You didn't mention this.. so I thought I would bring it up... The lmhost file on that Samba PDC needs to be in the same directory as your smb.conf file. Is it? Gary Michael Blinn wrote: > Hello everyone! I'm having trouble doing NetBIOS lookups > from my samba PDC. Here's the scoop: 1 samba PDC > controlling a domain named CVILLE on subnet > 192.168.168.0/24 1 samba PDC controlling a domain named > MAIN on subnet 192.168.169.0/24 1 NTServer, > 192.168.168.3, (Not a PDC or BDC) that shares files The > two domains are connected with a VPN using tcp/ip only, > and routes are fine. lmhosts file in > /usr/local/samba/lib/lmhosts on both samba PDCs AND on > NTServer: 192.168.168.2 mail > 192.168.168.3 ntserver > 192.168.168.2 "MAIN \0x1c" #PRE > 192.168.168.2 "MAIN \0x1b" #PRE > 192.168.169.2 cvserver > 192.168.169.2 "CVILLE \0x1c" #PRE > 192.168.169.2 "CVILLE \0x1b" #PRE I want > CVILLE and MAIN to remote sync and allow MAIN to be the > WINS server, so the applicable entries in each smb.conf > are: MAIN:wins support = yesname resolve order = lmhosts > bcast CVILLE:wins server = 192.168.168.2name resolve order > = lmhosts bcast When I fire everything up: 1: NT server > claims that "No logon server is available" and does not > allow incoming connections to shares2: When I do > "nmblookup ntserver" from domain CVILLE it cannot resolve > (on 192.168.169.255) Questions: 1: Is there a way to > check to see why (if?) samba isn't looking in lmhosts for > resolution first?2: After I get this working, do I need > to specifically set the "WINS Server" on my Win9* boxes > for resolution from client machines?3: Could my firewall > (chains WIDE open for initial testing, ipchains -L below) > be blocking udp traffic between PDCs?4: Can Bush really > get it done? Any help is greatly appreciated, Michael > Blinn IT Dude People Places, Inc. Chain input (policy > ACCEPT): > target prot opt source > destination ports > ACCEPT all ---f-- anywhere > anywhere n/a > acctin all ------ anywhere > anywhere n/a > acctboth all ------ anywhere > anywhere n/a > inp all ------ anywhere > anywhere n/a > Chain forward (policy ACCEPT): > target prot opt source > destination ports > MASQ tcp ------ localnet/24 > anywhere any -> any > MASQ tcp ------ 192.168.169.0/24 > anywhere any -> any > ACCEPT all ---f-- anywhere > anywhere n/a > fwd all ------ anywhere > anywhere n/a > Chain output (policy ACCEPT): > target prot opt source > destination ports > DENY all ------ anywhere > 199.95.207.0/24 n/a > ACCEPT all ---f-- anywhere > anywhere n/a > acctout all ------ anywhere > anywhere n/a > acctboth all ------ anywhere > anywhere n/a > out all ------ anywhere > anywhere n/a > Chain acctin (1 references): > Chain acctout (1 references): > Chain acctboth (2 references): > Chain inp (1 references): > Chain out (1 references): > Chain fwd (1 references): > target prot opt source > destination ports > ACCEPT all ------ cvserver.peopleplaces.org > localnet/24 n/a > ACCEPT all ------ localnet/24 > cvserver.peopleplaces.org n/a > ACCEPT all ------ 192.168.169.0/24 > localnet/24 n/a > ACCEPT all ------ localnet/24 > 192.168.169.0/24 n/a > Chain IpFwAdM! (0 references): > target prot opt source > destination ports > - all ------ anywhere > anywhere n/a > - all ------ anywhere > anywhere n/a From mblinn at peopleplaces.org Thu Mar 1 14:32:31 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> <3A9E5C84.18FABA13@netin.com> Message-ID: <00a601c0a25c$72b06e30$b8a8a8c0@peopleplaces.org> Absoloodle. cvserver:~# ls -l /usr/local/samba/lib/lmhosts -rw-r--r-- 1 root root 340 Feb 27 17:16 /usr/local/samba/lib/lmhosts cvserver:~# ls -l /usr/local/samba/lib/smb.conf -rw-r--r-- 1 root root 1946 Mar 1 08:24 /usr/local/samba/lib/smb.conf mail:~# ls -l /usr/local/samba/lmhosts -rw-r--r-- 1 root root 359 Mar 1 07:59 /usr/local/samba/lmhosts mail:~# ls -l /usr/local/samba/smb.conf -rw-r--r-- 1 root root 1279 Mar 1 08:24 /usr/local/samba/smb.conf (Dunno why samba wanted smb.conf in /usr/local/samba on MAIL, but I didn't argue with it) -Michael Blinn ----- Original Message ----- From: "GL Fournerat" To: "Michael Blinn" Cc: Sent: Thursday, March 01, 2001 9:28 AM Subject: Re: lmhosts lookup question > You didn't mention this.. so I thought I would bring it > up... > > The lmhost file on that Samba PDC needs to be in the same > directory as your smb.conf file. Is it? > > Gary From gcarter at valinux.com Thu Mar 1 14:54:49 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question In-Reply-To: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org>; from mblinn@peopleplaces.org on Thu, Mar 01, 2001 at 07:53:58 -0600 References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> Message-ID: <20010301085449.A15189@queso.plainjoe.org> On Thu, 01 Mar 2001 07:53:58 Michael Blinn wrote: > > lmhosts file in /usr/local/samba/lib/lmhosts on both samba PDCs AND on > NTServer: > > 192.168.168.2 mail > 192.168.168.3 ntserver > 192.168.168.2 "MAIN \0x1c" #PRE > 192.168.168.2 "MAIN \0x1b" #PRE > 192.168.169.2 cvserver > 192.168.169.2 "CVILLE \0x1c" #PRE > 192.168.169.2 "CVILLE \0x1b" #PRE Samba does not use this format for lmhosts. Please see lmhosts(5) for more information. Also, if you could lay off of HTML mail, that would be much appreciated. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From mblinn at peopleplaces.org Thu Mar 1 14:55:16 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> <20010301085449.A15189@queso.plainjoe.org> Message-ID: <00df01c0a25f$a08b9930$b8a8a8c0@peopleplaces.org> > > 192.168.169.2 cvserver > > 192.168.169.2 "CVILLE \0x1c" #PRE > > 192.168.169.2 "CVILLE \0x1b" #PRE > > Samba does not use this format for lmhosts. Please see > lmhosts(5) for more information. What are the type codes for a PDC? I assume, like NT, 1c and 1b will work in the samba (whitespace delimited?) lmhosts file, though I've no idea of their respective meanings... Thanks yet again, -Michael Blinn From timrenzi at bellatlantic.net Thu Mar 1 14:55:34 2001 From: timrenzi at bellatlantic.net (Timothy Renzi) Date: Tue Dec 2 02:33:33 2003 Subject: Samba 2.2.0-alpha2 Domain Logon Problem References: <200103010616.HAA26375@fbk.mv.uni-kl.de> Message-ID: <004801c0a25f$ae0aa560$39769a8d@isgay.com> When I say reset the client, I mean reboot, After you join a Win2k machine to a domain it forces a reboot, and after the reboot, I couldn't log onto the domain. -Tim ----- Original Message ----- From: "Christian Barth" To: ; Sent: Thursday, March 01, 2001 1:16 AM Subject: Re: Samba 2.2.0-alpha2 Domain Logon Problem > What do you mean by "reset the client"? > If this means "reinstall" you have to rejoin it to the domain, because the machine-password is changed during the joining and every once a wiele. > > Christian > From gcarter at valinux.com Thu Mar 1 15:05:52 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question In-Reply-To: <00df01c0a25f$a08b9930$b8a8a8c0@peopleplaces.org>; from mblinn@peopleplaces.org on Thu, Mar 01, 2001 at 08:55:16 -0600 References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> <20010301085449.A15189@queso.plainjoe.org> <00df01c0a25f$a08b9930$b8a8a8c0@peopleplaces.org> Message-ID: <20010301090552.G15189@queso.plainjoe.org> On Thu, 01 Mar 2001 08:55:16 Michael Blinn wrote: > > > > 192.168.169.2 cvserver > > > 192.168.169.2 "CVILLE \0x1c" #PRE > > > 192.168.169.2 "CVILLE \0x1b" #PRE > > > > Samba does not use this format for lmhosts. Please see > > lmhosts(5) for more information. > > What are the type codes for a PDC? I assume, like NT, > 1c and 1b will work in the samba (whitespace delimited?) > lmhosts file, though I've no idea of their respective > meanings... Yes. The NetBIOS resource types for names are the same. The syntax per line is different. Did you read lmhosts(5) like I suggested? # # Sample Samba lmhosts file. # 192.9.200.1 TESTPC 192.9.200.20 NTSERVER#20 192.9.200.21 SAMBASERVER The resource byte is appended to the name with a '#' Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From t.gildersleeve at bilk.ac.uk Thu Mar 1 15:01:33 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:33 2003 Subject: Group membership and workstation logon permissions Message-ID: Hi, I hope this is the right place to raise this. I have looked around for a while and cant seem to find an answer elsewhere. I have been using Samba for a number of years now - but mainly for my home network. I am implementing Samba where I work now. We have a small network of around 20 WinNT workstation clients, that until now have been served by a WinNT Server PDC. Unfortunatly this has proven somewhat "flakey" over the last few months and we are planning to put a linux/samba based PDC in place of it. One problem is of NT policy files. We can just copy the policy file over to the netlogon share of the Samba, but this has several user, group and default policies. I cant seem to find out how to make a user below to a particular group, so the correct policies will be implemented on the clients. The client machines are all student access machines used for running cdrom databases as part of our college library. We have set them up with fairly tight security, so that they cant (at least easily) install and run other programs. We need to be able to put these users in groups. IF we cant there is another way around this problem but that is what we would like to do. Secondly, we restrict users to being able to login to a particular workstation (they dont log in as themselves, but as a pass number). We want pass one to only be able to log onto workstation one for example. Is this at all posible? If anyone out there can shed some light on this I would be grateful. PS: I am quite prepared to go with 2.2alpha2 if that is what is needed. I already use this at home as a PDC for my Win2000 Pro clients. Regards Tim Gildersleeve Home: tim@otcs-online.net Work: t.gildersleeve@bilk.ac.uk Bradford College Library From mblinn at peopleplaces.org Thu Mar 1 15:03:57 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:33 2003 Subject: lmhosts lookup question References: <005601c0a257$1007b950$b8a8a8c0@peopleplaces.org> <20010301085449.A15189@queso.plainjoe.org> <00df01c0a25f$a08b9930$b8a8a8c0@peopleplaces.org> <20010301090552.G15189@queso.plainjoe.org> Message-ID: <00fb01c0a260$d70b0e40$b8a8a8c0@peopleplaces.org> > Yes. The NetBIOS resource types for names are the same. > The syntax per line is different. Did you read lmhosts(5) > like I suggested? Thanks Jerry, yes I did read the man page, however it has no indication of NetBIOS resource types or which correspond to primary or backup domain controllers. My lmhosts file now looks like this: 192.168.168.2 MAIL 192.168.168.2 MAIL#1b 192.168.168.2 MAIL#1c 192.168.168.3 NTSERVER 192.168.169.2 CVSERVER 192.168.169.2 CVSERVER#1b 192.168.169.2 CVSERVER#1c however, cvserver:/usr/local/samba/lib# nmblookup ntserver added interface ip=192.168.169.2 bcast=192.168.169.255 nmask=255.255.255.0 querying ntserver on 192.168.169.255 name_query failed to find name ntserver Thanks YET again, Michael Blinn From jolt at nicholasofmyra.org Thu Mar 1 15:47:41 2001 From: jolt at nicholasofmyra.org (Joe Olt) Date: Tue Dec 2 02:33:33 2003 Subject: Samba as a PDC and NIS authentication In-Reply-To: <3A9E24E8.BC6C2B1B@labtie.mmt.upc.es> Message-ID: <5.0.2.1.0.20010301104319.02081a58@10.100.0.4> I have been playing with such an environment. It will work. We are using the encrypted passwords = yes option. With Unix Password Sync = yes, you only have to change your password using smbpasswd. At 05:31 AM 3/1/2001, roger@labtie.mmt.upc.es wrote: >hi, > > We have set up Samba (2.0.7, on a 2.2.17 kernel) as a PDC. Our main >problem now is that we would like to unify Windows passwords and Linux >passwords taking into account that we are using NIS for Linux >authentication. The samba PDC and the NIS Server are on the same >machine. > > We would apreciate any information regarding this pasword >unification (Windows with NIS) because we don't know really how to focus >the problem (i.e. via scripts, or using any utility, or ?). > > Thank you very much for your help > >roger From schapiro at clerk.pi.huji.ac.il Thu Mar 1 15:33:57 2001 From: schapiro at clerk.pi.huji.ac.il (Schlomo Schapiro) Date: Tue Dec 2 02:33:33 2003 Subject: "One password for all" In-Reply-To: Message-ID: Well, I want to put up Linux as client OS (like Windows) with shared accounts AND files. Schlomo On Wed, 28 Feb 2001, Akop Pogosian wrote: > On Thu, 1 Mar 2001, Schlomo Schapiro wrote: > > > Hi, > > > > (maybe OT) > > > > I am also currently researching the options Novell gives in integrating > > Unix & Windows account AND homedirs. > > > > Did you have success with the NDS Account Management ? Did you try to SSO, > > too ? I checked the NFS server so far, but it seems not so good (or I > > don't understand it) > > > > Anyway, Novell is going to publish their own adaption of samba (a CIFS > > server :-) in "spring", so this might be something interesting to look > > into. > > > > Schlomo > > > Well, I haven't used NDS with Account Management but the specs sure > look cool.Someone I know who used it says that it seems to work > fine.As for home dir sharing I don't see why novel has to do > anything with it, Iam just interested in their directory services > related products. > > -akop > > -- Schlomo Schapiro Computation Authority Hebrew University of Jerusalem Tel: ++972 / 2 / 65-84404 Fax: 65-27349 email: schapiro@clerk.pi.huji.ac.il WWW: http://shum.cc.huji.ac.il/~schapiro From smerrill at svfc.org Thu Mar 1 16:34:20 2001 From: smerrill at svfc.org (Scott Merrill) Date: Tue Dec 2 02:33:33 2003 Subject: Win2K Groups, Samba 2.2 Alpha, Broadcasts Message-ID: <001801c0a26d$785bf000$4e0a0a0a@svfc.org> ITEM #1 ------- I've finally managed to get my Windows 2000 servers into my Samba controlled domain - I tried several recent CVS snapshots, but none seemed to work. I ended up using the snapshot from 02-17-2001, and that _finally_ worked! I've created a Linux group called "admins" and my /etc/smb.conf contains the line "domain admin group = @admins". Several users are members of this admins group. Now I'd like to add the Domain Admins group to the local Administrators group on each of the Windows 2000 servers. I log on to a Win2K server as the local administrator and navigate Computer Management to Users and Groups. I double click the Administrators group, click Add, and then select my domain from the drop down list. When prompted, I supply the root username and password, and am presented with a list of domain users. At the very end of this list is "Domain Admins". I click that, then click Add. After a short delay, I'm taken back to the group members listing for the local Administrators group. If I click Apply or OK at this point, I receive an error that the trust relationship between the Windows 2000 server and the domain has failed. I am unable to add the Domain Admins group to the local Administrators group. I _am_ able to add individual domain user accounts to the local Administrators group; but not with any regularity: sometimes it works, and sometimes it presents the error about the trust relationship. Any ideas why this doesn't work? Also, any ideas why I don't see ANY of my Linux groups in the drop down list on the Windows 2000 server? If this is an unfinished feature, that's fine: I'd just like to know about it! ITEM #2 ------- My Windows 2000 servers are transmitting a fair bit of traffic on ports 88 (kerberos) and 445 (microsoft-ds). I haven't implemented kerberos, and I thought that the Win2K servers would be operating in Legacy mode with the Samba domain controller. Is there an easy way to disable these transmissions? Cheers, Scott From xwindowuser at discflo.com Thu Mar 1 17:39:35 2001 From: xwindowuser at discflo.com (Larry Clark) Date: Tue Dec 2 02:33:33 2003 Subject: To the samba crew References: <000801c0a02f$c90292b0$3202a8c0@elmiront> Message-ID: <3A9E8957.68B24F1A@discflo.com> well if that bug is well know I am in the clouds cuz this is the first time I have heard about it. "Anders C. Thorsen" wrote: > > Tom, > > samba 2.2 is alpha quality software (which is even less stable then beta > quality). > > the even / uneven bug is well-known and is probably documented in > the Samba FAQ on samba.org > > if you need a good product use samba 2.0.7 which is well documented, > and works fine for file / print sharing, altough it lacks many of > the fancy features (which currently are buggy) which are > beeing developed in samba 2.2. > > --Anders > > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Tom Myny > Sent: 26. februar 2001 20:59 > To: samba-ntdom@samba.org > Subject: To the samba crew > > Now i finally solved my problem i can logon to the domain. > ( Due the stupist bug i have ever seen in my life, the domain name bust be > uneven !!!!! ) > > BUT SAMBA, I CAN'T SMELL WERE THERE IS A BUG :) > > There are to many damn bugs in samba, and the manual is to short for newbies > (like me :) > > So keep on working samba and it will be great product :) From kris.ozzy at lineone.net Thu Mar 1 18:03:45 2001 From: kris.ozzy at lineone.net (kris.ozzy@lineone.net) Date: Tue Dec 2 02:33:33 2003 Subject: hpdj990c and samba Message-ID: <200103011803.SAA13771@scooby.lineone.net> Hi, Im using a DJ850C which is controlled by my SAMBA server. NT 4 clients are fine printing to the server. I am using NT default driver and not the ones which came with the printer. Cheers Kris ---------- >From: Rajeev Agrawala >To: samba-ntdom@samba.org >Subject: Re: hpdj990c and samba >Date: Wed, 28 Feb 2001 19:50:28 -0500 > >Hello Everybody, > >I have the same problem for hpdj890 also. If anybody else is using NT >printing through samba, can he please verify if he has similar problems. > >TIA, > >rajeev > >Rajeev Agrawala wrote: > >> Hi, >> >> I am using samba code from the head branch. When I install drivers for >> hpdj990c on a samba server and try to use the printer from a NT machine >> I get following error message, when I try to display the document >> defaults or properties >> >> "Function address 0x58426a3 caused a protection fault. (exception code >> 0xc0000005)" >> >> However if I install the same drivers on a NT server and use them from >> another NT machine, I can use the printer just fine. >> >> Could you please help/guide me to fix the problem. >> >> TIA, >> >> rajeev > > > From ecaillava at interlap.com.ar Thu Mar 1 21:51:09 2001 From: ecaillava at interlap.com.ar (Sam) Date: Tue Dec 2 02:33:33 2003 Subject: GuinBoxes "Access Control List" in Samba 2.2.alpha 2 - PDC Message-ID: <000f01c0a299$bb247ac0$190a8180@Sistemas> HI you all ! 'n congratulations because of a very good work. I have a Linux box (SuSE 7) with Samba 2.2 alpha 2 (really these are two boxes even when I'm doing weekly manual backup for 'BDC' prevents), controlling as PDC and serving files in a medium size net (around 100 "guinXX'clients" ). It's working fine (REALLY FINE!), I have not reazons to complain abouth -specially when I'm conscient that i'ts an alpha release- because it's doing all the work (and more yet !) like before was doing it a G?inNT4 SVP6 Server, and Samba is doing it faster 'n better yet. Much FASTER, I could say that like 30% FASTER or plus (I did some not very cathedratic, but very practice tests 'n that is the result I've got). ********************************************************** Now, the problem (it's not so BIG problem), is that I could not make the Samba give to every guin box the list of Domain users so they can share they own resources restricting it ONLY FOR DOMAIN REGISTERED USERS. I MEEN... The guin boxes can't get de "Access Control List" from the Samba PDC-Server. guinBox: NetEnvironment-Properties-AccessControl-UsersAccessControl ********************************************************** I read in "Recent's FAQ.txt" that this capacity may be going ready in 2.x versions, but it look I'm not so smart because I can't do it work... |:-)) Can somebody help me ? Can somebody tell me if right now (2.2.0. alpha2) do it ? Can somebody tell me how to make it working ? Thanks a lot since now for every body Ahhh... I'm still looking for the way to send my PIZZA to Canberra since here (a litle city lost in -Tucuman - Argentina- almost the end of world), when I discover it, I'll send to Andrew the best pizza from this land (I do it my self) |:-)) Eduardo Caillava -------------- next part -------------- HTML attachment scrubbed and removed From gcarter at valinux.com Thu Mar 1 22:06:27 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:34 2003 Subject: GuinBoxes "Access Control List" in Samba 2.2.alpha 2 - PDC In-Reply-To: <000f01c0a299$bb247ac0$190a8180@Sistemas>; from ecaillava@interlap.com.ar on Thu, Mar 01, 2001 at 15:51:09 -0600 References: <000f01c0a299$bb247ac0$190a8180@Sistemas> Message-ID: <20010301160627.P16978@queso.plainjoe.org> On Thu, 01 Mar 2001 15:51:09 Sam wrote: > > I read in "Recent's FAQ.txt" that this capacity may be going > ready in 2.x versions, but it look I'm not so smart because > I can't do it work... |:-)) This would not work with the alpha2 release. It should be working in the latest SAMBA_2_2 CVS code now. Expect a new CVS snapshot (alpha3) in a week or two. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From rajeeva at research.bell-labs.com Thu Mar 1 22:13:07 2001 From: rajeeva at research.bell-labs.com (Rajeev Agrawala) Date: Tue Dec 2 02:33:34 2003 Subject: hpdj990c and samba References: <200103011803.SAA13771@scooby.lineone.net> Message-ID: <3A9EC973.E1A77C80@research.bell-labs.com> DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. NT does not come with default drivers for DJ890C and DJ990C. I have downloaded drivers from www.hp.com. Have you tried DJ890C/DJ990C? Thanks, rajeev kris.ozzy@lineone.net wrote: > > Hi, > > Im using a DJ850C which is controlled by my SAMBA server. > NT 4 clients are fine printing to the server. > > I am using NT default driver and not the ones which came with the printer. > > Cheers > > Kris > > ---------- > >From: Rajeev Agrawala > >To: samba-ntdom@samba.org > >Subject: Re: hpdj990c and samba > >Date: Wed, 28 Feb 2001 19:50:28 -0500 > > > >Hello Everybody, > > > >I have the same problem for hpdj890 also. If anybody else is using NT > >printing through samba, can he please verify if he has similar problems. > > > >TIA, > > > >rajeev > > > >Rajeev Agrawala wrote: > > > >> Hi, > >> > >> I am using samba code from the head branch. When I install drivers for > >> hpdj990c on a samba server and try to use the printer from a NT machine > >> I get following error message, when I try to display the document > >> defaults or properties > >> > >> "Function address 0x58426a3 caused a protection fault. (exception code > >> 0xc0000005)" > >> > >> However if I install the same drivers on a NT server and use them from > >> another NT machine, I can use the printer just fine. > >> > >> Could you please help/guide me to fix the problem. > >> > >> TIA, > >> > >> rajeev > > > > > > > > From jeremy at valinux.com Fri Mar 2 01:40:15 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:34 2003 Subject: hpdj990c and samba References: <200103011803.SAA13771@scooby.lineone.net> <3A9EC973.E1A77C80@research.bell-labs.com> Message-ID: <3A9EF9FF.6A13C54B@valinux.com> Rajeev Agrawala wrote: > > DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. > NT does not come with default drivers for DJ890C and DJ990C. I have > downloaded drivers from www.hp.com. > > Have you tried DJ890C/DJ990C? Can you send me the drivers please and I'll test this here. Thanks, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From manjunathar at subexgroup.com Fri Mar 2 05:54:31 2001 From: manjunathar at subexgroup.com (Manjunatha Rao P R) Date: Tue Dec 2 02:33:34 2003 Subject: Samba-2.2.0-alpha2 as PDC Message-ID: <001201c0a2dd$40d818f0$030210ac@subexblr> Dear Guys, I set up Samba-2.2.0-alpha2 as a PDC.On Windows NT 4.0 WS if I share a file it is listing like "?Account unknown" instead of listing user name .Any solutions? Regards Manjunath From vgill at technologist.com Fri Mar 2 06:36:02 2001 From: vgill at technologist.com (Gill, Vern) Date: Tue Dec 2 02:33:34 2003 Subject: ALERT!!!!!!!! POTENTIAL SECURITY FLAW!!!!! POPTOP VPN SOFTWARE Message-ID: <8D043DEA73DFD411958A00A0C90AB7607CFE@ftp.gillnet.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Attention!!!! If you use poptop vpn server AND you use the patch for ppp which allows you to use smbpasswd for chap-secrets logins, then this is for you. The following security issue has come up! If you use the smbpasswd patch for ppp, and you ONLY specify * * &/home/samba/smbpasswd * in your chap-secrets file, YOU ARE WIDE OPEN!!! I am running 2.2.16, ppp-2.4.0, and using that very patch, as well as mppe, require-mppe, and mschapstripdomain, and in testing I found that if you have just that entry, ANYONE CAN LOGIN USING A BLANK USERNAME AND PASSWORD. If they specify a username that does not exist, IT STILL WORKS!!!! Also, if you for some reason have a user listed in chap-secrets that is NOT in smbpasswd, THEY CAN STILL LOG IN!!! The ONLY "secure" method I have found so far is by explicitly listing ONLY the users you want to have vpn access in chap-screts, and for each user using the &/home/samba/smbpasswd or wherever your file is. This was discovered by another member on the poptop user list, I am just forwarding that info here in case anyone uses this method of authentication, as I am. Luckily they found it. Who knows what systems have already been "penetrated" I did NOT do any testing of access rights with any "false" logins, so there may not be as big a security issue, but ANY login without a valid user is a BIG problem in my book. Again, only specify VALID users with the smbpasswd patch!!! Share and enjoy... -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOp8+4BeamMdwy9TXEQLyVQCeNd6Y/3bASpL+SO1jVXdZ9kbhPxQAn1C/ x4fj2TcAAJeclnuyMolyPI+q =L+VZ -----END PGP SIGNATURE----- From Eggens at teledynamics.nl Fri Mar 2 07:13:11 2001 From: Eggens at teledynamics.nl (Martin Eggens) Date: Tue Dec 2 02:33:34 2003 Subject: Drive mappings Message-ID: Hi, I'm using samba 2.2.0alpha on Linux and made it a PDC. I was successfull in creating a logon script that is executed by an NT machine. One strange thing happens now.... In the logon script I do somethin like : NET USE M: \\donald\martin Now the share /home/martin is mapped to the M: drive at the NT4 Workstation, but also a mapping is made to Z: When I remove the line from the logon script then also the mapping to Z: is still there. Does samba automatically map the home directory of the user to Z:......or is there some configuration paramter to overcome this problem? Best regards, Martin Eggens eggens@teledynamics.nl From enthropy at skzservices.com Fri Mar 2 09:09:11 2001 From: enthropy at skzservices.com (enthropy@skzservices.com) Date: Tue Dec 2 02:33:34 2003 Subject: Samba as a domain-slave server in NT Domain Message-ID: <200103020909.KAA25350@web-06.stt.it> We have a Samba Server installed and recently we have installed an NT-Domain server. Our problem is that we want to make the NT server as the Password Master and let Samba server update automatically. We tried to set the options in SWAT but we had no result. Anybody can help us? Thanks in advice ----------------------------------------------------- This mail sent through IMP: http://web.horde.org/imp/ From MRundel at t-online.de Fri Mar 2 09:41:00 2001 From: MRundel at t-online.de (MRundel@t-online.de) Date: Tue Dec 2 02:33:34 2003 Subject: user list for shares on clients Message-ID: <14Ym4B-1eeSxcC@fwd03.sul.t-online.com> Hello, world i had a problem with receiving the users list. On my Win2k client i get the list for shares from my suse 7.0 PDC, with all useraccounts from the linux server. But not on Win98-Clients. I get the message: The user list is not available at the moment and so i couldn't make shares on clients. I think it might be a problem in win98 registry... The login script works with samba 2.2-alpha2, but i didn't found anything in the faq. Can anybody help me? Thanks in advance Michael Rundel From Jean-Francois.Micouleau at dalalu.fr Fri Mar 2 09:47:01 2001 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:33:34 2003 Subject: user list for shares on clients In-Reply-To: <14Ym4B-1eeSxcC@fwd03.sul.t-online.com> Message-ID: On 2 Mar 2001 MRundel@t-online.de wrote: > at the moment and so i couldn't make shares on clients. > I think it might be a problem in win98 registry... > The login script works with samba 2.2-alpha2, but i didn't found > anything in the faq. > Can anybody help me? Thanks in advance grab the latest cvs SAMBA_2_2 branch code. It works there. J.F. From t.gildersleeve at bilk.ac.uk Fri Mar 2 10:36:16 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:34 2003 Subject: To the samba crew Message-ID: Look in the samba-ntdom-faq and howto. Its there clear enough. Although I have to admit that it seems not many people have actually read these documents. I was looknig for an answer to this problem for quite a while and noone knew the answer. I stumbled on these two documents (in fact in the source that comes with the CVS version - stupic me didnt see them for ages :( ) and the answer was clear. > -----Original Message----- > From: Larry Clark [SMTP:xwindowuser@discflo.com] > Sent: Thursday, March 01, 2001 5:40 PM > To: Anders C. Thorsen > Cc: 'Tom Myny'; samba-ntdom@samba.org > Subject: Re: To the samba crew > > well if that bug is well know I am in the clouds cuz this is the first > time I have heard about it. > > > > "Anders C. Thorsen" wrote: > > > > Tom, > > > > samba 2.2 is alpha quality software (which is even less stable then beta > > quality). > > > > the even / uneven bug is well-known and is probably documented in > > the Samba FAQ on samba.org > > > > if you need a good product use samba 2.0.7 which is well documented, > > and works fine for file / print sharing, altough it lacks many of > > the fancy features (which currently are buggy) which are > > beeing developed in samba 2.2. > > > > --Anders > > > > -----Original Message----- > > From: samba-ntdom-admin@us5.samba.org > > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Tom Myny > > Sent: 26. februar 2001 20:59 > > To: samba-ntdom@samba.org > > Subject: To the samba crew > > > > Now i finally solved my problem i can logon to the domain. > > ( Due the stupist bug i have ever seen in my life, the domain name bust > be > > uneven !!!!! ) > > > > BUT SAMBA, I CAN'T SMELL WERE THERE IS A BUG :) > > > > There are to many damn bugs in samba, and the manual is to short for > newbies > > (like me :) > > > > So keep on working samba and it will be great product :) > From mhaney at info4cars.com Fri Mar 2 11:46:38 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:34 2003 Subject: Drive mappings In-Reply-To: Message-ID: Is it possible that the Z: drive was statically mapped? That's about the only way I can think of that the drive mapping still show up with the login script diabled. I have never seen it otherwise. Try disconnecting that mapping and logging in again. Hope this helps. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Martin Eggens Sent: Friday, March 02, 2001 2:13 AM To: samba-ntdom@lists.samba.org Subject: Drive mappings Hi, I'm using samba 2.2.0alpha on Linux and made it a PDC. I was successfull in creating a logon script that is executed by an NT machine. One strange thing happens now.... In the logon script I do somethin like : NET USE M: \\donald\martin Now the share /home/martin is mapped to the M: drive at the NT4 Workstation, but also a mapping is made to Z: When I remove the line from the logon script then also the mapping to Z: is still there. Does samba automatically map the home directory of the user to Z:......or is there some configuration paramter to overcome this problem? Best regards, Martin Eggens eggens@teledynamics.nl From roger at labtie.mmt.upc.es Fri Mar 2 11:55:22 2001 From: roger at labtie.mmt.upc.es (roger@labtie.mmt.upc.es) Date: Tue Dec 2 02:33:34 2003 Subject: Samba as a PDC and NIS authentication References: <5.0.2.1.0.20010301104319.02081a58@10.100.0.4> Message-ID: <3A9F8A2A.4E0B21B7@labtie.mmt.upc.es> Are you really sure that this solution might work? I've been working in that direcction and I've found enough problems to discard it as a possible solution. For instance, (allways taking into account that we are under NIS athentication environment), first at all you have to split the problem in two subproblems: changing pass from windows side (and automaticly change the Linux pass), and do it from Linux (and do it automaticly for the windows env.). Going on, from windows, the standard solution is to use passwd program = /usr/bin/passwd %u passwd chat = *Please\senter\snew\spassword:* %n\n *Please\sretype\snew\spassword:* %n\n which are executed as root. Using NIS the passwd program has to be yppasswd, which requires the root password to make the change possible. Well this is just an example of the problems I've found going in that direction. Honestly, I think that isn't the best way to solve the problem of password unification. I think that a good way to solve the two passwords syncronization was pointed yesterday by Iervine, based on using a web page to manage both password-changes. If any one could give me more info about how to implement it, I would really apreciate it. The Samba PDC, the NIS Server and the Web Server run on the same machine (I think that this will make things much easy). thanks again Joe Olt wrote: > I have been playing with such an environment. It will work. We are using > the encrypted passwords = yes option. With Unix Password Sync = yes, you > only have to change your password using smbpasswd. > > At 05:31 AM 3/1/2001, roger@labtie.mmt.upc.es wrote: > >hi, > > > > We have set up Samba (2.0.7, on a 2.2.17 kernel) as a PDC. Our main > >problem now is that we would like to unify Windows passwords and Linux > >passwords taking into account that we are using NIS for Linux > >authentication. The samba PDC and the NIS Server are on the same > >machine. > > > > We would apreciate any information regarding this pasword > >unification (Windows with NIS) because we don't know really how to focus > >the problem (i.e. via scripts, or using any utility, or ?). > > > > Thank you very much for your help > > > >roger -------------- next part -------------- HTML attachment scrubbed and removed From Ext-Nikos.Lakoutsis at nokia.com Fri Mar 2 12:06:54 2001 From: Ext-Nikos.Lakoutsis at nokia.com (Ext-Nikos.Lakoutsis@nokia.com) Date: Tue Dec 2 02:33:34 2003 Subject: Access Error !!! Message-ID: Hi all, I was wondering if you could help me with the following problem as I don't have a lot of experience. I've got a 2.0.4b SMB server running in a Sun 5.6 environment. It connects to a domain, and the security is set to domain. The users are mainly using NT with >SP3 and they can map drives fine. A user though, is trying to run a script which uses one of those map drives and he is getting Operating System access denied on the directory. Modify the access privileges and retry the operation. There is no problem with the Unix permissions as the user can write to it through the Windows explorer. The samba passwd file is empty as I have a passwd server set to the NT 4.0 PDC of the domain. My question is do I need to set the user in the smbpasswd file. I am not quite sure how the smbpasswd file works if you connect your server to an NT PDC. Thanks in advance Nikos From teilo at cdt.luth.se Fri Mar 2 12:43:41 2001 From: teilo at cdt.luth.se (James Nord) Date: Tue Dec 2 02:33:34 2003 Subject: "One password for all" References: Message-ID: <3A9F957D.9030100@cdt.luth.se> Akop Pogosian wrote: > Is there away to get windows and unix users to use the same password > database for authentication? So far, I have found two Solutions: If you Use NIS forr your unix you could always try nisgina, but I don't know if it works with anything other than NT4. /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams From barth at cck.uni-kl.de Fri Mar 2 13:34:26 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:34 2003 Subject: Drive mappings Message-ID: <200103021334.OAA07362@fbk.mv.uni-kl.de> see the "logon dirve" parameter in man smb.conf. If the NT-WS lockes into a domain, a mapping of the home direktory is done. If logon drive is not spezified it is done with z: I have set logon drive = h: and in the login skript only "not home shares" a mapped. BTW: NT uses the "logon dirve": NT4.0 Terminal Server there creats a "windows" directory to store the settin of 16-Bit applications (and some times the dll's if you install one, but the dll's are not found there wenn needed.) Christian From barth at cck.uni-kl.de Fri Mar 2 13:44:08 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:34 2003 Subject: Samba as a PDC and NIS authentication Message-ID: <200103021344.OAA07789@fbk.mv.uni-kl.de> If the samba PDC and the NIS-server are the same machine you can use cron to update the NIS-passwords from /etc/passwd on a regular basis. This works for me. I have also seen examples were some thing like "cd /var/yp; make" is added to the passwort chat; but haved tried it. Christian From barth at cck.uni-kl.de Fri Mar 2 13:47:55 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:34 2003 Subject: Access Error !!! Message-ID: <200103021347.OAA07949@fbk.mv.uni-kl.de> As far as I know, you don't need a smbpasswd-file on a member server. If the drive/directory can be accesed with the windows-explorer, it is a problem of the skript/programm: May be the skript wants to do some locking or set access-rigths to something. I would recommand to switch to 2.0.7 an try again. Christian From sven at sven-siemsen.de Thu Mar 1 16:16:09 2001 From: sven at sven-siemsen.de (Sven Siemsen) Date: Tue Dec 2 02:33:34 2003 Subject: Again: Win2k, joining domain WORKS! In-Reply-To: <00c001c0a1a3$1ece4670$2800a8c0@leinet> Message-ID: Greg, Philipp, thanks a lot for helping me. I just updated my CVS tree today, I also have put qoutes around the add user script statement in smb.conf and it WORKS :-))) Many thanks to the Smaba Team for fixing up MS Crap, must be annoying... Sven am 28.02.2001 17:25 Uhr schrieb Greg J. Zartman unter greg@kwikfind.com: > Sven, > > My Samba PDC didn't "work" the first time I tried it either. I'm not as > experience with Samba as I'm sure many of the others here are, but I think > the best way to get Samba going is to start simply. Put only the minimal > configuration information in smb.conf file, fire it up and check the logs. > Use the smbclient and smbstatus utilities to test run samba on the machine > itself. What I looked for is the following: > > nmbd log: Make sure that the log reports that nmbd knows which machine it > is and declares itself the master domain browser. The first time ran the > daemons, I spent an hour or so trying to figure out what was wrong only to > find that the log.nmbd was reporting that nmbd didn't couldn't resolve it's > NETBIOS name. Come to find out, the problem was with my DNS. > > smbd log: Verify that it is reading in all of your shares with no errors. > > samba.log(the log that you specify in the smb.conf file): This one seems to > be a little more difficult to read, for me, that the other two. I think > alot of what is reported here only really makes sense to a person that knows > that the samba code says. But, if samba has a problem performing a function > (e.g., joining a machine to a domain), it will report some kind of error > here. If you can't figure out what it means, post it on the mailing list > and maybe someone else will. Most of the time though, I've been able to > figure out what the errors mean. > > smbclient: make sure you can connect to local host with no errors using > smbclient -U% -L localhost. This should give you a list of the current > shares, tell you the workgroup(or domain) name, and tell you that your samba > machine is the master. If you get an error, then go back and look at you > smb.conf file again. > > smbstatus: I think this may be a redundant check, but if you get an error > when executing smbstatus, then you have a problem with your configuration. > > Once you get positive results from the above, then try to join a machine to > the domain. I recommend adding the machine manually the first time around. > Again, this is to keep the smb.conf file as simply as possible until you get > it working. Once you've successfully joined a machine to your domain, then > you can add all of the security stuff and "bells and whistles". > > Good luck. > > Regards, > > Greg J. Zartman > > > > > ----- Original Message ----- > From: "Sven Siemsen" > To: "Samba Mailing List" > Sent: Tuesday, February 27, 2001 11:09 PM > Subject: Re: Again: Win2k, joining domain > > >> Hi, >> >> I also receive this error, but there is neither a machine account for my > w2k >> box in smbpasswd+/etc/passwd nor it is being created when trying to join > the >> 2.2-dom. >> My config looks like the 2.2 CVS PDC HOWTO example. >> >> Sven >> >> am 27.02.2001 16:55 Uhr schrieb Greg J. Zartman unter greg@kwikfind.com: >> >>> Phillipp, >>> >>> Yes, Raoul fixed me up as well. It always seems that the little things > hang >>> you up the worst. >>> >>> Greg >>> >>> ----- Original Message ----- >>> From: "Philipp Hug" >>> To: >>> Sent: Monday, February 26, 2001 5:46 PM >>> Subject: Again: Win2k, joining domain >>> >>> >>>> I can join the domain now. (Thanks to Raoul) >>>> >>>> is it true, that the machine-account in smbpasswd MUST NOT exist? >>>> >>>> philipp From rajeeva at research.bell-labs.com Fri Mar 2 15:26:38 2001 From: rajeeva at research.bell-labs.com (Rajeev Agrawala) Date: Tue Dec 2 02:33:34 2003 Subject: hpdj990c and samba References: <200103011803.SAA13771@scooby.lineone.net> <3A9EC973.E1A77C80@research.bell-labs.com> <3A9EF9FF.6A13C54B@valinux.com> Message-ID: <3A9FBBAE.3084E4D7@research.bell-labs.com> Jeremy Allison wrote: > > Rajeev Agrawala wrote: > > > > DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. > > NT does not come with default drivers for DJ890C and DJ990C. I have > > downloaded drivers from www.hp.com. > > > > Have you tried DJ890C/DJ990C? > > Can you send me the drivers please and I'll test this here. > Hi, You can download the driver for 990C from ftp://www.hp.com/pub/printers/software/dj997en.exe and for 890C from ftp://www.hp.com/pub/printers/software/dj884en.exe Instead of executing these files on my PC, I unzipped the distribution using winzip and while installing print drivers on samba, I clicked have disk for choosing the printer driver and browsed to the drivers dir inside this downloaded distribution. Since these files are large (a couple of Mbytes), I did not enclose them in the email. But if you have any problem in downloading these files, please let me know. I will send it by email. Thanks for looking into this. rajeev From ssande at sandia.gov Fri Mar 2 15:34:10 2001 From: ssande at sandia.gov (Stan Sander) Date: Tue Dec 2 02:33:34 2003 Subject: Drive mappings References: Message-ID: <3A9FBD72.C119C9CB@sandia.gov> Mark Haney wrote: > Is it possible that the Z: drive was statically mapped? That's about the > only way I can think of that the drive mapping still show up with the login > script diabled. I have never seen it otherwise. Try disconnecting that > mapping and logging in again. > > Hope this helps. > > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Martin Eggens > Sent: Friday, March 02, 2001 2:13 AM > To: samba-ntdom@lists.samba.org > Subject: Drive mappings > > Hi, > > I'm using samba 2.2.0alpha on Linux and made it a PDC. > I was successfull in creating a logon script that is executed by an NT > machine. > > One strange thing happens now.... > In the logon script I do somethin like : > > NET USE M: \\donald\martin > > Now the share /home/martin is mapped to the M: drive at the NT4 Workstation, > but > also a mapping is made to Z: > > When I remove the line from the logon script then also the mapping to Z: is > still there. > Does samba automatically map the home directory of the user to Z:......or is > there some > configuration paramter to overcome this problem? > > Best regards, > Martin Eggens > eggens@teledynamics.nl I'm not 100% sure about NT behaviour but I think this is a Windows NT "feature" that relates to profiles. The Samba default for logon home is \\%N\%U, which when coupled with being a PDC results in the Windows clent mapping the Z: drive. If you want to disable roaming profiles (and thereby the mapping of the Z drive if I'm correct) you should define logon home = and logon drive = in your smb.conf file. In other words assign both of them a null value. Perhaps another option is to place the command `net use M: /HOME' in your logon script. I have `net use H: /home' in mine but I have only Win 98 clients. I hope somone will correct me if I'm wrong, but that's how I would proceed. -- Stan Sander - CSU Special Projects Sandia National Laboratories (505) 284-4915 Mail Stop 0662 1515 Eubank Blvd. SE Albuquerque, NM 87123 From mhaney at info4cars.com Fri Mar 2 15:39:32 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:34 2003 Subject: Drive mappings In-Reply-To: <3A9FBD72.C119C9CB@sandia.gov> Message-ID: After reviewing my Samba docs, you are right, it does default to Z: and you have to alter the behaviour my forcing windows clients to a specific drive. With an all NT (or 2k) solution, the mapping specified in User Manager. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Stan Sander Sent: Friday, March 02, 2001 10:34 AM To: Mark Haney Cc: Martin Eggens; samba-ntdom@lists.samba.org Subject: Re: Drive mappings Mark Haney wrote: > Is it possible that the Z: drive was statically mapped? That's about the > only way I can think of that the drive mapping still show up with the login > script diabled. I have never seen it otherwise. Try disconnecting that > mapping and logging in again. > > Hope this helps. > > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Martin Eggens > Sent: Friday, March 02, 2001 2:13 AM > To: samba-ntdom@lists.samba.org > Subject: Drive mappings > > Hi, > > I'm using samba 2.2.0alpha on Linux and made it a PDC. > I was successfull in creating a logon script that is executed by an NT > machine. > > One strange thing happens now.... > In the logon script I do somethin like : > > NET USE M: \\donald\martin > > Now the share /home/martin is mapped to the M: drive at the NT4 Workstation, > but > also a mapping is made to Z: > > When I remove the line from the logon script then also the mapping to Z: is > still there. > Does samba automatically map the home directory of the user to Z:......or is > there some > configuration paramter to overcome this problem? > > Best regards, > Martin Eggens > eggens@teledynamics.nl I'm not 100% sure about NT behaviour but I think this is a Windows NT "feature" that relates to profiles. The Samba default for logon home is \\%N\%U, which when coupled with being a PDC results in the Windows clent mapping the Z: drive. If you want to disable roaming profiles (and thereby the mapping of the Z drive if I'm correct) you should define logon home = and logon drive = in your smb.conf file. In other words assign both of them a null value. Perhaps another option is to place the command `net use M: /HOME' in your logon script. I have `net use H: /home' in mine but I have only Win 98 clients. I hope somone will correct me if I'm wrong, but that's how I would proceed. -- Stan Sander - CSU Special Projects Sandia National Laboratories (505) 284-4915 Mail Stop 0662 1515 Eubank Blvd. SE Albuquerque, NM 87123 From ctooley at amoa.org Fri Mar 2 16:05:59 2001 From: ctooley at amoa.org (ctooley@amoa.org) Date: Tue Dec 2 02:33:34 2003 Subject: Ownership of Samba Processes Message-ID: <86256A03.005771B8.00@amoa.org> I know I've seen this in the mailing lists before but I just can't find an in the the searchable archives. How do I make the smbd and nmbd processes get owned by the user that initiates them. Some rare users have this happen and most don't. Can I make this happen and if so, how? Thanks, Chris Tooley From greg at kwikfind.com Fri Mar 2 16:52:51 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:34 2003 Subject: Samba as Domain Controller References: <385386696.983394618245.JavaMail.root@web313-wrb> <3.0.6.32.20010301030814.00b326f0@203.16.214.248> Message-ID: <000a01c0a339$390ed2b0$2800a8c0@leinet> ----- Original Message ----- From: "Richard Sharpe" To: "Adam Lang" ; Sent: Wednesday, February 28, 2001 9:08 AM Subject: Re: Samba as Domain Controller > At 04:23 PM 2/28/01 -0500, Adam Lang wrote: > >I'm looking into using Samba as the domain controller for my network (about > >75 users on windows 9x). > > For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine for > these machines. This doesn't make any sense. What does the client OS have to do with the weather or no you need a PDC??? A PDC basically centralizes netword admin on one machine. The client OS makes no difference. > > >How stable and effective would it be for my environment? Would I be better > >served just using NT for the PDC? > > Very effective, lots of people use Samba for this. > > >Adam Lang > >Systems Engineer > >Rutgers Casualty Insurance Company > >http://www.rutgersinsurance.com > > > > > > > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > > > > > From greg at leiinc.com Fri Mar 2 17:03:38 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:34 2003 Subject: Changing your samba password from windows References: <012101c0a1aa$893ccf70$2800a8c0@leinet> <3A9E1616.65C1F687@netin.com> Message-ID: <007901c0a33a$ba95e430$2800a8c0@leinet> GL, From greg at kwikfind.com Fri Mar 2 17:14:57 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:34 2003 Subject: To the samba crew References: Message-ID: <014e01c0a33c$4f4bd930$2800a8c0@leinet> Tim, I've read in multiple places that this bug was fixed in late Jan. I'm running Samba 2.2 alpha2 with an even number of characters in my domain name and it works fine. Greg ----- Original Message ----- From: "Tim Gildersleeve" To: "'Larry Clark'" ; "Anders C. Thorsen" Cc: "'Tom Myny'" ; Sent: Friday, March 02, 2001 2:36 AM Subject: RE: To the samba crew > Look in the samba-ntdom-faq and howto. Its there clear enough. Although I > have to admit that it seems not many people have actually read these > documents. I was looknig for an answer to this problem for quite a while > and noone knew the answer. I stumbled on these two documents (in fact in > the source that comes with the CVS version - stupic me didnt see them for > ages :( ) and the answer was clear. > > > > -----Original Message----- > > From: Larry Clark [SMTP:xwindowuser@discflo.com] > > Sent: Thursday, March 01, 2001 5:40 PM > > To: Anders C. Thorsen > > Cc: 'Tom Myny'; samba-ntdom@samba.org > > Subject: Re: To the samba crew > > > > well if that bug is well know I am in the clouds cuz this is the first > > time I have heard about it. > > > > > > > > "Anders C. Thorsen" wrote: > > > > > > Tom, > > > > > > samba 2.2 is alpha quality software (which is even less stable then beta > > > quality). > > > > > > the even / uneven bug is well-known and is probably documented in > > > the Samba FAQ on samba.org > > > > > > if you need a good product use samba 2.0.7 which is well documented, > > > and works fine for file / print sharing, altough it lacks many of > > > the fancy features (which currently are buggy) which are > > > beeing developed in samba 2.2. > > > > > > --Anders > > > > > > -----Original Message----- > > > From: samba-ntdom-admin@us5.samba.org > > > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Tom Myny > > > Sent: 26. februar 2001 20:59 > > > To: samba-ntdom@samba.org > > > Subject: To the samba crew > > > > > > Now i finally solved my problem i can logon to the domain. > > > ( Due the stupist bug i have ever seen in my life, the domain name bust > > be > > > uneven !!!!! ) > > > > > > BUT SAMBA, I CAN'T SMELL WERE THERE IS A BUG :) > > > > > > There are to many damn bugs in samba, and the manual is to short for > > newbies > > > (like me :) > > > > > > So keep on working samba and it will be great product :) > > > > > > From jwitte at meome-ag.de Fri Mar 2 18:16:44 2001 From: jwitte at meome-ag.de (Jochen Witte) Date: Tue Dec 2 02:33:34 2003 Subject: Machine-Accounts-Problem Message-ID: <3A9FE38C.F4F391F1@meome-ag.de> Hello everybody, I just installed samba-2.2.0-alpha2 and I have the following line in smb.conf: add user script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %m$ && /usr/local/samba/bin/smbpasswd -a -m %m$ I`m able to add a Windows 2000-Client to the Domain => there are entries in /etc/passwd and in /usr/local/samba/private/smbpasswd. But when I want to login (after reboot) into the Windows200-Client I get: "Unable to log in to domain: the account for the SYSTEM is not present in his primary Domain or the password for the computeraccount is wrong." (This is translated from German, sorry :)) What is my problem? Greetings -- Jochen Witte From greg at kwikfind.com Fri Mar 2 19:07:52 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:34 2003 Subject: Fw: Samba as Domain Controller Message-ID: <001501c0a34c$15f65100$2800a8c0@leinet> ----- Original Message ----- From: "Greg J. Zartman" To: "Eric Pilger" Sent: Friday, March 02, 2001 11:05 AM Subject: Re: Samba as Domain Controller Eric, Good point!!! Especially if you are going to use all of the functionality associated with a PDC. But, if all you want to do is centralize the password database for access to shares, then Samba, acting as a PDC, is really oblivious to the client OS. Win9x doesn't have jack for security at the OS level, but it still must adhere to network security protocol when accessing shares on the network. To avoid having to input usernames and passwords on every machine in my office, I'd opt to use domain over a workgroup any day, even if all of my clients were Win9x. I'm not familiar with Win NT 4.0 vs Win 2k domains at the coding level. I do know that Win 2k will participate in a domain with a Win NT 4.0 PDC just as easily as on with a Win 2k PDC. The only difference being that it won't utilize the active directory service (which I don't like anyway as it confuses most of my users.) Samba in essence emulates a Win NT 4.0 PDC. One thing that I've seen quoted in the mailing list quite a bit is the necessity to set the Win 2k client in "legacy" mode to connect to Samba. I don't think this statement is entirely accurate. Win 2k, as a client, doesn't have a legacy mode. It is simply backward compatible to the Win NT 4.0 style domain. It will recognize the an active directory based server doesn't exist and it will simply join the domain without support for the active directory service. Regards, Greg J. Zartman, P.E. > ----- Original Message ----- > From: "Eric Pilger" > To: "Greg J. Zartman" > Sent: Friday, March 02, 2001 10:36 AM > Subject: Re: Samba as Domain Controller > > > > > > > > "Greg J. Zartman" wrote: > > > > > ----- Original Message ----- > > > From: "Richard Sharpe" > > > To: "Adam Lang" ; > > > > Sent: Wednesday, February 28, 2001 9:08 AM > > > Subject: Re: Samba as Domain Controller > > > > > > > At 04:23 PM 2/28/01 -0500, Adam Lang wrote: > > > > >I'm looking into using Samba as the domain controller for my network > > > (about > > > > >75 users on windows 9x). > > > > > > > > For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine for > > > > these machines. > > > > > > This doesn't make any sense. What does the client OS have to do with > the > > > weather or no you need a PDC??? A PDC basically centralizes netword > admin > > > on one machine. The client OS makes no difference. > > > > > > > Win9X, while it will pretend to use a PDC, does not really recognize the > > concept (it's really just acting like a glorified Workgroup). Samba 2.0.7 > > works fine because it isn't really being asked to provide a PDC. > > > > WinNT can ask for a PDC, and Samba 2.0.7 is still up to the task. Once > again, > > Samba 2.0.7 is sufficient. > > > > Win2000 asks for a DIFFERENT kind of PDC (God knows what Microsoft has > done > > now). Samba 2.0.7 can't provide it and you will need to use 2.2.0. > > > > In the final analysis, the client OS is the sole determinant in the need > for > > a PDC. > > > > -- > > Eric J. Pilger > > Systems Administrator > > Hawaii Institute of Geophysics and Planetology/SOEST > > pilger@pgd.hawaii.edu > > (808)956-6321 (Voice/FAX) > > > > > > > > > From thorpej at zembu.com Fri Mar 2 19:38:35 2001 From: thorpej at zembu.com (Jason R Thorpe) Date: Tue Dec 2 02:33:34 2003 Subject: Windows 2000 and Kerberos Message-ID: <20010302113835.E480@dr-evil.shagadelic.org> Hi folks... I've been trying to research this myself without bothering anyone about it, but I decided that I was confused enough that I just needed to ask :-) I'm currently using Samba to serve a few Windows 2000 systems in a workgroup. However, I need to use Kerberos with the Windows 2000 systems so that they can participate in a particular IPsec network (Windows 2000 has a GSSAPI/Kerberos5 authentication mechanism for IKE, which is described in the Internet Draft draft-ietf-ipsec-isakmp-gss-auth-06.txt, which we subsequently implemented in the KAME IKE implentation, because Kerberos is generally a nice way to do these sorts of things). My KDC is a NetBSD system with the KTH/Heimdal Kerberos 5 implementation. For all intents and purposes, I suppose this means "MIT" to Windows. From sharpe at ns.aus.com Fri Mar 2 16:19:21 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:34 2003 Subject: Samba as Domain Controller In-Reply-To: <000a01c0a339$390ed2b0$2800a8c0@leinet> References: <385386696.983394618245.JavaMail.root@web313-wrb> <3.0.6.32.20010301030814.00b326f0@203.16.214.248> Message-ID: <3.0.6.32.20010303021921.00eb5d00@203.16.214.248> At 08:52 AM 3/2/01 -0800, Greg J. Zartman wrote: > >----- Original Message ----- >From: "Richard Sharpe" >To: "Adam Lang" ; >Sent: Wednesday, February 28, 2001 9:08 AM >Subject: Re: Samba as Domain Controller > > >> At 04:23 PM 2/28/01 -0500, Adam Lang wrote: >> >I'm looking into using Samba as the domain controller for my network >(about >> >75 users on windows 9x). >> >> For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine for >> these machines. > >This doesn't make any sense. What does the client OS have to do with the >weather or no you need a PDC??? A PDC basically centralizes netword admin >on one machine. The client OS makes no difference. Sigh, it makes eminent senses when you realize that Microsoft does not use the Domain Controller protocols (Encrypted RPCs) for Win9X logons, but does for WinNT and Windows 2000. Thus, the client OS makes a big difference. Take my word for it, lots of people are using Samba 2.0.7 and below as a logon server for Windows 95, 98 and ME, and have been doing so for years. You do need to set the parameter 'domain logons = yes'. And, you might want 'encrypt passwords = yes', but then again, you might not. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From kris.ozzy at lineone.net Fri Mar 2 20:37:20 2001 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller In-Reply-To: <3.0.6.32.20010303021921.00eb5d00@203.16.214.248> Message-ID: I agree! In my old job at a school all client machines were win 95. A 95 machine can only be part of a workgroup and not a domain. Thus a domain controller with a machine password database would make no sence if win 95 is only validating a username and password. We used a 2.0.7 server as a file-server with the user password database. I am currently working on a NT 4 network with all clients NT4 wks controlled by a samba server which is a PDC, as a machine database is required. Cheers Kris ------------- Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Richard Sharpe Sent: 02 March 2001 16:19 To: Greg J. Zartman; samba-ntdom@us5.samba.org Subject: Re: Samba as Domain Controller At 08:52 AM 3/2/01 -0800, Greg J. Zartman wrote: > >----- Original Message ----- >From: "Richard Sharpe" >To: "Adam Lang" ; >Sent: Wednesday, February 28, 2001 9:08 AM >Subject: Re: Samba as Domain Controller > > >> At 04:23 PM 2/28/01 -0500, Adam Lang wrote: >> >I'm looking into using Samba as the domain controller for my network >(about >> >75 users on windows 9x). >> >> For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine for >> these machines. > >This doesn't make any sense. What does the client OS have to do with the >weather or no you need a PDC??? A PDC basically centralizes netword admin >on one machine. The client OS makes no difference. Sigh, it makes eminent senses when you realize that Microsoft does not use the Domain Controller protocols (Encrypted RPCs) for Win9X logons, but does for WinNT and Windows 2000. Thus, the client OS makes a big difference. Take my word for it, lots of people are using Samba 2.0.7 and below as a logon server for Windows 95, 98 and ME, and have been doing so for years. You do need to set the parameter 'domain logons = yes'. And, you might want 'encrypt passwords = yes', but then again, you might not. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From ink at inconnu.isu.edu Fri Mar 2 20:44:00 2001 From: ink at inconnu.isu.edu (Craig Kelley) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller In-Reply-To: Message-ID: On Fri, 2 Mar 2001, Kristyan Osborne wrote: > I agree! In my old job at a school all client machines were win 95. A 95 > machine can only be part of a workgroup and not a domain. Thus a domain > controller with a machine password database would make no sence if win 95 is > only validating a username and password. > We used a 2.0.7 server as a file-server with the user password database. > > I am currently working on a NT 4 network with all clients NT4 wks controlled > by a samba server which is a PDC, as a machine database is required. Actually, Windows 95 machines can be a part of a certain -kind- of domain. Samba can deal with that just fine. We have NT4 and Windows 95/98 machines all authenticating (and running login scripts) against our Samba 2.0.5 server. I should probably upgrade to 2.0.7 one of these days, but when it works, it just works fine. -- The wheel is turning but the hamster is dead. Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From greg at kwikfind.com Fri Mar 2 20:59:36 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller References: Message-ID: <000b01c0a35b$b2c4fea0$2800a8c0@leinet> I'm catching alot of flake about my suggestion that win 9x machine be part of a domain. Here is the question that I would ask anyone considering whether to use a workgroup setup of a domain? Do you need to control access to certain shares and do you enjoy spending all of you time configuring peoples machines? Personally, I like having the ability to restrict access to certain shares on my network. I also don't like to spend all of my time configuring machines and updating usernames and passwords. That's why I use a domain. If someone changes their password, the change is recorded in one place and accessible by all. From kris.ozzy at lineone.net Fri Mar 2 21:22:47 2001 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller Message-ID: Yes I can see where your coming from, but win95 wont join a domain its only part of a workgroup. The win95 machines do not authenticate against a PDC as the OS does not require it. A win95 machine will only authenticate the user name and password. Even though the login box says DOMAIN a 95 box will only be part of a workgroup and not a domain. Just trust Richard Sharpe!! Cheers Kris ________________ Reply Header ________________ Subject: RE: Samba as Domain Controller Author: Craig Kelley Date: Fri, 2 Mar 2001 20:44:00 +0000 On Fri, 2 Mar 2001, Kristyan Osborne wrote: > I agree! In my old job at a school all client machines were win 95. A 95 > machine can only be part of a workgroup and not a domain. Thus a domain > controller with a machine password database would make no sence if win 95 is > only validating a username and password. > We used a 2.0.7 server as a file-server with the user password database. > > I am currently working on a NT 4 network with all clients NT4 wks controlled > by a samba server which is a PDC, as a machine database is required. Actually, Windows 95 machines can be a part of a certain -kind- of domain. Samba can deal with that just fine. We have NT4 and Windows 95/98 machines all authenticating (and running login scripts) against our Samba 2.0.5 server. I should probably upgrade to 2.0.7 one of these days, but when it works, it just works fine. -- The wheel is turning but the hamster is dead. Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From jbenedet at unm.edu Fri Mar 2 22:07:20 2001 From: jbenedet at unm.edu (John Benedetto) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller In-Reply-To: Message-ID: <4293096792.983545640@bldg87-0053.unm.edu> --On Friday, March 02, 2001 9:22 PM +0000 Kristyan Osborne wrote: > The win95 machines do not authenticate against a PDC as the OS does not > require it. A win95 machine will only authenticate the user name and > password. > > Even though the login box says DOMAIN a 95 box will only be part of a > workgroup and not a domain. > > Just trust Richard Sharpe!! > > Cheers > > Kris Okay, but if you have a mixed Windows network (9x with NT or even Win2K), don't you *HAVE* to set up Samba as a PDC, because setting it up as a logon server will NOT work for NT & Win2K? Or, if you foresee adding NT or Win2K into your system in the foreseeable (meaning: near) future, it would be better to set it up as PDC rather than a logon server? To save hassle when that time comes? (I am new to Samba, and want to make sure I am understanding this potential crucial difference) - John From sharpe at ns.aus.com Fri Mar 2 18:32:38 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller In-Reply-To: <000b01c0a35b$b2c4fea0$2800a8c0@leinet> References: Message-ID: <3.0.6.32.20010303043238.00ec3ca0@203.16.214.248> At 12:59 PM 3/2/01 -0800, Greg J. Zartman wrote: >I'm catching alot of flake about my suggestion that win 9x machine be part >of a domain. No, you are not catching a lot of flack! (Flake, BTW, are shark fillets :-) We are simply suggesting that you do not need the domain controller stuff. In point of fact, there is almost no difference between a domain controller setup and a non-domain controller setup :-) The only difference is the presence of machine trust accounts and whether or not the clients use MSRPC for logging on etc. However, 2.0.7 should work for you except for the Win2K machines. >Here is the question that I would ask anyone considering whether to use a >workgroup setup of a domain? Do you need to control access to certain >shares and do you enjoy spending all of you time configuring peoples >machines? > >Personally, I like having the ability to restrict access to certain shares >on my network. I also don't like to spend all of my time configuring >machines and updating usernames and passwords. That's why I use a domain. >If someone changes their password, the change is recorded in one place and >accessible by all. Ummm, for Win9X machines, there is no difference between a domain and a workgroup. Samba only has a workgroup parameter, not a domain parameter. That is because a domain, as far as the protocols are concerned, is a workgroup with a centralized password server. >From the typical users standpoint, the network functions exactly the same >regardless of what type of client OS.. The typical Win 9x user can't sneak >into network shares any easier than a Win NT client. > >Greg > > >----- Original Message ----- >From: "Kristyan Osborne" >To: "samba" >Sent: Friday, March 02, 2001 12:37 PM >Subject: RE: Samba as Domain Controller > > >> I agree! In my old job at a school all client machines were win 95. A 95 >> machine can only be part of a workgroup and not a domain. Thus a domain >> controller with a machine password database would make no sence if win 95 >is >> only validating a username and password. >> We used a 2.0.7 server as a file-server with the user password database. >> >> I am currently working on a NT 4 network with all clients NT4 wks >controlled >> by a samba server which is a PDC, as a machine database is required. >> >> Cheers >> >> Kris >> >> ------------- >> Computers are like airconditioners: They stop working >> properly if you open windows. >> Win95: A 32-bit patch for a 16-bit GUI shell running on top of an >> 8-bit operating system written for a 4-bit processor by a >> 2-bit company who cannot stand 1 bit of competition. >> >> -----Original Message----- >> From: samba-ntdom-admin@us5.samba.org >> [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Richard Sharpe >> Sent: 02 March 2001 16:19 >> To: Greg J. Zartman; samba-ntdom@us5.samba.org >> Subject: Re: Samba as Domain Controller >> >> >> At 08:52 AM 3/2/01 -0800, Greg J. Zartman wrote: >> > >> >----- Original Message ----- >> >From: "Richard Sharpe" >> >To: "Adam Lang" ; > >> >Sent: Wednesday, February 28, 2001 9:08 AM >> >Subject: Re: Samba as Domain Controller >> > >> > >> >> At 04:23 PM 2/28/01 -0500, Adam Lang wrote: >> >> >I'm looking into using Samba as the domain controller for my network >> >(about >> >> >75 users on windows 9x). >> >> >> >> For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine for >> >> these machines. >> > >> >This doesn't make any sense. What does the client OS have to do with the >> >weather or no you need a PDC??? A PDC basically centralizes netword >admin >> >on one machine. The client OS makes no difference. >> >> Sigh, >> >> it makes eminent senses when you realize that Microsoft does not use the >> Domain Controller protocols (Encrypted RPCs) for Win9X logons, but does >for >> WinNT and Windows 2000. >> >> Thus, the client OS makes a big difference. Take my word for it, lots of >> people are using Samba 2.0.7 and below as a logon server for Windows 95, >98 >> and ME, and have been doing so for years. >> >> You do need to set the parameter 'domain logons = yes'. And, you might >want >> 'encrypt passwords = yes', but then again, you might not. >> >> >> Regards >> ------- >> Richard Sharpe, sharpe@ns.aus.com >> Samba (Team member, www.samba.org), Ethereal (Team member, >www.ethereal.com) >> Contributing author, SAMS Teach Yourself Samba in 24 Hours >> Author, Special Edition, Using Samba >> >> >> >> >> >> >> > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sharpe at ns.aus.com Fri Mar 2 19:08:47 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:35 2003 Subject: Samba as Domain Controller In-Reply-To: Message-ID: <3.0.6.32.20010303050847.00f35e10@203.16.214.248> Hi, I thought it might be useful to clarify the issues around all this, as there seems to be some confusion. One can say that it started with IBM, when they developed the SMB protocol. A part of the SMB protocol involves connecting to shares, and when you connect to a share, you can submit a password for that share. This functionality was in the SMB protocol when IBM developed it. This is handled by the TCON and TCONX SMBs. Later, the ability to submit a username and password was added to the protocol. This allows you to authenticate as a user on a particular server. You can have a different username and password on each server, but this is not needed when you connect to machines like Win9X for sharing, as they do not have a user database. You woould only authenticate in this way against a multi-user machine with a database. This is handled by a SESSIONSETUPX request. This has been around for a long time as well. Over time, it was perceived that this was too difficult, so MS and others developed the concept of domain controllers, and centralized all those databases. These domain controllers allow you to do a NetWkstaLogon request to logon to the domain. It does not do much more than check when the user is allowed to log on and return info like the home share, since the actual authentication is done via a SESSIONSETUPX prior to the NetWkstaLogon request being sent. Once the user has logged on to the domain, they still authenticate against other servers in the domain when they connect to those servers, but the servers may do pass-thru authentication. This is essentially the form of logon that Win9X systems do. However, over time, this too was perceived to have problems, esp with security issues, so MS developed NT Domain Controllers, which use MSRPC (encrypted RPCs) to handle the logon process, which can now return more info etc. Samba has been able to handle WfW/Win9X style domains for a long time. Samba 2.2.0CVS now handles NT-style domains fairly well as well. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From greg at kwikfind.com Fri Mar 2 23:12:59 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:36 2003 Subject: Samba as Domain Controller References: <3.0.6.32.20010303050847.00f35e10@203.16.214.248> Message-ID: <00db01c0a36e$53aa3e90$2800a8c0@leinet> Well, now that I have the attention of the development team, I might as well ask a question. :o) Is it possible to change a users password, on a Samba PDC setup, from the client workstation (say win2k). So, the user presses CTRL-ALT-DEL on the client machine and selects change password? When I try this I get a really strange error "1783: The stub received bad data". Is this a password sync issue? That's what people have been telling me, but was under the impression that password snyc was the operation of updating the passwd file with changes in the smbpasswd file. Thanks, Greg ----- Original Message ----- From: "Richard Sharpe" To: "Kristyan Osborne" ; "Craig Kelley" Cc: "samba" Sent: Friday, March 02, 2001 11:08 AM Subject: Re: RE: Samba as Domain Controller > Hi, > > I thought it might be useful to clarify the issues around all this, as > there seems to be some confusion. > > One can say that it started with IBM, when they developed the SMB protocol. > > A part of the SMB protocol involves connecting to shares, and when you > connect to a share, you can submit a password for that share. This > functionality was in the SMB protocol when IBM developed it. This is > handled by the TCON and TCONX SMBs. > > Later, the ability to submit a username and password was added to the > protocol. This allows you to authenticate as a user on a particular server. > You can have a different username and password on each server, but this is > not needed when you connect to machines like Win9X for sharing, as they do > not have a user database. You woould only authenticate in this way against > a multi-user machine with a database. This is handled by a SESSIONSETUPX > request. This has been around for a long time as well. > > Over time, it was perceived that this was too difficult, so MS and others > developed the concept of domain controllers, and centralized all those > databases. These domain controllers allow you to do a NetWkstaLogon > request to logon to the domain. It does not do much more than check when > the user is allowed to log on and return info like the home share, since > the actual authentication is done via a SESSIONSETUPX prior to the > NetWkstaLogon request being sent. Once the user has logged on to the > domain, they still authenticate against other servers in the domain when > they connect to those servers, but the servers may do pass-thru > authentication. This is essentially the form of logon that Win9X systems do. > > However, over time, this too was perceived to have problems, esp with > security issues, so MS developed NT Domain Controllers, which use MSRPC > (encrypted RPCs) to handle the logon process, which can now return more > info etc. > > Samba has been able to handle WfW/Win9X style domains for a long time. > > Samba 2.2.0CVS now handles NT-style domains fairly well as well. > > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > > > > > From sharpe at ns.aus.com Fri Mar 2 19:40:21 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:36 2003 Subject: Samba as Domain Controller In-Reply-To: <00db01c0a36e$53aa3e90$2800a8c0@leinet> References: <3.0.6.32.20010303050847.00f35e10@203.16.214.248> Message-ID: <3.0.6.32.20010303054021.00f28de0@203.16.214.248> At 03:12 PM 3/2/01 -0800, Greg J. Zartman wrote: >Is it possible to change a users password, on a Samba PDC setup, from the >client workstation (say win2k). It should be possible to change password from a client. > So, the user presses CTRL-ALT-DEL on the >client machine and selects change password? When I try this I get a really >strange error "1783: The stub received bad data". Well, this sure looks like a bug in the RPC stub code ... I guess that Jeremy or JF will have to sort this one out, as I am not familiar with that code. >Is this a password sync issue? That's what people have been telling me, but >was under the impression that password snyc was the operation of updating >the passwd file with changes in the smbpasswd file. No, I don't think it is a sync issue. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From pilger at kahana.higp.hawaii.edu Fri Mar 2 23:38:01 2001 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:33:36 2003 Subject: Samba as Domain Controller References: <4293096792.983545640@bldg87-0053.unm.edu> Message-ID: <3AA02ED9.92FBA1B2@higp.hawaii.edu> John Benedetto wrote: > --On Friday, March 02, 2001 9:22 PM +0000 Kristyan Osborne > wrote: > > > The win95 machines do not authenticate against a PDC as the OS does not > > require it. A win95 machine will only authenticate the user name and > > password. > > > > Even though the login box says DOMAIN a 95 box will only be part of a > > workgroup and not a domain. > > > > Just trust Richard Sharpe!! > > > > Cheers > > > > Kris > > Okay, but if you have a mixed Windows network (9x with NT or even Win2K), > don't you *HAVE* to set up Samba as a PDC, because setting it up as a logon > server will NOT work for NT & Win2K? > No. You can just have everybody join a workgroup. Unfortunatlely, you have to set the username/password information on each machine. This works, but it sure is humbug. I am living for the day when I can convince Samba 2.2 to let my Win2K machines join its domain. May be time for my monthly attempt. > > Or, if you foresee adding NT or Win2K into your system in the foreseeable > (meaning: near) future, it would be better to set it up as PDC rather than > a logon server? To save hassle when that time comes? > > (I am new to Samba, and want to make sure I am understanding this potential > crucial difference) > > - John -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From g.cameron at biomed.abdn.ac.uk Sat Mar 3 12:36:01 2001 From: g.cameron at biomed.abdn.ac.uk (George Cameron) Date: Tue Dec 2 02:33:36 2003 Subject: Samba as Domain Controller References: <3.0.6.32.20010303050847.00f35e10@203.16.214.248> Message-ID: <3AA0E531.991E7123@biomed.abdn.ac.uk> A question (which may perhaps demonstrate that I don't understand the details well enough or haven't been listening carefully enough ;-): Is it possible to restrict access to shares on a Samba server to that only clients which have performed a 'domain logon' (either Win9X style or the proper NT style) can gain access - i.e. to refuse access to clients which have simply been configured to be a member of the workgroup without an explicit logon? George Richard Sharpe wrote: > Hi, > > I thought it might be useful to clarify the issues around all this, as > there seems to be some confusion. > > One can say that it started with IBM, when they developed the SMB protocol. > > A part of the SMB protocol involves connecting to shares, and when you > connect to a share, you can submit a password for that share. This > functionality was in the SMB protocol when IBM developed it. This is > handled by the TCON and TCONX SMBs. > > Later, the ability to submit a username and password was added to the > protocol. This allows you to authenticate as a user on a particular server. > You can have a different username and password on each server, but this is > not needed when you connect to machines like Win9X for sharing, as they do > not have a user database. You woould only authenticate in this way against > a multi-user machine with a database. This is handled by a SESSIONSETUPX > request. This has been around for a long time as well. > > Over time, it was perceived that this was too difficult, so MS and others > developed the concept of domain controllers, and centralized all those > databases. These domain controllers allow you to do a NetWkstaLogon > request to logon to the domain. It does not do much more than check when > the user is allowed to log on and return info like the home share, since > the actual authentication is done via a SESSIONSETUPX prior to the > NetWkstaLogon request being sent. Once the user has logged on to the > domain, they still authenticate against other servers in the domain when > they connect to those servers, but the servers may do pass-thru > authentication. This is essentially the form of logon that Win9X systems do. > > However, over time, this too was perceived to have problems, esp with > security issues, so MS developed NT Domain Controllers, which use MSRPC > (encrypted RPCs) to handle the logon process, which can now return more > info etc. > > Samba has been able to handle WfW/Win9X style domains for a long time. > > Samba 2.2.0CVS now handles NT-style domains fairly well as well. > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba -- --------------------------------------------------------------------- George Cameron g.cameron@biomed.abdn.ac.uk Dept. BioMedical Physics Aberdeen University Foresterhill Fax: +44 (0)1224-685645 Aberdeen AB25 2ZD Telephone: +44 (0)1224-553210 Scotland, UK From elrond at samba-tng.org Sat Mar 3 13:29:23 2001 From: elrond at samba-tng.org (Elrond) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <51FBD4A8EFD9D111BA7300A0C927DADB03F4721F@xcgmd008.md.essd.northgrum.com>; from timothy_d_cole@md.northgrum.com on Wed, Feb 28, 2001 at 10:39:22AM -0500 References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4721F@xcgmd008.md.essd.northgrum.com> Message-ID: <20010303142923.D20502@baerbel.mug.maschinenbau.tu-darmstadt.de> On Wed, Feb 28, 2001 at 10:39:22AM -0500, Cole, Timothy D. wrote: [...] > > I think I sort of like Andrew's proposal better -- ignore the duplicate > > group names entirely w/r/t sending and receiving security descriptor > > information. (NT doesn't require it, since unlike Unix it doesn't > > assume that every file has a group.) If the client wants to change the > > ACL of a file to have no groups in it, you can use the default > > nobody-group ('nogroup' on my Linux box). > > > I think a more practicable approach (as NT, lacking a terminal > metaphor, doesn't really have the notion of 'non-printable' characters > (you'll get boxes/blibbets), unless you want to play some Unicode-only > games) would be to consistently prefix all unix group names with '@' by > default. It's simple, it's consistent, and I think it works. I prefix them with the word "Group" in my domain group map. ;) Elrond From elrond at samba-tng.org Sat Mar 3 13:35:17 2001 From: elrond at samba-tng.org (Elrond) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <3A9DF4CE.1E1AE08B@bartlett.house>; from abartlet@pcug.org.au on Thu, Mar 01, 2001 at 06:05:50PM +1100 References: <3A9DF4CE.1E1AE08B@bartlett.house> Message-ID: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> On Thu, Mar 01, 2001 at 06:05:50PM +1100, Andrew Bartlett wrote: [...] > In any case, it would be good to get a list of all groups on a system > and not see all the private groups setup for each individual user when > all I want to see is admins, staff and students - if you see what I > mean. This would also knock out many of the 'system' groups in the > process, as they exist only because they don't want to run as 'nogroup' > - they are just private groups for that particular system daemon. [...] One way to get those groups out of the view in current TNG is to use domain alias map: Map those groups to aliases. Aliases are only used on the PDC itself, so you will only see them in the listbox, if you change the perms for a file on the PDC itself. In the long run though, we want to move to a SAM-like implementation, so you only have those groups in your lists, that you actualy create. For filesystem purposes you map those to actual GIDs (via SURS) Of course the other way round will get interesting, what happens, if we have a file with a GID, that SURS does not known about... Elrond From kathee at mindiq.com Sat Mar 3 20:14:21 2001 From: kathee at mindiq.com (kat) Date: Tue Dec 2 02:33:36 2003 Subject: updating to alpha 2 Message-ID: <5.0.2.1.2.20010303151308.00b8d758@mail.mindiq.com> Ok, stupid question for the day..... I originally installed alpha1 release using source, built it,etc. Since I just ftp'd the tarball, how do I now use CVS to just update my current tree? I want to install alpha2... thanks Kathee From gcarter at valinux.com Sat Mar 3 20:51:52 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:36 2003 Subject: updating to alpha 2 In-Reply-To: <5.0.2.1.2.20010303151308.00b8d758@mail.mindiq.com>; from kathee@mindiq.com on Sat, Mar 03, 2001 at 14:14:21 -0600 References: <5.0.2.1.2.20010303151308.00b8d758@mail.mindiq.com> Message-ID: <20010303145152.C18253@queso.plainjoe.org> On Sat, 03 Mar 2001 14:14:21 kat wrote: > > I originally installed alpha1 release using source, > built it,etc. Since I just ftp'd the tarball, how do > I now use CVS to just update my current tree? I want > to install alpha2... You will need to check out a new copy. See http://us1.samba.org/samba/cvs.html and use the branch tag SAMBA_2_2 Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From D.Bannon at latrobe.edu.au Sun Mar 4 09:15:57 2001 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:33:36 2003 Subject: Drive mappings In-Reply-To: Message-ID: <3.0.6.32.20010304201557.007bbdd0@bioserve.latrobe.edu.au> At 08:13 AM 2/3/2001 +0100, Martin Eggens wrote: >..... >also a mapping is made to Z: > Yes, its a NT thing. Although you can force it to do another drive as well, its confusing to users. Experienced NT users will expect to find Z: mapped anyway. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From ben.liesfeld at gmx.de Sun Mar 4 10:38:40 2001 From: ben.liesfeld at gmx.de (Ben Liesfeld) Date: Tue Dec 2 02:33:36 2003 Subject: Policies and Samba 2.2.alpha2 Message-ID: <14485.010304@gmx.de> Hello everybody, I am running SuSE 7.1 (Kernel 2.4.0) and Samba 2.2.alpha2 (tarball from de.samba.org) being file-, print- and logon-server for a few NTws. Everything, including logon scripts and printing and roaming profiles, is working fine except for one (for me the most important thing): Policies. I put my smb.conf on my Homepage www.uni-jena.de/~p9libe because I didn't want to fill up this mail with ascii. I configured a "netlogon" share where I put my ntconfig.pol and a folder "scripts" with the logon scripts (named by the primary group of the user). The scripts are executed but the policy is not always updated. I can't figure out a logical rule for the policy being loaded or being ignored and I can say I simply tried every combination of syntax. There's no ntconfig.pol on the NTws which could cause conflicts. I tried all versions of upper and lower case and nothing helps. What is confusing me is that sometimes it is loaded and sometimes not. Is anybody out there who has ever got policies working with samba2.2.alpha2? Well I know that it is alpha and not for use in production and some combination of syntax will work and some different not. So could someone who got policies working please send me his smb.conf? I read in the archive that somebody's running both, 2.2.alpha and TNG, to provide logon process and printing (can't find this mail anymore). What tasks will I have to let TNG do and what samba2.2.alpha2? Thanks for help! -- Ben Liesfeld http://www.uni-jena.de/~p9libe/ http://johnny.rhein.com From barth at cck.uni-kl.de Sun Mar 4 12:21:27 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:36 2003 Subject: Policies and Samba 2.2.alpha2 In-Reply-To: <14485.010304@gmx.de> Message-ID: <3AA24157.22344.1E21A1@localhost> > of the user). The scripts are executed but the policy is not always > updated. I can't figure out a logical rule for the policy being One thing we expirenced when testing policies is that the updates are sometimes only made if the user dosn't have a ntuser.dat in his profile, e.g. if it is a new profile/user. This is especially ture if you have restricted some thing und then you give up the ristriction. To my opinion, if you see an obvious policy-influens ("color") at a new profile, the samba side is o.k. The updates seem to be the tricky part of NT. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From ben.liesfeld at gmx.de Sun Mar 4 15:58:34 2001 From: ben.liesfeld at gmx.de (Ben Liesfeld) Date: Tue Dec 2 02:33:36 2003 Subject: Policies and Samba 2.2.alpha2 In-Reply-To: <3AA24157.22344.1E21A1@localhost> References: <3AA24157.22344.1E21A1@localhost> Message-ID: <14707.010304@gmx.de> Hello Christian, > One thing we expirenced when testing policies is that the updates are > sometimes only made if the user dosn't have a ntuser.dat in his > profile, e.g. if it is a new profile/user. This is especially ture if > you have restricted some thing und then you give up the ristriction. > To my opinion, if you see an obvious policy-influens ("color") at a > new profile, the samba side is o.k. The updates seem to be the tricky > part of NT. That's the first time that somebody tells me that it's NT's fault. Well, I would accept any solution cause I have no clue what it could be. I don't have any doc about NTserver and preparing NTws for roaming profiles. I just followed the instructions given in the samba faqs and howtos (and O'Reilly books and any doc in the Internet), i. e. - I made local profiles on a workstation, copied them into the profiles directory on the samba server, - with poledit.exe (version 4.00) from ZAK (or SP6a, they are equal) I composed a ntconfig.pol which I saved in "netlogon" on the server, readable for everyone - and changed the local reg key for "remote update" to active (as in the ntconfig.pol, too) I don't use groups in the policy (well, I tried several times to use them but they are obviously ignored), just users by name. For testing I only changed one property in the policy (desktop image). During the first few logins with several users, the registry was updated, but after a not specified number of logins it did not work anymore. Does this look like a problem of NT? Well, if policies don't work with NTws and NTservers, what's the reason that people pay money for it? (ok, this question is rethorical, don't answer). Honestly, I can't believe that's it's an NT problem. Isn't there anybody who got this to work? I just want to know, if it's possible... -- Regards, Ben Liesfeld mailto:ben.liesfeld@gmx.de From mitko at petrol.bg Sun Mar 4 18:10:49 2001 From: mitko at petrol.bg (Dimitar Dimitrov Vassilev) Date: Tue Dec 2 02:33:36 2003 Subject: samba as PDC for win2k pro Message-ID: HI ;-) I have a problem with setting a samba PDC for a network with win2k mashines, that have service pack1 installed. There are same NTws, that join the domain (now I am using samba-TNG.2.0.6.alpha).Can someone to send me information about how can I set my linuxbox to work as PDC for w2k please. Some smb.conf file and some advice which samba is better to use TNG or 2.2. ???? 10x Mitko From mblinn at peopleplaces.org Sun Mar 4 18:17:25 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:36 2003 Subject: Really strange lookups Message-ID: <000a01c0a4d7$5d441240$b8a8a8c0@peopleplaces.org> Hello! When attempting (unsuccessfully) to log into my samba PDC from a WinNT Server 4.0 machine (NetBIOS name NTSERVER, though it USED to be named LULU) it appears that the WinNT machine is sending just about anything as a username in an attempt to authenticate (including the name advapi32.dll???) This system is running Debian with a 2.2.18 kernel. I've attached a snippet of the logs below, along with relevent sections of smb.conf. This happens using both samba 2.0.7 and samba 2.2.0-alpha2 -- Any help is greatly appreciated. -Michael Blinn People Places, Inc. -------------- next part -------------- A non-text attachment was scrubbed... Name: fun Type: application/octet-stream Size: 8881 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010304/03bf3066/fun.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 677 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010304/03bf3066/smb.obj From M.Puchta at fscodes.cz Mon Mar 5 10:10:15 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:36 2003 Subject: smbstatus failed Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098D2C@ANNA> Smbstatus gives: Couldn't open status file /var/lock/samba/STATUS..LCK Any idea? TIA Milos From t.gildersleeve at bilk.ac.uk Mon Mar 5 12:28:35 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:36 2003 Subject: Samba as Domain Controller Message-ID: I think here we are in an argument of semantics! To the everyday user who just wants to get on with it, most people I speak to do not know the difference between a domain controller and a win95 logon server. This is not helped my MS having the "logon to domain" box in win9x. However, I think that most people know what people mean when they say that they want a win9x client to belong to a domain. They just mean that they want to logon to it. To them this *IS* the domain controller. To all win9x users wanting a *domain controller*, just stick with 2.0.7. It has all the *domain controller* features that you will need. You dont need the *advanced NT Domain controller features that will be in 2.2 unless you have NT, 2000 clients. > -----Original Message----- > From: Richard Sharpe [SMTP:sharpe@ns.aus.com] > Sent: Friday, March 02, 2001 6:33 PM > To: Greg J. Zartman; Kristyan Osborne; samba-ntdom@us4.samba.org > Subject: Re: Samba as Domain Controller > > At 12:59 PM 3/2/01 -0800, Greg J. Zartman wrote: > >I'm catching alot of flake about my suggestion that win 9x machine be > part > >of a domain. > > No, you are not catching a lot of flack! (Flake, BTW, are shark fillets > :-) > > We are simply suggesting that you do not need the domain controller stuff. > > In point of fact, there is almost no difference between a domain > controller > setup and a non-domain controller setup :-) > > The only difference is the presence of machine trust accounts and whether > or not the clients use MSRPC for logging on etc. > > However, 2.0.7 should work for you except for the Win2K machines. > > >Here is the question that I would ask anyone considering whether to use a > >workgroup setup of a domain? Do you need to control access to certain > >shares and do you enjoy spending all of you time configuring peoples > >machines? > > > >Personally, I like having the ability to restrict access to certain > shares > >on my network. I also don't like to spend all of my time configuring > >machines and updating usernames and passwords. That's why I use a > domain. > >If someone changes their password, the change is recorded in one place > and > >accessible by all. > > Ummm, for Win9X machines, there is no difference between a domain and a > workgroup. Samba only has a workgroup parameter, not a domain parameter. > That is because a domain, as far as the protocols are concerned, is a > workgroup with a centralized password server. > > >From the typical users standpoint, the network functions exactly the same > >regardless of what type of client OS.. The typical Win 9x user can't > sneak > >into network shares any easier than a Win NT client. > > > >Greg > > > > > >----- Original Message ----- > >From: "Kristyan Osborne" > >To: "samba" > >Sent: Friday, March 02, 2001 12:37 PM > >Subject: RE: Samba as Domain Controller > > > > > >> I agree! In my old job at a school all client machines were win 95. A > 95 > >> machine can only be part of a workgroup and not a domain. Thus a domain > >> controller with a machine password database would make no sence if win > 95 > >is > >> only validating a username and password. > >> We used a 2.0.7 server as a file-server with the user password > database. > >> > >> I am currently working on a NT 4 network with all clients NT4 wks > >controlled > >> by a samba server which is a PDC, as a machine database is required. > >> > >> Cheers > >> > >> Kris > >> > >> ------------- > >> Computers are like airconditioners: They stop working > >> properly if you open windows. > >> Win95: A 32-bit patch for a 16-bit GUI shell running on top of an > >> 8-bit operating system written for a 4-bit processor by a > >> 2-bit company who cannot stand 1 bit of competition. > >> > >> -----Original Message----- > >> From: samba-ntdom-admin@us5.samba.org > >> [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Richard Sharpe > >> Sent: 02 March 2001 16:19 > >> To: Greg J. Zartman; samba-ntdom@us5.samba.org > >> Subject: Re: Samba as Domain Controller > >> > >> > >> At 08:52 AM 3/2/01 -0800, Greg J. Zartman wrote: > >> > > >> >----- Original Message ----- > >> >From: "Richard Sharpe" > >> >To: "Adam Lang" ; > > > >> >Sent: Wednesday, February 28, 2001 9:08 AM > >> >Subject: Re: Samba as Domain Controller > >> > > >> > > >> >> At 04:23 PM 2/28/01 -0500, Adam Lang wrote: > >> >> >I'm looking into using Samba as the domain controller for my > network > >> >(about > >> >> >75 users on windows 9x). > >> >> > >> >> For Win9X machines you do not need a PDC. Samba 2.0.7 will do fine > for > >> >> these machines. > >> > > >> >This doesn't make any sense. What does the client OS have to do with > the > >> >weather or no you need a PDC??? A PDC basically centralizes netword > >admin > >> >on one machine. The client OS makes no difference. > >> > >> Sigh, > >> > >> it makes eminent senses when you realize that Microsoft does not use > the > >> Domain Controller protocols (Encrypted RPCs) for Win9X logons, but does > >for > >> WinNT and Windows 2000. > >> > >> Thus, the client OS makes a big difference. Take my word for it, lots > of > >> people are using Samba 2.0.7 and below as a logon server for Windows > 95, > >98 > >> and ME, and have been doing so for years. > >> > >> You do need to set the parameter 'domain logons = yes'. And, you might > >want > >> 'encrypt passwords = yes', but then again, you might not. > >> > >> > >> Regards > >> ------- > >> Richard Sharpe, sharpe@ns.aus.com > >> Samba (Team member, www.samba.org), Ethereal (Team member, > >www.ethereal.com) > >> Contributing author, SAMS Teach Yourself Samba in 24 Hours > >> Author, Special Edition, Using Samba > >> > >> > >> > >> > >> > >> > >> > > > > > > > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, > www.ethereal.com) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > From mhaney at info4cars.com Mon Mar 5 12:34:33 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:36 2003 Subject: Drive mappings In-Reply-To: <3.0.6.32.20010304201557.007bbdd0@bioserve.latrobe.edu.au> Message-ID: Sorry about the late nature of this reply, new computer doesn't like my DSL quite yet. ;) I am an experienced NT user and administrator and I have NEVER seen this behaviour on NT. Not for home directories or anything else that wasn't explicitly defined. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of David Bannon Sent: Sunday, March 04, 2001 4:16 AM To: Martin Eggens; samba-ntdom@us5.samba.org Subject: Re: Drive mappings At 08:13 AM 2/3/2001 +0100, Martin Eggens wrote: >..... >also a mapping is made to Z: > Yes, its a NT thing. Although you can force it to do another drive as well, its confusing to users. Experienced NT users will expect to find Z: mapped anyway. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From lkcl at samba-tng.org Mon Mar 5 13:08:50 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: > In the long run though, we want to move to a SAM-like > implementation, so you only have those groups in your > lists, that you actualy create. For filesystem purposes you > map those to actual GIDs (via SURS) > > Of course the other way round will get interesting, what > happens, if we have a file with a GID, that SURS does not > known about... > that's a system configuration error. what happens on unix when you ave a file owned by a uid or a gid that isn't in /etc/passwd or /etc/group? 1) ls -al shows numbers not names 2) only root can change ownership of the file. well, we can't do an equivalent to 1) in the "unknown" circumstances, with SURS. so throw an error: let the app deal with it [access denied]. From M.Puchta at fscodes.cz Mon Mar 5 13:40:33 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:36 2003 Subject: Network role Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098D3C@ANNA> W98 client cannot find the Samba server, Host unknown is obtained for nbtstat -A ipaddress. For nbtstat -C , <00> , <03> and <20> is obtained. Apparently the Samba server does not exhibit domain controller behaviour. Any idea? TIA Milos From lkcl at samba-tng.org Mon Mar 5 13:31:13 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:36 2003 Subject: talloc_realloc Message-ID: hi, i just noticed this function. if you examine the cliffs code, you will find a similar function. it is even added for exactly the same reasons: namely that when talloc is used in marshalling / unmarshalling, the memory-usage grows insanely large. when i described to dr andrew tridgell that i was adding a talloc_realloc, i was informed that this makes the purpose of talloc - trivial alloc - non-trivial. therefore, the function is unacceptable. now, jeremy adds talloc_realloc. this implies that the rejection of the addition of this function was not for technical reasons. dr andrew tridgell, as examples like this come up, i will point them out. my respect for you will be restored when you apologise for the manner in which you treated my expertise, work and abilities with such disdain. luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From don_mccall at hp.com Mon Mar 5 14:01:29 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:36 2003 Subject: smbstatus failed Message-ID: <079FD72E42C9D311B854009027650E6F04050866@xatl02.atl.hp.com> Hi Milos, This will happen if you run smbstatus before any client connections are made to the machine after starting up Samba. The STATUS..LCK file doesn't get created until a connection is attempted. Other possible reasons are That possibly one of the directories along the path /var/lock/samba is not executable by the person that is running smbstatus (ie the x bit is not set for everyone, or for the group or user that the user is in), or the file itself (STATUS..LCK) is not readable (if it exists). But first just try to do an smbclient -L machinename, and see if smbstatus will work after that... Hope this helps, Don -----Original Message----- From: Puchta, Milos [mailto:M.Puchta@fscodes.cz] Sent: Monday, March 05, 2001 5:10 AM To: samba-ntdom@us5.samba.org Subject: smbstatus failed Smbstatus gives: Couldn't open status file /var/lock/samba/STATUS..LCK Any idea? TIA Milos From rajeeva at research.bell-labs.com Mon Mar 5 14:08:34 2001 From: rajeeva at research.bell-labs.com (Rajeev Agrawala) Date: Tue Dec 2 02:33:36 2003 Subject: hpdj990c and samba References: <200103011803.SAA13771@scooby.lineone.net> <3A9EC973.E1A77C80@research.bell-labs.com> <3A9EF9FF.6A13C54B@valinux.com> <3A9FBBAE.3084E4D7@research.bell-labs.com> Message-ID: <3AA39DE2.40804@research.bell-labs.com> Hi Jeremy, Were you able to download the driver? Did you try it? Thanks, rajeev Rajeev Agrawala wrote: > Jeremy Allison wrote: > >> Rajeev Agrawala wrote: >> >>> DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. >>> NT does not come with default drivers for DJ890C and DJ990C. I have >>> downloaded drivers from www.hp.com. >>> >>> Have you tried DJ890C/DJ990C? >> >> Can you send me the drivers please and I'll test this here. >> > > Hi, > > You can download the driver for 990C from > > ftp://www.hp.com/pub/printers/software/dj997en.exe > > and for 890C from > > ftp://www.hp.com/pub/printers/software/dj884en.exe > > Instead of executing these files on my PC, I unzipped the distribution > using winzip and while installing print drivers on samba, I clicked have > disk for choosing the printer driver and browsed to the drivers dir > inside this downloaded distribution. Since these files are large (a > couple of Mbytes), I did not enclose them in the email. But if you have > any problem in downloading these files, please let me know. I will send > it by email. > > Thanks for looking into this. > > rajeev From Eggens at teledynamics.nl Mon Mar 5 14:15:42 2001 From: Eggens at teledynamics.nl (Martin Eggens) Date: Tue Dec 2 02:33:36 2003 Subject: Drive mappings Message-ID: Hi, Me Neither.....made a setting in smb.conf that forses to map the home directory to M: I'm happy now:-)) Best regards, Martin >>> "Mark Haney" 03/05/01 01:34pm >>> Sorry about the late nature of this reply, new computer doesn't like my DSL quite yet. ;) I am an experienced NT user and administrator and I have NEVER seen this behaviour on NT. Not for home directories or anything else that wasn't explicitly defined. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of David Bannon Sent: Sunday, March 04, 2001 4:16 AM To: Martin Eggens; samba-ntdom@us5.samba.org Subject: Re: Drive mappings At 08:13 AM 2/3/2001 +0100, Martin Eggens wrote: >..... >also a mapping is made to Z: > Yes, its a NT thing. Although you can force it to do another drive as well, its confusing to users. Experienced NT users will expect to find Z: mapped anyway. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From empmp at gmx.de Mon Mar 5 14:10:53 2001 From: empmp at gmx.de (empmp@gmx.de) Date: Tue Dec 2 02:33:36 2003 Subject: win2k with samba pdc Message-ID: <25365.983801453@www24.gmx.net> Hi, i've got the following problem: i'm using samba 2.2.alpha2 and i'm not able to log on it with a win2k client. I used strictly the pdc-howto and even the exact conf-file won't work. I want to add the 2k ws to my domain and always after using root as the one who is allowed to join this machine to the domain, nothing happens. After 3 minutes he says no domain server. If I'm taking an user which doesn't exist, he says: Sorry, this user doesn't exist. If I'm taking a user which exist but is no admin, he tells me, that I'm only able to apply ws with admin user. Is it possible that the problem, which I have comes from the plain patch for win2k which I have installed ? Thanx everyone for any help PMP -- Sent through GMX FreeMail - http://www.gmx.net From lkcl at samba-tng.org Mon Mar 5 14:04:30 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: Message-ID: On Tue, 6 Mar 2001, Luke Kenneth Casson Leighton wrote: > > In the long run though, we want to move to a SAM-like > > implementation, so you only have those groups in your > > lists, that you actualy create. For filesystem purposes you > > map those to actual GIDs (via SURS) > > > > Of course the other way round will get interesting, what > > happens, if we have a file with a GID, that SURS does not > > known about... > > > > that's a system configuration error. i also forgot to say, it's also possibly not a very good SURS implementation instance. methods to auto-create SURS entries are described in draft-lkcl-surs-v1-00.txt [the sursswitch.conf idea came later and isn't described in there]. From mblinn at peopleplaces.org Mon Mar 5 14:25:37 2001 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue Dec 2 02:33:36 2003 Subject: Simple solution? Message-ID: <001501c0a580$262108f0$b8a8a8c0@peopleplaces.org> I'm thinking this may be a simple solution to my problem with NT4.0 authenticating. NT4.0 has no problem authenticating machines which access it from another domain, it simply looks up the name in its local password database. Would a simple solution to give my users from my two domains access to NT shares after authenticating with a samba PDC be to simply change the NT machine to be a member of a third, non-used domain? Trying hard to use samba, -Michael Blinn People Places, Inc. From todd.4 at wright.edu Mon Mar 5 15:40:07 2001 From: todd.4 at wright.edu (Jason Todd) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares Message-ID: Here's another good one by NT in my lab - Samba 2.0.7 on RedHat 7.0 (linux 2.2.16-22smp) server, Windows NT 4.0 SP 6 workstations. All of a sudden, many of my users' Start Menu and Desktop shortcuts don't work correctly anymore. When selected, they prompt for a username and password for '\\WORKSTATION\ADMIN$' where WORKSTATION is some other computer in the lab. Apparently the account must be a local account for WORKSTATION, but the only local account(s) on the machines are the default when NT is installed (Administrator et al). I examined the LNK files in question, and each has the "local volume" AND "network share" bits set, meaning the target can be found on a local drive (normal) in addition to a network share on some other workstation (abnormal in these circumstances). It is apparently trying the network share first, though I have no idea why. I was able to patch a screwed up LNK file by turning off the "network share" bit and it worked, so I'll probably have to write a small utility that strips that out of each and every shortcut in my users' profiles. Or, does anyone have any better ideas? I'm very interested in seeing if anyone else has experienced this. The problem is just getting worse, as more and more shortcuts are continually being affected. I can't tell if one machine in particular is screwing up the shortcuts. P.S. In the near future I'm going to turn off local caching of profiles, which may prevent this from happening again. Prevention aside, I need a FIX first... Jason Todd ______________________________________________________________________ This message was made possible by Jason Todd and by viewers like you. Senior Help Desk Assistant, Computing and Telecommunication Services Wright State University Reply to todd.4@wright.edu or jasontodd@bigfoot.com From t.gildersleeve at bilk.ac.uk Mon Mar 5 16:28:45 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares Message-ID: Ive had a similar problem with a completely winnt network. A group of workstations have a centralised startmenu, and on occasions when choosing a shortcut it has tried to open the application accross the network so instead of running "C:\Program Files\App\App.exe" it has been trying to run "\\GRCD9\C$\Program Files\App\App.exe" This is very wierd. I got round this by opening the affected shortcuts and editing them to point to the right place. But every now and then, they are changed again. Oh, and in this case, the users in question have only read access to the shortcuts. It seems that winnt is changing them itself. So this doesnt seem to be just a samba thing. Tim Gildersleeve > -----Original Message----- > From: Jason Todd [SMTP:todd.4@wright.edu] > Sent: Monday, March 05, 2001 3:40 PM > To: samba-ntdom@samba.org > Subject: Shortcuts now point to shares > > Here's another good one by NT in my lab - Samba 2.0.7 on RedHat 7.0 (linux > 2.2.16-22smp) server, Windows NT 4.0 SP 6 workstations. > > All of a sudden, many of my users' Start Menu and Desktop shortcuts don't > work correctly anymore. When selected, they prompt for a username and > password for '\\WORKSTATION\ADMIN$' where WORKSTATION is some other > computer in the lab. Apparently the account must be a local account for > WORKSTATION, but the only local account(s) on the machines are the default > when NT is installed (Administrator et al). I examined the LNK files in > question, and each has the "local volume" AND "network share" bits set, > meaning the target can be found on a local drive (normal) in addition to a > network share on some other workstation (abnormal in these circumstances). > It is apparently trying the network share first, though I have no idea > why. I was able to patch a screwed up LNK file by turning off the > "network share" bit and it worked, so I'll probably have to write a small > utility that strips that out of each and every shortcut in my users' > profiles. Or, does anyone have any better ideas? I'm very interested in > seeing if anyone else has experienced this. The problem is just getting > worse, as more and more shortcuts are continually being affected. I can't > tell if one machine in particular is screwing up the shortcuts. > > P.S. In the near future I'm going to turn off local caching of profiles, > which may prevent this from happening again. Prevention aside, I need a > FIX first... > > Jason Todd > > ______________________________________________________________________ > This message was made possible by Jason Todd and by viewers like you. > Senior Help Desk Assistant, Computing and Telecommunication Services > Wright State University > Reply to todd.4@wright.edu or jasontodd@bigfoot.com > From Jean-Francois.Micouleau at dalalu.fr Mon Mar 5 16:34:15 2001 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares In-Reply-To: Message-ID: On Mon, 5 Mar 2001, Tim Gildersleeve wrote: > right place. But every now and then, they are changed again. Oh, and in > this case, the users in question have only read access to the shortcuts. It > seems that winnt is changing them itself. > > So this doesnt seem to be just a samba thing. There is a key you can change in the registry to change that behaviour. I remember it's somewhere in poledit. I think it's documented in the KB. J.F. From t.gildersleeve at bilk.ac.uk Mon Mar 5 16:37:23 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares Message-ID: Thanks for that Jean, Ill take a look. We are moving to a Samba PDC in the very near future (later this week) but it seems that this particular problem is with samba too. Hopefully the reg key will help. I have to say though that we have a very strict policy created with policy editor, and I have never seen that key before (perhaps I just missed it). Regards Tim Gildersleeve > -----Original Message----- > From: Jean Francois Micouleau [SMTP:Jean-Francois.Micouleau@dalalu.fr] > Sent: Monday, March 05, 2001 4:34 PM > To: Tim Gildersleeve > Cc: 'Jason Todd'; samba-ntdom@samba.org > Subject: RE: Shortcuts now point to shares > > > On Mon, 5 Mar 2001, Tim Gildersleeve wrote: > > > right place. But every now and then, they are changed again. Oh, and > in > > this case, the users in question have only read access to the shortcuts. > It > > seems that winnt is changing them itself. > > > > So this doesnt seem to be just a samba thing. > > There is a key you can change in the registry to change that behaviour. > > I remember it's somewhere in poledit. I think it's documented in the KB. > > J.F. > From todd.4 at wright.edu Mon Mar 5 16:41:49 2001 From: todd.4 at wright.edu (Jason Todd) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares In-Reply-To: Message-ID: I found a solution to this problem (shoulda done the search BEFORE sending my previous message). ;-) I found article Q158682 in MS Knowledge Base. Its description and background info are worthwhile, but I don't trust their solutions. The Shortcut.exe program seems like a good fix, but I read from another site during my search that it doesn't work very well. So, here's what I found works great. Go to www.coffeecomputing.com and in their "free software" section download the SCUT program, a replacement for Microsoft's Shortcut.exe program. This is what I was going to write, but now I'm not going to reinvent the wheel. Now, what would be the best way to automate the execution of SCUT? I have a login script set up. If I run it from there, can I trust that the profile has already been downloaded to the local machine? Jason Todd From simona at uchicago.edu Mon Mar 5 16:58:55 2001 From: simona at uchicago.edu (Simon Allaway) Date: Tue Dec 2 02:33:36 2003 Subject: Shortcuts now point to shares References: Message-ID: <3AA3C5CF.E1B4CA94@uchicago.edu> Jason Todd wrote: > You have to go into regedt32 and find this key (or create it) HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/explorer Then add a REG_DWORD value of 1 and call it LinkResolveIgnoreLinkInfo. Works for all my machines in the building. -- Simon Allaway | University of Chicago | "It all makes sense now... Anthropology | ...banner comes with mount" 5-4390 Haskell Hall | - Lcoady From elrond at samba-tng.org Mon Mar 5 17:38:49 2001 From: elrond at samba-tng.org (Elrond) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: ; from lkcl@samba-tng.org on Tue, Mar 06, 2001 at 12:08:50AM +1100 References: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> On Tue, Mar 06, 2001 at 12:08:50AM +1100, Luke Kenneth Casson Leighton wrote: [...] > > Of course the other way round will get interesting, what > > happens, if we have a file with a GID, that SURS does not > > known about... > > that's a system configuration error. > > what happens on unix when you ave a file owned by a uid or a gid that > isn't in /etc/passwd or /etc/group? > > 1) ls -al shows numbers not names > > 2) only root can change ownership of the file. > > well, we can't do an equivalent to 1) in the "unknown" circumstances, with > SURS. so throw an error: let the app deal with it [access denied]. Okay, that sounds reasonable, somewhat. Bad, there's no "nobody"-SID on NT... (For ACLs, we can simply "ignore" unknown GIDs/UIDs, but for owner/group of a file, we can't. I guess, NT wont like it, if it requests that info and we return a NULL-ptr in the SD, or will it like that?) Elrond From s.striker at striker.nl Mon Mar 5 18:14:17 2001 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: [...] > Bad, there's no "nobody"-SID on NT... What's the SID for the default 'guest' account on NT? Sander From aedem at kaxis.cx Mon Mar 5 18:27:21 2001 From: aedem at kaxis.cx (Andrew Edem) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: Message-ID: This reminds me... my company had a customer complain that SuSE doesn't have a "nobody" group (this broke our install scripts for some product)... can this be confirmed or denied? -Andrew On Mon, 5 Mar 2001, Sander Striker wrote: > [...] > > Bad, there's no "nobody"-SID on NT... > > What's the SID for the default 'guest' account on NT? > > Sander > > > From M.Puchta at fscodes.cz Mon Mar 5 18:20:10 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:36 2003 Subject: W2KProf vs W98 Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098D4E@ANNA> In spite of the fact that I have relatively easy connect W2KProf boxes to Samba server, with W98 is this different. Though the result of nbtstat is "promissing" the W98 cannot join the domain. SMB is 2.0.7. Is there any minimal config that should work for W98? The simplest one... TIA Milos From elrond at samba-tng.org Mon Mar 5 18:25:27 2001 From: elrond at samba-tng.org (Elrond) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: ; from s.striker@striker.nl on Mon, Mar 05, 2001 at 07:14:17PM +0100 References: <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <20010305192527.A37068@baerbel.mug.maschinenbau.tu-darmstadt.de> On Mon, Mar 05, 2001 at 07:14:17PM +0100, Sander Striker wrote: > [...] > > Bad, there's no "nobody"-SID on NT... > > What's the SID for the default 'guest' account on NT? SID-of-DOMAIN + 501. for example: S-1-5-21-778185394-136861212-930774774-501 This might be the closest... yes. The next best, I can up with: SID: S-1-5-12 -> NT Authority\Restricted (5: Well-known Group) This is new in w2k, and is meant for "user to run restricted code under" or somesuch... Elrond > > Sander > > From merkes at t-online.de Mon Mar 5 19:06:58 2001 From: merkes at t-online.de (markus stephany) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: References: Message-ID: <1824841882.20010305200658@mirkes.de> Hello Sander, Monday, March 05, 2001, 7:14:17 PM, you wrote: SS> [...] >> Bad, there's no "nobody"-SID on NT... SS> What's the SID for the default 'guest' account on NT? SS> Sander sfmji, but i think nt can handle this; after removing a workstation from a domain there are 'unknown account' entries in the acl-dialog of files that e.g. have been owned by a domain user. -- rgds, markus stephany ================================================== mailto:merkes@t-online.de http://www.mirkes.de ================================================== pgp fingerprint: 80F7 43D2 EDB9 CB98 3AF4 AA90 89D3 74CA 1662 1990 From merkes at t-online.de Mon Mar 5 19:13:15 2001 From: merkes at t-online.de (markus stephany) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: References: Message-ID: <1975219074.20010305201315@mirkes.de> Hello Andrew, Monday, March 05, 2001, 7:27:21 PM, you wrote: AE> This reminds me... my company had a customer complain that SuSE doesn't AE> have a "nobody" group (this broke our install scripts for some AE> product)... can this be confirmed or denied? AE> -Andrew AE> On Mon, 5 Mar 2001, Sander Striker wrote: >> [...] >> > Bad, there's no "nobody"-SID on NT... >> >> What's the SID for the default 'guest' account on NT? >> >> Sander >> >> >> on suse, that group is called "nogroup" -- rgds, markus stephany ================================================== mailto:merkes@t-online.de http://www.mirkes.de ================================================== pgp fingerprint: 80F7 43D2 EDB9 CB98 3AF4 AA90 89D3 74CA 1662 1990 From elrond at samba-tng.org Mon Mar 5 19:19:17 2001 From: elrond at samba-tng.org (Elrond) Date: Tue Dec 2 02:33:36 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <1824841882.20010305200658@mirkes.de>; from merkes@t-online.de on Mon, Mar 05, 2001 at 08:06:58PM +0100 References: <1824841882.20010305200658@mirkes.de> Message-ID: <20010305201917.A9560@baerbel.mug.maschinenbau.tu-darmstadt.de> That's something completely different. What happens is this: The SID is still the old sid, like S-1-5-33-552317002-3460912474-1716743274-1001 But because you removed the workstation from the domain, it can't resolve that SID into a name and says "unknown". What we need an official "nobody"-SID, that's something different. Elrond On Mon, Mar 05, 2001 at 08:06:58PM +0100, markus stephany wrote: > Hello Sander, > > Monday, March 05, 2001, 7:14:17 PM, you wrote: > > SS> [...] > >> Bad, there's no "nobody"-SID on NT... > > SS> What's the SID for the default 'guest' account on NT? > > SS> Sander > > > sfmji, but i think nt can handle this; after removing a workstation > from a domain there are 'unknown account' entries in the acl-dialog > of files that e.g. have been owned by a domain user. > > -- > rgds, markus stephany > ================================================== > > mailto:merkes@t-online.de > http://www.mirkes.de > > ================================================== > pgp fingerprint: > 80F7 43D2 EDB9 CB98 3AF4 AA90 89D3 74CA 1662 1990 > > > From Angel.R.Rivera at usa.conoco.com Mon Mar 5 19:35:42 2001 From: Angel.R.Rivera at usa.conoco.com (Rivera, Angel R) Date: Tue Dec 2 02:33:37 2003 Subject: NT Group and Sambe Message-ID: <4507D376B01BD411A51800805FE6B5D10104C20B@hoex38.ho.conoco.com> Hello All, I am trying to get a grasp on how to authenticate using a user's group in the NT domain. Our setup is Sun/Solaris with Sambe 2.0.7 and NT4.0. We are running apache and need to be able to authenticate using groups. We can authenticate using user login w/o a problem. What I have a problem is going from the group name to RID. Any pointers? Any HowTos? TIA, Angel From abartlet at pcug.org.au Mon Mar 5 21:37:45 2001 From: abartlet at pcug.org.au (Andrew Bartlett) Date: Tue Dec 2 02:33:37 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <3AA40729.E5514B52@bartlett.house> Elrond wrote: > > On Tue, Mar 06, 2001 at 12:08:50AM +1100, Luke Kenneth Casson Leighton wrote: > [...] > > > Of course the other way round will get interesting, what > > > happens, if we have a file with a GID, that SURS does not > > > known about... > > > > that's a system configuration error. > > > > what happens on unix when you ave a file owned by a uid or a gid that > > isn't in /etc/passwd or /etc/group? > > > > 1) ls -al shows numbers not names > > > > 2) only root can change ownership of the file. > > > > well, we can't do an equivalent to 1) in the "unknown" circumstances, with > > SURS. so throw an error: let the app deal with it [access denied]. > > Okay, that sounds reasonable, somewhat. > > Bad, there's no "nobody"-SID on NT... > > (For ACLs, we can simply "ignore" unknown GIDs/UIDs, but > for owner/group of a file, we can't. I guess, NT wont like > it, if it requests that info and we return a NULL-ptr in > the SD, or will it like that?) > > Elrond Is it just me, or does the idea of effectivly changing the owner of file to an arbitary user (nobody) which is normally used as a 'I can't break anything' user sound like a bad idea? It would be a pity if root suddenly got forgotten and the entire system became owned (at least from the NT end) by nobody. Just my 2 cents worth, Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au From gary at netin.com Mon Mar 5 22:12:22 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:37 2003 Subject: SWAT: please help Message-ID: <3AA40F45.483AFF59@netin.com> Hello all: Here's the problem [on a RH7 running kernel 2.2.17-14 with Samba 2.0.7-21ssl and xinetd-2.1.8.9pre14]: http://localhost:901 does bring up the SWAT login dialog box.. but upon entering root as the user, followed by my root passwd in the next entry... it tells me "Authentication failed. Retry?" I can tell you that I did enter the correct root passwd, because I am root on this network. Any ideas.. or should I just forget SWAT [as in it's buggy] and run the daemons manually? I've fought with this for three days and I've had enough. Historical: [all this is done as root] Created the group 'smb' Created the user 'smbuser' w/ a home dir of /home/public [I also disabled login on this user account when I created it] #chown smbuser:smb /home/public #chmod 2777 /home/public #mkdir /home/samba #chown smbuser:smb /home/samba #chmod 2770 /home/samba #mkdir /home/samba/data #chown smbuser:smb /home/samba/data #chown 2770 /home/samba/data Via Linuxconf, open the group smb, and add the users I want included in this group. #emacs /etc/hosts #cat /etc/hosts # # arendia.FOURNERAT//etc/hosts # 127.0.0.1 localhost.localdomain localhost 192.168.0.115 arendia.FOURNERAT arendia 192.168.0.111 compaq.FOURNERAT compaq 192.168.0.112 marilyn.FOURNERAT marilyn [Note: localhost and arendia are the same RH7 box.. compaq is a NT 4 PDC... marilyn is a Win98 workstation.] #emacs /etc/samba/lmhosts #cat /etc/samba/lmhosts # # arendia.FOURNERAT//etc/samba/lmhosts # 127.0.0.1 localhost 192.168.0.115 arendia 192.168.0.111 compaq 192.168.0.112 marilyn #grep swat /etc/services swat 901/tcp # Samba Web Administration Tool #emacs /etc/xinetd.d/swat #cat /etc/xinetd.d/swat # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { port = 901 socket_type = stream wait = no only_from = 127.0.0.1 user = smbuser server = /usr/sbin/swat log_on_failure += USERID disable = no } #cat /etc/hosts.deny ALL:ALL #cat /etc/hosts.allow swat: 127.0.0.1 192.168.0. #killall -HUP xinetd ------------- And somewhere along the line, the file /etc/samba/smbuser was created (Linuxconf?)... #cat /etc/samba/smbuser #Unix_name = SMB_name1 SMB_name2 root = administrator admin nobody = smbuser guest pcguest smbguest Any help would be greatly appreciated! Gary From tcameron at three-sixteen.com Mon Mar 5 22:28:00 2001 From: tcameron at three-sixteen.com (Thomas Cameron) Date: Tue Dec 2 02:33:37 2003 Subject: SWAT: please help References: <3AA40F45.483AFF59@netin.com> Message-ID: <3AA412F0.FD24222E@three-sixteen.com> Look for /etc/pam.d/samba: [tcameron@tclinux tcameron]$ cat /etc/pam.d/samba auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth If it's not there, SWAT will not work. BTW - SWAT is FAR superior to Linuxconf for configuring Samba. SWAT uses the actual Samba libraries for configuring the service, Linuxconf uses the author's best understanding of Samba. Not to say that the Solucorp crew isn't freaking brilliant, but it's better to use the config tool from the Samba team. The Archimage GL Fournerat wrote: > > Hello all: > > Here's the problem [on a RH7 running kernel 2.2.17-14 with > Samba 2.0.7-21ssl and xinetd-2.1.8.9pre14]: > > http://localhost:901 does bring up the SWAT login dialog > box.. but upon entering root as the user, followed by my > root passwd in the next entry... it tells me "Authentication > > failed. Retry?" I can tell you that I did enter the correct > > root passwd, because I am root on this network. > > Any ideas.. or should I just forget SWAT [as in it's buggy] > and run the daemons manually? I've fought with this for > three days and I've had enough. > > Historical: [all this is done as root] > > Created the group 'smb' > > Created the user 'smbuser' w/ a home dir of /home/public > [I also disabled login on this user account when I created > it] > > #chown smbuser:smb /home/public > #chmod 2777 /home/public > > #mkdir /home/samba > #chown smbuser:smb /home/samba > #chmod 2770 /home/samba > > #mkdir /home/samba/data > #chown smbuser:smb /home/samba/data > #chown 2770 /home/samba/data > > Via Linuxconf, open the group smb, and add the users I want > included in this group. > > #emacs /etc/hosts > #cat /etc/hosts > # > # arendia.FOURNERAT//etc/hosts > # > 127.0.0.1 localhost.localdomain localhost > 192.168.0.115 arendia.FOURNERAT arendia > 192.168.0.111 compaq.FOURNERAT compaq > 192.168.0.112 marilyn.FOURNERAT marilyn > > [Note: localhost and arendia are the same RH7 box.. compaq > is a NT 4 PDC... marilyn is a Win98 workstation.] > > #emacs /etc/samba/lmhosts > #cat /etc/samba/lmhosts > # > # arendia.FOURNERAT//etc/samba/lmhosts > # > 127.0.0.1 localhost > 192.168.0.115 arendia > 192.168.0.111 compaq > 192.168.0.112 marilyn > > #grep swat /etc/services > swat 901/tcp # Samba Web > Administration Tool > > #emacs /etc/xinetd.d/swat > #cat /etc/xinetd.d/swat > # default: off > # description: SWAT is the Samba Web Admin Tool. Use swat > \ > # to configure your Samba server. > To use SWAT, \ > # connect to port 901 with your > favorite web browser. > service swat > { > port = 901 > socket_type = stream > wait = no > only_from = 127.0.0.1 > user = smbuser > server = /usr/sbin/swat > log_on_failure += USERID > disable = no > } > #cat /etc/hosts.deny > > ALL:ALL > > #cat /etc/hosts.allow > > swat: 127.0.0.1 192.168.0. > > #killall -HUP xinetd > ------------- > And somewhere along the line, the file /etc/samba/smbuser > was created (Linuxconf?)... > > #cat /etc/samba/smbuser > #Unix_name = SMB_name1 SMB_name2 > root = administrator admin > nobody = smbuser guest pcguest smbguest > > Any help would be greatly appreciated! > > Gary > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- ------------------------------------------------------------------- -- Thomas D. Cameron -- Red Hat Certified Engineer -- TurboLinux Certified Instructor -- Certified NetWare Engineer -- Microsoft Certified Systems Engineer -- Microsoft Certified Trainer ------------------------------------------------------------------- From peter at cadcamlab.org Tue Mar 6 00:55:29 2001 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:33:37 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> <3AA40729.E5514B52@bartlett.house> Message-ID: <15012.13697.566328.548962@wire.cadcamlab.org> [Andrew Bartlett] > Is it just me, or does the idea of effectivly changing the owner of > file to an arbitary user (nobody) which is normally used as a 'I > can't break anything' user sound like a bad idea? It's just you. (: > It would be a pity if root suddenly got forgotten and the entire > system became owned (at least from the NT end) by nobody. If you forget the root password you have other problems anyway. What alternative do you have, from the NT end, besides treating root files as owned by "some unknown user" which is what 'nobody' will represent here? None of this will affect your access from Unix, which is how you would go about fixing such a situation anyway. Peter From massey at rmci.net Tue Mar 6 01:17:03 2001 From: massey at rmci.net (Mike) Date: Tue Dec 2 02:33:37 2003 Subject: hpdj990c and samba In-Reply-To: <3AA39DE2.40804@research.bell-labs.com> Message-ID: NT from personal experince with 8 of them on my network does not like 890C drivers. NT will drop it's RPC Server and die, try that on a network print server. HP says the newer release fixed this but it did nothing to help us. On HP Printers you can use the universal series drivers 500 550C 600C 660C on most printers except for the Windows only printers, yes HP makes these and no DOS apps will not print. Yes you will loose all of the HP ads and some funtionality but the printers will work fine. Cheers Mike -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Rajeev Agrawala Sent: Monday, March 05, 2001 7:09 AM To: Jeremy Allison Cc: kris.ozzy@lineone.net; samba-ntdom@samba.org Subject: Re: hpdj990c and samba Hi Jeremy, Were you able to download the driver? Did you try it? Thanks, rajeev Rajeev Agrawala wrote: > Jeremy Allison wrote: > >> Rajeev Agrawala wrote: >> >>> DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. >>> NT does not come with default drivers for DJ890C and DJ990C. I have >>> downloaded drivers from www.hp.com. >>> >>> Have you tried DJ890C/DJ990C? >> >> Can you send me the drivers please and I'll test this here. >> > > Hi, > > You can download the driver for 990C from > > ftp://www.hp.com/pub/printers/software/dj997en.exe > > and for 890C from > > ftp://www.hp.com/pub/printers/software/dj884en.exe > > Instead of executing these files on my PC, I unzipped the distribution > using winzip and while installing print drivers on samba, I clicked have > disk for choosing the printer driver and browsed to the drivers dir > inside this downloaded distribution. Since these files are large (a > couple of Mbytes), I did not enclose them in the email. But if you have > any problem in downloading these files, please let me know. I will send > it by email. > > Thanks for looking into this. > > rajeev From peter at cadcamlab.org Tue Mar 6 01:08:35 2001 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:33:37 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) References: <20010303143517.E20502@baerbel.mug.maschinenbau.tu-darmstadt.de> <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> <3AA40729.E5514B52@bartlett.house> <15012.13697.566328.548962@wire.cadcamlab.org> Message-ID: <15012.14483.538197.779535@wire.cadcamlab.org> [Andrew Bartlett] > > It would be a pity if root suddenly got forgotten and the entire > > system became owned (at least from the NT end) by nobody. [Peter Samuelson] > If you forget the root password you have other problems anyway. What > alternative do you have, from the NT end, besides treating root files > as owned by "some unknown user" which is what 'nobody' will represent > here? Reading this again I realise that I wrote a bit confusedly here. What I meant is: if 'root' is an unknown user, the file access needs to be mapped to something that means "some unknown user", which someone proposed to be 'nobody'. If the *same* unknown user is used for guest logons, it would definitely be a Bad Thing. This would be a mere configuration error, but is worth mentioning lest someone make it. To clarify: the smb.conf 'guest user' should never be the same as the Unix side of the "wildcard" entry in the 'username map' file (or the equivalent via SURS or some other SAM backend implementation). Peter From jeremy at valinux.com Tue Mar 6 01:27:11 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:37 2003 Subject: talloc_realloc In-Reply-To: ; from lkcl@samba-tng.org on Tue, Mar 06, 2001 at 12:31:13AM +1100 References: Message-ID: <20010305172711.C30591@valinux.com> On Tue, Mar 06, 2001 at 12:31:13AM +1100, Luke Kenneth Casson Leighton wrote: > when i described to dr andrew tridgell that i was adding a talloc_realloc, > i was informed that this makes the purpose of talloc - trivial alloc - > non-trivial. therefore, the function is unacceptable. > > now, jeremy adds talloc_realloc. > > this implies that the rejection of the addition of this function was not > for technical reasons. I know I shouldn't answer this but...... *I* added talloc_realloc to the 2.2 tree without consultation with Andrew in order to try and fix the same problem you describe. I eventually got it working (it was non-trivial) and after much testing (until 1am :-) discovered that when enumerating a 10,000 printer job queue list it *still* used more than 20mb of virtual memory more than the less elegent realloc code (which I left working in head). I finally discussed this with Andrew on Sunday. He was quite kind (in fact I don't think the words "told you so" passed his lips once :-). Dishartened, I went home. That was over the weekend. As I'm working from home today on a white paper I didn't get chance to revert the changes to 2.2 back to the code used in HEAD. I will be doing so tomorrow and that implementation of talloc_realloc will be history. So yes it *was* for technical reasons, you just need to be able to do the tests and determine this for yourself. Now the question remains, did *you* do those tests and remove it in your code, or did you just leave it in for the case you tested assuming it was ok for all cases ? This is why Andrew is the head of the Team, 'cos he can see these things without the pain I have to go through to see them :-) :-). Regards, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From greg at leiinc.com Tue Mar 6 01:51:02 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:37 2003 Subject: How often is CVS trees updated. Message-ID: <007901c0a5df$e6ae5a50$2800a8c0@leinet> Does anyone know how often the CVS trees are updated (once a month, every couple months, ..., etc???) Of specific interest to me is the Samba_2_2 tree. Thank you. Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 369 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010305/04a49572/GregJ.Zartman.vcf From Axel.Thimm at physik.fu-berlin.de Tue Mar 6 06:20:58 2001 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue Dec 2 02:33:37 2003 Subject: W2K profile creation in samba_2_2 In-Reply-To: <20010221180245.B18807@pua.domain>; from Axel.Thimm@physik.fu-berlin.de on Wed, Feb 21, 2001 at 06:02:45PM +0100 References: <079FD72E42C9D311B854009027650E6F0405081F@xatl02.atl.hp.com> <20010221180245.B18807@pua.domain> Message-ID: <20010306072058.A27711@pua.domain> A few hours ago I recompiled the latest SAMBA_2_2 cvs. Unfortunatly the following problem still persists. no (force) modes/masks etc, only "inherit permissions". The execute bit lags are removed when the profile is written back. Any clue? (This is a german W2Ksp1) On Wed, Feb 21, 2001 at 06:02:45PM +0100, Axel Thimm wrote: > This is how it looks like: > oberon(9):~/profile> ls -ltr > total 538 > -rw-r----- 1 thimm ag-linke 180256 Feb 6 05:20 USER.DAT > -rw-r----- 1 thimm ag-linke 192 Feb 15 21:08 ntuser.ini > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:45 Vorlagen/ > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:45 SendTo/ > drw-r--r-- 3 thimm ag-linke 8192 Feb 19 14:45 Startmen?/ > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:46 Recent/ > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:46 Netzwerkumgebung/ > -rw-r----- 1 thimm ag-linke 262144 Feb 19 14:46 NTUSER.DAT > drw-r--r-- 3 thimm ag-linke 8192 Feb 19 14:46 His6/ > -rw-r----- 1 thimm ag-linke 1024 Feb 19 14:46 ntuser.dat.LOG > drw-r--r-- 4 thimm ag-linke 8192 Feb 19 14:46 Favoriten/ > drw-r--r-- 4 thimm ag-linke 8192 Feb 19 14:46 Desktop/ > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:46 Druckumgebung/ > drw-r--r-- 2 thimm ag-linke 8192 Feb 19 14:46 Cookies/ > drw-r--r-- 3 thimm ag-linke 8192 Feb 19 14:46 Eigene Dateien/ > drw-r--r-- 4 thimm ag-linke 8192 Feb 19 14:46 Anwendungsdaten/ > > [...] > No, my umask ist "standard" 022 (bits stripped off). And I can observe smbd > creating the dirs with sensefull permissions and then stripping the execute > bits away. > > Thanks, Axel. -- Axel.Thimm@physik.fu-berlin.de From whyberg at omgtu.omskelecom.ru Tue Mar 6 07:24:14 2001 From: whyberg at omgtu.omskelecom.ru (=?koi8-r?B?4c7E0sXKIOHS1MXN2MXX?=) Date: Tue Dec 2 02:33:37 2003 Subject: can`t get userlist from samba server Message-ID: <001201c0a60e$72d6b300$1700a8c0@whyberg.omgtunet> Hello ALL!!! Samba 2.2 cvs last_night_snapshot as PDC on FreeBSD 4.2-STABLE client win95 SUBJ. help please!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: omgtunet.conf Type: application/octet-stream Size: 983 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010306/c3297ce3/omgtunet.obj From gary at netin.com Tue Mar 6 07:38:56 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:37 2003 Subject: SWAT: please help References: <3AA481E9.102D3878@bartlett.house> Message-ID: <3AA49410.5F1414A1@netin.com> To: Thomas Cameron Russ Brooks Andrew Bartlett Thanks a million guys. I've got several options to look into now... and that's far better than where I've been lately. Re: my /etc/xinetd/swat file.... in the user = smbuser line, I should have added that after I created the 'smb' group, I then created the user account 'smbuser'... and made root (and smbuser) a member of the smb group (along with a select few others). So, by 'smbuser' being a member of the 'smb' group, along with root, I was hoping that root access would be deferred to smbuser (at least for the 'smb' group)... but it probably doesn't work that way. This was all done in hopes of keeping root out of the SWAT equation... and is probably the root cause of all my problems. LOL Another issue to dig into is that I have the smbuser user account disabled (with regard to logins and with no password assigned to the user) so I'll tinker with this as well. Is it safe to assume that "user = " is looking for a user account.. and not a group account? I'm uncertain about this since "root" can be either. On the same note, can a user or group with root access be inserted here? in the only_from = 127.0.0.1 line, I have tried 'localhost' there as well.. with the same results (Authentication failed. Retry?). I have not tried removing the line altogether (yet). Re: /etc/pam.d/samba It's there Tom.. exactly as you copied from your system. I thought PAM was going to be at least a part of the problem because I looked into /var/log/ and found.. (I see now PAM was only doing what it's suppose to.. and this is pam-0.72-37) Mar 5 08:19:52 arendia PAM_unix[669]: (login) session opened for user root by LOGIN(uid=0) Mar 5 08:20:13 arendia PAM_unix[786]: authentication failure; (uid=505) -> root for samba service {505 is the uid for the smbuser user account} Re: (I know, I know... bad sysadmin!) To date, the only way that seems to work is by using root.. bad sysadmin or not. Thanks again guys!!! Gary Andrew Bartlett wrote: > Russ Brucks wrote: > > > > This is a quick shot in the dark, but in your email you displayed the cat of > > /etc/xinetd.d/swat > > > > >#cat /etc/xinetd.d/swat > > ># default: off > > ># description: SWAT is the Samba Web Admin Tool. Use swat > > >\ > > ># to configure your Samba server. > > >To use SWAT, \ > > ># connect to port 901 with your > > >favorite web browser. > > >service swat > > >{ > > > port = 901 > > > socket_type = stream > > > wait = no > > > only_from = 127.0.0.1 > > > user = smbuser > > > server = /usr/sbin/swat > > > log_on_failure += USERID > > > disable = no > > >} > > > > I bet the line stating > only_from = 127.0.0.1 is the culprit. I would > > think this is interpretted as SWAT will only accept connections from > > 127.0.0.1, vis a vis the local host. I removed this line from my > > xinetd.d/swat file. Try that and see if it helps. I would also imagine the > > user = smbuser would require you to login to SWAT as only smbuser. I'm not > > sure if you put a space or a comma to add more than one user. I'm still > > using root as mine. (I know, I know... bad sysadmin!) > > > > Cheers, > > > > Russ > > SWAT must run as ROOT, it cannot do its job as any other user (apart > from remote password changes, but thats another issue). The SWAT > program needs to modify /etc/smbpasswd and /etc/smb.conf, as well as > validating your idenity in /etc/shadow (or with PAM). All this needs > root privilages. > > Reading some of your earlier postings (quoted below) I see that the > user=smbuser is the issue. If SWAT is using PAM (it is), it can't tell > the difference between 'that password is wrong' and 'i can't verify that > password', hence your problem. > > Hope this clarifies things, > Andrew Bartlett From abartlet at pcug.org.au Tue Mar 6 08:03:05 2001 From: abartlet at pcug.org.au (Andrew Bartlett) Date: Tue Dec 2 02:33:37 2003 Subject: SWAT: please help References: <3AA481E9.102D3878@bartlett.house> <3AA49410.5F1414A1@netin.com> Message-ID: <3AA499B9.45C7C1A0@bartlett.house> GL Fournerat wrote: > > To: Thomas Cameron > Russ Brooks > Andrew Bartlett > > Thanks a million guys. I've got several options to look into now... and that's > far better than where I've been lately. > > Re: my /etc/xinetd/swat file.... > > in the > user = smbuser > line, I should have added that after I created the 'smb' group, I then created > the user account 'smbuser'... and made root (and smbuser) a member of the smb > group (along with a select few others). So, by 'smbuser' being a member of the > 'smb' group, along with root, I was hoping that root access would be deferred to > smbuser (at least for the 'smb' group)... but it probably doesn't work that way. > This was all done in hopes of keeping root out of the SWAT equation... and is > probably the root cause of all my problems. LOL > > Another issue to dig into is that I have the smbuser user account disabled (with > regard to logins and with no password assigned to the user) so I'll tinker with > this as well. > > Is it safe to assume that "user = " is looking for a user account.. and not a > group account? I'm uncertain about this since "root" can be either. On the same > note, can a user or group with root access be inserted here? The user you wan't the deamon to run as is listed here, ie echo and finger both run as nobody, but ftp must run as root (hence half the problems with FTP, but thats another story). > > in the > only_from = 127.0.0.1 > line, I have tried 'localhost' there as well.. with the same results > (Authentication failed. Retry?). I have not tried removing the line altogether > (yet). leave it in. You wouln't even get the authentication message if you didn't pass this 'test'. > > Re: /etc/pam.d/samba > > It's there Tom.. exactly as you copied from your system. > > I thought PAM was going to be at least a part of the problem because I looked > into /var/log/ and found.. (I see now PAM was only doing what it's suppose to.. > and this is pam-0.72-37) > > Mar 5 08:19:52 arendia PAM_unix[669]: (login) session opened for user root by > LOGIN(uid=0) > Mar 5 08:20:13 arendia PAM_unix[786]: authentication failure; (uid=505) -> root > for samba service > > {505 is the uid for the smbuser user account} > > Re: (I know, I know... bad sysadmin!) > > To date, the only way that seems to work is by using root.. bad sysadmin or not. As I often (at least in the last few days) point out, the user who can edit smb.conf is only a root preexec away from being root. Therefore only root can edit smb.conf. Therefore SWAT must run as root. Therefore xinetd (the program that reads /etc/xinetd.d/swat and starts SWAT when accessed) must be told to start SWAT as root. SWAT doesn't read this file, and its behavior is only impacted by the way it is started, and what permissions its started with. So that swat doesn't allow Random Joe Hacker access to modify smb.conf it asks for a password, and to check that password it must be root. Apon verification, it changes its userid to that user, and if it can still modify smb.conf allows them in. (If they can't they get the ability to view the config, and to change their password - but nothing else). So the bottom line is, while doing things as root could be considered a bad idea, its the only option is this case, and therefore not 'bad sysadmin'. Note that Samba as a whole must run as root, for exactly this reason. The one thing that is 'bad sysadmin' is what hosts can access swat, as running a password cracker agaist it would be trivial, and there is a small detail whereby it can make it easier to guess usernames. Note that these issues are also present in the SMB protocol, so just don't run SWAT where you wouldn't allow SMB access. Running 'only form = localhost' is a GOOD IDEA. Hope this clarifies things, Andrew Bartlett > > Thanks again guys!!! > > Gary > -- Andrew Bartlett abartlet@pcug.org.au From lkcl at samba-tng.org Tue Mar 6 09:26:12 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:37 2003 Subject: SURS is not SAM (was Re: FW: Speed comp. TNG & 2.2.alpha (fwd)) In-Reply-To: <15012.14483.538197.779535@wire.cadcamlab.org> Message-ID: On Mon, 5 Mar 2001, Peter Samuelson wrote: > 'guest user' should never be the same as the Unix side of the > "wildcard" entry in the 'username map' file (or the equivalent via SURS > or some other SAM backend implementation). peter, i'm mentioning this just in case you really think this, but also so that other people reading this _also_ don't get the wrong impression: SURS is not a SAM database. SURS is a map between relevant SAM database entries across your entire NT domain and relevant unix database entries. relevant unix database entries. this implies one SURS map tper unix host, where each SURS map "tracks" the "conventions" widely applied on a day-to-day basis in unix networks across the world: namely that by "convention", a unix user on two or more unix computers is given the same local user id. luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From lkcl at samba-tng.org Tue Mar 6 09:44:58 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:37 2003 Subject: talloc_realloc In-Reply-To: <20010305172711.C30591@valinux.com> Message-ID: On Mon, 5 Mar 2001, Jeremy Allison wrote: > On Tue, Mar 06, 2001 at 12:31:13AM +1100, Luke Kenneth Casson Leighton wrote: > > > when i described to dr andrew tridgell that i was adding a talloc_realloc, > > i was informed that this makes the purpose of talloc - trivial alloc - > > non-trivial. therefore, the function is unacceptable. > > > > now, jeremy adds talloc_realloc. > > > > this implies that the rejection of the addition of this function was not > > for technical reasons. > > I know I shouldn't answer this but...... > > *I* added talloc_realloc to the 2.2 tree without consultation with > Andrew in order to try and fix the same problem you describe. i know. > I eventually got it working (it was non-trivial) and after much > testing (until 1am :-) discovered that when enumerating a 10,000 > printer job queue list it *still* used more than 20mb of virtual > memory more than the less elegent realloc code (which I left working > in head). > Dishartened, I went home. That was over the weekend. As I'm working > from home today on a white paper I didn't get chance to revert the > changes to 2.2 back to the code used in HEAD. I will be doing so > tomorrow and that implementation of talloc_realloc will be history. > > So yes it *was* for technical reasons, you just need to be able to > do the tests and determine this for yourself. Now the question remains, > did *you* do those tests and remove it in your code, or did you just > leave it in for the case you tested assuming it was ok for all cases ? i used trealloc() only for the marshalling buffer memory, as using talloc was utterly hammering memory. so it was a very specific and limited usage: a tool - an optimisation - for a job. so, it was there for one specific case - not all cases. if you are using talloc_realloc for general memory allocation, including structures used by the function calls, then well yeah, you're going to get problems! ESPECIALLY with the printing code. remember, the functions go like this: client: spoolss_get_printer_data(1024, void*buffer, size_t **size_needed) server: error_buff_to_small, size_needed = 1024000. client: spoolss_get_printer_data(1024000, void *buffer) but the client-side code in nt is so STUPID in places that it continues to use the buffer size 1024000 even though the buffer _actuall_ required for a particular structure may be only 1 byte. have you considered using more than one TALLOC_CTX? one for marshalling, one for unmarshalling, one for memory returned to client-side usage, one for memory returned for server-side usage? > This is why Andrew is the head of the Team, 'cos he can see these > things without the pain I have to go through to see them :-) :-). andrew has specific technical skills in specific areas. From akopps at CSUA.Berkeley.EDU Tue Mar 6 10:01:50 2001 From: akopps at CSUA.Berkeley.EDU (Akop Pogosian) Date: Tue Dec 2 02:33:37 2003 Subject: NIS+ and smbpasswd. Message-ID: I have a question about NIS+ and smbpasswd command. Suppose that none of the passwords in the smbpasswd file were set since converting unix passwd to smbpasswd format and then I transfer this data into a NIS+ smbpasswd table and change smb.conf to use smbpasswd NIS+ table for password database. Could our unix users set their windows passwords by just running smbpasswd even though their smb password has not been set yet or do the system administrator has to initiate it as root? Does anyone actually use Samba with NIS+ support? Does it work well? I find very little documentation about NIS+ and Samba in 2.0.7 distribution .. From Jan.M.Skarberg at eto.ericsson.se Tue Mar 6 10:01:42 2001 From: Jan.M.Skarberg at eto.ericsson.se (Jan M Skarberg (ETO)) Date: Tue Dec 2 02:33:37 2003 Subject: Message-ID: confirm 206441 From lkcl at samba-tng.org Tue Mar 6 10:19:20 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:37 2003 Subject: talloc_realloc In-Reply-To: <20010305172711.C30591@valinux.com> Message-ID: > memory more than the less elegent realloc code (which I left working > in head). I finally discussed this with Andrew on Sunday. He was > quite kind (in fact I don't think the words "told you so" passed > his lips once :-). that is far better treatment than i received. flat rejection without explanation, without interest, and without questions. "talloc is trivial alloc. therefore it cannot have realloc of any kind." he was basically totally and actively disinterested in any kind of technical discussion of any kind. it was a bit like pavlov's dog. ring the bell, and the dog salivates. i mention an idea, he rejects it. and yes, i know: these are not the sorts of things that are considered should go on public mailing lists. but one of _the_ most important things for me is that this sort of thing never happens to anyone else, again, EVER. for someone who is supposed to lead a team, dr andrew tridgell is quite capable of attempting to destroy someone's career, which is ... i don't know how to express how i feel about that. i would never wish for anyone to be treated the way i was treated [sympathy NOT required and NOT requested. i am simply making a statement]. luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From lkcl at samba-tng.org Tue Mar 6 10:37:37 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:37 2003 Subject: SURS is not SAM (was Re: FW: Speed comp. TNG & 2.2.alpha (fwd)) In-Reply-To: <15012.47119.958233.200994@wire.cadcamlab.org> Message-ID: On Tue, 6 Mar 2001, Peter Samuelson wrote: > > [Peter Samuelson] > > > 'guest user' should never be the same as the Unix side of the > > > "wildcard" entry in the 'username map' file (or the equivalent via SURS > > > or some other SAM backend implementation). > > [lkcl] > > i'm mentioning this just in case you really think this, but also so that > > other people reading this _also_ don't get the wrong impression: > > > > SURS is not a SAM database. > > Right. However, it's my understanding that, when complete, the SURS > infrastructure will be used by samrd as part of maintaining the SAM. > Yes? no :) :) it won't :) that's the whole point :) the SAM database is totally independent. a finished samrd you could literally recompile on NT and shut down SAMSRV.EXE and run SAMRD.EXE instead. [wait a bit for the implications of that to sink in a bit :) :)] the only point at which surs should be used is in smbd's reply_session_setup(). when you obtain a NET_USER_INFO_3 by making a NETLOGON authentication [inside reply_session_setup: see TNG's version of this function], you need to translate the NT-style user / group info into unix user / group info. _that's_ where SURS is involved. and it is the _only_ place where it is involved. now, the debate is, whether to simplify things by doing the "map username" on the NT-style user/group info *BEFORE* the SURS translation or *AFTER*. the difference is very significant, as one way is very simple and efficient and after-surs-translatnion is utterly horrible. > While we're on the subject, could you please explain (in one-syllable > words, since I'm really a beginner when it comes to DCE/RPC and ntdom > stuff): What exactly is the interaction between samrd, netlogond and > the other daemons? samrd has no dependencies. lsarpcd depends on samrd [for local-SAM info, otherwise it goes out-sourcing using remote LSA calls] netlogond depends on lsarpcd and samrd. > I'm kind of old-school, so I still have trouble > separating out account enumeration and authentication, since old Unix > implementations (including NIS) do both at once. I know about PAM > versus NSS, though -- are netlogond and samrd similar to this model, or > different? very similar. the only thing is that... well... actually, netlogond is like a combination of PAM and NSS, with more emphasis on PAM than NSS. samrd is like an instance of an NSS module. lsarpcd is like the NSS framework implementation itself: it is responsible for calling NSS-like-modules. that's basically it. the significant difference is that samrd has read/write - _Totaly_ manageable, remotely, whereass NSS and PAM are a bit of a pain to manage. > Basically, when netlogond, smbd and the other daemons need to look up > accounts, do they just IPC over to samrd or do they handle things > themselves? well, i considered allowing netlogond to IPC. but that's not exactly very secure. so, instead what i did was linked netlogond directly with sampasswddb.so which means that netlogonldapd must link with samldapdb.so etc. why? because it's not very good to have user-passwords allowed to go over an IPC connection, even on loop-back, that's why. if MS decided to disable samr_get_userinfo(level 0x12) then heck, that's good enough for me! [level 0x12 obtains user password hashes, btw]. smbd? smbd _does_ do IPC. regardless - totally regardless - of the account, whether it be a local SAM, a remote SAM, an invalid SPAM or a trusted domain, it always, always calls net_sam_auth() - into the *local* netlogond. why? because otherwise you end up duplicating the functionality behind the authentication. and you gain the extra benefit that all authentication can be replaced behind a standard interface. want to do a PostgresQL-based SAM database that netlogond will use? no problem. want to authenticate against a perl-based program? sure, why not. write your own sam database in perl. ... how about using PC-netlink's DCE/RPC services with smbd to do the file sharing? whatever. no code modifications required to smbd to do _any_ of these options. cool, huh? ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From Jan.M.Skarberg at eto.ericsson.se Tue Mar 6 10:56:59 2001 From: Jan.M.Skarberg at eto.ericsson.se (Jan M Skarberg (ETO)) Date: Tue Dec 2 02:33:37 2003 Subject: Configure SAMBA to avoid ^M-problem Message-ID: Hi, How can I configure SAMBA so I can avoid ^M-characters? Best regards, Jan Martin From scott at tryyouth.org.au Tue Mar 6 22:20:55 2001 From: scott at tryyouth.org.au (Scott McKean) Date: Tue Dec 2 02:33:37 2003 Subject: Win2k logon to Samba Domain Message-ID: <3aa4c817.df.0@webcentral.com.au> Hi All, I am running Samba Version 2.2.0-alpha2, my NT4 machines logon to the domain perfectly (except for a hickup in my mappings due to permissions, but I can fiddle with that). But I want to upgrade the network (or more my employer does) to a Win2k Professional network. So I setup a machine with win2k pro on it created the necessary accounts etc. I go to join the domain and it gives: The following error occured while trying to join the domain "HARDWARE_TEST" The procedure number is out of range Any help with this matter would be gratefuly appreciated, even pointing towards useful documentation etc would be great. I have been trolling around for hours, and the only info I seem to find is on mailing lists but that is also fairly minimal. Thanks in advance, Your sincerely, Scott McKean From shaun.lipscombe at gasops.co.uk Tue Mar 6 11:18:25 2001 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:33:37 2003 Subject: Configure SAMBA to avoid ^M-problem In-Reply-To: "Jan M Skarberg's message of "Tue, 6 Mar 2001 11:56:59 +0100" References: Message-ID: * "Jan" == Jan M Skarberg (ETO) writes: > Hi, How can I configure SAMBA so I can avoid ^M-characters? You should only get ^M (Chr+Lf) when viewing a text file saved from a windows machine on the samba unix box. This is because UNIX uses nl as line seperators and DOS text file format is to use Chr+Lf. If you view the file in question in vi you should see [DOS FORMAT] written at the bottom. When you use a text editor on the unix box you are not using Samba to access the file so you cannot configure Samba to do the DOS->UNIX conversion. If you are getting ^M when viewing a file from a windows machine then ignore everything I have just said and I have no idea what the problem is :( Solution: One way around the problem is to create the text file on the unix box and then use Wordpad to view the file on Windows as it will view it correctly. Alternatively you can use a variety of unix utils to convert the file (even in vi, you could do something like :%s/^V^M//g) like tr, sed, perl, awk to unix format. Failing that ftp the file from the unix box to a windows box and it will do the translation for you but this is a lazy way of doing things! Hope that helps, Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From M.Puchta at fscodes.cz Tue Mar 6 12:06:03 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:37 2003 Subject: Name resolution problem Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098D57@ANNA> There is problem with name resolution in my configuration (Samba 2.0.7 , SuSE 7, 2 NIC, W98 clients....) W98: Host not find Linux: When aplying nmblookup -M -d 9 -S smbsrv ... there is a line at the end name_query failed to find SMBSRV Which Tshoot proc do you suggest? (Not destructive one ;-) ) TIA Milos From harrietr at mailstreet.nl Tue Mar 6 13:40:52 2001 From: harrietr at mailstreet.nl (Harrie ter Rele) Date: Tue Dec 2 02:33:37 2003 Subject: Logon script Message-ID: <01C0A64B.723F8F60.harrietr@mailstreet.nl> Hi, I have some problem connecting a NT workstation (4 sp6) into samba (2.0.6). It makes a connection but it doesn't go through the logon script. I have no idea whats wrong. The user is called xerox2. smb.conf: log level = 3 log file = /var/log/samba/%m.log max log size = 1000 socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 wins support = Yes hosts allow = 192.168.0.3 192.168.0.180 192.168.0.181 192.168.0.182 192.168.0.183 192.168.0.184 192.168.0.185 192.168.0.186 192.168.0 192.168.2. 192.168.3. 129.0.0. EXCEPT 192.168.2.100 192.168.2.200 browsable = Yes logon script = xerox2.cmd preferred master = Yes local master = no security = user valid users = xerox2 invalid users = root domain master = no domain logons = no name resolve order = host os level = 34 encrypt passwords = no load printers = yes time server = yes I hope someone can help me. Harrie ter Rele From ben.liesfeld at gmx.de Tue Mar 6 14:05:52 2001 From: ben.liesfeld at gmx.de (Ben Liesfeld) Date: Tue Dec 2 02:33:37 2003 Subject: Logon script In-Reply-To: <01C0A64B.723F8F60.harrietr@mailstreet.nl> References: <01C0A64B.723F8F60.harrietr@mailstreet.nl> Message-ID: <9629.010306@gmx.de> Hello Harrie, Tuesday, March 06, 2001, 2:40:52 PM, you wrote: > Hi, > I have some problem connecting a NT workstation (4 sp6) into samba (2.0.6). > It makes a connection but it doesn't go through the logon script. > I have no idea whats wrong. > The user is called xerox2. > smb.conf: > log level = 3 > log file = /var/log/samba/%m.log > max log size = 1000 > socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 > wins support = Yes > hosts allow = 192.168.0.3 192.168.0.180 192.168.0.181 192.168.0.182 > 192.168.0.183 192.168.0.184 192.168.0.185 192.168.0.186 192.168.0 > 192.168.2. 192.168.3. 129.0.0. EXCEPT 192.168.2.100 192.168.2.200 > browsable = Yes > logon script = xerox2.cmd Only .bat files will work with NT4. I read it somewhere in the docu, don't ask me where. Try a .bat file. -- Regards, Ben Liesfeld mailto:ben.liesfeld@gmx.de From mhaney at info4cars.com Tue Mar 6 14:08:22 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:37 2003 Subject: Logon script In-Reply-To: <01C0A64B.723F8F60.harrietr@mailstreet.nl> Message-ID: >>It makes a connection but it doesn't go through the logon script. Okay, first thing I need to ask is: Do you have a Netlogon share on the authenticating server? Is the Samba box the PDC? Is the user setup to point to a logon script? There are a lot of things you left out. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Harrie ter Rele Sent: Tuesday, March 06, 2001 8:41 AM To: 'samba-ntdom@lists.samba.org' Subject: Logon script Hi, I have some problem connecting a NT workstation (4 sp6) into samba (2.0.6). It makes a connection but it doesn't go through the logon script. I have no idea whats wrong. The user is called xerox2. smb.conf: log level = 3 log file = /var/log/samba/%m.log max log size = 1000 socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 wins support = Yes hosts allow = 192.168.0.3 192.168.0.180 192.168.0.181 192.168.0.182 192.168.0.183 192.168.0.184 192.168.0.185 192.168.0.186 192.168.0 192.168.2. 192.168.3. 129.0.0. EXCEPT 192.168.2.100 192.168.2.200 browsable = Yes logon script = xerox2.cmd preferred master = Yes local master = no security = user valid users = xerox2 invalid users = root domain master = no domain logons = no name resolve order = host os level = 34 encrypt passwords = no load printers = yes time server = yes I hope someone can help me. Harrie ter Rele From mhaney at info4cars.com Tue Mar 6 14:11:47 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:37 2003 Subject: Logon script In-Reply-To: <9629.010306@gmx.de> Message-ID: >>Only .bat files will work with NT4. This is not true. .cmd files will work just fine. Although, I have seen issues where NT4 doesn't like to process the .cmd file without it being called from a batch file. I have used .cmd files for years and never had a problem (other than the occasional hanging of the VDM). -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Ben Liesfeld Sent: Tuesday, March 06, 2001 9:06 AM To: samba-ntdom@us5.samba.org Subject: Re: Logon script Hello Harrie, Tuesday, March 06, 2001, 2:40:52 PM, you wrote: > Hi, > I have some problem connecting a NT workstation (4 sp6) into samba (2.0.6). > It makes a connection but it doesn't go through the logon script. > I have no idea whats wrong. > The user is called xerox2. > smb.conf: > log level = 3 > log file = /var/log/samba/%m.log > max log size = 1000 > socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 > wins support = Yes > hosts allow = 192.168.0.3 192.168.0.180 192.168.0.181 192.168.0.182 > 192.168.0.183 192.168.0.184 192.168.0.185 192.168.0.186 192.168.0 > 192.168.2. 192.168.3. 129.0.0. EXCEPT 192.168.2.100 192.168.2.200 > browsable = Yes > logon script = xerox2.cmd Only .bat files will work with NT4. I read it somewhere in the docu, don't ask me where. Try a .bat file. -- Regards, Ben Liesfeld mailto:ben.liesfeld@gmx.de From tom.myny at pandora.be Tue Mar 6 14:41:59 2001 From: tom.myny at pandora.be (Tom Myny) Date: Tue Dec 2 02:33:37 2003 Subject: domain logon in win2k => i wont save my e-mail Message-ID: <000c01c0a64b$99e4a370$0200a8c0@pctom> Win2000 wont save my e-mail messages on the server, so whenever i logon on another win2k pc my e-mails are gone, but my adress book and my settings to get my mail (login and password) are ok. Anybody know how to solve this ? -------------- next part -------------- HTML attachment scrubbed and removed From mhaney at info4cars.com Tue Mar 6 14:42:12 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:33:37 2003 Subject: domain logon in win2k => i wont save my e-mail In-Reply-To: <000c01c0a64b$99e4a370$0200a8c0@pctom> Message-ID: Have you told the Email client where to look for this inbox? have you imported those settings? -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Tom Myny Sent: Tuesday, March 06, 2001 9:42 AM To: samba Subject: domain logon in win2k => i wont save my e-mail Win2000 wont save my e-mail messages on the server, so whenever i logon on another win2k pc my e-mails are gone, but my adress book and my settings to get my mail (login and password) are ok. Anybody know how to solve this ? -------------- next part -------------- HTML attachment scrubbed and removed From rajeeva at research.bell-labs.com Tue Mar 6 14:52:19 2001 From: rajeeva at research.bell-labs.com (Rajeev Agrawala) Date: Tue Dec 2 02:33:37 2003 Subject: hpdj990c and samba References: Message-ID: <3AA4F9A3.4010707@research.bell-labs.com> That's strange that 890C does not work for you on a NT print server. I have 890C and 990C printer driver installed on a NT 4.0 Print server. They work just fine. rajeev Mike wrote: > NT from personal experince with 8 of them on my network does not like 890C > drivers. NT will drop it's RPC Server and die, try that on a network print > server. HP says the newer release fixed this but it did nothing to help us. > On HP Printers you can use the universal series drivers 500 550C 600C 660C > on most printers except for the Windows only printers, yes HP makes these > and no DOS apps will not print. Yes you will loose all of the HP ads and > some funtionality but the printers will work fine. > > Cheers > > Mike > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Rajeev Agrawala > Sent: Monday, March 05, 2001 7:09 AM > To: Jeremy Allison > Cc: kris.ozzy@lineone.net; samba-ntdom@samba.org > Subject: Re: hpdj990c and samba > > > Hi Jeremy, > > Were you able to download the driver? Did you try it? > > Thanks, > > rajeev > > > Rajeev Agrawala wrote: > >> Jeremy Allison wrote: >> >>> Rajeev Agrawala wrote: >>> >>>> DJ850C works fine for me too. It the DJ890C and DJ990C, that don't work. >>>> NT does not come with default drivers for DJ890C and DJ990C. I have >>>> downloaded drivers from www.hp.com. >>>> >>>> Have you tried DJ890C/DJ990C? >>> >>> Can you send me the drivers please and I'll test this here. >>> >> Hi, >> >> You can download the driver for 990C from >> >> ftp://www.hp.com/pub/printers/software/dj997en.exe >> >> and for 890C from >> >> ftp://www.hp.com/pub/printers/software/dj884en.exe >> >> Instead of executing these files on my PC, I unzipped the distribution >> using winzip and while installing print drivers on samba, I clicked have >> disk for choosing the printer driver and browsed to the drivers dir >> inside this downloaded distribution. Since these files are large (a >> couple of Mbytes), I did not enclose them in the email. But if you have >> any problem in downloading these files, please let me know. I will send >> it by email. >> >> Thanks for looking into this. >> >> rajeev > From gcarter at valinux.com Tue Mar 6 15:03:23 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:37 2003 Subject: How often is CVS trees updated. In-Reply-To: <007901c0a5df$e6ae5a50$2800a8c0@leinet>; from greg@leiinc.com on Mon, Mar 05, 2001 at 19:51:02 -0600 References: <007901c0a5df$e6ae5a50$2800a8c0@leinet> Message-ID: <20010306090323.G27512@queso.plainjoe.org> On Mon, 05 Mar 2001 19:51:02 "Greg J. Zartman, P.E." wrote: > > Does anyone know how often the CVS trees are updated (once a month, > every > couple months, ..., etc???) > > Of specific interest to me is the Samba_2_2 tree. Code check-ins occur on a daily basis and the anonymous CVS repository is synced with the developer CVS trees every 30 or 60 minutes (i don't remember exactly). Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gve at soredab.org Tue Mar 6 14:47:41 2001 From: gve at soredab.org (Guillaume VERNAT ) Date: Tue Dec 2 02:33:38 2003 Subject: inherit permissions Message-ID: I try to set gid of files on a share using the "inherit permissions" parameter. It fails and samba still use the user gid in place of the parent directory gid... why ? I am using samba 2.0.7/Solaris 2.7, samba is just a domain member groups I try to use are just defined on the unix side. client side is NT TSE Thank for help ! Guillaume. From aalang at rutgersinsurance.com Tue Mar 6 14:59:42 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:38 2003 Subject: Configure SAMBA to avoid ^M-problem References: Message-ID: <006901c0a64e$1333ddc0$330a0a0a@rutgersinsurance.com> Just for reference, it is a MacOS thing too. I had someone do some webpages with dreamweaver on a macintosh and I was viewing the source on linix and they had ^M. Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Shaun Lipscombe" To: Sent: Tuesday, March 06, 2001 6:18 AM Subject: Re: Configure SAMBA to avoid ^M-problem > * "Jan" == Jan M Skarberg (ETO) writes: > > > Hi, How can I configure SAMBA so I can avoid ^M-characters? > > You should only get ^M (Chr+Lf) when viewing a text file saved from a > windows machine on the samba unix box. This is because UNIX uses nl > as line seperators and DOS text file format is to use Chr+Lf. If you > view the file in question in vi you should see [DOS FORMAT] written at > the bottom. When you use a text editor on the unix box you are not > using Samba to access the file so you cannot configure Samba to do the > DOS->UNIX conversion. > > If you are getting ^M when viewing a file from a windows machine then > ignore everything I have just said and I have no idea what the problem > is :( > > > Solution: > One way around the problem is to create the text file on the unix box > and then use Wordpad to view the file on Windows as it will view it > correctly. Alternatively you can use a variety of unix utils to > convert the file (even in vi, you could do something like :%s/^V^M//g) > like tr, sed, perl, awk to unix format. Failing that ftp the file > from the unix box to a windows box and it will do the translation for > you but this is a lazy way of doing things! > > Hope that helps, > > Shaun > > -- > (o_ > (o_ (o_ //\ > (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk > From gary at netin.com Tue Mar 6 15:49:17 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:38 2003 Subject: Swat update :) References: Message-ID: <3AA506FC.41CD033B@netin.com> IT WORKS!!!!!!!!!!! But before I say what I did... yall have to promise not to laugh! (MAH!! I HEAR YOU!!) ... anyone ever heard of.... /etc/rc.d/init.d/xinetd restart I can tell you from experience that 'killall -HUP xinetd' is NOT the same. I can also say that nobody will find that command line entry in "Using Samba". To show my appreciation to the groups involved, I'll kick out a down and dirty "HOWTO SWAT w/ xinetd" in a short while... I first need to go (xinetd) restart my relationship with my wife. Thank you all for your patience, Gary Fournerat Bernhard Rosenkraenzer wrote: > On Tue, 6 Mar 2001, GL Fournerat wrote: > > > While I believe xinetd is certainly the correct direction to > > move towards, I have fought with it (and Swat) enough these > > past two weeks to make reinstalling NT on this box a > > pleasure. > > What is the problem? The swat package even includes the correct xinetd > configuration file. Getting it to run is as simple as "chkconfig swat on". > From Axel.Thimm at physik.fu-berlin.de Tue Mar 6 15:29:53 2001 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue Dec 2 02:33:38 2003 Subject: Win2k logon to Samba Domain In-Reply-To: <3aa4c817.df.0@webcentral.com.au>; from scott@tryyouth.org.au on Tue, Mar 06, 2001 at 10:20:55PM +0000 References: <3aa4c817.df.0@webcentral.com.au> Message-ID: <20010306162953.B1751@pua.domain> On Tue, Mar 06, 2001 at 10:20:55PM +0000, Scott McKean wrote: > I am running Samba Version 2.2.0-alpha2, my NT4 machines logon to the domain > perfectly (except for a hickup in my mappings due to permissions, but I can > fiddle with that). But I want to upgrade the network (or more my employer > does) to a Win2k Professional network. > > So I setup a machine with win2k pro on it created the necessary accounts > etc. I go to join the domain and it gives: > > The following error occured while trying to join the domain "HARDWARE_TEST" > > The procedure number is out of range > > Any help with this matter would be gratefuly appreciated, even pointing > towards useful documentation etc would be great. I have been trolling around > for hours, and the only info I seem to find is on mailing lists but that is > also fairly minimal. Please get a recent cvs SAMBA_2_2. Then create a "root" account. Delete the computer name from smbpasswd (smbpasswd -m -x name), but not from /etc/passwd or NIS. Then join the domain again and offer that root account/password to samba. "root" means an account with root priviledges, possible root itself. Hopefully this procedure (having a root account and having to delete smb accounts) will not be neccessary for the release, but now it's alpha time. At least it works fine at the end! Note, that you may encounter (permission) problems with roaming profiles on W2K, if you don't, then tell us ;) Regards, Axel. -- Axel.Thimm@physik.fu-berlin.de From t.gildersleeve at bilk.ac.uk Tue Mar 6 16:33:33 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:38 2003 Subject: Logon script Message-ID: Erm, am I missing something? THe smb.conf file submitted says domain logins = no This should be yes? > -----Original Message----- > From: Mark Haney [SMTP:mhaney@info4cars.com] > Sent: Tuesday, March 06, 2001 2:12 PM > To: samba-ntdom@us5.samba.org > Subject: RE: Logon script > > >>Only .bat files will work with NT4. > > This is not true. .cmd files will work just fine. Although, I have seen > issues where NT4 doesn't like to process the .cmd file without it being > called from a batch file. I have used .cmd files for years and never had > a > problem (other than the occasional hanging of the VDM). > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Ben Liesfeld > Sent: Tuesday, March 06, 2001 9:06 AM > To: samba-ntdom@us5.samba.org > Subject: Re: Logon script > > > Hello Harrie, > > Tuesday, March 06, 2001, 2:40:52 PM, you wrote: > > > Hi, > > > I have some problem connecting a NT workstation (4 sp6) into samba > (2.0.6). > > It makes a connection but it doesn't go through the logon script. > > I have no idea whats wrong. > > > The user is called xerox2. > > > smb.conf: > > log level = 3 > > log file = /var/log/samba/%m.log > > max log size = 1000 > > socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 > SO_RCVBUF=4096 > > wins support = Yes > > hosts allow = 192.168.0.3 192.168.0.180 192.168.0.181 > 192.168.0.182 > > 192.168.0.183 192.168.0.184 192.168.0.185 192.168.0.186 192.168.0 > > 192.168.2. 192.168.3. 129.0.0. EXCEPT 192.168.2.100 192.168.2.200 > > browsable = Yes > > logon script = xerox2.cmd > Only .bat files will work with NT4. I read it somewhere in the docu, > don't ask me where. Try a .bat file. > > -- > Regards, > Ben Liesfeld mailto:ben.liesfeld@gmx.de > > > > From Jean-Eric.Cuendet at linkvest.com Tue Mar 6 16:36:35 2001 From: Jean-Eric.Cuendet at linkvest.com (Jean-Eric Cuendet) Date: Tue Dec 2 02:33:38 2003 Subject: BackupExec 8.5/NT + Samba 2.2 Message-ID: Thanks but NO, it's not similar. We have Multi-server and can backup other NT servers but not other Samba servers (Linux and Solaris)... Thanks for the help -jec > -----Original Message----- > From: John Benedetto [mailto:jbenedet@unm.edu] > Sent: mardi, 6. mars 2001 16:25 > To: Jean-Eric Cuendet > Subject: Re: BackupExec 8.5/NT + Samba 2.2 > > > Do you have the Multi-server version of BackupExec? One > place I consulted > at, when they upgraded their BackupExec, they could no longer > backup other > servers. I called Seagate (or was it Veritas at that time?), > and they said > I needed to upgrade to the Multi-server version. When I said > that I could > do it with one version back of the program, the guy said > "yeah. we fixed > that". > > Yippee. > > Don't know if your problem is similar or not... > > Good luck with it. > > - John > > --On Tuesday, March 06, 2001 8:48 AM +0100 Jean-Eric Cuendet > wrote: > > > > > Hi, > > Does anyone have experience with BackupExec and Samba? > > BackupExec refuse to access Samba shares. Windows shares > are OK, but all > > my Samba shares are not. I have Samba on at least 2 Linux > 2.4 machines + > > 1 on Solaris. Neither ones work with BExec. > > > > Any idea? Other have experience with BExec and Samba? > > > > Thanks a lot > > -jec > > > > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > > Jean-Eric Cuendet > > Linkvest SA > > Av des Baumettes 19, 1020 Renens Switzerland > > Tel +41 21 632 9043 Fax +41 21 632 9090 > > http://www.linkvest.com E-mail: jean-eric.cuendet@linkvest.com > From pboucher at robotel.ca Tue Mar 6 16:37:09 2001 From: pboucher at robotel.ca (Patrick Boucher) Date: Tue Dec 2 02:33:38 2003 Subject: error: Network is busy Message-ID: <3AA51235.644573BC@robotel.ca> Greetings, I have a File Server, Running Samba on RedHat 7.0 Everything Works fines, It have 64 megs of ram, and around 15 peoples using it. But sometimes, in the morning when people try to access it's Share it gives the error msgs: NETWORK IS BUSY. All my user get logon using a Windows NT PDC. To enable my user to connect to Samba, I "play" with the computer for a While.. Try to get in.. Get the error msgs a couple of time.. and After some time like 3 or 4 mins I manage to "map" the share.. After that, It is working for for all day !! See my logs Below if it could help [2001/03/05 17:47:13, 0] lib/util_sock.c:write_socket_data(540) write_socket_data: write failure. Error = Broken pipe [2001/03/05 17:47:13, 0] lib/util_sock.c:write_socket(566) write_socket: Error writing 4 bytes to socket 6: ERRNO = Broken pipe [2001/03/05 17:47:13, 0] lib/util_sock.c:send_smb(754) Error writing 4 bytes to client. -1. Exiting [2001/03/05 17:47:26, 0] lib/util_sock.c:write_socket_data(540) write_socket_data: write failure. Error = Broken pipe [2001/03/05 17:47:26, 0] lib/util_sock.c:write_socket(566) write_socket: Error writing 4 bytes to socket 6: ERRNO = Broken pipe [2001/03/05 17:47:26, 0] lib/util_sock.c:send_smb(754) Error writing 4 bytes to client. -1. Exiting Thank you for your time. ( Please send me email, I am not a Member of the list) -- Patrick Boucher From teilo at cdt.luth.se Tue Mar 6 17:02:12 2001 From: teilo at cdt.luth.se (James Nord) Date: Tue Dec 2 02:33:38 2003 Subject: inherit permissions References: Message-ID: <3AA51814.2090008@cdt.luth.se> Guillaume VERNAT wrote: > I try to set gid of files on a share using the "inherit > permissions" parameter. > It fails and samba still use the user gid in place of the > parent directory gid... > why ? > > I am using samba 2.0.7/Solaris 2.7, samba is just a domain member > groups I try to use are just defined on the unix side. > client side is NT TSE > > Thank for help ! > > Guillaume. > Is the sgid bit set on the parent directory? Otherwise it will not inhereit the group. /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams From greg at kwikfind.com Tue Mar 6 16:59:05 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:38 2003 Subject: Win2k logon to Samba Domain References: <3aa4c817.df.0@webcentral.com.au> Message-ID: <010901c0a65e$c24fcc00$2800a8c0@leinet> Scott, I'm running Samba 2.2.0 alpha 2 from CVS as a PDC for Win2k machines, so the combination does work. With that said, here are a couple of thoughts: 1. I've read in other posts, and in the Samba FAQs, that Win2k had a problem with domain names with an even number of characters. My domain name has even characters and I can join the domain with no problem, BUT I don't have Service Pack 1 installed on my Win2k machines. The Samba FAQs state that the problem with having even characters was fixed in late December, but then people were having problems once when they installed service pack 1. I can't speak to this specific issue, maybe others can. Maybe try using a test domain name with an odd number of character, if you already haven't done so. 2. Make sure you are using your root account to authenticate the join process from the client side. This assumes that you have setup a Unix group for your domain admins, have added root to that group, and have specified this Unix group in the smb.conf files as the domain admin group. The Samba FAQs state that even though other user accounts can be part of the domain admin group, only root can authenticate machines joining the domain. 3. If you are upgrading your machines, not simply adding win2k machines to your network, then you'll need to reset the machine accounts on the samba PDC. I do this by simply deleting the appropriate entries in the smbpasswd file and then re-add them manually. Good luck. Greg ----- Original Message ----- From: "Scott McKean" To: Sent: Tuesday, March 06, 2001 2:20 PM Subject: Win2k logon to Samba Domain > Hi All, > > I am running Samba Version 2.2.0-alpha2, my NT4 machines logon to the domain > perfectly (except for a hickup in my mappings due to permissions, but I can > fiddle with that). But I want to upgrade the network (or more my employer does) > to a Win2k Professional network. > > So I setup a machine with win2k pro on it created the necessary accounts etc. > I go to join the domain and it gives: > > > The following error occured while trying to join the domain "HARDWARE_TEST" > > > The procedure number is out of range > > Any help with this matter would be gratefuly appreciated, even pointing towards > useful documentation etc would be great. I have been trolling around for hours, > and the only info I seem to find is on mailing lists but that is also fairly > minimal. > > Thanks in advance, > > Your sincerely, > > Scott McKean > > > > > From simon-eder at studserv.uni-stuttgart.de Tue Mar 6 17:42:45 2001 From: simon-eder at studserv.uni-stuttgart.de (Simon Eder) Date: Tue Dec 2 02:33:38 2003 Subject: nt_status_invalid_workstation Message-ID: <01030618475500.21138@l3> Hi, when i want to authenticate the passwords against a WinNT4 domaincontroller , i got the following error message: [2001/03/06 18:35:36, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391) cli_net_sam_logon: NT_STATUS_INVALID_WORKSTATION i joined the domain successfully with smbpasswd before. From gary at netin.com Tue Mar 6 18:09:32 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:38 2003 Subject: problem with swat References: <3AA523F0.376E90AC@obs-nice.fr> Message-ID: <3AA527DB.59D389A9@netin.com> Bon jour Monsieur Mercier, I'll use this as my rough draft of HOWTO SWAT with xinetd... I used this procedure recently to get SWAT running on an Intel 486. Step 1. Edit /etc/hosts using your favorite editor, so it follows this format (you can omit the # lines completely). This file maps IP addresses to hostnames. Know that 'FOURNERAT' is the name of my localdomain... and I hope you know something about IP addresses and hostnames. # # arendia.FOURNERAT//etc/hosts # 127.0.0.1 localhost.localdomain localhost 192.168.0.115 arendia.FOURNERAT arendia 192.168.0.111 compaq.FOURNERAT compaq 192.168.0.112 marilyn.FOURNERAT marilyn 192.168.0.113 birgitt.FOURNERAT birgitt Step 2. Edit /etc/samba/lmhosts using your favorite editor, so it follows this format. This file maps IP addresses (or hostnames) to NetBIOS (computer) names. # # arendia.FOURNERAT//etc/samba/lmhosts # 127.0.0.1 localhost 192.168.0.115 arendia 192.168.0.111 compaq 192.168.0.112 marilyn 192.168.0.113 birgitt Step 3. Verify /etc/services is setup for Swat. Type the following: [root@arendia root]# grep swat /etc/services swat 901/tcp # Samba Web Administration Tool [root@arendia root]# If this is not what you see, open /etc/services with your favorite editor, and insert the following line just after the 'webster 765/udp' line. swat 901/tcp Step 4. With your favorite editor, edit /etc/xinetd.d/swat to look like this: # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { port = 901 socket_type = stream wait = no only_from = localhost user = root server = /usr/sbin/swat log_on_failure += USERID disable = no } Step 5. With your favorite editor, edit /etc/hosts.deny to look like this: # # hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # # The portmap line is redundant, but it is left to remind you that # the new secure portmap uses hosts.deny and hosts.allow. In particular # you should know that NFS uses portmap! ALL:ALL Step 6. With your favorite editor, edit /etc/hosts.allow to look like this: # # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # swat: 127.0.0.1 192.168.0. Note: The 192.168.0. entry will probably need to be changed to suit your needs. As I have this setup, it will permit access from all hosts within the 192.168.0. domain. See 'man hosts.allow' for more information. Step 7. and the most important step of all.... [root@arendia root]# /etc/rc.d/init.d/xinetd restart Stopping xinetd: [ ok ] Starting xinetd: [ ok ] [root@arendia root]# Step 8. Open your favorite browser (like Netscape), and enter: http://localhost:901 This will open the Swat dialog box, where you enter 'root' and then your root password. You should then see your new Swat screen. Bon chance, Gary Fournerat P.S. Comments welcome. Jean-Michel Mercier wrote: > Hello, > > I have a problem whith swat. When I put my root password I obtain this: > > You must be authenticated to use this service > > I work on alpha system OSF 4.0D. > > Do you have an idee? > > Best Regards, > -- > Jean-Michel Mercier > OCA . BP 4229 Boulevard de l'observatoire. 06304 Nice cedex 4 > http://www.obs-nice.fr/reserve/sit/sitdenice-f.html > Tel: 04 92 00 30 10 > From MKrauss at hitchhiker.com Tue Mar 6 21:57:20 2001 From: MKrauss at hitchhiker.com (Matthias Krauss) Date: Tue Dec 2 02:33:38 2003 Subject: Access Problems Message-ID: Hi I'm in trouble with a new 2.07 box, after each restart I get disconected after a number of time.the error is usualy error connection reset by peer or password server not found, I tried already my pdc or bdc as passwordserver but its still the same. Anohter samba box works ok with the same settings. what could cause this ?? pls help ... From greg at leiinc.com Tue Mar 6 23:45:48 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:38 2003 Subject: Samba Speed Message-ID: <002c01c0a697$9267e9d0$2800a8c0@leinet> I am curious as to anyone has experience with the speed of a Samba 2.2 alpha2 PDC based network compared with a comparably configured NT PDC network. With my current configuration, I'm getting about a 50% greater performance transferring files with the NT PDC network over Samba? Anyone else have any experience with this? I can't seem to find anything in the FAQs or other documents that seem to influence the results. Thank you. Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 369 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010306/b633f4fa/GregJ.Zartman.vcf From eirvine at tpgi.com.au Wed Mar 7 06:14:51 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:33:38 2003 Subject: Configure SAMBA to avoid ^M-problem References: Message-ID: <3AA5D1DB.AF286E3B@tpgi.com.au> Hi, This question implies that you want samba to alter the contents of files. Samba doesn't do this, for a number of, I think, pretty obvious reasons. "Jan M Skarberg (ETO)" wrote: > > Hi, > > How can I configure SAMBA so I can avoid ^M-characters? > > Best regards, > > Jan Martin Eddie. From M.Puchta at fscodes.cz Wed Mar 7 07:50:30 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:38 2003 Subject: Error Messages Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098D66@ANNA> What does mean the message in response to the nmblookup params.c:Parameter() - Ignoring badly formed line in configuration file: test; Does it mean smb.conf ? TIA Milos From shaun.lipscombe at gasops.co.uk Wed Mar 7 09:58:56 2001 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:33:38 2003 Subject: Error Messages In-Reply-To: "Puchta, Milos"'s message of "Wed, 7 Mar 2001 08:50:30 +0100" References: <41ED6A8C8BE7D21194610008C724FD0A098D66@ANNA> Message-ID: * "Puchta," == Puchta, Milos writes: > What does mean the message in response to the nmblookup > params.c:Parameter() - Ignoring badly formed line in configuration > file: test; > Does it mean smb.conf ? Have you run the testparm utility to validate your $LIB/smb.conf file? Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From pim.bliek at cmg.nl Wed Mar 7 12:16:07 2001 From: pim.bliek at cmg.nl (Pim Bliek) Date: Tue Dec 2 02:33:38 2003 Subject: question about Samba in a windows network Message-ID: Hello, I'm trying to setup Samba 2.0.6 on HP-UX 11.0 in a Windows network. Unfortunately, this is a Windows only network (no DNS server for instance, only WINS...). When users here are using their normal Windows9x installs on their laptops. they authenticate with a NT server. This server uses a username and password for this. How this is exactly configured I don't know. What I want to do is have my Samba box verifying username and password with this server, and then let the user be able to browse his homedirectory on the server. I can match their NT username with the UNIX username with this username map feature, and this seams to work fine.. I cannot get this to work :-( Can someone please give me a decription on how I could try to do this? Which settings in the smb.conf are crucial here, and how do I set this? I did quite some doc-reading but I lack the experience to find what I need. Best regards, Pim Bliek From ben.liesfeld at gmx.de Wed Mar 7 12:57:41 2001 From: ben.liesfeld at gmx.de (Ben Liesfeld) Date: Tue Dec 2 02:33:38 2003 Subject: policies only work for admin group Message-ID: <8581.010307@gmx.de> Hello, I recently moved from TNG 2.6 alpha back again to 2.2.alpha. I still got the problem with policies an NTws. Everything works fine but policies are only applied to members of the domain admin group defined in smb.conf. In the logs I see that normal users access the .pol, too, but they don't get the changes. I'll attach my smb.conf. Hast anybody got policies to work with 2.2.alpha? ----------smb.conf------------- ; ; /etc/smb.conf ; ; [global] status = yes message command = winpopup ; interfaces = 192.168.0.50 security = user domain master = Yes domain admin group = @adm domain groups = adm, users, referenten, mdstura homedir map = /home domain logons = Yes printing = bsd logon path = \\%L\profiles\%U server string = File-Server des Studentenrates workgroup = Stura passwd chat = *password* %n\n *password* %n\n *Password*changed* logon script = scripts\%G.bat netbios name = zeus keep alive = 30 kernel oplocks = false log file = /var/log/samba/log.%m log level = 2 printcap name = /etc/printcap dns proxy = no ; logon home = \\%L\%U map to guest = Bad User passwd program = /usr/bin/passwd %u encrypt passwords = yes password level = 2 unix password sync = yes guest account = nobody socket options = TCP_NODELAY load printers = yes username level = 2 min passwd length = 3 security = user os level = 65 wins support = yes default case = yes time server = yes logon drive = m: [homes] comment = Heimatverzeichnis browseable = no read only = no force create mode = 0700 force directory mode = 0700 ;... lot's of shares [printers] comment = All Printers browseable = no printable = yes public = no read only = yes create mode = 0700 directory = /tmp [profiles] path = /public/profile comment = Profile guest ok = yes browseable = no read only = yes write list = @adm, @root, @users [netlogon] path = /public/netlogon/ browseable = yes read only = yes write list = @adm, root force group = adm case sensitive = no preserve case = yes default case = yes locking = no guest ok = no force directory mode = 0775 force create mode = 0775 ; writeable = no [print$] path = /public/printers guest ok = no browseable = yes read only = yes write list = @adm, root -- Ben Liesfeld http://www.uni-jena.de/~p9libe/ http://johnny.rhein.com From bgjohnson at tasc.com Wed Mar 7 13:30:29 2001 From: bgjohnson at tasc.com (Johnson, Byron G.) Date: Tue Dec 2 02:33:38 2003 Subject: Help Mounting W2K Shares on Linux Box Message-ID: I've asked this question of this list before and have made some progress. Here is where I now stand. I am trying to mount W2K shares (ntfs partitions) on my linux box running Samba 2.0.7. I also have a couple of W2K fat32 shares and get the same results with them. When I try to mount a W2K share using the mount command, here is what I get: [root@linux /root]# mount -t ntfs -o username="valid_account", password="valid_password" -L\\bgjohnson\D$ /mnt/bgjohnson-D mount: no such partition found When I try to mount a W2K share using the smbmount command, here is what I get: [root@linux /root]# smbmount \\\\bgjohnson\\D$ /mnt/bgjohnson-D Password: session setup failed: ERRDOS - ERRnoaccess SMB connection failed When I access the same share using smbclient, same userid and password, it works: [root@linux /root]# smbclient //bgjohnson/D$ -U"valid_account"%"valid_password" smb: Any ideas / suggestions. -- Byron G. Johnson Business Development Manager, Enterprise Security Litton TASC 4801 Stonecroft Blvd Chantilly, VA 20151-3822 Voice: (703) 633-8478 Fax: (703) 449-1087 Cellular: (703) 819-6423 Pager: (888) 751-4116 Home: (703) 753-0204 E-Mail: bgjohnson@tasc.com From bob at meeker.urban.csuohio.edu Wed Mar 7 14:24:03 2001 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:33:38 2003 Subject: ports used by samba in PDC role Message-ID: <200103071424.JAA05114@meeker.urban.csuohio.edu> Greetings all, Quick question. I need to be able to access my SAMBA PDC and shares from a different subnet passing through a firewall. We had the different subnet bit working okay until a firewall was placed in between. Can someone tell me which ports we need to ask our university computer staff to open up for us on the firewall in order to access the SAMBA domain and shares again? To the development group: "Great Job!" Thanks, -Bob Martel ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From don_mccall at hp.com Wed Mar 7 14:34:51 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:38 2003 Subject: ports used by samba in PDC role Message-ID: <079FD72E42C9D311B854009027650E6F04050885@xatl02.atl.hp.com> Robert, smbd and nmbd use ports 137,138, and 139. If you use swat as well, it is normally configured to use port 901. Hope this helps, Don -----Original Message----- From: Robert M. Martel [mailto:bob@meeker.urban.csuohio.edu] Sent: Wednesday, March 07, 2001 9:24 AM To: samba-ntdom@us5.samba.org Subject: ports used by samba in PDC role Greetings all, Quick question. I need to be able to access my SAMBA PDC and shares from a different subnet passing through a firewall. We had the different subnet bit working okay until a firewall was placed in between. Can someone tell me which ports we need to ask our university computer staff to open up for us on the firewall in order to access the SAMBA domain and shares again? To the development group: "Great Job!" Thanks, -Bob Martel **************************************************************************** ** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne **************************************************************************** ** From lubo at ru.acad.bg Wed Mar 7 14:44:12 2001 From: lubo at ru.acad.bg (Lubomir) Date: Tue Dec 2 02:33:38 2003 Subject: Shortcuts now point to shares References: Message-ID: <3AA6493C.4050702@ru.acad.bg> I've had similar problems + driveleter for the shortcuts path changes to different leter and many drivemappings occured to de same sharing. I've found that these policy settings fixes completely the problem: in winnt.adm (I've got 2 versions - the bigger is the truth) find "Automatically create $ and Admin$ shares" - sure NO "Disable link file tracking" - sure YES Tim Gildersleeve wrote: > Ive had a similar problem with a completely winnt network. A group of > workstations have a centralised startmenu, and on occasions when choosing a > shortcut it has tried to open the application accross the network so instead > of running "C:\Program Files\App\App.exe" it has been trying to run > "\\GRCD9\C$\Program Files\App\App.exe" This is very wierd. I got round > this by opening the affected shortcuts and editing them to point to the > right place. But every now and then, they are changed again. Oh, and in > this case, the users in question have only read access to the shortcuts. It > seems that winnt is changing them itself. > > So this doesnt seem to be just a samba thing. > > Tim Gildersleeve > > >> -----Original Message----- >> From: Jason Todd [SMTP:todd.4@wright.edu] >> Sent: Monday, March 05, 2001 3:40 PM >> To: samba-ntdom@samba.org >> Subject: Shortcuts now point to shares >> >> Here's another good one by NT in my lab - Samba 2.0.7 on RedHat 7.0 (linux >> 2.2.16-22smp) server, Windows NT 4.0 SP 6 workstations. >> >> All of a sudden, many of my users' Start Menu and Desktop shortcuts don't >> work correctly anymore. When selected, they prompt for a username and >> password for '\\WORKSTATION\ADMIN$' where WORKSTATION is some other >> computer in the lab. Apparently the account must be a local account for >> WORKSTATION, but the only local account(s) on the machines are the default >> when NT is installed (Administrator et al). I examined the LNK files in >> question, and each has the "local volume" AND "network share" bits set, >> meaning the target can be found on a local drive (normal) in addition to a >> network share on some other workstation (abnormal in these circumstances). >> It is apparently trying the network share first, though I have no idea >> why. I was able to patch a screwed up LNK file by turning off the >> "network share" bit and it worked, so I'll probably have to write a small >> utility that strips that out of each and every shortcut in my users' >> profiles. Or, does anyone have any better ideas? I'm very interested in >> seeing if anyone else has experienced this. The problem is just getting >> worse, as more and more shortcuts are continually being affected. I can't >> tell if one machine in particular is screwing up the shortcuts. >> >> P.S. In the near future I'm going to turn off local caching of profiles, >> which may prevent this from happening again. Prevention aside, I need a >> FIX first... >> >> Jason Todd >> >> ______________________________________________________________________ >> This message was made possible by Jason Todd and by viewers like you. >> Senior Help Desk Assistant, Computing and Telecommunication Services >> Wright State University >> Reply to todd.4@wright.edu or jasontodd@bigfoot.com >> Lubomir Velkov University Of Rousse From samba at grayassociates.net Wed Mar 7 14:47:40 2001 From: samba at grayassociates.net (Rich Forman) Date: Tue Dec 2 02:33:38 2003 Subject: Setup Questions Message-ID: <000201c0a715$8fcd6b90$0a01a8c0@forman> I am setting up 2.2 (cvs March 5) on RH7 following the Howto and FAQ from the Samba web site. I have a few questions/observations: 1. I wrote smb.conf per the Howto and afterwards testparm gives me grief over the oplocks entry in [homes]. If I remove the oplocks entry then testparm doesn't give any errors. Do I need to add a configuration entry during ./configure for oplocks? 2. I used the startup script from the Howto. After Samba is started, I do a ps -ax and it shows one smbd daemon and 2 nmbd daemons. Is this normal to have two sessions of nmbd running? 3. If I run the stop routine it doesn't give any errors but once again I check with ps -ax and one of the nmbd sessions is still running. If I run stop again it will end the second nmbd. 4. If I run the restart routine it just continues in a loop of giving me the grep'd ps output. I could revise this to kill -9 and then restart both daemons but I wanted to see if anyone else has seen this. The details of my configuration steps are included at the end of this message. If anyone needs more specific information on any error messages or copies of my smb.conf or startup script (to see if I screwed up), email me at mailto:rforman@grayassociates.net and I'll get them for you. Otherwise I'll check the mail list periodically. TIA Rich Setup Routine: make clean ./configure --with-pam --with-quotas edited the Makefile and changed CC=gcc to CC=kgcc (have had major headaches with RH7's gcc on other packages so I just do this out of habit) make make install From don_mccall at hp.com Wed Mar 7 14:45:45 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:38 2003 Subject: question about Samba in a windows network Message-ID: <079FD72E42C9D311B854009027650E6F04050886@xatl02.atl.hp.com> Hi Pim, HP-UX 11.0 ships with Samba; you can find it on your application CD set called "CIFS/9000 Server". A copy of the HP installation and configuration guide that will step you thru this is in the docs directory once you run swinstall to install the product. It will step you thru using a "samba_setup" script which will configure your smb.conf file appropriately for either DOMAIN, SERVER, USER, or SHARE mode security, and automatically join your HP-UX samba box to the NT Domain you are using for validation. Give this a try first. In addition, if you want to use the LATEST samba release, 2.0.7, which is much better with WIN2K clients, you can pull that version for free off of the http://software.hp.com web site, under the section named "Network & System Administration". Thanks, Don -----Original Message----- From: Pim Bliek [mailto:pim.bliek@cmg.nl] Sent: Wednesday, March 07, 2001 7:16 AM To: 'samba-ntdom@lists.samba.org' Subject: question about Samba in a windows network Hello, I'm trying to setup Samba 2.0.6 on HP-UX 11.0 in a Windows network. Unfortunately, this is a Windows only network (no DNS server for instance, only WINS...). When users here are using their normal Windows9x installs on their laptops. they authenticate with a NT server. This server uses a username and password for this. How this is exactly configured I don't know. What I want to do is have my Samba box verifying username and password with this server, and then let the user be able to browse his homedirectory on the server. I can match their NT username with the UNIX username with this username map feature, and this seams to work fine.. I cannot get this to work :-( Can someone please give me a decription on how I could try to do this? Which settings in the smb.conf are crucial here, and how do I set this? I did quite some doc-reading but I lack the experience to find what I need. Best regards, Pim Bliek From Jon.Wright at InfoTechFL.Com Wed Mar 7 15:32:10 2001 From: Jon.Wright at InfoTechFL.Com (Jon Wright) Date: Tue Dec 2 02:33:38 2003 Subject: Groups Using 2.2a2 Message-ID: <3AA6547A.5AC7E75D@InfoTechFL.Com> I have a server installed and running as a PDC using Samba 2.2 Alpha2 (Jan. 29, I think). I am able to authenticate domain logins from Win2k, WinNT 4 and Win98. The question that I have is, can I use global groups on the PDC for access control? I know about the Domain Admin group, and it appears to be working. Domain Admins is the only group that appears as a Global Group instead of a local group in User Manager. When I try to view the list of group members using User Manager for Domains on my NT box, I get a "procedure number is out of range" error. Is this something that should work now, or is support still in the works? Thanks, Jon From jwitte at meome-ag.de Wed Mar 7 18:07:41 2001 From: jwitte at meome-ag.de (Jochen Witte) Date: Tue Dec 2 02:33:38 2003 Subject: Printer Driver Installation Message-ID: <3AA678ED.70C62CF6@meome-ag.de> Hi, just tried to establish automatic Printer-Driver-Installation on Samba 2.2.0alpha2 (PRINTER_DRIVER2.txt). After following the Installation-Steps under WINNT4, there are 4 new files (in /printers/W32X86/2) on my samba-machine (acting as a PDC). But then I get the usual meaningless NT-Errormessage "General protection-fault at adress..." And I`m not able to use the printer... Here`s my smb.conf: # Global parameters [global] workgroup = MEOME-AG.DE encrypt passwords = Yes domain admin group = @smbadmin domain admin users = root add user script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %m$ && /usr/local/samba/bin/smbpasswd -a -m %m$ logon script = scripts/%U.bat logon drive = u: domain logons = Yes os level = 65 guest account = ftp share modes = No nt acl support = no server string = Samba 2.2.0-alpha2 on HAL min passwd length = 6 passwd program = /dev/null time server = true template homedir = /home/%U show add printer wizard = Yes [homes] read only = No create mask = 0700 directory mask = 0700 browseable = No locking = No oplocks = false [netlogon] path = /usr/local/samba/netlogon browseable = No [print$] path = /usr/local/samba/printers guest ok = no browseable = yes read only = yes write list = root [HPLJ2100] comment = Default Printer (b/w) print command = /usr/bin/lpr -Plp -r %s printer = hp2100 printing = BSD path = /tmp guest ok = Yes printable = Yes [HPLJ4500C] comment = Colorprinter print command = /usr/bin/lpr -Plpc -r %s printer = hp4500 printing = BSD path = /tmp printable = Yes Anybody out there, able to give me a direction to look at to solve my problem? Greetings -- Jochen Witte From simo.sorce at polimi.it Wed Mar 7 17:25:01 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:38 2003 Subject: Help Mounting W2K Shares on Linux Box In-Reply-To: Message-ID: On Wed, 7 Mar 2001, Johnson, Byron G. wrote: > I've asked this question of this list before and have made some progress. > Here is where I now stand. > > I am trying to mount W2K shares (ntfs partitions) on my linux box running > Samba 2.0.7. I also have a couple of W2K fat32 shares and get the same > results with them. > > When I try to mount a W2K share using the mount command, here is what I get: > [root@linux /root]# mount -t ntfs -o username="valid_account", > password="valid_password" -L\\bgjohnson\D$ /mnt/bgjohnson-D > mount: no such partition found you mean -t smbfs !!! ntfs is on the physical disk, but remember you see it through the network via smb protocol!!! > > When I try to mount a W2K share using the smbmount command, here is what I > get: > [root@linux /root]# smbmount \\\\bgjohnson\\D$ /mnt/bgjohnson-D > Password: > session setup failed: ERRDOS - ERRnoaccess > SMB connection failed aren't you forgetting the username here? > When I access the same share using smbclient, same userid and password, it > works: > [root@linux /root]# smbclient //bgjohnson/D$ > -U"valid_account"%"valid_password" > smb: > > Any ideas / suggestions. > > Simo. -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From simo.sorce at polimi.it Wed Mar 7 17:34:56 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:38 2003 Subject: ports used by samba in PDC role In-Reply-To: <079FD72E42C9D311B854009027650E6F04050885@xatl02.atl.hp.com> Message-ID: Exactly (from /etc/services) netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp if you have win2k you may also need port, hmmm 445? On Wed, 7 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > Robert, > smbd and nmbd use ports 137,138, and 139. > If you use swat as well, it is normally configured to use port 901. > Hope this helps, > Don > > -----Original Message----- > From: Robert M. Martel [mailto:bob@meeker.urban.csuohio.edu] > Sent: Wednesday, March 07, 2001 9:24 AM > To: samba-ntdom@us5.samba.org > Subject: ports used by samba in PDC role > > > Greetings all, > > Quick question. I need to be able to access my SAMBA PDC and shares > > from a different subnet passing through a firewall. We had the different > subnet > bit working okay until a firewall was placed in between. Can someone tell > me > which ports we need to ask our university computer staff to open up for us > on > the firewall in order to access the SAMBA domain and shares again? > > To the development group: "Great Job!" > > Thanks, > -Bob Martel > **************************************************************************** > ** > Bob Martel - System Administrator | I met someone who looks a lot like > you > Levin College of Urban Affairs | She does the things you do > > Cleveland State University | But she is an IBM > > (216) 687-2214 | > > bob@meeker.csuohio.edu | -Jeff Lynne > > **************************************************************************** > ** > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From edmundo at moscow.com Wed Mar 7 17:49:57 2001 From: edmundo at moscow.com (Stokes) Date: Tue Dec 2 02:33:38 2003 Subject: Samba Speed Message-ID: <006101c0a72f$0702cf20$010aa8c0@koppa> I have a comment to make on this speed issue, but not regarding NT or 2k... Couple of months ago I decided to convert my samba server from FreeBSD to Linux, and so I installed linux and configured Samba on the machine, but when I started transfering data (60 gigs total) I noticed some strange behavior on the server. Normally, with the FreeBSD Samba server, I would get anywhere from 50-80 Mbits/sec over a 100Mbit line, constant. But with this linux box, I would get about 60Mbits for maybe 15 seconds, and then no data transfer at all for the next 20 seconds or so. Then, back to 60Mbits, and then another 20 seconds of nothing. So I fired up "top" on the linux box and watched what was happening. While the smbd process was taking up about 20-30% of the CPU, this other process, kupdate, was consuming the remaining processor power on my server. So I was only able to get high transfer rates in spurts, and my server was brought to its knees during that time. The server box in this case was a PII-400 with 256 megs RAM. The kupdate process did not consume any processor time when smbd was not being used. I tried rebooting, reconfiguring Samba, everything I could think of, and I never got decent, consistent data transfer rates to the linux box. So I was forced to return to FreeBSD where I can always get a constant 50-80 Mbits with minimal overhead (smbd never uses more than 25% of CPU on FreeBSD, which means that my server can actually do other things while people are transferring data). Has anyone had any experiences with linux performing poorly during massive data transfers? It surprises me greatly that linux would be so drastically out-performed by FreeBSD when so many people use linux on their servers.... but hey, a lot of fools use NT servers, so I guess it shouldn't be that big of a shocker. Appreciate any comments, Stokes > ----- Original Message ----- > From: "Greg J. Zartman, P.E." > To: "Samba Mailing List" > Sent: Tuesday, March 06, 2001 3:45 PM > Subject: Samba Speed > > > > I am curious as to anyone has experience with the speed of a Samba 2.2 > > alpha2 PDC based network compared with a comparably configured NT PDC > > network. With my current configuration, I'm getting about a 50% greater > > performance transferring files with the NT PDC network over Samba? > > > > Anyone else have any experience with this? I can't seem to find anything > in > > the FAQs or other documents that seem to influence the results. > > > > Thank you. > > > > Greg J. Zartman, P.E. > > > > > From gcarter at valinux.com Wed Mar 7 17:44:14 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:38 2003 Subject: Printer Driver Installation In-Reply-To: <3AA678ED.70C62CF6@meome-ag.de>; from jwitte@meome-ag.de on Wed, Mar 07, 2001 at 12:07:41 -0600 References: <3AA678ED.70C62CF6@meome-ag.de> Message-ID: <20010307114414.A1853@pogo.eng.auburn.edu> On Wed, 07 Mar 2001 12:07:41 Jochen Witte wrote: > Hi, > > just tried to establish automatic Printer-Driver-Installation on Samba > 2.2.0alpha2 (PRINTER_DRIVER2.txt). After following the > Installation-Steps under WINNT4, there are > 4 new files (in /printers/W32X86/2) on my samba-machine > (acting as a PDC). > > But then I get the usual meaningless NT-Errormessage > > "General protection-fault at adress..." How are you installing the driver? What driver is it and where did you get it? I'm assuming everything works ok when installing the driver on a real NT host. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From frlord at webmethods.com Wed Mar 7 19:04:13 2001 From: frlord at webmethods.com (F. Ross Lord) Date: Tue Dec 2 02:33:38 2003 Subject: Migration Questions. Message-ID: <3AA6862D.7BD8E9F2@webmethods.com> I have a very old version of the samba PDC code (back when it was still in the HEAD branch), and I have need to migrate my user and password information into an existing NT-PDC controlled domain. I am wondering how I might be able to accomplish this. If necessary, I can migrate my samba information into an NT-PDC with no other authentication information in it, and then deal with moving it into the existing production domain after that. Any suggestions? -- frl From smerrill at svfc.org Wed Mar 7 20:20:31 2001 From: smerrill at svfc.org (Scott Merrill) Date: Tue Dec 2 02:33:39 2003 Subject: samba-ntdom digest, Vol 1 #297 - 20 msgs In-Reply-To: <20010307200119.ECBAB8504@lists.samba.org> Message-ID: <003b01c0a744$0f6277a0$4e0a0a0a@svfc.org> My Samba 2.2 alpha2 PDC server receives incomming requests on port 445 several times an hour from each of the Windows 2000 servers in the domain. After joining the Windows 2000 servers to the domain, there was also some traffic on port 88. From bat at matav.net Wed Mar 7 22:38:26 2001 From: bat at matav.net (Balogh Attila) Date: Tue Dec 2 02:33:39 2003 Subject: problems with samba-tng 2.5.3 & win2k Message-ID: hello all, i'm trying to run samba-tng 2.5.3 on solaris 8 intel. i have 2 problems. - first one: win2k ws domain joins: i hacked around a day with no success - i also read a lots of emails regarding this topic - tell me if i'm wrong, but i don't have to add the win2k hosts by using smbpasswd. it should be made with samedit. but, i get a weird error message, which says that i cannot create the named domain user. let's say i want to add a host named 'ebcws01' so i create a unix user for this account 'ebcws01$' and after i do a createuser with samedit. i can create simple user accounts with samedit with no problem, but no computer accounts. i try to log into the domain with a win2k with the 'root' account i created on the samba box, and i get an error: something like 'this is a computer account, and i should use my local or domain user account to join.' after one day without any success i tried to use the good old smbpasswd which came with 2.0.7 (and the -m swith works like it was meant to work) and created a computer account into the 2.5.3-s smbpasswd file. and - whoops - magically the win2k joins the domain w/o problems. alltrough it works for me, i'm not quite sure, that it's really the right way. beacuse of the operator staff, i had to create a simple web interface - which allows creating users, and hosts - which can join the domain. it stores the accounts in a mysql database, and every 10 minutes generates the files (passwd/shadow, group) and invokes both smbpasswds. one for the updating the user passwords, the other one to add host-accounts to smbpasswd. the last one is only invoked if there's a new host to add to the system. i can port it to do this job via samedit, but - as shown above - the host-account creation does not work anyway. - second one: domain logons all the needed daemons are running, the [netlogon] and [profiles] share has been created, and sometimes the users can login. but - in the 75% of the cases - they get an error message, that windows can't find/don't has the right to create/modify the profiles/username share, and my per unix group login script also fail to start. i checked out the log.netlogon and saw that the var/locks/.(something)/netlogon socket cannot be removed(?) and another funny lines about changing the file creation permissions, and something about "checking the RID(?)". please, help. the first problem is only an interesting issue, but the second one disables my system's operation - it cannot serve any user requests, only the "guest" accessible shares can be used. thanks, bat From philipp at hug.cx Wed Mar 7 22:35:52 2001 From: philipp at hug.cx (Philipp Hug) Date: Tue Dec 2 02:33:39 2003 Subject: domain logon in win2k => i wont save my e-mail References: <000c01c0a64b$99e4a370$0200a8c0@pctom> Message-ID: <005601c0a756$f74dc8f0$1f0110ac@hug.local> hi The default setting in Outlook Express is to save the messages in the %USERPROFILE%\Local Settings\Application Data\Identities.... folder but, the %USERPROFILE%\Local Settings is not replicated to a server (even on a win2k server). to fix this, you need to change the store location in Outlook Express (Tools-Options-Maintenance-Store Location) and set it to %USERPROFILE%\Application Data\Identities\... philipp ----- Original Message ----- From: Tom Myny To: samba Sent: Tuesday, March 06, 2001 3:41 PM Subject: domain logon in win2k => i wont save my e-mail Win2000 wont save my e-mail messages on the server, so whenever i logon on another win2k pc my e-mails are gone, but my adress book and my settings to get my mail (login and password) are ok. Anybody know how to solve this ? -------------- next part -------------- HTML attachment scrubbed and removed From philipp at hug.cx Wed Mar 7 22:39:31 2001 From: philipp at hug.cx (Philipp Hug) Date: Tue Dec 2 02:33:39 2003 Subject: domain log on with incorrect password returns wrong error message Message-ID: <006901c0a757$7a160270$1f0110ac@hug.local> hi if I try to to log on to my samba_2_2 (CVS 3-3-01) with an incorrect username I get the following error message: Unable to log on because the netlogon service is not running on this machine. but if I enter a correct username/password everything is ok. can anyone reproduce this? -------------- next part -------------- HTML attachment scrubbed and removed From SRuth at LANDAM.com Wed Mar 7 22:51:53 2001 From: SRuth at LANDAM.com (SRuth@LANDAM.com) Date: Tue Dec 2 02:33:39 2003 Subject: Group weirdness with Samba Message-ID: <6768A16CA846D3119104009027998CC30853F70B@lande04.landam.com> Hello all, I'm running 2.0.7 on a Compaq ProLiant w/ the 2.2.18 kernel on RedHat 6.2 and all but the most recent patches. Clients are all NT 4 WS with SP6a. Validation is done via NT DC's. It runs splendidly, except for this small problem. I have access to certain shares restricted via groups in my valid users fields. I've run into a problem where it seems that, although the user belongs to a group valid for that share, he is not allowed access to the share. Instead, the user gets a username and password prompt. If I remove a couple of users from the group and try again, it'll work. If I add the users back it may continue working, but some time later it'll act up again. Has anybody seen this before? Any ideas? Thanks. Sven M. Ruth Senior IS Analyst - Chicago Area LandAmerica Financial Group Ph: 312-558-1600 ext. 3023 Pager: 800-314-1838 "We are all born originals -- why is it so many of us die copies?" -- Edward Young From philipp at hug.cx Wed Mar 7 22:52:12 2001 From: philipp at hug.cx (Philipp Hug) Date: Tue Dec 2 02:33:39 2003 Subject: Changing your samba password from windows References: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> Message-ID: <008501c0a759$3f3e7680$1f0110ac@hug.local> > At 09:18 AM 28/2/2001 -0800, Greg J. Zartman, P.E. wrote: > > > >I'm running samba 2.2 alpha2 as a PDC for Win 2k and win 98 clients. > > I'm sorry, the FAQ is quite possibly not clear about this for the very good > reason that I did not try it ! Certainly works with NT4 but never tested > passwd sync with W2000. > > > > > I can > >join machines to the domain and log in with different user accounts with no > >problem. What I can't seem to get working is users to change their domain > >passwords from the client machines. In Win 2k, and Win NT, this is done by > >pressing CTRL-ALT-DEL and then selecting change password. When I try to do > >this on a Win2k client, I get the error message "on Win2k, I get this error > >on the client "1783: The stub received bad data.". My samba log for this > >action says "rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) > >_samr_get_dom_pwinfo: Not yet implemented." > > > >The Samba FAQ seem to indicate that this functionality is possible, but the > >log seems to indicate that it is not. Does anyone have any suggestions? > > I tried the same on Win2k (with CVS version of Samba 2.2) and got the same message: [2001/03/07 23:51:34, 0] rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) _samr_get_dom_pwinfo: Not yet implemented. philipp From Johan at rsd.dorbyl.co.za Thu Mar 8 06:57:19 2001 From: Johan at rsd.dorbyl.co.za (Johan Strydom) Date: Tue Dec 2 02:33:39 2003 Subject: confirm 273225 Message-ID: confirm 273225 From oreng at mobixell.com Thu Mar 8 08:07:07 2001 From: oreng at mobixell.com (Oren Gozlan) Date: Tue Dec 2 02:33:39 2003 Subject: samba 2.2 as a PDC with a wy2 server as a member of the samba domain Message-ID: <3AA73DAB.721E6054@mobixell.com> hi. while trying to set up the domain with samba 2.2 as a PDC and a w2k server to join the samba domain, i get 2 error massages from the w2k while trying to join the domain. 1. user does not exist 2. the rpc service failed i'm adding my smb.conf... if somebody have an idea - Thnx ! smb.conf # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = TAKODOM # server string is the equivalent of the NT Description field server string = Tako Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. hosts allow = 10.0.0.15 # if you want to automatically load your printer list rather # than setting them up individually then you'll need this ### printcap name = /etc/printcap ### load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /usr/local/samba/var/log/samba/log.%m log level = 9 # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = server ;password server = sake ;security = user # Use password server option only with security = server ; password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smb passwd file = /etc/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux sytsem password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names username map = /etc/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 ; remote browse sync = 10.0.0.10 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 ; remote announce = 10.0.0.15 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply # local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job # domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election # preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes domain logons = yes domain admin group = @adm domain admin users = administrator admin root pablo oren # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # All NetBIOS names must be resolved to IP Addresses # 'Name Resolve Order' allows the named resolution mechanism to be specified # the default order is "host lmhosts wins bcast". "host" means use the unix # system gethostbyname() function call that will use either /etc/hosts OR # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. ; name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. # dns proxy = yes # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. ; name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. # dns proxy = yes # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no #============================ Share Definitions ============================== ;;; [homes] ;;; comment = Home Directories ;;; browseable = no ;;; writable = yes # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer ;;; [printers] ;;; comment = All Printers ;;; path = /var/spool/samba ;;; browseable = no ;;; # Set public = yes to allow user 'guest account' to print ;;; guest ok = no ;;; writable = no ;;; printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; read only = yes ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 [tmp] path = /tmp browseable = yes -------------- next part -------------- HTML attachment scrubbed and removed From t.gildersleeve at bilk.ac.uk Thu Mar 8 08:19:22 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:39 2003 Subject: policies only work for admin group Message-ID: Sorry, but in a way im glad to see that you are having this problem! I have just given up on samba as a pdc for a small domain because of the policies not working. I *need* to have working policies to lock down some student machines and no matter what I do I cant get it working. So as a last resort, I have had to go back to a WinNT Server PDC for authentication and leave all the shares on the Samba server. I really hoped to get rid of NT as server but - oh well, give it time and it will all be good in samba PDC policy support. Tim Gildersleeve > -----Original Message----- > From: Ben Liesfeld [SMTP:ben.liesfeld@gmx.de] > Sent: Wednesday, March 07, 2001 12:58 PM > To: samba-ntdom@us5.samba.org > Subject: policies only work for admin group > > Hello, > > I recently moved from TNG 2.6 alpha back again to 2.2.alpha. I still > got the problem with policies an NTws. Everything works fine but > policies are only applied to members of the domain admin group > defined in smb.conf. In the logs I see that normal users access the > .pol, too, but they don't get the changes. > > I'll attach my smb.conf. Hast anybody got policies to work with > 2.2.alpha? > > ----------smb.conf------------- > ; > ; /etc/smb.conf > ; > ; > [global] > status = yes > message command = winpopup > ; interfaces = 192.168.0.50 > > security = user > domain master = Yes > domain admin group = @adm > domain groups = adm, users, referenten, mdstura > homedir map = /home > domain logons = Yes > printing = bsd > logon path = \\%L\profiles\%U > server string = File-Server des Studentenrates > workgroup = Stura > passwd chat = *password* %n\n *password* %n\n *Password*changed* > logon script = scripts\%G.bat > netbios name = zeus > keep alive = 30 > kernel oplocks = false > log file = /var/log/samba/log.%m > log level = 2 > > printcap name = /etc/printcap > dns proxy = no > ; logon home = \\%L\%U > map to guest = Bad User > passwd program = /usr/bin/passwd %u > encrypt passwords = yes > password level = 2 > unix password sync = yes > guest account = nobody > socket options = TCP_NODELAY > load printers = yes > username level = 2 > min passwd length = 3 > security = user > os level = 65 > wins support = yes > > default case = yes > time server = yes > logon drive = m: > > [homes] > comment = Heimatverzeichnis > browseable = no > read only = no > force create mode = 0700 > force directory mode = 0700 > > ;... lot's of shares > [printers] > comment = All Printers > browseable = no > printable = yes > public = no > read only = yes > create mode = 0700 > directory = /tmp > > [profiles] > path = /public/profile > comment = Profile > guest ok = yes > browseable = no > read only = yes > write list = @adm, @root, @users > > [netlogon] > path = /public/netlogon/ > browseable = yes > read only = yes > write list = @adm, root > force group = adm > case sensitive = no > preserve case = yes > default case = yes > locking = no > guest ok = no > force directory mode = 0775 > force create mode = 0775 > ; writeable = no > > > [print$] > path = /public/printers > guest ok = no > browseable = yes > read only = yes > write list = @adm, root > > > > > -- > Ben Liesfeld > http://www.uni-jena.de/~p9libe/ > http://johnny.rhein.com > > From t.gildersleeve at bilk.ac.uk Thu Mar 8 08:22:25 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:39 2003 Subject: Shortcuts now point to shares Message-ID: Yes it seems to be the Disable link file tracking - for some reason I have always missed this in my policies. The $ shares however I need because I need to roll out remote updates of Sophos anti-virus. > -----Original Message----- > From: Lubomir [SMTP:lubo@ru.acad.bg] > Sent: Wednesday, March 07, 2001 2:44 PM > To: samba-ntdom@samba.org > Subject: Re: Shortcuts now point to shares > > I've had similar problems + driveleter for the shortcuts path changes > to different leter and many drivemappings occured to de same sharing. > I've found that these policy settings fixes completely the problem: > in winnt.adm (I've got 2 versions - the bigger is the truth) find > "Automatically create $ and Admin$ shares" - sure NO > "Disable link file tracking" - sure YES > > > Tim Gildersleeve wrote: > > > Ive had a similar problem with a completely winnt network. A group of > > workstations have a centralised startmenu, and on occasions when > choosing a > > shortcut it has tried to open the application accross the network so > instead > > of running "C:\Program Files\App\App.exe" it has been trying to run > > "\\GRCD9\C$\Program Files\App\App.exe" This is very wierd. I got round > > this by opening the affected shortcuts and editing them to point to the > > right place. But every now and then, they are changed again. Oh, and > in > > this case, the users in question have only read access to the shortcuts. > It > > seems that winnt is changing them itself. > > > > So this doesnt seem to be just a samba thing. > > > > Tim Gildersleeve > > > > > >> -----Original Message----- > >> From: Jason Todd [SMTP:todd.4@wright.edu] > >> Sent: Monday, March 05, 2001 3:40 PM > >> To: samba-ntdom@samba.org > >> Subject: Shortcuts now point to shares > >> > >> Here's another good one by NT in my lab - Samba 2.0.7 on RedHat 7.0 > (linux > >> 2.2.16-22smp) server, Windows NT 4.0 SP 6 workstations. > >> > >> All of a sudden, many of my users' Start Menu and Desktop shortcuts > don't > >> work correctly anymore. When selected, they prompt for a username and > >> password for '\\WORKSTATION\ADMIN$' where WORKSTATION is some other > >> computer in the lab. Apparently the account must be a local account > for > >> WORKSTATION, but the only local account(s) on the machines are the > default > >> when NT is installed (Administrator et al). I examined the LNK files > in > >> question, and each has the "local volume" AND "network share" bits set, > >> meaning the target can be found on a local drive (normal) in addition > to a > >> network share on some other workstation (abnormal in these > circumstances). > >> It is apparently trying the network share first, though I have no idea > >> why. I was able to patch a screwed up LNK file by turning off the > >> "network share" bit and it worked, so I'll probably have to write a > small > >> utility that strips that out of each and every shortcut in my users' > >> profiles. Or, does anyone have any better ideas? I'm very interested > in > >> seeing if anyone else has experienced this. The problem is just > getting > >> worse, as more and more shortcuts are continually being affected. I > can't > >> tell if one machine in particular is screwing up the shortcuts. > >> > >> P.S. In the near future I'm going to turn off local caching of > profiles, > >> which may prevent this from happening again. Prevention aside, I need > a > >> FIX first... > >> > >> Jason Todd > >> > >> ______________________________________________________________________ > >> This message was made possible by Jason Todd and by viewers like you. > >> Senior Help Desk Assistant, Computing and Telecommunication Services > >> Wright State University > >> Reply to todd.4@wright.edu or jasontodd@bigfoot.com > >> > > Lubomir Velkov > University Of Rousse > From simo.sorce at polimi.it Thu Mar 8 08:34:14 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:39 2003 Subject: policies only work for admin group In-Reply-To: Message-ID: I've used policies for many years now and they work without any problem, with samba pdc (2.0.7), you must have had misconfigurations as they work. have you created the netlogon share on the samba server? have you copied your policies there? Have you enabled policies on the client machine? (Thrue user manager?) Have you run poledit on the client to tell the machine where to find policies? On Thu, 8 Mar 2001, Tim Gildersleeve wrote: > Sorry, but in a way im glad to see that you are having this problem! I > have just given up on samba as a pdc for a small domain because of the > policies not working. I *need* to have working policies to lock down some > student machines and no matter what I do I cant get it working. So as a > last resort, I have had to go back to a WinNT Server PDC for authentication > and leave all the shares on the Samba server. I really hoped to get rid of > NT as server but - oh well, give it time and it will all be good in samba > PDC policy support. > > Tim Gildersleeve > > > -----Original Message----- > > From: Ben Liesfeld [SMTP:ben.liesfeld@gmx.de] > > Sent: Wednesday, March 07, 2001 12:58 PM > > To: samba-ntdom@us5.samba.org > > Subject: policies only work for admin group > > > > Hello, > > > > I recently moved from TNG 2.6 alpha back again to 2.2.alpha. I still > > got the problem with policies an NTws. Everything works fine but > > policies are only applied to members of the domain admin group > > defined in smb.conf. In the logs I see that normal users access the > > .pol, too, but they don't get the changes. > > > > I'll attach my smb.conf. Hast anybody got policies to work with > > 2.2.alpha? > > > > ----------smb.conf------------- > > ; > > ; /etc/smb.conf > > ; > > ; > > [global] > > status = yes > > message command = winpopup > > ; interfaces = 192.168.0.50 > > > > security = user > > domain master = Yes > > domain admin group = @adm > > domain groups = adm, users, referenten, mdstura > > homedir map = /home > > domain logons = Yes > > printing = bsd > > logon path = \\%L\profiles\%U > > server string = File-Server des Studentenrates > > workgroup = Stura > > passwd chat = *password* %n\n *password* %n\n *Password*changed* > > logon script = scripts\%G.bat > > netbios name = zeus > > keep alive = 30 > > kernel oplocks = false > > log file = /var/log/samba/log.%m > > log level = 2 > > > > printcap name = /etc/printcap > > dns proxy = no > > ; logon home = \\%L\%U > > map to guest = Bad User > > passwd program = /usr/bin/passwd %u > > encrypt passwords = yes > > password level = 2 > > unix password sync = yes > > guest account = nobody > > socket options = TCP_NODELAY > > load printers = yes > > username level = 2 > > min passwd length = 3 > > security = user > > os level = 65 > > wins support = yes > > > > default case = yes > > time server = yes > > logon drive = m: > > > > [homes] > > comment = Heimatverzeichnis > > browseable = no > > read only = no > > force create mode = 0700 > > force directory mode = 0700 > > > > ;... lot's of shares > > [printers] > > comment = All Printers > > browseable = no > > printable = yes > > public = no > > read only = yes > > create mode = 0700 > > directory = /tmp > > > > [profiles] > > path = /public/profile > > comment = Profile > > guest ok = yes > > browseable = no > > read only = yes > > write list = @adm, @root, @users > > > > [netlogon] > > path = /public/netlogon/ > > browseable = yes > > read only = yes > > write list = @adm, root > > force group = adm > > case sensitive = no > > preserve case = yes > > default case = yes > > locking = no > > guest ok = no > > force directory mode = 0775 > > force create mode = 0775 > > ; writeable = no > > > > > > [print$] > > path = /public/printers > > guest ok = no > > browseable = yes > > read only = yes > > write list = @adm, root > > > > > > > > > > -- > > Ben Liesfeld > > http://www.uni-jena.de/~p9libe/ > > http://johnny.rhein.com > > > > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From cheungnt at ha.org.hk Thu Mar 8 09:48:45 2001 From: cheungnt at ha.org.hk (Dr CHEUNG Ngai Tseung) Date: Tue Dec 2 02:33:39 2003 Subject: nmbd as WINS proxy Message-ID: We are basically an NT shop, but I have installed Samba on two rogue linux servers. My problem is that being an NT shop our IT people won't support DNS, instead using wins and DHCP for everything. My hope was that name queries from my linux boxes can be resolved by nmbd (since the man page says "In addition, nmbd can act as a WINS proxy, relaying broadcast queries from clients that do not understand how to talk the WINS protocol to a WIN server"), but having I set wins proxy = yes without any effect - ie my linux box still can't resolve netbios names. Is it possible to have Samba transparently resolve netbios names? Thanks, NT Cheung Hospital Authority -------------- next part -------------- HTML attachment scrubbed and removed From shaun.lipscombe at gasops.co.uk Thu Mar 8 10:40:05 2001 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:33:39 2003 Subject: nmbd as WINS proxy In-Reply-To: "Dr CHEUNG Ngai Tseung"'s message of "Thu, 8 Mar 2001 17:48:45 +0800" References: Message-ID: * "CHEUNG" == CHEUNG Ngai Tseung writes: > We are basically an NT shop, but I have installed Samba on two > rogue linux servers. My problem is that being an NT shop our IT > people won't support DNS, instead using wins and DHCP for > everything. Excellent. Two more Linux boxes on the planet is a "good thing(tm)". > My hope was that name queries from my linux boxes can be resolved > by nmbd (since the man page says "In addition, nmbd can act as a > WINS proxy, relaying broadcast queries from clients that do not > understand how to talk the WINS protocol to a WIN server"), but > having I set wins proxy = yes without any effect - ie my linux box > still can't resolve netbios names. > Is it possible to have Samba transparently resolve netbios names? If you want nmbd to act as a WINS server then you do wins support = yes and you setup all your windows machines to register with the WINS server by setting up wins in the TCP/IP network properties on the windows machines. If you already have a WINS server and want the Samba machine to use the WINS server to resolve netbios names then you do a wins server = x.x.x.x. The WINS proxy will only work if the windows machines are not configured to use WINS and you say that you are an NT shop already using NT for the WINS. Sounds like you need the "wins server = " option of the smb.conf. Shaun P.S. I didn't think NT did WINS very well anyway (what I was told by an NT admin). -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From simo.sorce at polimi.it Thu Mar 8 11:34:04 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:39 2003 Subject: nmbd as WINS proxy In-Reply-To: Message-ID: On 8 Mar 2001, Shaun Lipscombe wrote: > * "CHEUNG" == CHEUNG Ngai Tseung writes: > > > We are basically an NT shop, but I have installed Samba on two > > rogue linux servers. My problem is that being an NT shop our IT > > people won't support DNS, instead using wins and DHCP for > > everything. > > Excellent. Two more Linux boxes on the planet is a "good thing(tm)". > > > My hope was that name queries from my linux boxes can be resolved > > by nmbd (since the man page says "In addition, nmbd can act as a > > WINS proxy, relaying broadcast queries from clients that do not > > understand how to talk the WINS protocol to a WIN server"), but > > having I set wins proxy = yes without any effect - ie my linux box > > still can't resolve netbios names. > > > Is it possible to have Samba transparently resolve netbios names? > > If you want nmbd to act as a WINS server then you do wins support = > yes and you setup all your windows machines to register with the WINS > server by setting up wins in the TCP/IP network properties on the > windows machines. If you already have a WINS server and want the > Samba machine to use the WINS server to resolve netbios names then you > do a wins server = x.x.x.x. The WINS proxy will only work if the > windows machines are not configured to use WINS and you say that you > are an NT shop already using NT for the WINS. Sounds like you need > the "wins server = " option of the smb.conf. > > Shaun > > P.S. I didn't think NT did WINS very well anyway (what I was told by > an NT admin). > > Why not making one of the Linux servers a dns server? or alternatively what about populating the hosts and lmhosts files? -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From jwitte at meome-ag.de Thu Mar 8 14:09:31 2001 From: jwitte at meome-ag.de (Jochen Witte) Date: Tue Dec 2 02:33:39 2003 Subject: Printer Driver Installation References: <3AA678ED.70C62CF6@meome-ag.de> <20010307114414.A1853@pogo.eng.auburn.edu> Message-ID: <3AA7929B.DEC58433@meome-ag.de> Gerald Carter wrote: > > On Wed, 07 Mar 2001 12:07:41 Jochen Witte wrote: > > Hi, > > > > just tried to establish automatic Printer-Driver-Installation on Samba > > 2.2.0alpha2 (PRINTER_DRIVER2.txt). After following the > > Installation-Steps under WINNT4, there are > > 4 new files (in /printers/W32X86/2) on my samba-machine > > (acting as a PDC). > > > > But then I get the usual meaningless NT-Errormessage > > > > "General protection-fault at adress..." > > How are you installing the driver? What driver is it and > where did you get it? I'm assuming everything works ok > when installing the driver on a real NT host. > Hi, thanks for Your answer. First I tried to install the HP Laserjet 2100 Driver from a Windows 2000 Client onto the Samba-Server. This didn't work at all - no files in print$ and an errormessage on the Windows box. Then I installed Vmware with a Windows NT 4.0 Guest Operatingsystem (because I don`t have any more machines...). Here I managed to get files into the print$/W32X86 share. There`s now a directory "2" with the following files in it: HPPCL.DLL RASDD.DLL RASDDUI.DLL RASDDUI.HLP Unfortunately these drivers are for a HP Laserjet 2000, because there ain't any drivers for the 2100 on the NT-CD. But this shouldn`t cause the problems I had... Do You need any further information? Greetings -- Jochen Witte From fi at fh-wedel.de Thu Mar 8 13:50:50 2001 From: fi at fh-wedel.de (Katrin Fitz) Date: Tue Dec 2 02:33:39 2003 Subject: password chat, sending old password Message-ID: <20010308145050.C20066@fh-wedel.de> Hi, i am using a samba 2.0.7 for solaris. Samba users are not existing in local passwd file, they authentificate via NIS. That works fine. No I want to use password chat. Therfore, password programme is yppassws, of course. This programm expects the old password adwell. And that's my problem. I assume, that the %o maclro does not work in my case. Did anyone make the same experience, can anyone halp? Thanks in advance. Katrin Fitz my logfile: [2001/03/08 13:48:10, 10] smbd/chgpasswd.c:(184) Invoking '/usr/bin/yppasswd user' as password change program. [2001/03/08 13:48:10, 100] smbd/chgpasswd.c:(228) expect: expected [*hanging* *ld*password*] received [Changing NIS password for user on server. Old password:] [2001/03/08 13:48:10, 100] smbd/chgpasswd.c:(205) expect: sending [ ] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(228) expect: expected [*ew*password*] received [ New password:] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(205) expect: sending [neuesPasswort ] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(228) expect: expected [*new*password*] received [ Retype new password:] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(205) expect: sending [neuesPasswort ] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(228) expect: expected [*changed*] received [ couldn't change passwd ] [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(205) expect: sending [neuesPasswort ] [2001/03/08 13:48:13, 100] smbd/chgpasswd.c:(228) expect: expected [*changed*] received [] [2001/03/08 13:48:13, 3] smbd/chgpasswd.c:(266) Response 4 incorrect -- Katrin Fitz ------ http://www.fh-wedel.de/~fi Fachhochschule Wedel / PTL From grunstra at grunstra.nl Thu Mar 8 13:58:22 2001 From: grunstra at grunstra.nl (Grunstra Architecten Groep bna) Date: Tue Dec 2 02:33:39 2003 Subject: testparm-unknown parameters Message-ID: <3AA78FFD.13D00E1B@grunstra.nl> today I was configuring Samba on Solaris 2.7, so I thought I'd run testparm afterwards. Everything works OK, several PC's are connected, but the testparm results give following errors: unknown parameter : "printing " ignoring parameter etc.,etc. I am pretty sure all parameters are set allright. Any Ideas? Wim Benes -------------- next part -------------- A non-text attachment was scrubbed... Name: grunstra.vcf Type: text/x-vcard Size: 774 bytes Desc: Kaart voor Grunstra Architecten Groep bna Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010308/ac8d2cd2/grunstra.vcf From shaun.lipscombe at gasops.co.uk Thu Mar 8 14:10:06 2001 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:33:40 2003 Subject: testparm-unknown parameters In-Reply-To: Grunstra Architecten Groep bna's message of "Thu, 08 Mar 2001 14:58:22 +0100" References: <3AA78FFD.13D00E1B@grunstra.nl> Message-ID: * "Grunstra" == Grunstra Architecten Groep bna writes: > today I was configuring Samba on Solaris 2.7, so I thought I'd run > testparm afterwards. Everything works OK, several PC's are > connected, but the testparm results give following errors: > unknown parameter : "printing " ignoring parameter Did you put the parameter in the services section or the global section. It should be in the services section. On solaris you need printing="SYSV". Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From armin.burkhardt at fkf.mpg.de Thu Mar 8 14:15:59 2001 From: armin.burkhardt at fkf.mpg.de (Armin Burkhardt) Date: Tue Dec 2 02:33:40 2003 Subject: Samba22a2 and NT4 printer driver installation Message-ID: <3AA7941F.47CDDCAA@fkf.mpg.de> Hi everybody! We are using samba for quite some time at our institute both as file- and print-server and as PDC. As the domain admin and automatic NT printer driver download features are prerequisites to get rid of our last NT-Server, we are currently testing Samba22a2 as well as Samba22 cvs (as of March 7th). We followed the instructions in PRINTER_DRIVER2.txt, and are able to join the domain. The users in the NIS-group ntadm like me are able to transfer the printer driver via the add printer wizard to the server (the files there are owned by root, the /var/log/samba/locks/*.tdm files are modified by root correctly). The Win9x drivers are copied to the WIN40 directory as well (for the sake of completeness: we used the latest Lexmark Optra C710 PS3 driver, it installs locally without a flaw). However, finally the add printer driver wizard fails with a message " Installation failed, access has been denied" (Message translated from german " Der Vorgang konnte nicht abgeschlossen werden. Der Zugriff wurde verweigert). We were investigating the problem during the last three days. Here our findings. The unix account "burkhard" belongs to the unix group ntadm, both passwd and group files are distributed via NIS, the NIS master server is the PDC as well. For this account, the command line net user burkhard /domain returns the correct information except for the global group memberships where *dummy user is stated twice. When we switch to the CVS version of March 7th, this changes to *unix_group.2147483404, again twice. We conclude that the server grants the domain admin rights completely, while on the NT4 Workstation (SP5 by the way) we seem to have some degree of administrator rights but not complete access. The group information seems not to be available on the workstation properly. I've seen several similar reports on the list, but no solution so far. I would appreciate any hint on this topic, thanks in advance. Armin ------------------------------------------------------------------------ Our configuration file: [global] workgroup = DVNTDOM server string = Samba Server %v interfaces = 134.105.XXX.YYY / 255.255.248.0 encrypt passwords = Yes map to guest = Bad User smb passwd file = /etc/smbpasswd log file = /var/log/samba/log.%m max log size = 50 name resolve order = wins lmhosts host bcast deadtime = 30 load printers = No show add printer wizard = Yes domain admin group = @ntadm logon script = logon.bat logon path = \\%N\profile\nt\%U logon drive = z: domain logons = Yes os level = 65 preferred master = True domain master = True wins server = 134.105.XXX.ZZZ admin users = @ntadm printer admin = @ntadm hosts allow = 134.105.XXX. / 255.255.248.0 [netlogon] comment = Netlogon Service path = /lhome/netlogon locking = No [profile] comment = User Profiles path = /lhome/profile read only = No create mask = 0600 directory mask = 0770 [print$] comment = NT printer drivers path = /lhome/printers write list = @ntadm read only = No guest ok = Yes -- ------------------------------------------------------------------------------ |Dr. Armin Burkhardt DVFKF | Heisenbergstrasse 1 | Phone: (49) 711-6891605 | |MPI fuer Festkoerperforschung | D-70569 STUTTGART | FAX : (49) 711-6891632 | |armin.burkhardt@fkf.mpg.de http://www.mpi-stuttgart.mpg.de/EDV | ------------------------------------------------------------------------------ From t.gildersleeve at bilk.ac.uk Thu Mar 8 14:26:01 2001 From: t.gildersleeve at bilk.ac.uk (Tim Gildersleeve) Date: Tue Dec 2 02:33:40 2003 Subject: policies only work for admin group Message-ID: The client machines are currently using policies from an nt server. You do not need to use poledit to tell them where to find the policies, they will always look in netlogon. And yes the netlogon share exists - they are loading login scripts from there. Poledit is only to create the policies you certainly do not need to use it on the client machines. YOu do not either have to do so in user manager for domains. Nevertheless, the policies work fine with an NT domain but not with a samba one. This is samba-2.0.7 and samba-2.2.0alpha2 (cvs). Possibly the reason is that they have worked at some time but no longer do for new networks. Also I have had them working for win95 but not winnt. > -----Original Message----- > From: Simo Sorce [SMTP:simo.sorce@polimi.it] > Sent: Thursday, March 08, 2001 8:34 AM > To: Tim Gildersleeve > Cc: 'Ben Liesfeld'; samba-ntdom@us5.samba.org > Subject: RE: policies only work for admin group > > I've used policies for many years now and they work without any problem, > with samba pdc (2.0.7), you must have had misconfigurations as they work. > have you created the netlogon share on the samba server? have you copied > your policies there? Have you enabled policies on the client machine? > (Thrue user manager?) Have you run poledit on the client to tell the > machine where to find policies? > > On Thu, 8 Mar 2001, Tim Gildersleeve wrote: > > > Sorry, but in a way im glad to see that you are having this problem! I > > have just given up on samba as a pdc for a small domain because of the > > policies not working. I *need* to have working policies to lock down > some > > student machines and no matter what I do I cant get it working. So as > a > > last resort, I have had to go back to a WinNT Server PDC for > authentication > > and leave all the shares on the Samba server. I really hoped to get rid > of > > NT as server but - oh well, give it time and it will all be good in > samba > > PDC policy support. > > > > Tim Gildersleeve > > > > > -----Original Message----- > > > From: Ben Liesfeld [SMTP:ben.liesfeld@gmx.de] > > > Sent: Wednesday, March 07, 2001 12:58 PM > > > To: samba-ntdom@us5.samba.org > > > Subject: policies only work for admin group > > > > > > Hello, > > > > > > I recently moved from TNG 2.6 alpha back again to 2.2.alpha. I still > > > got the problem with policies an NTws. Everything works fine but > > > policies are only applied to members of the domain admin group > > > defined in smb.conf. In the logs I see that normal users access the > > > .pol, too, but they don't get the changes. > > > > > > I'll attach my smb.conf. Hast anybody got policies to work with > > > 2.2.alpha? > > > > > > ----------smb.conf------------- > > > ; > > > ; /etc/smb.conf > > > ; > > > ; > > > [global] > > > status = yes > > > message command = winpopup > > > ; interfaces = 192.168.0.50 > > > > > > security = user > > > domain master = Yes > > > domain admin group = @adm > > > domain groups = adm, users, referenten, mdstura > > > homedir map = /home > > > domain logons = Yes > > > printing = bsd > > > logon path = \\%L\profiles\%U > > > server string = File-Server des Studentenrates > > > workgroup = Stura > > > passwd chat = *password* %n\n *password* %n\n > *Password*changed* > > > logon script = scripts\%G.bat > > > netbios name = zeus > > > keep alive = 30 > > > kernel oplocks = false > > > log file = /var/log/samba/log.%m > > > log level = 2 > > > > > > printcap name = /etc/printcap > > > dns proxy = no > > > ; logon home = \\%L\%U > > > map to guest = Bad User > > > passwd program = /usr/bin/passwd %u > > > encrypt passwords = yes > > > password level = 2 > > > unix password sync = yes > > > guest account = nobody > > > socket options = TCP_NODELAY > > > load printers = yes > > > username level = 2 > > > min passwd length = 3 > > > security = user > > > os level = 65 > > > wins support = yes > > > > > > default case = yes > > > time server = yes > > > logon drive = m: > > > > > > [homes] > > > comment = Heimatverzeichnis > > > browseable = no > > > read only = no > > > force create mode = 0700 > > > force directory mode = 0700 > > > > > > ;... lot's of shares > > > [printers] > > > comment = All Printers > > > browseable = no > > > printable = yes > > > public = no > > > read only = yes > > > create mode = 0700 > > > directory = /tmp > > > > > > [profiles] > > > path = /public/profile > > > comment = Profile > > > guest ok = yes > > > browseable = no > > > read only = yes > > > write list = @adm, @root, @users > > > > > > [netlogon] > > > path = /public/netlogon/ > > > browseable = yes > > > read only = yes > > > write list = @adm, root > > > force group = adm > > > case sensitive = no > > > preserve case = yes > > > default case = yes > > > locking = no > > > guest ok = no > > > force directory mode = 0775 > > > force create mode = 0775 > > > ; writeable = no > > > > > > > > > [print$] > > > path = /public/printers > > > guest ok = no > > > browseable = yes > > > read only = yes > > > write list = @adm, root > > > > > > > > > > > > > > > -- > > > Ben Liesfeld > > > http://www.uni-jena.de/~p9libe/ > > > http://johnny.rhein.com > > > > > > > > > > > > -- > Simo Sorce - Linux Systems Consultant > E-mail: simo.sorce@polimi.it > Tel: +39 0348 7149179 - Fax: +39 02 700442399 > ----------------------------------------------------------------- > Be happy, use Linux! > From ssande at sandia.gov Thu Mar 8 15:22:14 2001 From: ssande at sandia.gov (Stan Sander) Date: Tue Dec 2 02:33:40 2003 Subject: samba 2.2 as a PDC with a wy2 server as a member of the sambadomain References: <3AA73DAB.721E6054@mobixell.com> Message-ID: <3AA7A3A5.677A8DE6@sandia.gov> Oren Gozlan wrote: > hi. > while trying to set up the domain with samba 2.2 as a PDC and a w2k server to > join the samba domain, i get 2 error massages from the w2k while trying to > join the domain. > 1. user does not exist > 2. the rpc service failed > > i'm adding my smb.conf... > if somebody have an idea - Thnx ! > > smb.conf > > > # This is the main Samba configuration file. You should read the > # smb.conf(5) manual page in order to understand the options listed > # here. Samba has a huge number of configurable options (perhaps too > # many!) most of which are not shown in this example > # > # Any line which starts with a ; (semi-colon) or a # (hash) > # is a comment and is ignored. In this example we will use a # > # for commentry and a ; for parts of the config file that you > # may wish to enable > # > # NOTE: Whenever you modify this file you should run the command "testparm" > # to check that you have not made any basic syntactic errors. > # > #======================= Global Settings > ===================================== > [global] > > # workgroup = NT-Domain-Name or Workgroup-Name > workgroup = TAKODOM > > # server string is the equivalent of the NT Description field > server string = Tako Samba Server > > # This option is important for security. It allows you to restrict > # connections to machines which are on your local network. The > # following example restricts access to two C class networks and > # the "loopback" interface. For more examples of the syntax see > # the smb.conf man page > ; hosts allow = 192.168.1. 192.168.2. 127. > hosts allow = 10.0.0.15 ^^^^^^^^^^^^^^^^^^^^^^ Are you purposely only allowing services/connections from only 1 machine??? > > > # if you want to automatically load your printer list rather > # than setting them up individually then you'll need this > ### printcap name = /etc/printcap > ### load printers = yes > > # It should not be necessary to spell out the print system type unless > # yours is non-standard. Currently supported print systems include: > # bsd, sysv, plp, lprng, aix, hpux, qnx > ; printing = bsd > # Uncomment this if you want a guest account, you must add this to > /etc/passwd > # otherwise the user "nobody" is used > ; guest account = pcguest > > # this tells Samba to use a separate log file for each machine > # that connects > log file = /usr/local/samba/var/log/samba/log.%m > log level = 9 > > # Put a capping on the size of the log files (in Kb). > max log size = 50 > > # Security mode. Most people will want user level security. See > # security_level.txt for details. > security = server > ;password server = sake > ;security = user Security should be user. > > # Use password server option only with security = server > ; password server = > > # Password Level allows matching of _n_ characters of the password for > # all combinations of upper and lower case. > ; password level = 8 > ; username level = 8 > > # You may wish to use password encryption. Please read > # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. > # Do not enable this option unless you have read those documents > encrypt passwords = yes > smb passwd file = /etc/smbpasswd > > # The following are needed to allow password changing from Windows to > # update the Linux sytsem password also. > # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. > # NOTE2: You do NOT need these to allow workstations to change only > # the encrypted SMB passwords. They allow the Unix password > # to be kept in sync with the SMB password. > ; unix password sync = Yes > ; passwd program = /usr/bin/passwd %u > ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > > # Unix users can map to different SMB User names > username map = /etc/smbusers > > # Using the following line enables you to customise your configuration > # on a per machine basis. The %m gets replaced with the netbios name > # of the machine that is connecting > ; include = /etc/smb.conf.%m > > # Most people will find that this option gives better performance. > # See speed.txt and the manual pages for details > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > # Configure Samba to use multiple interfaces > # If you have multiple network interfaces then you must list them > # here. See the man page for details. > ; interfaces = 192.168.12.2/24 192.168.13.2/24 > > # Configure remote browse list synchronisation here > # request announcement to, or browse list sync from: > # a specific host or from / to a whole subnet (see below) > ; remote browse sync = 192.168.3.25 192.168.5.255 > ; remote browse sync = 10.0.0.10 > # Cause this host to announce itself to local subnets here > ; remote announce = 192.168.1.255 192.168.2.44 > ; remote announce = 10.0.0.15 > > # Browser Control Options: > # set local master to no if you don't want Samba to become a master > # browser on your network. Otherwise the normal election rules apply > # local master = yes > > # OS Level determines the precedence of this server in master browser > # elections. The default value should be reasonable > ; os level = 33 > > # Domain Master specifies Samba to be the Domain Master Browser. This > # allows Samba to collate browse lists between subnets. Don't use this > # if you already have a Windows NT domain controller doing this job > # domain master = yes > > # Preferred Master causes Samba to force a local browser election on startup > # and gives it a slightly higher chance of winning the election > # preferred master = yes > > # Use only if you have an NT server on your network that has been > # configured at install time to be a primary domain controller. > ; domain controller = > > # Enable this if you want Samba to be a domain logon server for > # Windows95 workstations. > ; domain logons = yes > domain logons = yes > > domain admin group = @adm > domain admin users = administrator admin root pablo oren > > # if you enable domain logons then you may want a per-machine or > # per user logon script > # run a specific logon batch file per workstation (machine) > ; logon script = %m.bat > # run a specific logon batch file per username > ; logon script = %U.bat > > # Where to store roving profiles (only for Win95 and WinNT) > # %L substitutes for this servers netbios name, %U is username > # You must uncomment the [Profiles] share below > ; logon path = \\%L\Profiles\%U > > # All NetBIOS names must be resolved to IP Addresses > # 'Name Resolve Order' allows the named resolution mechanism to be specified > # the default order is "host lmhosts wins bcast". "host" means use the unix > # system gethostbyname() function call that will use either /etc/hosts OR > > # DNS or NIS depending on the settings of /etc/host.config, > /etc/nsswitch.conf > # and the /etc/resolv.conf file. "host" therefore is system configuration > # dependant. This parameter is most often of use to prevent DNS lookups > # in order to resolve NetBIOS names to IP Addresses. Use with care! > # The example below excludes use of name resolution for machines that are NOT > > # on the local network segment > # - OR - are not deliberately to be known via lmhosts or via WINS. > ; name resolve order = wins lmhosts bcast > > # Windows Internet Name Serving Support Section: > # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server > > wins support = yes > > # WINS Server - Tells the NMBD components of Samba to be a WINS Client > # Note: Samba can be either a WINS Server, or a WINS Client, but NOT > both > ; wins server = w.x.y.z > > > # WINS Proxy - Tells Samba to answer name resolution queries on > # behalf of a non WINS capable client, for this to work there must be > # at least one WINS Server on the network. The default is NO. > ; wins proxy = yes > > # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names > # via DNS nslookups. The built-in default for versions 1.9.17 is yes, > # this has been changed in version 1.9.18 to no. > # dns proxy = yes > > # Case Preservation can be handy - system default is _no_ > # NOTE: These can be set on a per share basis > ; preserve case = no > ; short preserve case = no > # Default case is normally upper case for all DOS files > ; default case = lower > # Be very careful with case sensitivity - it can break things! > ; case sensitive = no > # DNS or NIS depending on the settings of /etc/host.config, > /etc/nsswitch.conf > # and the /etc/resolv.conf file. "host" therefore is system configuration > # dependant. This parameter is most often of use to prevent DNS lookups > # in order to resolve NetBIOS names to IP Addresses. Use with care! > # The example below excludes use of name resolution for machines that are NOT > > # on the local network segment > # - OR - are not deliberately to be known via lmhosts or via WINS. > ; name resolve order = wins lmhosts bcast > > # Windows Internet Name Serving Support Section: > # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server > > wins support = yes > > # WINS Server - Tells the NMBD components of Samba to be a WINS Client > # Note: Samba can be either a WINS Server, or a WINS Client, but NOT > both > ; wins server = w.x.y.z > > > # WINS Proxy - Tells Samba to answer name resolution queries on > # behalf of a non WINS capable client, for this to work there must be > # at least one WINS Server on the network. The default is NO. > ; wins proxy = yes > > # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names > # via DNS nslookups. The built-in default for versions 1.9.17 is yes, > # this has been changed in version 1.9.18 to no. > # dns proxy = yes > > # Case Preservation can be handy - system default is _no_ > # NOTE: These can be set on a per share basis > ; preserve case = no > ; short preserve case = no > # Default case is normally upper case for all DOS files > ; default case = lower > # Be very careful with case sensitivity - it can break things! > ; case sensitive = no > #============================ Share Definitions > ============================== > ;;; [homes] > ;;; comment = Home Directories > ;;; browseable = no > ;;; writable = yes > > # Un-comment the following and create the netlogon directory for Domain > Logons You should do this. > > ; [netlogon] > ; comment = Network Logon Service > ; path = /home/netlogon > ; guest ok = yes > ; writable = no > ; share modes = no > > > # Un-comment the following to provide a specific roving profile share > # the default is to use the user's home directory > ;[Profiles] > ; path = /home/profiles > ; browseable = no > ; guest ok = yes > > > # NOTE: If you have a BSD-style print system there is no need to > # specifically define each individual printer > ;;; [printers] > ;;; comment = All Printers > ;;; path = /var/spool/samba > ;;; browseable = no > ;;; # Set public = yes to allow user 'guest account' to print > ;;; guest ok = no > ;;; writable = no > ;;; printable = yes > > # This one is useful for people to share files > ;[tmp] > ; comment = Temporary file space > ; path = /tmp > ; read only = no > ; public = yes > > # A publicly accessible directory, but read only, except for people in > # the "staff" group > ;[public] > ; comment = Public Stuff > ; path = /home/samba > ; public = yes > ; read only = yes > ; write list = @staff > > # Other examples. > # > # A private printer, usable only by fred. Spool data will be placed in fred's > > # home directory. Note that fred must have write access to the spool > directory, > # wherever it is. > ;[fredsprn] > ; comment = Fred's Printer > ; valid users = fred > ; path = /homes/fred > ; printer = freds_printer > ; public = no > ; writable = no > ; printable = yes > > # A private directory, usable only by fred. Note that fred requires write > # access to the directory. > ;[fredsdir] > ; comment = Fred's Service > ; path = /usr/somewhere/private > ; valid users = fred > ; public = no > ; writable = yes > ; printable = no > > # a service which has a different directory for each machine that connects > # this allows you to tailor configurations to incoming machines. You could > # also use the %u option to tailor it by user name. > # The %m gets replaced with the machine name that is connecting. > ;[pchome] > ; comment = PC Directories > ; path = /usr/pc/%m > ; public = no > ; writable = yes > > # A publicly accessible directory, read/write to all users. Note that all > files > # created in the directory by users will be owned by the default user, so > # any user with access can delete any other user's files. Obviously this > # directory must be writable by the default user. Another user could of > course > # be specified, in which case all files would be owned by that user instead. > ;[public] > ; path = /usr/somewhere/else/public > ; public = yes > ; only guest = yes > ; writable = yes > ; printable = no > > # The following two entries demonstrate how to share a directory so that two > # users can place files there that will be owned by the specific users. In > this > # setup, the directory should be writable by both users and should have the > # sticky bit set on it to prevent abuse. Obviously this could be extended to > # as many users as required. > ;[myshare] > ; comment = Mary's and Fred's stuff > ; path = /usr/somewhere/shared > ; valid users = mary fred > ; public = no > ; writable = yes > ; printable = no > ; create mask = 0765 > > > > [tmp] > path = /tmp > browseable = yes -- Stan Sander - CSU Special Projects Sandia National Laboratories (505) 284-4915 Mail Stop 0662 1515 Eubank Blvd. SE Albuquerque, NM 87123 From kevinc at grainsystems.com Thu Mar 8 15:29:22 2001 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy References: Message-ID: <3AA7A552.7823382D@grainsystems.com> Simo Sorce wrote: > > Why not making one of the Linux servers a dns server? > or alternatively what about populating the hosts and lmhosts files? I know one reason why not to. CHEUNG Ngai Tseung wrote: > > [...] My problem is that being an NT shop our IT people > won't support DNS, instead using wins and DHCP [...] ^^^^^^^^ We would love to dump our WINS here, but ISC has still not released official DDNS/DHCP integration. Without it, I don't see moving from WINS/DHCP to DNS as an option for larger networks. - Kevin Colby kevinc@grainsystems.com From kevinc at grainsystems.com Thu Mar 8 15:31:25 2001 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:33:40 2003 Subject: password chat, sending old password References: <20010308145050.C20066@fh-wedel.de> Message-ID: <3AA7A5CD.3DC3B5B4@grainsystems.com> This is a known issue. IIRC, it is not feasible to do Samba PDC/NIS password changing integration on any machine other than the NIS master for exactly this reason. - Kevin Colby kevinc@grainsystems.com Katrin Fitz wrote: > > Hi, > > i am using a samba 2.0.7 for solaris. > Samba users are not existing in local passwd file, they > authentificate via NIS. That works fine. > > No I want to use password chat. Therfore, password programme is > yppassws, of course. This programm expects the old password > adwell. And that's my problem. > > I assume, that the %o maclro does not work in my case. > > Did anyone make the same experience, can anyone halp? Thanks in > advance. > > Katrin Fitz > > my logfile: > > [2001/03/08 13:48:10, 10] smbd/chgpasswd.c:(184) > Invoking '/usr/bin/yppasswd user' as password change > program. > [2001/03/08 13:48:10, 100] smbd/chgpasswd.c:(228) > expect: expected [*hanging* > *ld*password*] received [Changing NIS password for user on server. > Old password:] > [2001/03/08 13:48:10, 100] smbd/chgpasswd.c:(205) > expect: sending [ > ] > [2001/03/08 13:48:11, 100] smbd/chgpasswd.c:(228) > expect: expected [*ew*password*] received [ > New password:] > [2001/03/08 13:48:11, 100] > smbd/chgpasswd.c:(205) > expect: sending [neuesPasswort > ] > [2001/03/08 13:48:11, 100] > smbd/chgpasswd.c:(228) > expect: expected [*new*password*] > received [ > Retype new password:] > [2001/03/08 13:48:11, 100] > smbd/chgpasswd.c:(205) > expect: sending [neuesPasswort > ] > [2001/03/08 13:48:11, 100] > smbd/chgpasswd.c:(228) > expect: expected [*changed*] > received [ > couldn't change passwd > ] > [2001/03/08 13:48:11, 100] > smbd/chgpasswd.c:(205) > expect: sending > [neuesPasswort > ] > [2001/03/08 13:48:13, 100] > smbd/chgpasswd.c:(228) > expect: expected > [*changed*] received [] > [2001/03/08 13:48:13, > 3] > smbd/chgpasswd.c:(266) > Response 4 incorrect > > -- > Katrin Fitz ------ http://www.fh-wedel.de/~fi > Fachhochschule Wedel / PTL From simo.sorce at polimi.it Thu Mar 8 16:01:57 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy In-Reply-To: <3AA7A552.7823382D@grainsystems.com> Message-ID: On Thu, 8 Mar 2001, Kevin Colby wrote: > Simo Sorce wrote: > > > > Why not making one of the Linux servers a dns server? > > or alternatively what about populating the hosts and lmhosts files? > > I know one reason why not to. > > > CHEUNG Ngai Tseung wrote: > > > > [...] My problem is that being an NT shop our IT people > > won't support DNS, instead using wins and DHCP [...] > ^^^^^^^^ > > We would love to dump our WINS here, but ISC has still not released > official DDNS/DHCP integration. Without it, I don't see moving from > WINS/DHCP to DNS as an option for larger networks. We have a fantastic DDNS/DHCP there, don't know if it is offcial, but it works greatly! > > - Kevin Colby > kevinc@grainsystems.com > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From fi at fh-wedel.de Thu Mar 8 16:16:46 2001 From: fi at fh-wedel.de (Katrin Fitz) Date: Tue Dec 2 02:33:40 2003 Subject: password chat, sending old password In-Reply-To: <3AA7A5CD.3DC3B5B4@grainsystems.com>; from kevinc@grainsystems.com on Thu, Mar 08, 2001 at 09:31:25AM -0600 References: <20010308145050.C20066@fh-wedel.de> <3AA7A5CD.3DC3B5B4@grainsystems.com> Message-ID: <20010308171646.E21544@fh-wedel.de> Thanks for the hint. is this problem going to be solved in samba TNG? until then, i am going to write a wrapper for the yppasswd command which invoces smbpasswd. So passwordchanging from Windows is not possible. Users need to use linux therefor. > > This is a known issue. IIRC, it is not feasible to do Samba PDC/NIS > password changing integration on any machine other than the NIS master > for exactly this reason. -- Katrin Fitz ------ http://www.fh-wedel.de/~fi Fachhochschule Wedel / PTL From kevinc at grainsystems.com Thu Mar 8 17:44:23 2001 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:33:40 2003 Subject: password chat, sending old password References: <20010308145050.C20066@fh-wedel.de> <3AA7A5CD.3DC3B5B4@grainsystems.com> <20010308171646.E21544@fh-wedel.de> Message-ID: <3AA7C4F7.12C95E96@grainsystems.com> Don't hold your breath. I believe it is insoluble. The issue is that Samba does not even know the original plaintext password. NT sends only the hash when authenticating, so Samba cannot send the plaintext original to yppasswd. The only way around this is to run Samba on the NIS master (which does not need the old password), to use something other than NIS, or to not support Windows password changing and rely on a web interface or somesuch instead. - Kevin Colby kevinc@grainsystems.com Katrin Fitz wrote: > > Thanks for the hint. > > is this problem going to be solved in samba TNG? > > until then, i am going to write a wrapper for the yppasswd > command which invoces smbpasswd. So passwordchanging from > Windows is not possible. Users need to use linux therefor. > > > > This is a known issue. IIRC, it is not feasible to do Samba PDC/NIS > > password changing integration on any machine other than the NIS master > > for exactly this reason. > > -- > Katrin Fitz ------ http://www.fh-wedel.de/~fi > Fachhochschule Wedel / PTL From jeremy at valinux.com Thu Mar 8 19:03:39 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:40 2003 Subject: Changing your samba password from windows References: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> <008501c0a759$3f3e7680$1f0110ac@hug.local> Message-ID: <3AA7D78B.B8840473@valinux.com> Philipp Hug wrote: > > I tried the same on Win2k (with CVS version of Samba 2.2) and got the same > message: > > [2001/03/07 23:51:34, 0] rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) > _samr_get_dom_pwinfo: Not yet implemented. Yes, I'm looking at this one also. It's currently an undocumented and encrypted RPC that W2K seems to need to succeed on SAMR before it will allow password change. WinNT doesn't need this so it works. I'm looking into what to return here (we currently just return zeros which obviously isn't correct). This is an interesting one..... any ideas welcome :-). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lamasney at mlode.com Fri Mar 9 05:56:20 2001 From: lamasney at mlode.com (Mike Lamasney) Date: Tue Dec 2 02:33:40 2003 Subject: KiXtart for Linux? Message-ID: <3.0.5.32.20010308215620.00a2d590@mail.mlode.com> The KiXtart scripting facility is great for login scripts in Win9x when interfacing to an NT PDC, and offers many convenient features over simple DOS batch files. Question: Does anyone know if there is a KiXtart server package to run on a Linux server running Samba as a PDC? From marshallj at switch.aust.com Fri Mar 9 06:00:15 2001 From: marshallj at switch.aust.com (Marshall, Joshua) Date: Tue Dec 2 02:33:40 2003 Subject: KiXtart for Linux? References: <3.0.5.32.20010308215620.00a2d590@mail.mlode.com> Message-ID: <3AA8716F.6525BD65@switch.aust.com> KiXtart will be served fine from a Linux server - it only works with Windows clients though, as it is basically executed on the client at logon time. Mike Lamasney wrote: > The KiXtart scripting facility is great for login scripts in Win9x > when interfacing to an NT PDC, and offers many convenient features > over simple DOS batch files. Question: Does anyone know if there > is a KiXtart server package to run on a Linux server running Samba > as a PDC? From peter.milburn at sofcom.com.au Fri Mar 9 05:57:20 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:40 2003 Subject: samba 2.2.aplhae 2 Message-ID: Hi, I am having serious problems now with not being able to get a new machine to connect to my PDC, Can someone please help me with this as I am needing to get machines connected to the PDC Thanks, From cheungnt at ha.org.hk Fri Mar 9 06:07:21 2001 From: cheungnt at ha.org.hk (Dr CHEUNG Ngai Tseung) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy Message-ID: * "CHEUNG" == CHEUNG Ngai Tseung writes: > Is it possible to have Samba transparently resolve netbios names? If you want nmbd to act as a WINS server then you do wins support = yes and you setup all your windows machines to register with the WINS server by setting up wins in the TCP/IP network properties on the windows machines. If you already have a WINS server and want the Samba machine to use the WINS server to resolve netbios names then you do a wins server = x.x.x.x. The WINS proxy will only work if the windows machines are not configured to use WINS and you say that you are an NT shop already using NT for the WINS. Sounds like you need the "wins server = " option of the smb.conf. I have done all this with no effect. Here are the relevant smb.conf settings wins server = 188.1.128.199 name resolve order = lmhosts wins bcast wins proxy = yes dns proxy = no In fact I have tried all sorts of combinations with no effect. Is it in fact possible to set things up so that I can ping a netbios name from the linux box? Adding hosts is not an option since our network has thousands of machines. Thanks NT -------------- next part -------------- HTML attachment scrubbed and removed From barth at cck.uni-kl.de Fri Mar 9 06:50:54 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy In-Reply-To: Message-ID: <3AA88B5E.9853.14C86C@localhost> > Is it in fact possible to set things up so that I can ping a netbios > name from the linux box? Not with the wins settings discussed in this thread. They are only for samba, which is one linux application. To be able to ping with netbios names you have to get them into "the TCP/IP part of the OS". May be winbind is what you are looking for, but I'm not sure as I don't use it. Winbind is still experimental (?). Please correct me if I'm wrong. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From cheungnt at ha.org.hk Fri Mar 9 06:59:13 2001 From: cheungnt at ha.org.hk (Dr CHEUNG Ngai Tseung) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy Message-ID: Thanks for the information. In that case, what is mean by the man page when it says "In addition, nmbd can act as a WINS proxy, relaying broadcast queries from clients that do not understand how to talk the WINS protocol to a WIN server"? -----Original Message----- From: Christian Barth [mailto:barth@cck.uni-kl.de] Sent: Friday, 9 March 2001 14:51 To: 'samba-ntdom@us5.samba.org'; Dr CHEUNG Ngai Tseung Subject: Re: nmbd as WINS proxy > Is it in fact possible to set things up so that I can ping a netbios > name from the linux box? Not with the wins settings discussed in this thread. They are only for samba, which is one linux application. To be able to ping with netbios names you have to get them into "the TCP/IP part of the OS". May be winbind is what you are looking for, but I'm not sure as I don't use it. Winbind is still experimental (?). Please correct me if I'm wrong. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) -------------- next part -------------- HTML attachment scrubbed and removed From barth at cck.uni-kl.de Fri Mar 9 07:26:55 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy In-Reply-To: Message-ID: <3AA893CF.16678.35C0AF@localhost> > Thanks for the information. In that case, what is mean by the man page > when it says "In addition, nmbd can act as a WINS proxy, relaying > broadcast queries from clients that do not understand how to talk the > WINS protocol to a WIN server"? The netbios name resolution is very trick, so I'm not sure about what this means. Since my samba box is a wins server all name resolution problems went away. But samba, consisting of smbd and nmbd, uses all the WINS-information for talking to windows and other samba machines. The netbios information is not reported to the operating system. If you want to ping/telnet/ftp/ssh to a host by netbios name, the tcp/ip part of linux has to use samba to get the IP-Adress from the name. And this is normaly *not* done, as samba is a aplication and not a part of the operating system. You have to tell the OS to do so, i think this can be done by winbind. If you have 2 linux machines in a net of thousends of NT machines you may help you with the comand "nmblookup" whicht is part of the samba suite. (I assume the linux boxes are only used by "experts".) Configure samba to use your wins server (wins server = 123.456.789.123 in smb.conf) and use nmblookup to geht the IP addresse, then use the IP-aaddress for ping, telnet, ..... It should not bo to hard to wirte a little shell skrip "ping_netbios" that takes the name, resolves it with nmblookup and involves ping. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From stephanie_ongsg at yahoo.com.sg Fri Mar 9 07:59:40 2001 From: stephanie_ongsg at yahoo.com.sg (=?iso-8859-1?q?Lim=20Peng?=) Date: Tue Dec 2 02:33:40 2003 Subject: Password Sync Message-ID: <20010309075940.25295.qmail@web13115.mail.yahoo.com> My objective is to change the unix password and samba password automatically when the NT password is changed. I have tried many times and also consulted the archives, have tried the various suggestions too. No matter what changes I applied to my NT password, my Unix password remains the same. Question 1) Initially, I have used a generic account 'sambausr' and manually synchronise its password on UNIX,Samba and NT and then managed to join the samba server (running on unix) to NT Domain. Later, when I set sambausr to expiry on both NT and UNIX, I observed that an NT user (ie another NT account) can still see the unix directories. Why is this so ? Question 2) how/where do I check if the Samba password is changed ( other than using SWAT ? ) The parameters are set as : workgroup = SPRODPDC1 server string = PRODSERVER security = DOMAIN encrypt passwords = Yes update encrypted = No password server = SPRODSERVER smb passwd file = /usr/local/samba/private/smbpasswd passwd program = /bin/passwd %u passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = yes unix password sync = yes log level = 100 syslog = 3 Any help will be greatly appreciated. __________________________________________________ Do You Yahoo!? Yahoo! Mail ? Free email you can access from anywhere! http://mail.yahoo.com.sg/ From lkcl at samba-tng.org Fri Mar 9 11:48:15 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:40 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <3AA40729.E5514B52@bartlett.house> Message-ID: > Is it just me, or does the idea of effectivly changing the owner of file > to an arbitary user (nobody) which is normally used as a 'I can't break > anything' user sound like a bad idea? It would be a pity if root > suddenly got forgotten and the entire system became owned (at least from > the NT end) by nobody. this is the "solution" used by a lot of the AS/U ports. they have a single unix user, and then provide all mapping of NT users themselves. with the result that they have a security nightmare full of race conditions. luke From J.L.Gilmour at exeter.ac.uk Fri Mar 9 12:09:25 2001 From: J.L.Gilmour at exeter.ac.uk (J.L.Gilmour@exeter.ac.uk) Date: Tue Dec 2 02:33:40 2003 Subject: smb wrapper ??? Message-ID: <1468637.200103091209@olib> Hi, I've recently set up TNG on a solaris 8 (ultra sparc) server. Its controlling a domain of around 30 nt workstations. Each has a drive 'D:' containing data to be backed up. The sparc box has a DDS4 dat drive. My plan: configure samba to mount the PCs disks, copy each disk's changes to a local drive on the sun, copy that disk to tape. I've compiled TNG with the --with-smbwrapper option [1] and have an smbwrapper.so file. Now what? It looks like this is going to work from /smb something like an automounter. So I'm thinking I need some kind of entry in something like vfstab ?? Thanks for any suggestions or links... Jayne. [1] this needed a tweak - at a guess I'd say the 'HAVE_UTIMES' flag isn't set properly under Solaris 8. Its define in but in wrapped.c if is included. OR, is it simply that the '#ifdef' should really be a '#ifndef' ??? -- +----+----+----+----+----+----+----+----+----+----+----+----+----+ Jayne Gilmour, BSc. MSc. Unix & Network Administrator Department of Computer Science, University of Exeter Internet: "a network of computers which lots of people are inter" +----+----+----+----+----+----+----+----+----+----+----+----+----+ From gcarter at valinux.com Fri Mar 9 06:56:27 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:40 2003 Subject: Printer Driver Installation In-Reply-To: <3AA7929B.DEC58433@meome-ag.de>; from jwitte@meome-ag.de on Thu, Mar 08, 2001 at 08:09:31 -0600 References: <3AA678ED.70C62CF6@meome-ag.de> <20010307114414.A1853@pogo.eng.auburn.edu> <3AA7929B.DEC58433@meome-ag.de> Message-ID: <20010309005627.I10207@pogo> On Thu, 08 Mar 2001 08:09:31 Jochen Witte wrote: > > thanks for Your answer. First I tried to install the > HP Laserjet 2100 Driver from a Windows 2000 Client onto > the Samba-Server. This didn't work at all - no files > in print$ and an errormessage on the Windows box. > > Then I installed Vmware with a Windows NT 4.0 Guest > Operatingsystem (because I don`t have any more machines...). > Here I managed to get files into the print$/W32X86 > share. There`s now a directory "2" with the following > files in it: HPPCL.DLL RASDD.DLL RASDDUI.DLL RASDDUI.HLP This is correct. > Unfortunately these drivers are for a HP Laserjet 2000, > because there ain't any drivers for the 2100 on the NT-CD. > But this shouldn`t cause the problems I had... > > Do You need any further information? PCL drivers have been somewhat of a problem. Can you try PS drivers (I'm guessing here 'cause my 2100 is a PS/PCL)? I'll try the 2100 PCL drivers from the Win2k Pro CD and see if I can reproduce it. Ping me back the first of the week and remind me, ok? CHeers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Fri Mar 9 06:32:37 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:40 2003 Subject: Changing your samba password from windows In-Reply-To: <3AA7D78B.B8840473@valinux.com>; from jeremy@valinux.com on Thu, Mar 08, 2001 at 13:03:39 -0600 References: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> <008501c0a759$3f3e7680$1f0110ac@hug.local> <3AA7D78B.B8840473@valinux.com> Message-ID: <20010309003237.E10207@pogo> On Thu, 08 Mar 2001 13:03:39 Jeremy Allison wrote: > Philipp Hug wrote: > > > > I tried the same on Win2k (with CVS version of Samba 2.2) and got > the same > > message: > > > > [2001/03/07 23:51:34, 0] > > rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) > > _samr_get_dom_pwinfo: Not yet implemented. > > Yes, I'm looking at this one also. It's currently an undocumented > and encrypted RPC that W2K seems to need to succeed on SAMR before > it will allow password change. WinNT doesn't need this so it works. > > I'm looking into what to return here (we currently just return > zeros which obviously isn't correct). I have only seen SAMR_GET_USRDOM_PWINFO (opnum 0x2c) when a Win2k client joins an NT 4 domain. Ooops, there is opnum 0x38 in the Win2k user password change. Hmmm....should just return a policy handle and a four byte return value. Interesting though, I don;t see it being closed by the Win2k client....Hmmm....Don't see where the results of SAMR_GET_DOM_PWINFO are being used in SAMR_CHGPASSWD_USER. btw...what is the "MSRPC Authenticationm Verifier" that I see after the Stud Data in netmon 1.x? Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Fri Mar 9 06:34:12 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy In-Reply-To: ; from cheungnt@ha.org.hk on Thu, Mar 08, 2001 at 03:48:45 -0600 References: Message-ID: <20010309003412.F10207@pogo> On Thu, 08 Mar 2001 03:48:45 Dr CHEUNG Ngai Tseung wrote: > > We are basically an NT shop, but I have installed Samba > on two rogue linux servers. My problem is that being an > NT shop our IT people won't support DNS, instead using wins > and DHCP for everything. > > My hope was that name queries from my linux boxes can > be resolved by nmbd (since the man page says "In addition, > nmbd can act as a WINS proxy, relaying broadcast queries > from clients that do not understand how to talk > the WINS protocol to a WIN server"), but having I set > wins proxy = yes > without any effect - ie my linux box still can't resolve netbios > names. I think what you are looking for is a libnss_wins.so module. Check in the HEAD CVS tree and see if there is one there. I thought I remembered seeing one. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From greg at kwikfind.com Fri Mar 9 15:58:23 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:40 2003 Subject: samba 2.2.aplhae 2 References: Message-ID: <003a01c0a8b1$c5e104b0$2800a8c0@leinet> Peter, It would be extremely difficult, if not impossible, for people to help you with your samba problem without any information from you. We can all guess at what is wrong, but this will likely be on limited value to you. I suggest that you read the Samba FAQs, the Samba 2.2 PDC How To, and the Using Samba book; all of which come with the Samba 2.2 source that you downloaded. The Using Samba book is very good at teaching the steps to configure samba in a step by step method. Once you get samba working, using the examples in the book, then move on to the PDC How To and FAQs. If you are still having problems, then come back to this forum and post your questions. You will have a much better understanding of Samba at that point, and will know what questions to ask. Good luck. Greg J. Zartman, P.E. ----- Original Message ----- From: To: Sent: Thursday, March 08, 2001 9:57 PM Subject: samba 2.2.aplhae 2 > Hi, I am having serious problems now with not being able to get a new > machine to connect to my PDC, > > Can someone please help me with this as I am needing to get machines > connected to the PDC > > Thanks, > > > > > From greg at kwikfind.com Fri Mar 9 16:07:36 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:40 2003 Subject: Changing your samba password from windows References: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> <008501c0a759$3f3e7680$1f0110ac@hug.local> <3AA7D78B.B8840473@valinux.com> <20010309003237.E10207@pogo> Message-ID: <004801c0a8b3$0f8aa250$2800a8c0@leinet> Group, The other place that this little error message pops up is when you input and incorrect password when trying to log into a Win2K client. I'm sure the two are related, but the RPC stuff is over my head.... Regards, Greg ----- Original Message ----- From: "Gerald Carter" To: "Jeremy Allison" Cc: "Philipp Hug" ; "David Bannon" ; ; "Samba technical" Sent: Thursday, March 08, 2001 10:32 PM Subject: Re: Changing your samba password from windows > > On Thu, 08 Mar 2001 13:03:39 Jeremy Allison wrote: > > Philipp Hug wrote: > > > > > > I tried the same on Win2k (with CVS version of Samba 2.2) and got > > the same > > > message: > > > > > > [2001/03/07 23:51:34, 0] > > rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) > > > _samr_get_dom_pwinfo: Not yet implemented. > > > > Yes, I'm looking at this one also. It's currently an undocumented > > and encrypted RPC that W2K seems to need to succeed on SAMR before > > it will allow password change. WinNT doesn't need this so it works. > > > > I'm looking into what to return here (we currently just return > > zeros which obviously isn't correct). > > I have only seen SAMR_GET_USRDOM_PWINFO (opnum 0x2c) when a Win2k > client joins an NT 4 domain. Ooops, there is opnum 0x38 > in the Win2k user password change. Hmmm....should just return > a policy handle and a four byte return value. > > Interesting though, I don;t see it being closed by the Win2k > client....Hmmm....Don't see where the results of SAMR_GET_DOM_PWINFO > are being used in SAMR_CHGPASSWD_USER. > > btw...what is the "MSRPC Authenticationm Verifier" that I see > after the Stud Data in netmon 1.x? > > > > > > Cheers, jerry > ---------------------------------------------------------------------- > /\ Gerald (Jerry) Carter Professional Services > \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com > http://www.samba.org/ SAMBA Team jerry@samba.org > http://www.plainjoe.org/ jerry@plainjoe.org > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) > > > > > From SRuth at LANDAM.com Fri Mar 9 17:29:44 2001 From: SRuth at LANDAM.com (SRuth@LANDAM.com) Date: Tue Dec 2 02:33:40 2003 Subject: Group weirdness with Samba Message-ID: <6768A16CA846D3119104009027998CC30853F74B@lande04.landam.com> Reposting. Does anybody have any comments or suggestions for this? Thanks. Sven Hello all, I'm running 2.0.7 on a Compaq ProLiant w/ the 2.2.18 kernel on RedHat 6.2 and all but the most recent patches. Clients are all NT 4 WS with SP6a. Validation is done via NT DC's. It runs splendidly, except for this small problem. I have access to certain shares restricted via groups in my valid users fields. I've run into a problem where it seems that, although the user belongs to a group valid for that share, he is not allowed access to the share. Instead, the user gets a username and password prompt. If I remove a couple of users from the group and try again, it'll work. If I add the users back it may continue working, but some time later it'll act up again. Has anybody seen this before? Any ideas? Thanks. Sven M. Ruth Senior IS Analyst - Chicago Area LandAmerica Financial Group Ph: 312-558-1600 ext. 3023 Pager: 800-314-1838 "We are all born originals -- why is it so many of us die copies?" -- Edward Young From don_mccall at hp.com Fri Mar 9 18:44:59 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:40 2003 Subject: Group weirdness with Samba Message-ID: <079FD72E42C9D311B854009027650E6F0405089D@xatl02.atl.hp.com> Hi Sven, The users that are affected, are they members of a LOT of groups? And the group that you are having problems with, how long is the list of members for this group? And when the problem DOES occur, does it affect ALL members of the group, or just a select few of them? When the problem occurs, you might want to set debug level = 10, and log file = ..../log.%m and reproduce, and check the debug statements for the # of groups the user is in, and see if that matches with what a physical look at /etc/group has to say. Speaking of /etc/group, are you by any chance using NIS? hope this helps, Don -----Original Message----- From: SRuth@LANDAM.com [mailto:SRuth@LANDAM.com] Sent: Friday, March 09, 2001 12:30 PM To: samba-ntdom@us5.samba.org Subject: RE: Group weirdness with Samba Reposting. Does anybody have any comments or suggestions for this? Thanks. Sven Hello all, I'm running 2.0.7 on a Compaq ProLiant w/ the 2.2.18 kernel on RedHat 6.2 and all but the most recent patches. Clients are all NT 4 WS with SP6a. Validation is done via NT DC's. It runs splendidly, except for this small problem. I have access to certain shares restricted via groups in my valid users fields. I've run into a problem where it seems that, although the user belongs to a group valid for that share, he is not allowed access to the share. Instead, the user gets a username and password prompt. If I remove a couple of users from the group and try again, it'll work. If I add the users back it may continue working, but some time later it'll act up again. Has anybody seen this before? Any ideas? Thanks. Sven M. Ruth Senior IS Analyst - Chicago Area LandAmerica Financial Group Ph: 312-558-1600 ext. 3023 Pager: 800-314-1838 "We are all born originals -- why is it so many of us die copies?" -- Edward Young From vorlon at netexpress.net Fri Mar 9 20:51:21 2001 From: vorlon at netexpress.net (Steve Langasek) Date: Tue Dec 2 02:33:40 2003 Subject: nmbd as WINS proxy In-Reply-To: Message-ID: On Fri, 9 Mar 2001, Dr CHEUNG Ngai Tseung wrote: > Thanks for the information. In that case, what is mean by the man page when > it says "In addition, nmbd can act as a WINS proxy, relaying broadcast > queries from clients that do not understand how to talk the WINS protocol to > a WIN server"? With this option enabled, nmbd will listen for broadcast name queries on the network, forward them to the WINS server, and send the replies to the broadcast client that asked for the information. There are efforts under way to allow doing Unix nameservice lookups against WINS, but this can be dangerous: anyone can add a record to WINS. What happens if the record they add is for the name of a website you are trying to get to? You may end up talking to their machine instead, maybe without knowing it. Steve Langasek postmodern programmer From linuxus at yahoo.com Fri Mar 9 23:23:12 2001 From: linuxus at yahoo.com (Abdillahi Ibrahim) Date: Tue Dec 2 02:33:40 2003 Subject: mounting NTFS share into Solaris box Message-ID: <20010309232312.28587.qmail@web1404.mail.yahoo.com> Hi, I am using Samba 2.2 with Solaris 8 Intel base machine. After samba is installed and I configured it, I am able to browse my Solaris shares from a NT base machine but I need to how can I mount a NTFS shares into my Solaris system? With many thanks __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ From simo.sorce at polimi.it Sat Mar 10 00:53:22 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:40 2003 Subject: mounting NTFS share into Solaris box In-Reply-To: <20010309232312.28587.qmail@web1404.mail.yahoo.com> Message-ID: As far as I know, the only platform that can mount a smb share is linux, other may use smbclient program. Anyoue can confirm? On Fri, 9 Mar 2001, Abdillahi Ibrahim wrote: > Hi, > I am using Samba 2.2 with Solaris 8 Intel base > machine. > After samba is installed and I configured it, I am > able to browse my Solaris shares from a NT base > machine but I need to how can I mount a NTFS shares > into my Solaris system? > > With many thanks > > __________________________________________________ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/ > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From vlaero at yahoo.com.au Sat Mar 10 06:02:53 2001 From: vlaero at yahoo.com.au (=?iso-8859-1?q?Paul=20Jansen?=) Date: Tue Dec 2 02:33:40 2003 Subject: KiXtart for Linux? Message-ID: <20010310060253.6487.qmail@web5102.mail.yahoo.com> Joshua, Kixstart is not only a set of files that are served out. It is an RPC service that runs on the server that allows Win9x clients to do things like determine whether they are a member of a specific NT group. Think about it - there is no way do do this on a 9x client without some sort of talking to the server. The question still stands then - Kixstart for SAMBA? (I'm interested in it running on server platforms other than Linux as well). Marshall, Joshua wrote: >KiXtart will be served fine from a Linux server - it only works with >Windows clients though, as it is basically executed on the client at >logon time. >Mike Lamasney wrote: >> The KiXtart scripting facility is great for login scripts in Win9x >> when interfacing to an NT PDC, and offers many convenient features >> over simple DOS batch files. Question: Does anyone know if there >> is a KiXtart server package to run on a Linux server running Samba >> as a PDC? _____________________________________________________________________________ http://store.yahoo.com.au - Yahoo! Store - The fastest, easiest way to open an online store. From js at ic-bremen.de Sat Mar 10 14:12:24 2001 From: js at ic-bremen.de (Jens Schwepe) Date: Tue Dec 2 02:33:40 2003 Subject: NT User-Messages with German special characters ? Message-ID: <01C0A974.834324D0.js@ic-bremen.de> Hi, I want to use smbclient to send regular broadcast-messages within my network. What do I have to do to use german special characters like ?,?,? and so on ? (In case of incompatible mail character conversion, I'm speaking of the characters like in html: ä, ö etc.) thnx in advance Jens Schwepe Internet Center Bremen js@ic-bremen.de http://www.ic-bremen.de From mark at axeon.screaming.net Sat Mar 10 18:27:16 2001 From: mark at axeon.screaming.net (Mark) Date: Tue Dec 2 02:33:40 2003 Subject: Serving user lists to Windows9x stations Message-ID: <000b01c0a98f$c20d8fa0$0b01a8c0@MARKSYSTEM> Im sure this is a stupid question - but when Jeremy and others tak about 'serving out user lists correctly to a Win9x box' - what do they mean (user manager?)? thanks mark From damason at davenet.mine.nu Sat Mar 10 22:16:21 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:41 2003 Subject: Serving user lists to Windows9x stations In-Reply-To: <000b01c0a98f$c20d8fa0$0b01a8c0@MARKSYSTEM> Message-ID: They are referring to the list of users employed by Win9x for share permissions, when "user-level" is selected in the "access control" tab of the network control panel. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Mark Sent: Saturday, March 10, 2001 10:27 AM To: samba-ntdom@us5.samba.org Subject: Serving user lists to Windows9x stations Im sure this is a stupid question - but when Jeremy and others tak about 'serving out user lists correctly to a Win9x box' - what do they mean (user manager?)? thanks mark From vlaero at yahoo.com.au Sun Mar 11 07:01:03 2001 From: vlaero at yahoo.com.au (=?iso-8859-1?q?Paul=20Jansen?=) Date: Tue Dec 2 02:33:41 2003 Subject: Serving user lists to Windows9x stations Message-ID: <20010311070103.21885.qmail@web5104.mail.yahoo.com> If you install the 'server tools for Win95' (which can be found on the NT server CD) you can get a user manager, server manager, event viewer etc. for use on win9x. Will the user manager app now work on 9x on the current CVS build or are there other un-implemented RPCs that still prevent this from happening? I am not in a position to try the current CVS build. Can someone answer this? >They are referring to the list of users employed by >Win9x for share >permissions, when "user-level" is selected in >the "access control" tab of >the network control panel. >-----Original Message----- >From: samba-ntdom-admin@us5.samba.org >[mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of >Mark >Sent: Saturday, March 10, 2001 10:27 AM >To: samba-ntdom@us5.samba.org >Subject: Serving user lists to Windows9x stations >Im sure this is a stupid question - but when Jeremy >and others tak about >'serving out user lists correctly to a Win9x box' - >what do they mean (user >manager?)? >thanks >mark _____________________________________________________________________________ http://store.yahoo.com.au - Yahoo! Store - The fastest, easiest way to open an online store. From Roman.Orth at educators.de Sun Mar 11 11:37:29 2001 From: Roman.Orth at educators.de (Roman Orth) Date: Tue Dec 2 02:33:41 2003 Subject: Printer Driver Installation In-Reply-To: <20010309005627.I10207@pogo> Message-ID: <000f01c0aa1f$a7cb23b0$640aa8c0@sem1.educators.de> Hi there, I've tried the support for downloading printer driver files with Samba 2.2.0-alpha2 and encountered some problems: First I tried a PCL driver which seemed to work except for configuring the printer afterwards. It won't accept other paper sizes than US letter, although other formats are stored in the corresponding *.gpd file. Then I tried a PS driver, but Windows insists that there is no driver installed when I tried to configure it. Nevertheless it prints. I'm not shure if something changed from NT4 to W2k in the printing modell, but the directory name is still W32X86. The files were transferred correctly into \\server\print$\W32X86\3 and then installed onto the client machine, but configuring seems to be the problem. If someone has any clue what to do, please drop me a note. bye Roman ---------------------------------------------------------- \ Roman Orth roman.orth@educators.de / / educators Gbr +49(0)631 34106-0 \ \ Hoelzengraben 2 / / 67657 Kaiserslautern \ \ Germany / -------------------------------------------------------- -----Urspr?ngliche Nachricht----- Von: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]Im Auftrag von Gerald Carter Gesendet: Freitag, 9. M?rz 2001 07:56 An: Jochen Witte Cc: samba-ntdom@us5.samba.org Betreff: Re: Printer Driver Installation On Thu, 08 Mar 2001 08:09:31 Jochen Witte wrote: > > thanks for Your answer. First I tried to install the > HP Laserjet 2100 Driver from a Windows 2000 Client onto > the Samba-Server. This didn't work at all - no files > in print$ and an errormessage on the Windows box. > > Then I installed Vmware with a Windows NT 4.0 Guest > Operatingsystem (because I don`t have any more machines...). > Here I managed to get files into the print$/W32X86 > share. There`s now a directory "2" with the following > files in it: HPPCL.DLL RASDD.DLL RASDDUI.DLL RASDDUI.HLP This is correct. > Unfortunately these drivers are for a HP Laserjet 2000, > because there ain't any drivers for the 2100 on the NT-CD. > But this shouldn`t cause the problems I had... > > Do You need any further information? PCL drivers have been somewhat of a problem. Can you try PS drivers (I'm guessing here 'cause my 2100 is a PS/PCL)? I'll try the 2100 PCL drivers from the Win2k Pro CD and see if I can reproduce it. Ping me back the first of the week and remind me, ok? CHeers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From mgeddes at xavier.sa.edu.au Mon Mar 12 00:52:24 2001 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:33:41 2003 Subject: sending smbd SIGHUP Message-ID: <3AAC1DC8.FA60C93C@xavier.sa.edu.au> Hi, When sending a SIGHUP to smbd to get it to re-read it's config, is it necessary to send the signal to each of the running processes, or just the main smbd process (the one listed in smbd.pid)? I'm running Samba 2.0.7, BTW. Thanks, Matt -- Matthew Geddes Network Manager Xavier College Gawler, SA mailto: mgeddes@xavier.sa.edu.au From made_rai at telkom.net Mon Mar 12 08:47:39 2001 From: made_rai at telkom.net (rai) Date: Tue Dec 2 02:33:41 2003 Subject: printing via samba Message-ID: <017901c0aad1$1a7780a0$4d71053d@handa> I am using Mandrake 7.2 with samba 2.07. I have problem that my client (windows 95) cannot print via samba. The error comment on client is : There was an error writing to \\Buaya\printer for printer (Canon) BJC-210SP) The netwrok name cannot be found For disk share running well. On server I try to test print and work well too. I already follow the printer troubleshooting on windows but no result. And I already read printing.txt that came with samba distribution..and also can't help. My steps are : - /etc/rc.d/init.d/smb restart (in this step smb always failed, why ???) - testparm - testprns lp - smbclient -L localhost Here is my smb.conf ------------------ # Samba config file created using SWAT # from localhost.localdomain (127.0.0.1) # Date: 2001/03/08 14:12:06 # Global parameters [global] workgroup = ITS netbios name = BUAYA domain logons = no server string = samba %v on (%L) interfaces = 1.1.1.20/8 security = user # password server = kancil encrypt passwords = Yes debug level = 0 syslog = 2 log file = /var/log/samba/samba.log.%m max log size = 50 os level = 34 local master = yes preferred master = yes domain master = yes wins support = yes auto services = made remote announce = 1.1.1.255/ITS hosts allow = 1.1.1. localhost [netlogon] comment = domain logon service path = /export/samba/logon public = no writeable = no browsable = no [printer] comment = canon kesayanganku... printable = yes printing = BSD I also use this command before but it doesn't work.. # print command = /usr/bin/lpr -P%p %s print command = echo "printed %s on %p" >> /tmp/printlog print command = cp %s /tmp/tmp.print lpq command = lpq -P%p lprm command = lprm -P%p %j printcap name = /etc/printcap printer = lp min print space = 2000 path = /var/spool/public printer = lp read only = yes guest ok = false valid users = made [data] comment = data drive path = /mnt writeable = Yes guest ok = Yes map system = Yes map hidden = Yes volume = simple data drive follow symlinks = No ----------------------- Is there some thing wrong with the smb.conf ??? Did I miss any step ?? Please help me... thanks Made From s354199 at student.uq.edu.au Mon Mar 12 11:38:33 2001 From: s354199 at student.uq.edu.au (Elliot Mackenzie) Date: Tue Dec 2 02:33:41 2003 Subject: WIN2K/SAMBA PDC Message-ID: At this point I pray I have landed the right newsgroup. I (ultimately) want to run Samba as the PDC for my domain ADIXEIN. Samba system: - PII-300 - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled) - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001). Connecting system: - PIII-1G - Windows 2000 Professional SP1 Domain information: - Domain: ADIXEIN - Server name: SERVER - Machine name: MACKA smb.conf as follows (located in /usr/local/samba/lib/) [root@gw lib]# tail -n 100 smb.conf # Global parameters [global] workgroup = ADIXEIN netbios name = SERVER server string = File server interfaces = 192.168.1.1/255.255.255.0 add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ security = User domain logons = Yes domain master = Yes domain admin group = @adm domain admin users = root preferred master = Yes local master = Yes os level = 65 wins support = Yes encrypt passwords = Yes passwd program = /usr/bin/passwd passwd chat debug = Yes unix password sync = Yes restrict anonymous = Yes log file = /var/log/samba/log.%m max log size = 50 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 strip dot = Yes dns proxy = No hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0 hosts deny = 0.0.0.0/0.0.0.0 ########################END SMB.CONF Plus all the file shares (no Windows profiles etc are listed/used). root is a member of @adm. I can connect to the domain when I change the settings on MACKA such that it joins a domain. As per the FAQ I connect as root with the root passwd. It says "Welcome to ADIXEIN domain." or something to that effect. I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as root, as administrator and as macka. All attempts fail with the same error: "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect." The adduser appears to work, I have macka$ listed in my smbpasswd (root is also listed in smbpasswd). The following is an extract of the logs (log level 20). ============================= LOG.MACKA [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655) macka (192.168.1.4) closed connection to service IPC$ [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) Yielding connection to IPC$ [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) unbecome_user now uid=(0,0) gid=(0,0) [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=832 smt_wct=0 [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308) smb_bcc=0 [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560) write_socket(12,39) [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563) write_socket(12,39) wrote 39 [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473) read_socket_data: recv of 4 returned 0. Error = Success [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654) receive_smb: length < 0! [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055) end of file from client [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) unbecome_user now uid=(0,0) gid=(0,0) [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440) Closing connections [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) Yielding connection to [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473) Server exit (normal exit) ==================================================== =====================================LOG.NMBD [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) dump_workgroups() dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: ADIXEIN(1) current master browser = SERVER SERVER 400c9b2b (File server) MACKA 40011003 () [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: ADIXEIN(1) current master browser = UNKNOWN SERVER 40099b2b (File server) [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet UNICAST_SUBNE T: found. [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet UNICAST_SUBNE T: found. [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet 192.168.1.1: found. [2001/03/12 21:30:23, 10] nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas ter_browser(406) announce_myself_to_domain_master_browser: t (984396613) - last(984396029) < 90 0 [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) dump_workgroups() dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: ADIXEIN(1) current master browser = SERVER SERVER 400c9b2b (File server) MACKA 40011003 () [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: ADIXEIN(1) current master browser = UNKNOWN SERVER 40099b2b (File server) [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet UNICAST_SUBNE T: found. [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet UNICAST_SUBNE T: found. ===============================================LOG.SMBD file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_ time: Mon Mar 12 20:15:16 2001 [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-32 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-32-546 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-1 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-1-0 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-3 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-3-0 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-0-0 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-11 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-2 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-7 ok [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628 ok [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198) open_oplock_ipc: opening loopback UDP socket. [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870) bind succeeded on port 0 [2001/03/12 20:46:20, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(293) Linux kernel oplocks enabled [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229) open_oplock ipc: pid = 5042, global_oplock_port = 1614 [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110) Serverzone is -36000 [2001/03/12 20:46:20, 10] lib/util_sock.c:read_smb_length_return_keepalive(602) got smb length of 68 [2001/03/12 20:46:20, 2] lib/access.c:check_access(258) Allowed connection from macka.adixein.lnet (192.168.1.4) [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830) got message type 0x81 of len 0x44 [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831) Transaction 0 of length 72 [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94) netbios connect: name1=SERVER name2=MACKA ======================================================= Apologies for the really huge email guys. I suppose it saves me sending another one as soon as someone asks for the logs :) Any assistance will be much appreciated. Elliot. From barth at cck.uni-kl.de Mon Mar 12 11:38:12 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:41 2003 Subject: printing via samba In-Reply-To: <017901c0aad1$1a7780a0$4d71053d@handa> Message-ID: <3AACC334.24911.1D3D26B5@localhost> > The error comment on client is : There was an error > writing to \\Buaya\printer for printer (Canon) BJC-210SP) The netwrok name > cannot be found "network name not found", this may indicate that it is not a printing problem, but a network problem. Do you see the printer share in the Network Neiborhood? > > For disk share running well. On server I try to test print and work well > too. On the same server? At the same time? > I already follow the printer troubleshooting on windows but no result. > And I already read printing.txt that came with samba distribution..and also > can't help. > > My steps are : > - /etc/rc.d/init.d/smb restart > (in this step smb always failed, why ???) I would look in this first. Are nmbd and smbd both are running? Have you checked the logs? > - testparm > - testprns lp > - smbclient -L localhost > > Here is my smb.conf > ------------------ > # Samba config file created using SWAT > # from localhost.localdomain (127.0.0.1) > # Date: 2001/03/08 14:12:06 > > # Global parameters > [global] > workgroup = ITS > netbios name = BUAYA > domain logons = no > server string = samba %v on (%L) > interfaces = 1.1.1.20/8 > security = user > # password server = kancil > encrypt passwords = Yes > debug level = 0 > syslog = 2 > log file = /var/log/samba/samba.log.%m > max log size = 50 > > os level = 34 > local master = yes > preferred master = yes > domain master = yes > wins support = yes > > > auto services = made > remote announce = 1.1.1.255/ITS > hosts allow = 1.1.1. localhost > > [netlogon] > comment = domain logon service > path = /export/samba/logon > public = no > writeable = no > browsable = no > > [printer] > comment = canon kesayanganku... > printable = yes > printing = BSD > > I also use this command before but it doesn't work.. > # print command = /usr/bin/lpr -P%p %s > print command = echo "printed %s on %p" >> /tmp/printlog > print command = cp %s /tmp/tmp.print > lpq command = lpq -P%p > lprm command = lprm -P%p %j > > printcap name = /etc/printcap > printer = lp > min print space = 2000 > > path = /var/spool/public > printer = lp > read only = yes As far as I know, the printer share must be writeable. > guest ok = false > valid users = made Leave away such things for the first test. Access can be restricted later > > [data] > comment = data drive > path = /mnt > writeable = Yes > guest ok = Yes > map system = Yes > map hidden = Yes > volume = simple data drive > follow symlinks = No > ---------------------- Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From operator at icmab.es Mon Mar 12 11:47:51 2001 From: operator at icmab.es (F.Javier Rubio) Date: Tue Dec 2 02:33:41 2003 Subject: is ok Message-ID: <000c01c0aaea$450e5410$9c126d9e@icmab.es> confirm 770005 -------------- next part -------------- HTML attachment scrubbed and removed From lkcl at samba-tng.org Mon Mar 12 11:39:32 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:41 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <20010305183849.C37064@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: On Mon, 5 Mar 2001, Elrond wrote: > On Tue, Mar 06, 2001 at 12:08:50AM +1100, Luke Kenneth Casson Leighton wrote: > [...] > > > Of course the other way round will get interesting, what > > > happens, if we have a file with a GID, that SURS does not > > > known about... > > > > that's a system configuration error. > > > > what happens on unix when you ave a file owned by a uid or a gid that > > isn't in /etc/passwd or /etc/group? > > > > 1) ls -al shows numbers not names > > > > 2) only root can change ownership of the file. > > > > well, we can't do an equivalent to 1) in the "unknown" circumstances, with > > SURS. so throw an error: let the app deal with it [access denied]. > > Okay, that sounds reasonable, somewhat. > > Bad, there's no "nobody"-SID on NT... they have the concept of guest account. enabling the guest account allows users without accounts to log in and become the guest, even without a password. a bit like "map username" but on a smaller scale. adding a password to the guest account requires that anyone can log in as any username but they must know the guest password. they become guest, regardless of username they type in. > (For ACLs, we can simply "ignore" unknown GIDs/UIDs, but > for owner/group of a file, we can't. I guess, NT wont like > it, if it requests that info and we return a NULL-ptr in > the SD, or will it like that?) a NULL-ptr SD means "full permissions, including the right to take ownership"! :) :) ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From lkcl at samba-tng.org Mon Mar 12 11:51:27 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:41 2003 Subject: FW: Speed comp. TNG & 2.2.alpha (fwd) In-Reply-To: <1824841882.20010305200658@mirkes.de> Message-ID: there is a way to deal with this. you have to create an alias on the local workstation. make this alias the owner of the files. then, make a domain group and place the domain user that needs to access / own that file in it. then, make the domain group a member of the workstation alias. oh, and remember to add local admin to the workstation alias, as well. and maybe a local workstation user, too. when the workstation is no longer a member of the domain, the files will not get "unknown account" and be inaccessible. also, the local workstation user - _especially_ if the domain is unavailable [e.g. it's a portable, and it's gone home!] can still access the files. this is a standard [if advanced] nt domain technique, and is the whole purpose behind aliases and why they were created. luke p.s. you will need to think through the security implications of all this: you're on your own, there :) On Mon, 5 Mar 2001, markus stephany wrote: > Hello Sander, > > Monday, March 05, 2001, 7:14:17 PM, you wrote: > > SS> [...] > >> Bad, there's no "nobody"-SID on NT... > > SS> What's the SID for the default 'guest' account on NT? > > SS> Sander > > > sfmji, but i think nt can handle this; after removing a workstation > from a domain there are 'unknown account' entries in the acl-dialog > of files that e.g. have been owned by a domain user. > > -- > rgds, markus stephany > ================================================== > > mailto:merkes@t-online.de > http://www.mirkes.de > > ================================================== > pgp fingerprint: > 80F7 43D2 EDB9 CB98 3AF4 AA90 89D3 74CA 1662 1990 > > > > > ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From leandro at editoraquantum.com.br Mon Mar 12 12:53:09 2001 From: leandro at editoraquantum.com.br (Leandro) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x Message-ID: <001c01c0aaf3$64d48cc0$0400a8c0@info02> Hi guys, i had a little problem with my smbserver. I use linux to my fileserver. The computers of my company are loggin in this fileserver. But many times the answer of the server is "the password informed is incorrect or the access to the server was denied" ... without change the password and pressing enter 2 or 3 times, the smbserver accept the connection. I want to know if there are some option in the smb.conf file to change this ... if anybody knows i really thanks ... Viper -------------- next part -------------- HTML attachment scrubbed and removed From Jim at Morris.net Mon Mar 12 13:46:22 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x In-Reply-To: <001c01c0aaf3$64d48cc0$0400a8c0@info02> References: <001c01c0aaf3$64d48cc0$0400a8c0@info02> Message-ID: <13126947013.20010312074622@Morris.net> Hello Leandro, Monday, March 12, 2001, 6:53:09 AM, you wrote: L> i had a little problem with my smbserver. I use linux to my L> fileserver. The computers of my company are loggin in this L> fileserver. But many times the answer of the server is "the L> password informed is incorrect or the access to the server was L> denied" ... L> without change the password and pressing enter 2 or 3 times, L> the smbserver accept the connection. I want to know if there are L> some option in the smb.conf file to change this ... I have had this exact problem here. I'll hazard a guess that the client PC's with this issue are using DHCP to get their network settings from the server? I don't have a solution, but I do have a workaround here. I have finally figured out that the client machines that have the problem are using DHCP to assign the WINS server settings. If I continue to use DHCP to assign the client's IP address and other settings, but turn off the "Use DHCP for WINS" checkbox, and manually enter the IP of the Samba server as the WINS server, then the problem goes away. What's funny is that once you do get in, running winipcfg.exe always shows that the Samba server was setup as the WINS server via DHCP. I suspect an issue with the DHCP server I am using on Redhat 6.0, as I've got other Samba servers that do not have this trouble - and the primary difference there I think is that they are using a different DHCP server. Then again, I've got client PC's that do not have this trouble with that server! Go figure. Anyway, I am speculating that the WINS server setting does not take effect immediately after the Windows 98 client boots up, and therefore the first few logon attempts to the domain fail, because it cannot find the logon server. Anyone else have any thoughts on this topic? Am I barking up the wrong tree in thinking this is an issue with the DHCP server, or is it just that Windows 98 has something broken in its DHCP implementation? Thanks! Best regards, Jim mailto:Jim@Morris.net From B.Solarz-Niesluchowski at wsisiz.edu.pl Mon Mar 12 14:05:33 2001 From: B.Solarz-Niesluchowski at wsisiz.edu.pl (Bartlomiej Solarz-Niesluchowski) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x In-Reply-To: <13126947013.20010312074622@Morris.net> References: <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> Message-ID: <5.0.2.1.0.20010312150427.02a2db60@pop3.wsisiz.edu.pl> At 07:46 2001-03-12 -0600, Jim Morris wrote: >Hello Leandro, > >Monday, March 12, 2001, 6:53:09 AM, you wrote: > >L> i had a little problem with my smbserver. I use linux to my >L> fileserver. The computers of my company are loggin in this >L> fileserver. But many times the answer of the server is "the >L> password informed is incorrect or the access to the server was >L> denied" ... >L> without change the password and pressing enter 2 or 3 times, >L> the smbserver accept the connection. I want to know if there are >L> some option in the smb.conf file to change this ... > >I have had this exact problem here. I'll hazard a guess that the >client PC's with this issue are using DHCP to get their network >settings from the server? Did you: option netbios-name-servers myserver.www.com, serwer1.sss.com;? -- Bartlomiej Solarz-Niesluchowski, Administrator WSISiZ e-mail: B.Solarz-Niesluchowski@wsisiz.edu.pl 01-447 Warszawa, ul. Newelska 6, pokoj 404, pon.-pt. 8-16 tel. 836-92-53 - wylacznie w WAZNYCH sprawach NIE dotyczacych zmiany hasla Motto - nie psuj Win'9x one i bez tego sie psuja.... Jak sobie poscielisz tak sie wyspisz From B.Solarz-Niesluchowski at wsisiz.edu.pl Mon Mar 12 14:06:58 2001 From: B.Solarz-Niesluchowski at wsisiz.edu.pl (Bartlomiej Solarz-Niesluchowski) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x In-Reply-To: <13126947013.20010312074622@Morris.net> References: <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> Message-ID: <5.0.2.1.0.20010312150613.026cfdd0@pop3.wsisiz.edu.pl> At 07:46 2001-03-12 -0600, Jim Morris wrote: >Hello Leandro, > >Monday, March 12, 2001, 6:53:09 AM, you wrote: > >L> i had a little problem with my smbserver. I use linux to my >L> fileserver. The computers of my company are loggin in this >L> fileserver. But many times the answer of the server is "the >L> password informed is incorrect or the access to the server was >L> denied" ... >L> without change the password and pressing enter 2 or 3 times, >L> the smbserver accept the connection. I want to know if there are >L> some option in the smb.conf file to change this ... > >I have had this exact problem here. I'll hazard a guess that the >client PC's with this issue are using DHCP to get their network >settings from the server? >Anyone else have any thoughts on this topic? Am I barking up the >wrong tree in thinking this is an issue with the DHCP server, or is it >just that Windows 98 has something broken in its DHCP implementation? Yes: os level =128 Probably someone takes control over master browsing..... -- Bartlomiej Solarz-Niesluchowski, Administrator WSISiZ e-mail: B.Solarz-Niesluchowski@wsisiz.edu.pl 01-447 Warszawa, ul. Newelska 6, pokoj 404, pon.-pt. 8-16 tel. 836-92-53 - wylacznie w WAZNYCH sprawach NIE dotyczacych zmiany hasla Motto - nie psuj Win'9x one i bez tego sie psuja.... Jak sobie poscielisz tak sie wyspisz From jwitte at meome-ag.de Mon Mar 12 14:17:28 2001 From: jwitte at meome-ag.de (Jochen Witte) Date: Tue Dec 2 02:33:41 2003 Subject: Printer Driver Installation References: <3AA678ED.70C62CF6@meome-ag.de> <20010307114414.A1853@pogo.eng.auburn.edu> <3AA7929B.DEC58433@meome-ag.de> <20010309005627.I10207@pogo> Message-ID: <3AACDA78.6A8FDC9@meome-ag.de> Gerald Carter wrote: > > On Thu, 08 Mar 2001 08:09:31 Jochen Witte wrote: > > > > thanks for Your answer. First I tried to install the > > HP Laserjet 2100 Driver from a Windows 2000 Client onto > > the Samba-Server. This didn't work at all - no files > > in print$ and an errormessage on the Windows box. > > > > Then I installed Vmware with a Windows NT 4.0 Guest > > Operatingsystem (because I don`t have any more machines...). > > Here I managed to get files into the print$/W32X86 > > share. There`s now a directory "2" with the following > > files in it: HPPCL.DLL RASDD.DLL RASDDUI.DLL RASDDUI.HLP > > This is correct. > > > Unfortunately these drivers are for a HP Laserjet 2000, > > because there ain't any drivers for the 2100 on the NT-CD. > > But this shouldn`t cause the problems I had... > > > > Do You need any further information? > > PCL drivers have been somewhat of a problem. Can you > try PS drivers (I'm guessing here 'cause my 2100 is a PS/PCL)? > I'll try the 2100 PCL drivers from the Win2k Pro CD and see > if I can reproduce it. > > Ping me back the first of the week and remind me, ok? > Hi, pinging back :) I just managed to install the nt/200 Postscript-Drivers for HP Laserjet 2100 and HP Laserjet 4500 !!! Thanks for Your tip. However, this procedure fails, when I use a Windows 2000-Client. Perhaps this will give You some help developing. Thanks again Greetings. -- Jochen Witte From Jim at Morris.net Mon Mar 12 14:27:03 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x In-Reply-To: <5.0.2.1.0.20010312150427.02a2db60@pop3.wsisiz.edu.pl> References: <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <5.0.2.1.0.20010312150427.02a2db60@pop3.wsisiz.edu.pl> Message-ID: <166686360.20010312082703@Morris.net> Hello Bartlomiej, Monday, March 12, 2001, 8:05:33 AM, you wrote: BSN> Did you: BSN> option netbios-name-servers myserver.www.com, serwer1.sss.com;? Yes - I have this line in my dhcpd.conf: option netbios-name-servers 192.168.10.1; That is the IP address of the Samba server, which is properly configured as WINS server and logon server for the domain. Note that the clients *DO* show the proper WINS server address using WINIPCFG or IPCONFIG after logging in - it is just that there is some sort of delay from booting the client PC, before it actually can find the logon server. -- Best regards, Jim Morris mailto:Jim@Morris.net From leandro at editoraquantum.com.br Mon Mar 12 14:20:38 2001 From: leandro at editoraquantum.com.br (Leandro) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x References: <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <5.0.2.1.0.20010312150613.026cfdd0@pop3.wsisiz.edu.pl> Message-ID: <006f01c0aaff$9c933790$0400a8c0@info02> thanks guys ... the problem was solved ... you really help ... > Yes: > os level =128 > Probably someone takes control over master browsing..... From Jim at Morris.net Mon Mar 12 14:32:22 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x Message-ID: <1171004965.20010312083222@Morris.net> Hello Bartlomiej, Monday, March 12, 2001, 8:06:58 AM, you wrote: BSN> Yes: BSN> os level =128 BSN> Probably someone takes control over master browsing..... I'll try that in smb.conf, although I already had "os level = 65" in there.... -- Best regards, Jim Morris mailto:Jim@Morris.net From sharpe at ns.aus.com Mon Mar 12 15:07:16 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:41 2003 Subject: smb & win9x In-Reply-To: <5.0.2.1.0.20010312150613.026cfdd0@pop3.wsisiz.edu.pl> References: <13126947013.20010312074622@Morris.net> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> Message-ID: <3.0.6.32.20010313010716.00e19be0@203.16.214.248> At 03:06 PM 3/12/01 +0100, Bartlomiej Solarz-Niesluchowski wrote: >At 07:46 2001-03-12 -0600, Jim Morris wrote: >>Hello Leandro, >> >>Monday, March 12, 2001, 6:53:09 AM, you wrote: >> >>L> i had a little problem with my smbserver. I use linux to my >>L> fileserver. The computers of my company are loggin in this >>L> fileserver. But many times the answer of the server is "the >>L> password informed is incorrect or the access to the server was >>L> denied" ... >>L> without change the password and pressing enter 2 or 3 times, >>L> the smbserver accept the connection. I want to know if there are >>L> some option in the smb.conf file to change this ... >> >>I have had this exact problem here. I'll hazard a guess that the >>client PC's with this issue are using DHCP to get their network >>settings from the server? >>Anyone else have any thoughts on this topic? Am I barking up the >>wrong tree in thinking this is an issue with the DHCP server, or is it >>just that Windows 98 has something broken in its DHCP implementation? > >Yes: >os level =128 os level > 33 is not needed for any Windows systems. So, os level = 33 is enough. If there is another samba server with an os level > 32, then you might not want to fight with it. >Probably someone takes control over master browsing..... >-- >Bartlomiej Solarz-Niesluchowski, Administrator WSISiZ >e-mail: B.Solarz-Niesluchowski@wsisiz.edu.pl >01-447 Warszawa, ul. Newelska 6, pokoj 404, pon.-pt. 8-16 >tel. 836-92-53 - wylacznie w WAZNYCH sprawach NIE dotyczacych zmiany hasla >Motto - nie psuj Win'9x one i bez tego sie psuja.... >Jak sobie poscielisz tak sie wyspisz > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sk86855 at eircom.net Mon Mar 12 14:59:29 2001 From: sk86855 at eircom.net (sk86855@eircom.net) Date: Tue Dec 2 02:33:41 2003 Subject: Solaris 7 samba server joining w2K DOMAIN Message-ID: Hi All I need to prep a W2k pdc to accept my samba server what do I need to on the w2k side in order for me to join a w2k domain. From weehawk at weehawk.de Mon Mar 12 15:21:49 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:41 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. Message-ID: <3AACE98D.1010304@weehawk.de> Greetings, List. First, I want to say, that I got a recent CVS of Samba 2.2.0 up and running on a SuSE6.3, and can (automatically with the adduser) join Win2k clients (German version, SP1). It runs well enough so far (great thanks to the programmers). I also set up the printing (seems like it is a new variation, different to the old 2.07 of Samba, as I only have one single generic Samba port for all printers). The printing works fine, based on lprng on Linux, except.... I can not add any user-define paper sizes. See, here at the company where I test it there are still line printers with generic paper sizes. I know how to add those in Win2k, but they just don't show up in my applications. Tried a new generic profile, tried to set something in the registry, all no go =P Does anyone know here how to tell the Samba printers, what papers they can/should use? The search on the web gave me no results.... Weird thing is, that in applications like Office I see the generic default list, but in the printer settings I only see the letter format. Doh. Something is wrong here.... On the other side, if I install a local printer, I can select my user define papers with no problem at all.... if I'd only understand. Thanks for your time, Christian Hergl From VRZ at lasv.rlp.de Mon Mar 12 16:10:10 2001 From: VRZ at lasv.rlp.de (VRZ Koblenz) Date: Tue Dec 2 02:33:41 2003 Subject: Samba 2.07 on SuSE Linux 7.1 Message-ID: Hallo My Samba-Server runs well. This server has two nics: one for the lan and the second (ISDN-Card) is for my ISP. If i start smb, my mashine begins to open my isdn-dial-connection very frequently (every 2 minutes). How can i control the broadcasts, wich come from samba; or at least: how can i prevent samba to open my isdn-connection? If you have any suggestion - please let me know it.... thanx frank From shaun.lipscombe at gasops.co.uk Mon Mar 12 16:28:30 2001 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:33:41 2003 Subject: sending smbd SIGHUP In-Reply-To: Matthew Geddes's message of "Mon, 12 Mar 2001 11:22:24 +1030" References: <3AAC1DC8.FA60C93C@xavier.sa.edu.au> Message-ID: * "Matthew" == Matthew Geddes writes: > Hi, When sending a SIGHUP to smbd to get it to re-read it's config, > is it necessary to send the signal to each of the running > processes, or just the main smbd process (the one listed in > smbd.pid)? I'm running Samba 2.0.7, BTW. You don't need to do this *mbd will re-read the smb.conf every five minutes or so automatically. Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From greg at kwikfind.com Mon Mar 12 16:32:44 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:41 2003 Subject: WIN2K/SAMBA PDC References: Message-ID: <004c01c0ab12$118fed60$2800a8c0@leinet> You are definitely in the correct newsgroup for Samba PDC questions. Here are a couple things that stick out when I look at your email: 1. I'd thin down your smb.conf file the bare minimums until you get things working. For example, pull out all of the security stuff. You don't need this to test your system. 2. Your nmbd log doesn't seem to be reporting that the samba box is declaring itself the master browser. If nmbd is in fact working as a master domain browser, you should get the statement: **** Samba server netbios name is now a domain master browser for workgroup workgroup name on subnet UNICAST_SUBNET **** What are you using to resolve netbios names (DNS, and a windows WINS server, LMHOSTS???) I'm using Bind8 on my setup. 3. Use the smbstatus utility on the samba machine to make sure that samba can "see itself." 4. Be careful when you edit the smbpasswd file by hand. If you are new to Unix (as I am), you will be surprised to learn that many of the Unix editors can mess files like smbpasswd. I was using kedit to look at and edit files. As it turns out, it was line wrapping my files and saving them that way. I pulled my hair out for several days before discovering the problem. I now use JOE to perform edits. I can't stress enough the need to thin down your smb.conf file. You have alot of the "bells and whistles" type parameters specified in you configuration file. Unless you are a samba guru, you are going to have a very difficult time troubleshooting. Get things going with just the essential items and then start adding the more complex parameters. When I first started with Samba, I had about four lines in my smb.conf file and only one share. I highly recommend the Using Samba book that comes with the your Samba source tree. You can find it in the docs directory (I read the entire thing). It does a very good job at walking you through a simple, barebones, setup and then on to more complex configurations. Good luck. Greg J. Zartman. ----- Original Message ----- From: "Elliot Mackenzie" To: "SAMBA - NTDOM" Sent: Monday, March 12, 2001 3:38 AM Subject: WIN2K/SAMBA PDC > At this point I pray I have landed the right newsgroup. > > I (ultimately) want to run Samba as the PDC for my domain ADIXEIN. > > Samba system: > - PII-300 > - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled) > - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001). > > Connecting system: > - PIII-1G > - Windows 2000 Professional SP1 > > Domain information: > - Domain: ADIXEIN > - Server name: SERVER > - Machine name: MACKA > > smb.conf as follows (located in /usr/local/samba/lib/) > [root@gw lib]# tail -n 100 smb.conf > # Global parameters > [global] > workgroup = ADIXEIN > netbios name = SERVER > server string = File server > interfaces = 192.168.1.1/255.255.255.0 > add user script = /usr/sbin/adduser -n -g machines -c Machine -d > /dev/null -s /bin/false %m$ > security = User > domain logons = Yes > domain master = Yes > domain admin group = @adm > domain admin users = root > preferred master = Yes > local master = Yes > os level = 65 > wins support = Yes > encrypt passwords = Yes > passwd program = /usr/bin/passwd > passwd chat debug = Yes > unix password sync = Yes > restrict anonymous = Yes > log file = /var/log/samba/log.%m > max log size = 50 > time server = Yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > strip dot = Yes > dns proxy = No > hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0 > hosts deny = 0.0.0.0/0.0.0.0 > > > ########################END SMB.CONF > > Plus all the file shares (no Windows profiles etc are listed/used). > root is a member of @adm. > > I can connect to the domain when I change the settings on MACKA such that it > joins a domain. As per the FAQ I connect as root with the root passwd. It > says "Welcome to ADIXEIN domain." or something to that effect. > > I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as > root, as administrator and as macka. All attempts fail with the same error: > > "The system cannot log you on to this domain because the system's computer > account in its primary domain is missing or the password on that account is > incorrect." > > The adduser appears to work, I have macka$ listed in my smbpasswd (root is > also listed in smbpasswd). The following is an extract of the logs (log > level 20). > ============================= LOG.MACKA > [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655) > macka (192.168.1.4) closed connection to service IPC$ > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > Yielding connection to IPC$ > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > unbecome_user now uid=(0,0) gid=(0,0) > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292) > size=35 > smb_com=0x71 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=1 > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298) > smb_tid=1 > smb_pid=65279 > smb_uid=100 > smb_mid=832 > smt_wct=0 > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308) > smb_bcc=0 > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560) > write_socket(12,39) > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563) > write_socket(12,39) wrote 39 > [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473) > read_socket_data: recv of 4 returned 0. Error = Success > [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654) > receive_smb: length < 0! > [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055) > end of file from client > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > unbecome_user now uid=(0,0) gid=(0,0) > [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440) > Closing connections > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > Yielding connection to > [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473) > Server exit (normal exit) > ==================================================== > =====================================LOG.NMBD > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > ADIXEIN(1) current master browser = SERVER > SERVER 400c9b2b (File server) > MACKA 40011003 () > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > ADIXEIN(1) current master browser = UNKNOWN > SERVER 40099b2b (File server) > [2001/03/12 21:30:13, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:13, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > 192.168.1.1: > found. > [2001/03/12 21:30:23, 10] > nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas > ter_browser(406) > announce_myself_to_domain_master_browser: t (984396613) - last(984396029) > < 90 > 0 > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > ADIXEIN(1) current master browser = SERVER > SERVER 400c9b2b (File server) > MACKA 40011003 () > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > ADIXEIN(1) current master browser = UNKNOWN > SERVER 40099b2b (File server) > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > ===============================================LOG.SMBD > file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last > mod_ > time: Mon Mar 12 20:15:16 2001 > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-32 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-32-546 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-1 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-1-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-3 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-3-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-0-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-11 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-2 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-7 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628 > ok > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198) > open_oplock_ipc: opening loopback UDP socket. > [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870) > bind succeeded on port 0 > [2001/03/12 20:46:20, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(293) > Linux kernel oplocks enabled > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229) > open_oplock ipc: pid = 5042, global_oplock_port = 1614 > [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110) > Serverzone is -36000 > [2001/03/12 20:46:20, 10] > lib/util_sock.c:read_smb_length_return_keepalive(602) > got smb length of 68 > [2001/03/12 20:46:20, 2] lib/access.c:check_access(258) > Allowed connection from macka.adixein.lnet (192.168.1.4) > [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830) > got message type 0x81 of len 0x44 > [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831) > Transaction 0 of length 72 > [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94) > netbios connect: name1=SERVER name2=MACKA > ======================================================= > Apologies for the really huge email guys. I suppose it saves me sending > another one as soon as someone asks for the logs :) > > Any assistance will be much appreciated. > > Elliot. > > > > From ssande at sandia.gov Mon Mar 12 16:35:57 2001 From: ssande at sandia.gov (Stan Sander) Date: Tue Dec 2 02:33:41 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. References: <3AACE98D.1010304@weehawk.de> Message-ID: <3AACFAED.4187527C@sandia.gov> Christian Hergl wrote: > Greetings, List. > > First, I want to say, that I got a recent CVS of Samba 2.2.0 up and > running on a SuSE6.3, and can (automatically with the adduser) join > Win2k clients (German version, SP1). It runs well enough so far (great > thanks to the programmers). I also set up the printing (seems like it is > a new variation, different to the old 2.07 of Samba, as I only have one > single generic Samba port for all printers). > The printing works fine, based on lprng on Linux, except.... I can not > add any user-define paper sizes. See, here at the company where I test > it there are still line printers with generic paper sizes. I know how to > add those in Win2k, but they just don't show up in my applications. > Tried a new generic profile, tried to set something in the registry, all > no go =P > > Does anyone know here how to tell the Samba printers, what papers they > can/should use? The search on the web gave me no results.... > > Weird thing is, that in applications like Office I see the generic > default list, but in the printer settings I only see the letter format. > Doh. Something is wrong here.... > On the other side, if I install a local printer, I can select my user > define papers with no problem at all.... if I'd only understand. > > Thanks for your time, > > Christian Hergl My guess is that your print queues (via ghostscript and/or apsfilter) are where the paper size definition is coming from. Try setting up additional print queues with different paper sizes defined. I've had good luck with that to define landscape printing, printing on transparencies, duplex printing, etc. I use a naming convention like with a d appended for duplex, a c for color, an l for landscape, etc., for the additional queue names. -- Stan Sander - CSU Special Projects Sandia National Laboratories (505) 284-4915 Mail Stop 0662 1515 Eubank Blvd. SE Albuquerque, NM 87123 From jonathan.w.miner at lmco.com Mon Mar 12 16:56:38 2001 From: jonathan.w.miner at lmco.com (Miner, Jonathan W (N-BAE Systems)) Date: Tue Dec 2 02:33:42 2003 Subject: Samba 2.07 on SuSE Linux 7.1 Message-ID: I think that all you need to do is specify which interfaces you want to bind to in the smb.conf file. Here is what I have in mine: interfaces = eth0 bind interfaces only = Yes This machine at one time had a PPP connection, and I did not want to advertise the smb service over that interface. I also have a hosts allow = 192.168.0. but I think that you need that once you have the binding fixed. Jon -----Original Message----- From: VRZ Koblenz To: 'samba-ntdom@lists.samba.org' Sent: 3/12/01 11:10 AM Subject: Samba 2.07 on SuSE Linux 7.1 How can i control the broadcasts, wich come from samba; or at least: how can i prevent samba to open my isdn-connection? From weehawk at weehawk.de Mon Mar 12 17:16:23 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. References: <3AACE98D.1010304@weehawk.de> <3AACFAED.4187527C@sandia.gov> Message-ID: <3AAD0467.9060108@weehawk.de> Thank you, Stan. Your answer might point to a solution. But... iirc, I don't have an apsfilter. I print with the Windows drivers directly into the lpr. So somewhere in that chain it has to be possible to set papersizes =P I don't know of any smb settings, nor of any lprng settings, where I can tell the printers (or the queues), what paper is available. Anyone having similar problems? Regard, Christian Hergl Stan Sander wrote: > My guess is that your print queues (via ghostscript and/or apsfilter) are where > the paper size definition is coming from. Try setting up additional print > queues with different paper sizes defined. I've had good luck with that to > define landscape printing, printing on transparencies, duplex printing, etc. I > use a naming convention like with a d appended for duplex, a > c for color, an l for landscape, etc., for the additional queue names. > > -- > Stan Sander - CSU Special Projects Sandia National Laboratories > (505) 284-4915 Mail Stop 0662 > 1515 Eubank Blvd. SE > Albuquerque, NM 87123 From Jonathan.W.Miner at lmco.com Mon Mar 12 17:16:54 2001 From: Jonathan.W.Miner at lmco.com (Jonathan W Miner) Date: Tue Dec 2 02:33:42 2003 Subject: Samba 2.07 on SuSE Linux 7.1 References: Message-ID: <3AAD0486.71F56223@lmco.com> "Miner, Jonathan W (N-BAE Systems)" screwed up his first posting: > > I also have a > > hosts allow = 192.168.0. > > but I think that you need that once you have the binding fixed. I meant to say that you _do_not_ neet that once you have the binding fixed. Sorry for any confusion, and wasted bandwidth! -- | Jonathan Miner _o) | LM-Xpress: jonathan.w.miner@lmco.com /\\ _o) _o) | Phone: 603 885 UNIX - Fax: 603 885 3850 _\_V _(\) _(\) | USmail: PO Box 868, NCA01-3719, Nashua, NH 03061-0868 From damason at davenet.mine.nu Mon Mar 12 17:21:21 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. In-Reply-To: <3AAD0467.9060108@weehawk.de> Message-ID: If it is a postscript printer, the papersizes will be parsed by the client using the .ppd (PostScript Printer Definition) file, which is installed with the printer driver. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Christian Hergl Sent: Monday, March 12, 2001 09:16 To: Stan Sander; samba-ntdom@us5.samba.org Subject: Re: Papersizes with Samba 2.2.0 and Win2k. Thank you, Stan. Your answer might point to a solution. But... iirc, I don't have an apsfilter. I print with the Windows drivers directly into the lpr. So somewhere in that chain it has to be possible to set papersizes =P I don't know of any smb settings, nor of any lprng settings, where I can tell the printers (or the queues), what paper is available. Anyone having similar problems? Regard, Christian Hergl Stan Sander wrote: > My guess is that your print queues (via ghostscript and/or apsfilter) are where > the paper size definition is coming from. Try setting up additional print > queues with different paper sizes defined. I've had good luck with that to > define landscape printing, printing on transparencies, duplex printing, etc. I > use a naming convention like with a d appended for duplex, a > c for color, an l for landscape, etc., for the additional queue names. > > -- > Stan Sander - CSU Special Projects Sandia National Laboratories > (505) 284-4915 Mail Stop 0662 > 1515 Eubank Blvd. SE > Albuquerque, NM 87123 From weehawk at weehawk.de Mon Mar 12 17:42:11 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. References: Message-ID: <3AAD0A73.3020704@weehawk.de> Hi David, uhm, also a good idea. Bad thing is, that I print from MS Office. And the printers are also no postscript printer (standard laser, epson needle printers). So the Windows drivers would do fine. Except the papersize! Very strange indeed, I'm able to set user-define sites within the office programs. Win2k lists it as a letter format though, but shows correctly. (See? =) I'm not lazy either...) Thanks, Christian David A. Mason wrote: > If it is a postscript printer, the papersizes will be parsed by the client > using the .ppd (PostScript Printer Definition) file, which is installed with > the printer driver. From archimage at linux-magic.com Mon Mar 12 19:43:00 2001 From: archimage at linux-magic.com (Thomas Cameron) Date: Tue Dec 2 02:33:42 2003 Subject: Swat update :) References: <3AA506FC.41CD033B@netin.com> Message-ID: <3AAD26C4.4E522E96@linux-magic.com> OK, I am getting this same e-mail every day. is something wrong with the listserver, or is Gary one of the folks who has been caught in the RoadRunner mail loop? Thanks Thomas GL Fournerat wrote: > > IT WORKS!!!!!!!!!!! > > But before I say what I did... yall have to promise not to laugh! (MAH!! I > HEAR YOU!!) > > ... anyone ever heard of.... > > /etc/rc.d/init.d/xinetd restart > > I can tell you from experience that 'killall -HUP xinetd' is NOT the same. > > I can also say that nobody will find that command line entry in "Using > Samba". > > To show my appreciation to the groups involved, I'll kick out a down and > dirty "HOWTO SWAT w/ xinetd" in a short while... I first need to go (xinetd) > restart my relationship with my wife. > > Thank you all for your patience, > Gary Fournerat > > Bernhard Rosenkraenzer wrote: > > > On Tue, 6 Mar 2001, GL Fournerat wrote: > > > > > While I believe xinetd is certainly the correct direction to > > > move towards, I have fought with it (and Swat) enough these > > > past two weeks to make reinstalling NT on this box a > > > pleasure. > > > > What is the problem? The swat package even includes the correct xinetd > > configuration file. Getting it to run is as simple as "chkconfig swat on". > > From gary at netin.com Mon Mar 12 20:13:53 2001 From: gary at netin.com (GL Fournerat) Date: Tue Dec 2 02:33:42 2003 Subject: Swat update :).. looping References: <3AA506FC.41CD033B@netin.com> <3AAD26C4.4E522E96@linux-magic.com> Message-ID: <000b01c0ab30$f751ffa0$7000a8c0@netin.com> I think I must be caught in loop, because I sent that email out just once (I'm really no stranger to email). Gary Fournerat ----- Original Message ----- From: "Thomas Cameron" To: ; Sent: Monday, March 12, 2001 1:43 PM Subject: Re: Swat update :) > OK, I am getting this same e-mail every day. is something wrong with > the listserver, or is Gary one of the folks who has been caught in the > RoadRunner mail loop? > > Thanks > Thomas > From gcarter at valinux.com Mon Mar 12 20:27:43 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. In-Reply-To: <3AACE98D.1010304@weehawk.de>; from weehawk@weehawk.de on Mon, Mar 12, 2001 at 09:21:49 -0600 References: <3AACE98D.1010304@weehawk.de> Message-ID: <20010312142743.C1551@pogo.plainjoe.org> On Mon, 12 Mar 2001 09:21:49 Christian Hergl wrote: > > thanks to the programmers). I also set up the printing > (seems like it is a new variation, different to the old > 2.07 of Samba, as I only have one single generic Samba > port for all printers). The printing works fine, based on > lprng on Linux, except.... I can not add any user-define > paper sizes. See, here at the company where I test > Christian, Have you read the Printering HOWTO in Samba-HOWTO-Collection.pdf? Samba should behave exactly as a Windows NT 4.0 print server. See the HOWTO for installing drivers and setting paper sizes. Let me know if you have specific questions. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From weehawk at weehawk.de Mon Mar 12 20:29:03 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. References: Message-ID: <3AAD318F.2070409@weehawk.de> Hi David. Ouch, I somehow feared something like that. Seems like there is still a reason left for WinNT servers. Not for me, I'm gonna do that work around in VB, if I can. But Huston, we got a problem there. If I can't configure the printers, I'm very limited. MAybe the apsfilter solution would be worth a try (later). Well, most of you folks will use the US formats, in europe most will use the A4 with laser printers nowadays. Perhaps later in the beta phase something could be done about that? In hope, Christian David A. Mason wrote: > My apologies. As I read further down my long list of samba list mail, I > found the full explanation of your problem. > > This is interesting. > > I know that on NT Server, it is sometimes necessary for the spooling > server's printer driver to be configured (from the server's NT interface) > with additional printer options and paper destinations for the clients to be > able to access those options, which would perhaps not be possible with > Samba. I defer to gurus for that angle. From peter at speaklink.com Mon Mar 12 20:53:20 2001 From: peter at speaklink.com (Peter Davis) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list Message-ID: <3AAD3740.1060305@speaklink.com> Newer versions of W98/2K/NT have the option to hide the computer's netbios name from the browse-list in the Network Neighborhood. The idea is that a personal workstation would be hidden from general browsing (although the name such as "\\name" can be typed in manually), while file servers and other computers commonly used by everyone on the network would remain visible. I recently recieved a request from my sysadmin to hide my box from the browse list, but as I am running the only linux box on my network, I don't get a lot of support on my end. (I tried setting the "browse list" option to false, which is the only thing relevant I could see). I cannot seem to find a way to configure this behavior in my smb.conf. Could one of you kind people please point me in the right direction, if it is even possible to do this currently? If not, could this feature be implemented in future versions? Thanks! -- Peter Davis Developer, Speaklink Inc. (206) 832-3495 (direct) (206) 786-0149 (mobile) (877) SPEAKLINK (toll free) peter@speaklink.com http://www.speaklink.com/ It's your Web... speak to it! http://www.tribalwar.com/forums/showthread.php?threadid=24539&pagenumber= "ALL YOUR BASE ARE BELONG TO US!!" From aperrin at socrates.berkeley.edu Mon Mar 12 21:04:40 2001 From: aperrin at socrates.berkeley.edu (Andrew Perrin) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list References: <3AAD3740.1060305@speaklink.com> Message-ID: <3AAD39E8.E196EB2E@socrates.berkeley.edu> I believe the option is: browseable = no in the [Global] section. Andy Perrin Peter Davis wrote: > > Newer versions of W98/2K/NT have the option to hide the computer's > netbios name from the browse-list in the Network Neighborhood. The idea > is that a personal workstation would be hidden from general browsing > (although the name such as "\\name" can be typed in manually), while > file servers and other computers commonly used by everyone on the > network would remain visible. > > I recently recieved a request from my sysadmin to hide my box from the > browse list, but as I am running the only linux box on my network, I > don't get a lot of support on my end. (I tried setting the "browse > list" option to false, which is the only thing relevant I could see). I > cannot seem to find a way to configure this behavior in my smb.conf. > Could one of you kind people please point me in the right direction, if > it is even possible to do this currently? If not, could this feature be > implemented in future versions? Thanks! > > -- > Peter Davis > Developer, Speaklink Inc. > (206) 832-3495 (direct) > (206) 786-0149 (mobile) > (877) SPEAKLINK (toll free) > peter@speaklink.com > http://www.speaklink.com/ > > It's your Web... speak to it! > > http://www.tribalwar.com/forums/showthread.php?threadid=24539&pagenumber= > "ALL YOUR BASE ARE BELONG TO US!!" -- -------------------------------------------------------------- Andrew J. Perrin - Programmer/Analyst, Desktop Support Children's Primary Care Research Group, UNC - Chapel Hill (919)966-9394 * andrew_perrin@unc.edu From gcarter at valinux.com Mon Mar 12 21:05:13 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:42 2003 Subject: Printer Driver Installation In-Reply-To: <3AACDA78.6A8FDC9@meome-ag.de> Message-ID: On Mon, 12 Mar 2001, Jochen Witte wrote: > I just managed to install the nt/200 Postscript-Drivers for HP > Laserjet 2100 and HP Laserjet 4500 !!! Thanks for Your tip. However, > this procedure fails, when I use a Windows 2000-Client. Perhaps this > will give You some help developing. > Thanks for the update. I'm still looking into things. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From greg at kwikfind.com Mon Mar 12 21:11:27 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list References: <3AAD3740.1060305@speaklink.com> Message-ID: <006301c0ab39$0152c0e0$2800a8c0@leinet> Peter, I could be wrong here, but I'm pretty sure the browse list parameter tells samba if it should keep a list of machines currently online for the workgroup. I would leave this at the default setting(yes), otherwise the workstation may not be to see other machines that are currently online in the workgroup. I don't think that Samba has a parameter that directly addresses not being able to see a machine in the browse list. My best guess would be to play around with it a little. Try no shares at all or make a dummy share and specify it as not browsable..... Anyone else??? Greg ----- Original Message ----- From: "Peter Davis" To: Sent: Monday, March 12, 2001 12:53 PM Subject: Hiding nmb name in browse list > Newer versions of W98/2K/NT have the option to hide the computer's > netbios name from the browse-list in the Network Neighborhood. The idea > is that a personal workstation would be hidden from general browsing > (although the name such as "\\name" can be typed in manually), while > file servers and other computers commonly used by everyone on the > network would remain visible. > > I recently recieved a request from my sysadmin to hide my box from the > browse list, but as I am running the only linux box on my network, I > don't get a lot of support on my end. (I tried setting the "browse > list" option to false, which is the only thing relevant I could see). I > cannot seem to find a way to configure this behavior in my smb.conf. > Could one of you kind people please point me in the right direction, if > it is even possible to do this currently? If not, could this feature be > implemented in future versions? Thanks! > > -- > Peter Davis > Developer, Speaklink Inc. > (206) 832-3495 (direct) > (206) 786-0149 (mobile) > (877) SPEAKLINK (toll free) > peter@speaklink.com > http://www.speaklink.com/ > > It's your Web... speak to it! > > http://www.tribalwar.com/forums/showthread.php?threadid=24539&pagenumber= > "ALL YOUR BASE ARE BELONG TO US!!" > > > > From Jim at Morris.net Mon Mar 12 21:35:50 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:42 2003 Subject: smb & win9x In-Reply-To: <3.0.6.32.20010313010716.00e19be0@203.16.214.248> References: <13126947013.20010312074622@Morris.net> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <3.0.6.32.20010313010716.00e19be0@203.16.214.248> Message-ID: <1715338458.20010312153550@Morris.net> Richard, Monday, March 12, 2001, 9:07:16 AM, you wrote: os level >> 33 is not needed for any Windows systems. So, RS> os level = 33 RS> is enough. If there is another samba server with an os level > 32, then you RS> might not want to fight with it. I don't know what is going on here, as I am in agreement with you that the "os level" setting should not normally need to be higher than 33 (I sometimes use 65 though). Regardless, Bartlomiej is apparently onto something, as my problems using DHCP client PC's seems to disappear if I use "os level = 128" in my smb.conf (Samba 2.0.7 here). My local LAN at the moment only has one Samba 2.0.7 server (running on Mandrake 7.1) and two Windows 98 client PC's. I am not sure whether this logon issue happens with NT4 clients or not, as I don't often try to log my NT4 systems into the Samba controlled domain. Most of my NT4 and Win2000 setups are actually VMWare machines that I use for testing, and as I often carry them around to different LAN's on a laptop, I don't have them joined to the domain. Maybe I'll work some more on this issue though.... I also see this on one LAN that is running Samba 2.0.7 on Redhat 6.0 - while another Redhat 6.0 Samba server never seems to have this issue. A pretty large installation with Samba 2.0.5a on Redhat 5.2 also never has this issue - and it has close to 100 DHCP-allocated Windows client PC's. Again, this ONLY seems to happen when you let the Win98 client get its WINS server settings via DHCP.... If you manually set the WINS server address, it doesn't happen. Wierd! -- Best regards, Jim Morris mailto:Jim@Morris.net From marten at arago.utwente.nl Mon Mar 12 22:10:46 2001 From: marten at arago.utwente.nl (Marten van Wezel) Date: Tue Dec 2 02:33:42 2003 Subject: Documented feature (%g cookie) doesnt work. (in add user script) Message-ID: <20010312231046.E16560@arago5.tn.utwente.nl> *sigh* Well the subject line says most of it I guess, my problem is that I am trying to allow only one NT group to print. So, I put the following into my smb.conf: add user script = /usr/local/samba/bin/add_user %u (see man 5 smb.conf). What this supposedly does is call the add_user script with parameters %u. All good and fine, and this does work. I made my add_user script simply echo it to a tmp file, and indeed, the file grows whenever a user tries (and fails) to access my printing service (using CUPS btw, though this is irrelevant here). So it does translate the %u to the connecting username. Good. But the next issue for me was the primary group. In the smb.conf(5) document it says: o %u = user name of the current service, if any. o %g = primary group name of %u. o %U = session user name (the user name that the client wanted, not necessarily the same as the one they got). o %G = primary group name of %U. o %m = the NetBIOS name of the client machine (very useful). soo changing the line in smb.conf to: add user script = /usr/local/samba/bin/add_user %u %g should call add_user with parameters and , right? wrong. And, wouldn't you know it.. add user script = /usr/local/samba/bin/add_user %u %m .. does call add_user with username and the connecting machine. So its not just that it accepts one argument. Can someone please fix this? Or take it out of the smb.conf. Anyway I'll have to use the kludge way - again - to make this work. (I used SomarSoft's DumpSec to dump the entire user list off the password server and then grep through it in my add_user script. http://www.somarsoft.com/somarsoft_main.htm#DumpAcl I would be very obliged if anyone has created a unix (linux) tool to read out such data from a specified NT machine and dump it to a file. I have looked for it online, but couldn't fine it. Cheers Marten van Wezel System Administration University of Twente Netherlands From weehawk at weehawk.de Mon Mar 12 21:30:19 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. References: <3AACE98D.1010304@weehawk.de> <20010312142743.C1551@pogo.plainjoe.org> Message-ID: <3AAD3FEB.6000402@weehawk.de> Hi Jerry, uhm, erh... what Samba-HOWTo-Collection.pdf?? I looked through the ftp.samba.org and www.samba.org, but can't find it? I know about the printers.txt and printers2.txt, but these do no give any help to me? Maybe I'm ignorant just just didn't see it. Anyway, I'd be very curious about that pdf.... can you give me that url to it? Thanks, Christian Gerald Carter wrote: > Christian, > > Have you read the Printering HOWTO in Samba-HOWTO-Collection.pdf? > Samba should behave exactly as a Windows NT 4.0 print server. > See the HOWTO for installing drivers and setting paper sizes. > Let me know if you have specific questions. > > > > > Cheers, jerry > ---------------------------------------------------------------------- > /\ Gerald (Jerry) Carter Professional Services > \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com > http://www.samba.org/ SAMBA Team jerry@samba.org > http://www.plainjoe.org/ jerry@plainjoe.org > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Mon Mar 12 22:25:46 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:42 2003 Subject: Papersizes with Samba 2.2.0 and Win2k. In-Reply-To: <3AAD3FEB.6000402@weehawk.de>; from weehawk@weehawk.de on Mon, Mar 12, 2001 at 15:30:19 -0600 References: <3AACE98D.1010304@weehawk.de> <20010312142743.C1551@pogo.plainjoe.org> <3AAD3FEB.6000402@weehawk.de> Message-ID: <20010312162546.C1730@pogo.plainjoe.org> On Mon, 12 Mar 2001 15:30:19 Christian Hergl wrote: > Hi Jerry, > > uhm, erh... what Samba-HOWTo-Collection.pdf?? I looked through the > ftp.samba.org and www.samba.org, but can't find it? I know about the > printers.txt and printers2.txt, but these do no give any help to me? > Maybe I'm ignorant just just didn't see it. > Anyway, I'd be very curious about that pdf.... can you give me that > url > to it? > Get the latest SAMBA_2_2 CVS code tree. See http://www.samba.org/samba/cvs.html for details. The printing chapter was formally the PRINTER_DRIVER2.txt file. Although I have updated a few items. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jmcd at us.ibm.com Mon Mar 12 23:07:05 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:33:42 2003 Subject: Serving user lists to Windows9x stations Message-ID: >If you install the 'server tools for Win95' (which can >be found on the NT server CD) you can get a user >manager, server manager, event viewer etc. for use on >win9x. Will the user manager app now work on 9x on >the current CVS build or are there other >un-implemented RPCs that still prevent this from >happening? I am not in a position to try the current >CVS build. Can someone answer this? This part doesn't work. User Manager works fine from NT/2k, but not 95. At least not for me. Jim ---------------------------- Jim McDonough Linux Technology Center IBM Boulder Notes: Jim McDonough/Boulder/IBM @ IBMUS VNET: JMCD at IBMUSM54 Internet: jmcd@us.ibm.com Phone: (303) 924-5822 T/L: 263-5822 From sharpe at ns.aus.com Tue Mar 13 01:15:20 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:42 2003 Subject: smb & win9x In-Reply-To: <1715338458.20010312153550@Morris.net> References: <3.0.6.32.20010313010716.00e19be0@203.16.214.248> <13126947013.20010312074622@Morris.net> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <001c01c0aaf3$64d48cc0$0400a8c0@info02> <3.0.6.32.20010313010716.00e19be0@203.16.214.248> Message-ID: <3.0.6.32.20010313111520.007b2d20@203.16.214.248> At 03:35 PM 3/12/01 -0600, Jim Morris wrote: >Richard, > >Monday, March 12, 2001, 9:07:16 AM, you wrote: > >os level >> 33 is not needed for any Windows systems. So, > >RS> os level = 33 > >RS> is enough. If there is another samba server with an os level > 32, then you >RS> might not want to fight with it. > >I don't know what is going on here, as I am in agreement with you >that the "os level" setting should not normally need to be higher than >33 (I sometimes use 65 though). Regardless, Bartlomiej is apparently >onto something, as my problems using DHCP client PC's seems to >disappear if I use "os level = 128" in my smb.conf (Samba 2.0.7 here). OK, what we need to see is a trace of the problem ... Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sharpe at ns.aus.com Tue Mar 13 01:16:55 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list In-Reply-To: <006301c0ab39$0152c0e0$2800a8c0@leinet> References: <3AAD3740.1060305@speaklink.com> Message-ID: <3.0.6.32.20010313111655.007b5300@203.16.214.248> At 01:11 PM 3/12/01 -0800, Greg J. Zartman wrote: >Peter, > >I could be wrong here, but I'm pretty sure the browse list parameter tells >samba if it should keep a list of machines currently online for the >workgroup. I would leave this at the default setting(yes), otherwise the >workstation may not be to see other machines that are currently online in >the workgroup. That is correct. >I don't think that Samba has a parameter that directly addresses not being >able to see a machine in the browse list. My best guess would be to play >around with it a little. Try no shares at all or make a dummy share and >specify it as not browsable..... This only prevents anyone from browing a share. Whether or not the machine is browsable depends on whether or not is sends broadcasts (port 138) saying that it exists. There are no parameters that I am aware of that will prevent this. >Anyone else??? > >Greg Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From noelk at bc.edu Tue Mar 13 00:58:30 2001 From: noelk at bc.edu (Ken Noel) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list Message-ID: <3AAEB599@netfin6.bc.edu> Just as an added comment. You can hide a NT system by using the following command net server config /hidden:yes. I'm not sure of the syntax but thats close. I would think that it would be possible to do it with samba some how. Ken >===== Original Message From Richard Sharpe ===== >At 01:11 PM 3/12/01 -0800, Greg J. Zartman wrote: >>Peter, >> >>I could be wrong here, but I'm pretty sure the browse list parameter tells >>samba if it should keep a list of machines currently online for the >>workgroup. I would leave this at the default setting(yes), otherwise the >>workstation may not be to see other machines that are currently online in >>the workgroup. > >That is correct. > >>I don't think that Samba has a parameter that directly addresses not being >>able to see a machine in the browse list. My best guess would be to play >>around with it a little. Try no shares at all or make a dummy share and >>specify it as not browsable..... > >This only prevents anyone from browing a share. Whether or not the machine >is browsable depends on whether or not is sends broadcasts (port 138) >saying that it exists. > >There are no parameters that I am aware of that will prevent this. > >>Anyone else??? >> >>Greg > > >Regards >------- >Richard Sharpe, sharpe@ns.aus.com >Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) >Contributing author, SAMS Teach Yourself Samba in 24 Hours >Author, Special Edition, Using Samba Kenneth Noel Boston College Information Technology Systems Programmer 617 552-8511 From sharpe at ns.aus.com Tue Mar 13 01:59:49 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list In-Reply-To: <3AAEB599@netfin6.bc.edu> Message-ID: <3.0.6.32.20010313115949.00ddfcd0@203.16.214.248> At 07:58 PM 3/12/01 -0500, Ken Noel wrote: >Just as an added comment. You can hide a NT system by using the following >command net server config /hidden:yes. I'm not sure of the syntax but thats >close. > >I would think that it would be possible to do it with samba some how. Well, yes, it is. Just a small matter of coding :-) Add a parameter 'send announcements = off' and modify nmbd to respect the parameter ... However, what I wonder is, if you are running a Samba server, then why switch off its announcements? It is a server, so other systems should see it! >Ken > >>===== Original Message From Richard Sharpe ===== >>At 01:11 PM 3/12/01 -0800, Greg J. Zartman wrote: >>>Peter, >>> >>>I could be wrong here, but I'm pretty sure the browse list parameter tells >>>samba if it should keep a list of machines currently online for the >>>workgroup. I would leave this at the default setting(yes), otherwise the >>>workstation may not be to see other machines that are currently online in >>>the workgroup. >> >>That is correct. >> >>>I don't think that Samba has a parameter that directly addresses not being >>>able to see a machine in the browse list. My best guess would be to play >>>around with it a little. Try no shares at all or make a dummy share and >>>specify it as not browsable..... >> >>This only prevents anyone from browing a share. Whether or not the machine >>is browsable depends on whether or not is sends broadcasts (port 138) >>saying that it exists. >> >>There are no parameters that I am aware of that will prevent this. >> >>>Anyone else??? >>> >>>Greg >> >> >>Regards >>------- >>Richard Sharpe, sharpe@ns.aus.com >>Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) >>Contributing author, SAMS Teach Yourself Samba in 24 Hours >>Author, Special Edition, Using Samba > >Kenneth Noel >Boston College >Information Technology >Systems Programmer >617 552-8511 > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From joakim.tjernlund at lumentis.se Tue Mar 13 13:30:49 2001 From: joakim.tjernlund at lumentis.se (Joakim Tjernlund) Date: Tue Dec 2 02:33:42 2003 Subject: 2 samba server in same computer? Message-ID: <000b01c0abc1$d1f758e0$0a01a8c0@Win1> Hi I am trying to find a way to run 2 samba PDC servers on the same computer. One samba server is the one in production and the other will be used for testing. So far I have not found a way to do this, is it possible at all? I only have one network card. Jocke From pwgrant at mailandnews.com Tue Mar 13 13:43:58 2001 From: pwgrant at mailandnews.com (patrick grantham) Date: Tue Dec 2 02:33:42 2003 Subject: 2 samba server in same computer? References: <000b01c0abc1$d1f758e0$0a01a8c0@Win1> Message-ID: <006301c0abc3$a7fea5f0$3a01a8c0@hal> You cannot have two PDC on the same MS NT Domain, hence the acronym Primary Domain Controller. In fact, I believe the samba server must be a PDC (a limitation.) You could set up a testing domain and have your testing samba server as the pdc. The major bookstores finally have great selections of books now. Please correct anything I have said that may be incorrect. patrick ----- Original Message ----- From: "Joakim Tjernlund" To: ; Sent: Tuesday, March 13, 2001 8:30 AM Subject: 2 samba server in same computer? > Hi > > I am trying to find a way to run 2 samba PDC servers on the same computer. > One samba server is the one in production and the other will be used for > testing. > > So far I have not found a way to do this, is it possible at all? > I only have one network card. > > Jocke > > From noelk at bc.edu Tue Mar 13 13:52:56 2001 From: noelk at bc.edu (Ken Noel) Date: Tue Dec 2 02:33:42 2003 Subject: Hiding nmb name in browse list Message-ID: <3AB03DC7@netfin6.bc.edu> I use it on domain controllers that I don't want users to browse. The domain controllers don't have shares other than the admin shares that I do use. There are several thousand user accounts on the domain controllers. Ken >===== Original Message From Richard Sharpe ===== >At 07:58 PM 3/12/01 -0500, Ken Noel wrote: >>Just as an added comment. You can hide a NT system by using the following >>command net server config /hidden:yes. I'm not sure of the syntax but thats >>close. >> >>I would think that it would be possible to do it with samba some how. > >Well, yes, it is. Just a small matter of coding :-) > >Add a parameter 'send announcements = off' and modify nmbd to respect the >parameter ... > >However, what I wonder is, if you are running a Samba server, then why >switch off its announcements? It is a server, so other systems should see it! > > >>Ken >> >>>===== Original Message From Richard Sharpe ===== >>>At 01:11 PM 3/12/01 -0800, Greg J. Zartman wrote: >>>Peter, >>> >>>I could be wrong here, but I'm pretty sure the browse list parameter tells >>>samba if it should keep a list of machines currently online for the >>>workgroup. I would leave this at the default setting(yes), otherwise the >>>workstation may not be to see other machines that are currently online in >>>the workgroup. >>> >>>That is correct. >>> >>>I don't think that Samba has a parameter that directly addresses not being >>>able to see a machine in the browse list. My best guess would be to play >>>around with it a little. Try no shares at all or make a dummy share and >>>specify it as not browsable..... >>> >>>This only prevents anyone from browing a share. Whether or not the machine >>>is browsable depends on whether or not is sends broadcasts (port 138) >>>saying that it exists. >>> >>>There are no parameters that I am aware of that will prevent this. >>> >>>Anyone else??? >>> >>>Greg >>> >>> >>>Regards >>>------- >>>Richard Sharpe, sharpe@ns.aus.com >>>Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) >>>Contributing author, SAMS Teach Yourself Samba in 24 Hours >>>Author, Special Edition, Using Samba >> >>Kenneth Noel >>Boston College >>Information Technology >>Systems Programmer >>617 552-8511 >> >> > >Regards >------- >Richard Sharpe, sharpe@ns.aus.com >Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) >Contributing author, SAMS Teach Yourself Samba in 24 Hours >Author, Special Edition, Using Samba Kenneth Noel Boston College Information Technology Systems Programmer 617 552-8511 From lauffer at ph-freiburg.de Tue Mar 13 13:58:26 2001 From: lauffer at ph-freiburg.de (Stephan Lauffer) Date: Tue Dec 2 02:33:42 2003 Subject: 2 samba server in same computer? In-Reply-To: <006301c0abc3$a7fea5f0$3a01a8c0@hal> Message-ID: Hi! Why not add a second NIC or virtual IP: ifconfig eth0:0 192.168.0.1 netmask 255.255.255.0 up and then set up the second samba server on this eth0:0? > You cannot have two PDC on the same MS NT Domain, hence the acronym Primary That's true, but why not have two domains with two PDCs? > > I am trying to find a way to run 2 samba PDC servers on the same computer. (...) > > I only have one network card. no problem. BTW: the last days Guenther Deschner sent me his howto which handles exactly what we're talking about: http://www.deschner.de/gd/dual_samba.html Just one notice: Guenther tells us to bind the interface with: [global] bind interfaces only = true interfaces = 192.168.44.45 but if you want to allow users using smbpasswd from localhost, you should add localhost to the list of the interfaces: interfaces = 192.168.44.45 127.0.0.1 Liebe Gruesse, with best regards Stephan Lauffer [ Pedagogical University Freiburg - Germany ] [ http://www.ph-freiburg.de/zik/ ] From simo.sorce at polimi.it Tue Mar 13 14:36:00 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:43 2003 Subject: 2 samba server in same computer? In-Reply-To: <000b01c0abc1$d1f758e0$0a01a8c0@Win1> Message-ID: Yes, place a second nic or make an alias (if you os permit it). Then specify "interface = " and "bind interface only" as parameters of your smb.conf files and start the two set of daemons. Be sure the every daemon use it' s own file, maybe compiling the two trees with different installation paths is the best thing to ensure they not mix badly. On Tue, 13 Mar 2001, Joakim Tjernlund wrote: > Hi > > I am trying to find a way to run 2 samba PDC servers on the same computer. > One samba server is the one in production and the other will be used for > testing. > > So far I have not found a way to do this, is it possible at all? > I only have one network card. > > Jocke > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From rodrigo at mercadolibre.com Tue Mar 13 15:28:21 2001 From: rodrigo at mercadolibre.com (Rodrigo Andres Benzaquen) Date: Tue Dec 2 02:33:43 2003 Subject: Samba/NT4.0Client problem Message-ID: Hi, I have Samba 2.0.7 running in RedHat 6.2. My clients use Windows NT 4.0 . I have the Samba configured as PDC. When I try to connect the NT client to the PDC I receive the following error : Unable to connect to the domain controler for this domain. Have you administrator check your computer account on the domain The NT computer name is BENZAROD in the smbpasswd I have the Computer name "BENZAROD$:55" in the /etc/passwd: benzarod$:x:564:502:NTmachine:/dev/null:/bin/false in the /etc/group : smb:*:502: What I'm doing wrong ? Thanks Rodrigo From greg at kwikfind.com Tue Mar 13 15:43:12 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:43 2003 Subject: Hiding nmb name in browse list References: <3AB03DC7@netfin6.bc.edu> Message-ID: <001001c0abd4$50936fb0$2800a8c0@leinet> ----- Original Message ----- From: "Ken Noel" To: "Greg J. Zartman" ; "Ken Noel" ; "Peter Davis" ; "Richard Sharpe" Cc: "samba-ntdom" Sent: Tuesday, March 13, 2001 5:52 AM Subject: RE: Hiding nmb name in browse list > I use it on domain controllers that I don't want users to browse. The domain > controllers don't have shares other than the admin shares that I do use. > There are several thousand user accounts on the domain controllers. I don't think this is your typical size network. I'd bet that a majority of the people who frequent this newsgroup have less than a thousand cleints on a network. Additionally, most rely on the domain controller machine for more than just being a domain controller (e.g. mail server, print server, storage, ..., etc.) > > Ken > > >===== Original Message From Richard Sharpe ===== > >At 07:58 PM 3/12/01 -0500, Ken Noel wrote: > >>Just as an added comment. You can hide a NT system by using the following > >>command net server config /hidden:yes. I'm not sure of the syntax but thats > >>close. > >> > >>I would think that it would be possible to do it with samba some how. > > > >Well, yes, it is. Just a small matter of coding :-) > > > >Add a parameter 'send announcements = off' and modify nmbd to respect the > >parameter ... > > > >However, what I wonder is, if you are running a Samba server, then why > >switch off its announcements? It is a server, so other systems should see it! > > > > > >>Ken > >> > >>>===== Original Message From Richard Sharpe ===== > >>>At 01:11 PM 3/12/01 -0800, Greg J. Zartman wrote: > >>>Peter, > >>> > >>>I could be wrong here, but I'm pretty sure the browse list parameter tells > >>>samba if it should keep a list of machines currently online for the > >>>workgroup. I would leave this at the default setting(yes), otherwise the > >>>workstation may not be to see other machines that are currently online in > >>>the workgroup. > >>> > >>>That is correct. > >>> > >>>I don't think that Samba has a parameter that directly addresses not being > >>>able to see a machine in the browse list. My best guess would be to play > >>>around with it a little. Try no shares at all or make a dummy share and > >>>specify it as not browsable..... > >>> > >>>This only prevents anyone from browing a share. Whether or not the machine > >>>is browsable depends on whether or not is sends broadcasts (port 138) > >>>saying that it exists. > >>> > >>>There are no parameters that I am aware of that will prevent this. > >>> > >>>Anyone else??? > >>> > >>>Greg > >>> > >>> > >>>Regards > >>>------- > >>>Richard Sharpe, sharpe@ns.aus.com > >>>Samba (Team member, www.samba.org), Ethereal (Team member, > www.ethereal.com) > >>>Contributing author, SAMS Teach Yourself Samba in 24 Hours > >>>Author, Special Edition, Using Samba > >> > >>Kenneth Noel > >>Boston College > >>Information Technology > >>Systems Programmer > >>617 552-8511 > >> > >> > > > >Regards > >------- > >Richard Sharpe, sharpe@ns.aus.com > >Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) > >Contributing author, SAMS Teach Yourself Samba in 24 Hours > >Author, Special Edition, Using Samba > > Kenneth Noel > Boston College > Information Technology > Systems Programmer > 617 552-8511 > > > > From lauffer at ph-freiburg.de Tue Mar 13 16:26:06 2001 From: lauffer at ph-freiburg.de (Stephan Lauffer) Date: Tue Dec 2 02:33:43 2003 Subject: 2 samba server in same computer? In-Reply-To: Message-ID: Hi! > but if you want to allow users using smbpasswd from localhost, you should > add localhost to the list of the interfaces: > interfaces = 192.168.44.45 127.0.0.1 forgotten one comment: only one of them should have access to 127.0.0.1 Liebe Gruesse, with best regards Stephan Lauffer [ Pedagogical University Freiburg - Germany ] [ http://www.ph-freiburg.de/zik/ ] From jmcd at us.ibm.com Tue Mar 13 17:29:47 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:33:43 2003 Subject: Serving user lists to Windows9x stations Message-ID: The problem seems to be that the 95 usrmgr.exe limits the return data size on the SamrEnumDomainAliases call to 512, and on my system, we need more bytes to return the group information. So if you don't have many unix groups on your Samba server, it should work.... But the NT/2k usrmgr limits it to 1024....so I'll see what happens if I increase the number of groups enough.... Jim ---------------------------- Jim McDonough Linux Technology Center IBM Boulder Notes: Jim McDonough/Boulder/IBM @ IBMUS VNET: JMCD at IBMUSM54 Internet: jmcd@us.ibm.com Phone: (303) 924-5822 T/L: 263-5822 Paul Jansen on 03/13/2001 12:55:26 AM To: Jim McDonough/Boulder/IBM@IBMUS cc: Subject: RE: Serving user lists to Windows9x stations Thanks Jim. This obviously is not a big deal but it would be nice if it worked. Cheers, Paul --- Jim McDonough wrote: > >If you install the 'server tools for Win95' (which > can > >be found on the NT server CD) you can get a user > >manager, server manager, event viewer etc. for use > on > >win9x. Will the user manager app now work on 9x on > >the current CVS build or are there other > >un-implemented RPCs that still prevent this from > >happening? I am not in a position to try the > current > >CVS build. Can someone answer this? > > This part doesn't work. User Manager works fine > from NT/2k, but not 95. > At least not for me. > > Jim > > ---------------------------- > Jim McDonough > Linux Technology Center > IBM Boulder > > Notes: Jim McDonough/Boulder/IBM @ IBMUS > VNET: JMCD at IBMUSM54 > Internet: jmcd@us.ibm.com > > Phone: (303) 924-5822 > T/L: 263-5822 > > _____________________________________________________________________________ http://store.yahoo.com.au - Yahoo! Store - The fastest, easiest way to open an online store. From jmcd at us.ibm.com Tue Mar 13 22:58:53 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:33:43 2003 Subject: User Manager for Domains on Win9x Message-ID: Ok, I've figured out the general problem on User Manager for Domains on Windows 9x. Seems to be that while it uses MSRPCs to get the info, it doesn't properly respond to the 0x80000005 warning. It responds (and gets from an NT server) properly to an ERRDOS class 234 error... So, this fragment gets around the bug (and does not pretend to be good and proper) in ipc.c: --- /samba/orig/samba-2.2/source/smbd/ipc.c Wed Feb 21 12:32:45 2001 +++ smbd/ipc.c Tue Mar 13 15:52:03 2001 @@ -102,8 +102,10 @@ if (buffer_too_large) { /* issue a buffer size warning. on a DCE/RPC pipe, expect an SMBreadX... */ - SIVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - SIVAL(outbuf, smb_rcls, 0x80000000 | STATUS_BUFFER_OVERFLOW); + SSVAL(outbuf, smb_err, ERRmoredata); //jmcd + SCVAL(outbuf, smb_rcls, ERRDOS); //jmcd + //jmcd SIVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + //jmcd SIVAL(outbuf, smb_rcls, 0x80000000 | STATUS_BUFFER_OVERFLOW); } copy_trans_params_and_data(outbuf, align, *********** What would be the right place to detect and decide what the client wants? ---------------------------- Jim McDonough Linux Technology Center IBM Boulder Notes: Jim McDonough/Boulder/IBM @ IBMUS VNET: JMCD at IBMUSM54 Internet: jmcd@us.ibm.com Phone: (303) 924-5822 T/L: 263-5822 From martin.heuser at netexpress.de Wed Mar 14 07:38:26 2001 From: martin.heuser at netexpress.de (Martin Heuser) Date: Tue Dec 2 02:33:43 2003 Subject: (no subject) Message-ID: <01f501c0ac59$c4682400$a6f72ad4@berlin.pixel.de> From riccp at ige.unicamp.br Wed Mar 14 11:46:34 2001 From: riccp at ige.unicamp.br (Ricardo Campos Passanezi) Date: Tue Dec 2 02:33:43 2003 Subject: Samba/NT4.0Client problem In-Reply-To: Message-ID: Em 13.03.2001, Rodrigo Andres Benzaquen escreveu: > Date: Tue, 13 Mar 2001 12:28:21 -0300 > From: Rodrigo Andres Benzaquen > To: samba-ntdom@lists.samba.org > Subject: Samba/NT4.0Client problem > > Hi, I have Samba 2.0.7 running in RedHat 6.2. My clients use Windows NT 4.0 > . I have the Samba configured as PDC. When I try to connect the NT client to > the PDC I receive the following error : > > Unable to connect to the domain controler for this domain. Have you > administrator check your computer account on the domain > The NT computer name is BENZAROD > > in the smbpasswd I have the Computer name "BENZAROD$:55" Have you used the "smbpasswd" command to add the machine to your smbpasswd file? % smbpasswd -a -m benzarod What about you smb.conf? ******************************************************************* |Ricardo Campos Passanezi - System Analyst | |PGP & GPG public key at: http://www.ige.unicamp.br/~riccp | |Institute of Geosciences - http://www.ige.unicamp.br - UNICAMP | ******************************************************************* From M.Puchta at fscodes.cz Wed Mar 14 11:44:47 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:43 2003 Subject: (no subject) Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098DF5@ANNA> After I have configured Samba, firewall and proxy I have not used my Linux box for day or two and I have obtained the following response from DIG res option: init recurs defname dnsrch res_nsend to server default What it is? How can I prevent it from "sleeping"? TIA Milos From made_rai at telkom.net Wed Mar 14 11:53:05 2001 From: made_rai at telkom.net (rai) Date: Tue Dec 2 02:33:43 2003 Subject: unsubscribe ?? References: Message-ID: <00cc01c0ac7f$0fae9e60$1971053d@handa> I am sorry for this silly question ? But for moderator please unsubscribe me, OK ?? thx dede From todd.4 at wright.edu Wed Mar 14 20:47:10 2001 From: todd.4 at wright.edu (Jason Todd) Date: Tue Dec 2 02:33:43 2003 Subject: Brief questions :-) Message-ID: Hi, I have a few [simple] questions that hopefully some of you have answers to. They may be perceived as not really relating specifically to Samba, but I've seen lots of good NT help in this list. If there is a good NT domain mailing list or news group, I'd be happy to hear about it. 1) What are the reasons to NOT turn off local profile caching in an NT lab served by Samba? Caching has caused too many headaches and ulcers and I'm preparing to wipe the lab clean next week (to fix many issues). As I do, I really want to turn off the stupid caching. 2) When local profile caching is disabled, does NT just read all shortcuts, etc. off the network copy of the profile as it needs to? Although that may slow things down a little, I think that makes most sense, but I can never accuse Windows* of doing anything sensical. 3) What's the best way to restrict users from installing new programs? Could I do that in a policy? If so, where is the best information on creating policies? I know I could also just play some tricks with file permissions on each NT machine (such as make Program Files read-only) but that seems like too much work, and it could be circumvented, and I can see how it could cause problems with program temp files, etc... 4) Here's another annoying problem and I don't know who to blame, NT or Samba. Occasionally when a user selects something from the Shut Down menu, the screen will do its "fade" and the hourglass appears, but at that point everything just seems to sit still. I can press ALT+F4 and the fade and hourglass will go away as if nothing ever happened. I'm forced to use CTRL+ALT+DEL and select either Logoff or Shut Down. What could be causing that? It doesn't seem to do that with local accounts. Jason Todd From martin at zamenhof.demon.co.uk Wed Mar 14 21:39:04 2001 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:33:43 2003 Subject: Brief questions :-) In-Reply-To: from "Jason Todd" at Mar 14, 2001 03:47:10 PM Message-ID: <200103142139.VAA08735@zamenhof.demon.co.uk> > 1) What are the reasons to NOT turn off local profile caching in an NT lab > served by Samba? Caching has caused too many headaches and ulcers and I'm > preparing to wipe the lab clean next week (to fix many issues). As I do, > I really want to turn off the stupid caching. I work at a university. We configure our NT boxes to delete the profile at logout. We do this to prevent large numbers of profiles building up on disk, taking up hundreds of megs of disk space. If you run out of space while downloading the profile, the PC tends to blue-screen. > 2) When local profile caching is disabled, does NT just read all > shortcuts, etc. off the network copy of the profile as it needs to? > Although that may slow things down a little, I think that makes most > sense, but I can never accuse Windows* of doing anything sensical. It downloads the profile to disk when you log on. > 3) What's the best way to restrict users from installing new programs? > Could I do that in a policy? If so, where is the best information on > creating policies? I know I could also just play some tricks with file > permissions on each NT machine (such as make Program Files read-only) but > that seems like too much work, and it could be circumvented, and I can see > how it could cause problems with program temp files, etc... In theory, applications are not supposed to write to Program Files. (Of course, in practice, many do.) However, depending on what software you're running, you should be able to write-protect *most* of Program Files . The trouble is that you as soon as a user finds some writable space, they can try installing software into it. One other trick is to limit the number of directories where users have execute permissions. If you can make sure that there isn't anywhere writable that allows user execute you might have reached your goal. > 4) Here's another annoying problem and I don't know who to blame, NT or > Samba. Occasionally when a user selects something from the Shut Down > menu, the screen will do its "fade" and the hourglass appears, but at that > point everything just seems to sit still. I can press ALT+F4 and the fade > and hourglass will go away as if nothing ever happened. I'm forced to use > CTRL+ALT+DEL and select either Logoff or Shut Down. What could be causing > that? It doesn't seem to do that with local accounts. I've never seen that behaviour, I'm afraid. Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From seun at nettel.sjsu.edu Wed Mar 14 21:50:36 2001 From: seun at nettel.sjsu.edu (Seun Abiodun-Wright) Date: Tue Dec 2 02:33:43 2003 Subject: setup Message-ID: <3AAFE7AC.B3748F14@nettel.sjsu.edu> I am new to samba and I am trying to use samba to connect my linux box to a group of NT machines on a network. The Linux box shows up on the network neighborhood of the NT machines but I can't seem to access the Linux box. It complains about account is not allowed to login from this station. Please send me some information that may be helpful. Seun Wright From damason at davenet.mine.nu Wed Mar 14 21:59:57 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:43 2003 Subject: Brief questions :-) In-Reply-To: <200103142139.VAA08735@zamenhof.demon.co.uk> Message-ID: This issue is not a Samba-specific issue, but rather a workstation issue. As far as I've been able to tell, this happens when a task that is part of the user's session is taking its time ending. However, I'm not sure. > 4) Here's another annoying problem and I don't know who to blame, NT or > Samba. Occasionally when a user selects something from the Shut Down > menu, the screen will do its "fade" and the hourglass appears, but at that > point everything just seems to sit still. I can press ALT+F4 and the fade > and hourglass will go away as if nothing ever happened. I'm forced to use > CTRL+ALT+DEL and select either Logoff or Shut Down. What could be causing > that? It doesn't seem to do that with local accounts. I've never seen that behaviour, I'm afraid. Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From jon-fan at mail.com Wed Mar 14 22:52:40 2001 From: jon-fan at mail.com (Jon Fan) Date: Tue Dec 2 02:33:43 2003 Subject: how to set non-domain clients using samba Message-ID: <386939667.984610360596.JavaMail.root@web394-mc> Hi all, We have several unix machines which running samba server to supply printing and disk sevices. The security level was set to domain, a Windows NT PDC are using to controll access. Now we want to let some guests who are not belong to our domain to access the printer. It will be very appreciate If anyone can tell me how to do that.(I tried to use force user in print section, but it didn't work) Tahnks a lot, Jon, ______________________________________________ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup From simo.sorce at polimi.it Wed Mar 14 23:59:07 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:43 2003 Subject: Brief questions :-) In-Reply-To: <200103142139.VAA08735@zamenhof.demon.co.uk> Message-ID: On Wed, 14 Mar 2001, Martin Radford wrote: > > > 1) What are the reasons to NOT turn off local profile caching in an NT lab > > served by Samba? Caching has caused too many headaches and ulcers and I'm > > preparing to wipe the lab clean next week (to fix many issues). As I do, > > I really want to turn off the stupid caching. > > I work at a university. We configure our NT boxes to delete the > profile at logout. We do this to prevent large numbers of profiles > building up on disk, taking up hundreds of megs of disk space. If you > run out of space while downloading the profile, the PC tends to > blue-screen. > Not only, with caching roaming people tend to loose or overwrite parts of their profile moving from a machine to another, annoying the sysadms for backup restores. > > 2) When local profile caching is disabled, does NT just read all > > shortcuts, etc. off the network copy of the profile as it needs to? > > Although that may slow things down a little, I think that makes most > > sense, but I can never accuse Windows* of doing anything sensical. > > It downloads the profile to disk when you log on. You may also limit wich folders must be copied and what the maximum dimension for that (obviously you don't want to copy browsers caches up and down the net....) > > > 3) What's the best way to restrict users from installing new programs? > > Could I do that in a policy? If so, where is the best information on > > creating policies? I know I could also just play some tricks with file > > permissions on each NT machine (such as make Program Files read-only) but > > that seems like too much work, and it could be circumvented, and I can see > > how it could cause problems with program temp files, etc... > > In theory, applications are not supposed to write to Program Files. > (Of course, in practice, many do.) However, depending on what > software you're running, you should be able to write-protect *most* of > Program Files . The trouble is that you as soon as a user finds some > writable space, they can try installing software into it. One other > trick is to limit the number of directories where users have execute > permissions. If you can make sure that there isn't anywhere writable > that allows user execute you might have reached your goal. > Nt is so silly that there's always a way to install applications, think of ZIP drives, if you have them or other removable relatively big, users may always install there with double damage (use of uncheked/unouthorized software and messing of registry with false paths as directories disapper as soon they change disk). > > 4) Here's another annoying problem and I don't know who to blame, NT or > > Samba. Occasionally when a user selects something from the Shut Down > > menu, the screen will do its "fade" and the hourglass appears, but at that > > point everything just seems to sit still. I can press ALT+F4 and the fade > > and hourglass will go away as if nothing ever happened. I'm forced to use > > CTRL+ALT+DEL and select either Logoff or Shut Down. What could be causing > > that? It doesn't seem to do that with local accounts. > > I've never seen that behaviour, I'm afraid. Samba is only a file sharing system, I think you may blame NT (or some app.) with enough security. Simo. -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From gcarter at valinux.com Fri Mar 9 06:32:37 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:44 2003 Subject: Changing your samba password from windows In-Reply-To: <3AA7D78B.B8840473@valinux.com>; from jeremy@valinux.com on Thu, Mar 08, 2001 at 13:03:39 -0600 References: <3.0.6.32.20010301230325.007d1100@bioserve.latrobe.edu.au> <008501c0a759$3f3e7680$1f0110ac@hug.local> <3AA7D78B.B8840473@valinux.com> Message-ID: <20010309003237.E10207@pogo> On Thu, 08 Mar 2001 13:03:39 Jeremy Allison wrote: > Philipp Hug wrote: > > > > I tried the same on Win2k (with CVS version of Samba 2.2) and got > the same > > message: > > > > [2001/03/07 23:51:34, 0] > > rpc_server/srv_samr_nt.c:_samr_get_dom_pwinfo(2435) > > _samr_get_dom_pwinfo: Not yet implemented. > > Yes, I'm looking at this one also. It's currently an undocumented > and encrypted RPC that W2K seems to need to succeed on SAMR before > it will allow password change. WinNT doesn't need this so it works. > > I'm looking into what to return here (we currently just return > zeros which obviously isn't correct). I have only seen SAMR_GET_USRDOM_PWINFO (opnum 0x2c) when a Win2k client joins an NT 4 domain. Ooops, there is opnum 0x38 in the Win2k user password change. Hmmm....should just return a policy handle and a four byte return value. Interesting though, I don;t see it being closed by the Win2k client....Hmmm....Don't see where the results of SAMR_GET_DOM_PWINFO are being used in SAMR_CHGPASSWD_USER. btw...what is the "MSRPC Authenticationm Verifier" that I see after the Stud Data in netmon 1.x? Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jmcd at us.ibm.com Tue Mar 13 17:57:07 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:33:44 2003 Subject: Serving user lists to Windows9x stations Message-ID: >The problem seems to be that the 95 usrmgr.exe limits the return data size >on the SamrEnumDomainAliases call to 512, and on my system, we need more >bytes to return the group information. So if you don't have many unix >groups on your Samba server, it should work.... > >But the NT/2k usrmgr limits it to 1024....so I'll see what happens if I >increase the number of groups enough.... > >Jim Hmm...even if I get my number of groups low enough, the 95 usrmgr still complains. I get the entire list of user names showing, and at least all of the groups I have in /etc/group, but not the other "standard" groups (Administrators, Backup Operators, etc.). That list is always "too long". The NT/2k usrmgr handles the buffer overflow problem and reads off the pipe following the call. The 95 usrmgr just gives up when it doesn't get it all in one response. I don't see (for what that's worth) any way around it.... Jim ---------------------------- Jim McDonough Linux Technology Center IBM Boulder Notes: Jim McDonough/Boulder/IBM @ IBMUS VNET: JMCD at IBMUSM54 Internet: jmcd@us.ibm.com Phone: (303) 924-5822 T/L: 263-5822 From peter.milburn at sofcom.com.au Thu Mar 15 03:44:13 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 Message-ID: I know this is still an alpha relaease, but I have been having so much fun with it. The other week, I downloaded the lastest tarball relaease, which fixed the permsions on roaming profiles, my problem I have now, is that I can not get a new machine to join the domain, Can someone please help me with this. Any help or sugesstions would be muchly appreciated. Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** -- Russell Aronson Software Communication (Australia) Pty Ltd Tel: 613 9826 8300 Level 16 644 Chapel St Fax: 613 9826 8336 South Yarra Vic 3141 russell@sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: BDY.RTF Type: application/rtf Size: 2650 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010315/0278a091/BDY.rtf From jeremy at valinux.com Thu Mar 15 01:59:37 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 References: Message-ID: <3AB02209.37108F41@valinux.com> peter.milburn@sofcom.com.au wrote: > > I know this is still an alpha relaease, but I have been having so much > fun with it. The other week, I downloaded the lastest tarball relaease, > which fixed the permsions on roaming profiles, my problem I have now, is > that I can not get a new machine to join the domain, Known bug in that snapshot I'm afraid. The code in CVS is much better and I'll be doing another snapshot shortly if you can't get CVS access. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From barth at cck.uni-kl.de Thu Mar 15 07:01:45 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:44 2003 Subject: setup Message-ID: <200103150701.IAA17674@fbk.mv.uni-kl.de> hosts allow = in smb.conf ? encrypted passwords setup correctly? NT-Registry-Hack for plaintext passwords? Thats all I can guess from the information you gave. Christian From tcurdt at dff.st Thu Mar 15 10:29:20 2001 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 In-Reply-To: <3AB02209.37108F41@valinux.com> Message-ID: > > I know this is still an alpha relaease, but I have been having so much > > fun with it. The other week, I downloaded the lastest tarball relaease, > > which fixed the permsions on roaming profiles, my problem I have now, is > > that I can not get a new machine to join the domain, > > Known bug in that snapshot I'm afraid. The code in CVS is > much better and I'll be doing another snapshot shortly if > you can't get CVS access. We are still running an alpha 0 CVS snapshot quite successful now for a while in production environment (hurray for the brave :) Lurking to the list, I feel now is the time to upgrade to another CVS version. But before this I have some questions... All our users are stored in a LDAP server. Right now we use nss_ldap and pam_ldap for the linux authentification and try to keep the smbpasswd accounts in sync. (not a nice sollution) I wonder if an upgrade to the latest CVS and the use of windbind can help us in means of LDAP integration?! Even the alpha is so promising that it doesn't matter at all but... any plans to go beta? Great work guys... -- Torsten From vschmid at tlc.de Thu Mar 15 11:41:13 2001 From: vschmid at tlc.de (vschmid@tlc.de) Date: Tue Dec 2 02:33:44 2003 Subject: Problems with security=domain and Windows 2000 Message-ID: <41256A10.00403329.00@TLC-FFS012.TLC-FFDO01.DB.DE> Hi I have tried to use a password server, but I get always NT Errors. smbpassd -j tlc-gmbh -s tlc-ffs2000 worked... Thanks for Help: Valery log.smb: 2001/03/15 12:12:50, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391) cli_net_sam_logon: NT_STATUS_NONEXISTENT_SECTOR [2001/03/15 12:12:50, 0] smbd/password.c:domain_client_validate(1470) domain_client_validate: unable to validate password for user valeryschmid in d omain TLC-GMBH to Domain controller TLC-FFS2000. Error was NT_STATUS_NONEXISTENT _SECTOR. [global] netbios name=tlc-ffs097 security=domain #security=user workgroup=tlc-gmbh password server = tlc-ffs2000 encrypt passwords=yes wins server=172.24.113.11 name resolve order=wins host bcast username map=/usr/local/etc/usrmap Dr. Val?ry Schmid TLC GmbH EVA Fahrplanzentrum K?lnerstr 26 60327 Frankfurt/Main Tel: (069) 265 252 76 Fax: (069) 975 253 53 E-Mail: valery.schmid@tlc.de From Axel.Thimm at physik.fu-berlin.de Thu Mar 15 11:40:44 2001 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue Dec 2 02:33:44 2003 Subject: samba_2_2 cvs: W2Ksp1 (german) profile creation fails In-Reply-To: <20010221143207.E17146@pua.domain>; from Axel.Thimm@physik.fu-berlin.de on Wed, Feb 21, 2001 at 02:32:07PM +0100 References: <20010221143207.E17146@pua.domain> Message-ID: <20010315124044.A7965@pua.domain> Still having profile creating problems. Logging onto a recent cvs samba server without a profile W2K creates the standard profile. When logging out it is saved at the specified profile path. But some (not all ...) permissions of the directories are messed up: # ls -ld profile drwxr-x--x 13 thimm ag-linke 8192 Mar 15 12:12 profile/ # ls -ltr profile total 296 -rw-r----- 1 thimm ag-linke 20 Mar 15 12:07 ntuser.ini drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Recent/ drw-r----- 3 thimm ag-linke 8192 Mar 15 12:12 Startmen?/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 SendTo/ drw-r----- 3 thimm ag-linke 8192 Mar 15 12:12 Eigene Dateien/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Druckumgebung/ drw-r----- 2 thimm ag-linke 8192 Mar 15 12:12 Desktop/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Netzwerkumgebung/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Cookies/ drwxr-x--x 4 thimm ag-linke 8192 Mar 15 12:12 Favoriten/ drwxr-x--x 4 thimm ag-linke 8192 Mar 15 12:12 Anwendungsdaten/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Vorlagen/ -rw-r----- 1 thimm ag-linke 192512 Mar 15 12:12 NTUSER.DAT -rw-r----- 1 thimm ag-linke 1024 Mar 15 12:12 ntuser.dat.LOG So execute permissions are removed for the directories "Startmen?", "Eigene Dateien" and "Desktop". One could argue that the first could be a codepage problem (but my codepages are fine, I can access that file from Windows and Unix and it does have always the Umlauts), or that the second has a space in its name. But especially the last one, "Desktop", does not give any clue why something could go wrong. And finally all others are fine. Any clues? Thanks, Axel. -- Axel.Thimm@physik.fu-berlin.de From vschmid at tlc.de Thu Mar 15 12:16:34 2001 From: vschmid at tlc.de (vschmid@tlc.de) Date: Tue Dec 2 02:33:44 2003 Subject: Problems with security=domain and Windows 2000 Message-ID: <41256A10.00436FC8.00@TLC-FFS012.TLC-FFDO01.DB.DE> Hello samba fans... I have tried to use a password server, but I get always NT Errors using NT auth. smbpassd -j tlc-gmbh -s tlc-ffs2000 worked... Thanks for Help Valery log.smb: 2001/03/15 12:12:50, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391) cli_net_sam_logon: NT_STATUS_NONEXISTENT_SECTOR [2001/03/15 12:12:50, 0] smbd/password.c:domain_client_validate(1470) domain_client_validate: unable to validate password for user valeryschmid in d omain TLC-GMBH to Domain controller TLC-FFS2000. Error was NT_STATUS_NONEXISTENT _SECTOR. [global] netbios name=tlc-ffs097 security=domain #security=user workgroup=tlc-gmbh password server = tlc-ffs2000 encrypt passwords=yes wins server=172.24.113.11 name resolve order=wins host bcast username map=/usr/local/etc/usrmap Dr. Val?ry Schmid TLC GmbH EVA Fahrplanzentrum K?lnerstr 26 60327 Frankfurt/Main Tel: (069) 265 252 76 Fax: (069) 975 253 53 E-Mail: valery.schmid@tlc.de Dr. Val?ry Schmid TLC GmbH EVA Fahrplanzentrum K?lnerstr 26 60327 Frankfurt/Main Tel: (069) 265 252 76 Fax: (069) 975 253 53 E-Mail: valery.schmid@tlc.de Mobil: 0173 71 222 65 From gcarter at valinux.com Thu Mar 15 15:03:53 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 In-Reply-To: Message-ID: On Thu, 15 Mar 2001, Torsten Curdt wrote: > We are still running an alpha 0 CVS snapshot quite successful > now for a while in production environment (hurray for the brave :) > > Lurking to the list, I feel now is the time to upgrade to another > CVS version. But before this I have some questions... > > All our users are stored in a LDAP server. Right now we use nss_ldap > and pam_ldap for the linux authentification and try to keep > the smbpasswd accounts in sync. (not a nice sollution) > > I wonder if an upgrade to the latest CVS and the use of windbind > can help us in means of LDAP integration?! winbindd will help you only if you are running the Samba host in domain mode security. > Even the alpha is so promising that it doesn't matter at all > but... any plans to go beta? This will hopefully be the last alpha release. Beta after that obviously. :-) (Yeah!) Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lynn at tsunami.cis.usouthal.edu Thu Mar 15 15:23:04 2001 From: lynn at tsunami.cis.usouthal.edu (Keith Lynn) Date: Tue Dec 2 02:33:44 2003 Subject: Internet Access Message-ID: Hello everyone, This question may be slightly off the subject, but I thought someone might be able to help me with this. I run several computer labs, each running Windows NT 4.0 clients with a Samba server running on RedHat Linux. What I would like to do is have this server not only run Samba but act as a pseudorouter. That is, there is a main router in our University, and each client is set to use that router as its gateway. What I want to do is change the gateway on each client to the server running Samba, and then as needed shut off routed so that packets can't get to the real router. However, I have not been able to get routed to work on the server. The specifics of the problem are that a client machine has IP address 192.168.103.11, and the Samba server has IP address 192.168.103.149. I've tried running routed and setting up /etc/gateways, but I can't get 192.168.103.11 to ping any machines outside the subnet. Has anyone had experience using routed? Thanks. Keith Lynn Systems Administrator School of Computer and Information Sciences University of South Alabama Mobile, AL 36608 Phone: (334) 460-6390 Fax: (334) 460-7274 Alternative E-mail: lynn@gateway.cis.usouthal.edu URL: http://www.cis.usouthal.edu/~lynn/ From aalang at rutgersinsurance.com Thu Mar 15 15:57:28 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:44 2003 Subject: Internet Access References: Message-ID: <00be01c0ad68$a298c9a0$330a0a0a@rutgersinsurance.com> What were the routes you added? Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Keith Lynn" To: Sent: Thursday, March 15, 2001 10:23 AM Subject: Internet Access > Hello everyone, > This question may be slightly off the subject, but I thought someone > might be able to help me with this. > I run several computer labs, each running Windows NT 4.0 clients with > a Samba server running on RedHat Linux. > What I would like to do is have this server not only run Samba but > act as a pseudorouter. That is, there is a main router in our University, > and each client is set to use that router as its gateway. > What I want to do is change the gateway on each client to the server > running Samba, and then as needed shut off routed so that packets can't > get to the real router. However, I have not been able to get routed to > work on the server. > The specifics of the problem are that a client machine has IP address > 192.168.103.11, and the Samba server has IP address 192.168.103.149. I've > tried running routed and setting up /etc/gateways, but I can't get > 192.168.103.11 to ping any machines outside the subnet. Has anyone had > experience using routed? Thanks. > > Keith Lynn > Systems Administrator > School of Computer and Information Sciences > University of South Alabama > Mobile, AL 36608 > Phone: (334) 460-6390 > Fax: (334) 460-7274 > Alternative E-mail: lynn@gateway.cis.usouthal.edu > URL: http://www.cis.usouthal.edu/~lynn/ > > From aalang at rutgersinsurance.com Thu Mar 15 15:59:03 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:44 2003 Subject: Internet Access References: Message-ID: <00c201c0ad68$db5d4220$330a0a0a@rutgersinsurance.com> http://hegel.ittc.ukans.edu/topics/linux/man-pages/man8/routed.8.html http://hegel.ittc.ukans.edu/topics/linux/man-pages/man8/route.8.html First link is man page for routed and the second link is for man page for route command. Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Keith Lynn" To: Sent: Thursday, March 15, 2001 10:23 AM Subject: Internet Access > Hello everyone, > This question may be slightly off the subject, but I thought someone > might be able to help me with this. > I run several computer labs, each running Windows NT 4.0 clients with > a Samba server running on RedHat Linux. > What I would like to do is have this server not only run Samba but > act as a pseudorouter. That is, there is a main router in our University, > and each client is set to use that router as its gateway. > What I want to do is change the gateway on each client to the server > running Samba, and then as needed shut off routed so that packets can't > get to the real router. However, I have not been able to get routed to > work on the server. > The specifics of the problem are that a client machine has IP address > 192.168.103.11, and the Samba server has IP address 192.168.103.149. I've > tried running routed and setting up /etc/gateways, but I can't get > 192.168.103.11 to ping any machines outside the subnet. Has anyone had > experience using routed? Thanks. > > Keith Lynn > Systems Administrator > School of Computer and Information Sciences > University of South Alabama > Mobile, AL 36608 > Phone: (334) 460-6390 > Fax: (334) 460-7274 > Alternative E-mail: lynn@gateway.cis.usouthal.edu > URL: http://www.cis.usouthal.edu/~lynn/ > > From greg at leiinc.com Thu Mar 15 16:18:53 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question Message-ID: <006401c0ad6b$a10c7cf0$6f00a8c0@leinet> I have permissions type question that I'm sure is very elementary to the veteran Unix user, but confusing to a Windows person like myself. Stupid questions from us Windows people are OK because you guys are converting us to Linux, right? :o) I have a Samba PDC setup for a Win2000/NT domain. I'm having difficulty with permissions on the group shares. Specifically, I have a main project share where people store project data that I want to be accessible by all. I don't want to restrict access to anyone, except those that don't have an account on the PDC. Where my confusion comes in is the Unix/Linux filesystem security. I've setup a Unix group called domain_users and made everyone on my network a member of that group. I set the ownership of the shared project directory, Linux, to the domain_users group and made it readable, writable, and executable to this group. On the samba end, I set valid user = @domain_users, create mode = 0770, and directory mode = 0770. But, when my users create a directory or file in the shared directory tree, the ownership of the directory or file is set to the creator's username and group name. What I want is for the group ownership to be automatically set to domain_users, so everyone can access the file or directory. Is the only option to make this happen to use the force group parameter in my smb.conf file? Thank you. Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 369 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010315/90c2ede0/GregJ.Zartman.vcf From vschmid at tlc.de Thu Mar 15 16:52:51 2001 From: vschmid at tlc.de (vschmid@tlc.de) Date: Tue Dec 2 02:33:44 2003 Subject: Problems with security=domain and Windows 2000 Domain Server Message-ID: <41256A10.005CBB3A.00@TLC-FFS012.TLC-FFDO01.DB.DE> I get following errors: log.smb: 2001/03/15 12:12:50, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391) cli_net_sam_logon: NT_STATUS_NONEXISTENT_SECTOR [2001/03/15 12:12:50, 0] smbd/password.c:domain_client_validate(1470) domain_client_validate: unable to validate password for user valeryschmid in d omain TLC-GMBH to Domain controller TLC-FFS2000. Error was NT_STATUS_NONEXISTENT _SECTOR. Can anybody help ? I am using samba 2.0.7 on LINUX bsd system. FreeBSD 4.2-RELEASE Thank in advance Valery [global] netbios name=tlc-ffs097 security=domain #security=user workgroup=tlc-gmbh password server = tlc-ffs2000 encrypt passwords=yes wins server=172.24.113.11 name resolve order=wins host bcast username map=/usr/local/etc/usrmap From vgill at technologist.com Thu Mar 15 16:58:37 2001 From: vgill at technologist.com (Gill, Vern) Date: Tue Dec 2 02:33:44 2003 Subject: Hiding nmb name in browse list Message-ID: <8D043DEA73DFD411958A00A0C90AB7607D2B@ftp.gillnet.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Could you block the broadcasts using ipchains/iptables? Would that even work? Just a thought... -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOrD0IheamMdwy9TXEQK2HwCbB6Q3KyqGWbgVzpyHiAKD9/eabg4AnRtE OZ7WWQMNW0tDRz6kk2EiFUqq =40Iv -----END PGP SIGNATURE----- From mthomas at rhrk.uni-kl.de Thu Mar 15 17:03:37 2001 From: mthomas at rhrk.uni-kl.de (Martin Thomas) Date: Tue Dec 2 02:33:44 2003 Subject: network shortcuts in profiles 'loose magic' and some more questions Message-ID: <003701c0ad71$e0a98690$16b9f683@fuchur> Hello, I've set up a samba box with roaming profiles. So far everything works (login, profile up- and download, startup script). with Samba 2.2 cvs from 14.3.2001 and Windows 2000 clients. But there is still one thing that should work but I can not find out why it doesn't: If I try to add a shortcut to the network neighbourhood ('Netzwerkumgebung' here, we are using W2K/german. I use 'shortcut' for the german term 'Verknuepfung') everything works as long as the users does not log off and log on again. After the profile is downloaded from the server the shortcut (to a share or to a computer) isn't a shortcut anymore but acts like a normal directory with the files desktop.ini and target.lnk in it. Selecting target.lnk leads to the place where the orignial shortcut pointed to (but: one level to deep in the dir-tree, wrong name). To reproduce the problem: - log in as a domain user, download his/her profile from the server - open the window 'Network neighbourhood' or 'Netzwerkumgebung' in german - open a second window 'Network neighbourhood' (shift+double-click on the icon) - select a computer or a share on a server in one of the windows and drag and drop it in the 'Network neighb.' Window: You will see a Computer or network-directory icon in the 'Computers near me' window - (sometimes windows 'caches' the last opened network shares (smb and ftp) in the neighbourhood automaticly - this is how I found out that something is wrong) - try the shortcut icon - it will open the share, show the files in it or view the browseable shares on a server if the shortcut points to a computer - logoff the user and let windows upload his/her profile to the server - login again (same machine, same username), let windows download the profile - open the Neighbourhood window, now I see (and you too?) that the shortcut looks like a directory (at least it uses the icon), in the directory are 2 files from these the file target.lnk points to the same place as the original shortcut. In the filesystem a working shortcut (before up- and download of the profile) is also a directory: Its name is 'Shotcut to [sharename] on [computername]' (e.g. 'Verknüpfung mit Archiv auf smbserver' in the german windows version) and it has the ms-dos attribute R (read-only) in the directory are the files desktop.ini with the attributes H (hidden) and S (system) and target.lnk. After up- and download of the profile the shortcut is a normal directory I tried to reproduce the dos-attibutes using mask hidden and mask system without success, see my smb.conf below. BTW: two more questions: (1) how can I create and edit Windows 2000 policies (ntconfig.pol), not group policies as they seem to be unsupported in Samba 2.2. A W2K book I have here states, that I have to use poledit.exe form the W2K server CD (have it) and adm-file from W2K prof (have them) but if I try to open the adm- files with poledit there is a message, that the adm files can not be shown. (2) the 'Computers near me' icon is not visible in the network neighbourhood after a client joined a domain - tried a registry setting HideComputerNearMe (??) = 0 but the icon is still not there. So one has to browse to a server in his/her domain through the complete network (gesamtes Netzwerk) - with is not very comfortable (o.k. net use x: \\... might solve this but 20 or more driveletters...) Links/shortcuts to shares and servers in the 'network neighbourhood' would be a nice solution but ... o.k. you get the point. Some additional information - I know, this mail is to long...: * The add user script line in the pdc-howto is very systems/distribution dependend, the one mentioned there didn't work - the one shown below works on a debian box and should work with SuSE-Linux * the 'macros' %N and %u do not work from a windows 2000 client, the comment in the temp-share in the smb.conf below results in "Temp auf %N (Arch: Win2k User: %u)" and to "Temp auf smbdomct (Arch: Samba User: mthomas) with smbclient -L smbdomct -U mthomas from a linux box. Hope someone can help, thank you Martin *** parts from the smb.conf *** [global] debug level = 2 netbios name = smbdomct workgroup = swwgroup security = user domain logons = yes encrypt passwords = yes status=yes os level = 65 ; domain and local master is a samba 2.0.7 box, it's also the wins server wins server = 131.246.xxx.xxx time server = yes logon script = scripts\default.bat logon drive = R: logon home = \\%N\%U logon path = \\%N\profile\%U domain admin group = @smbadm add user script = /usr/sbin/useradd -g machines -c RechnerAccount -d /dev/null -s /bin/false %m$ guest account = nobody ## dont do in man smb.conf, do in pdc-howto ?? ## share modes = no interfaces = 131.246.xxx.xxx/255.255.255.0 127.0.0.1/255.255.255.0 socket options = TCP_NODELAY bind interfaces only=True name resolve order = host wins lmhosts bcast allow hosts = 127.0.0.1 131.246.xxx.xxx ... ... (many more) printer admin = pcadmin [homes] comment = %Ss privates Heimatverzeichnis browseable = no read only = no guest ok = no create mask = 0600 directory mask = 0700 # oplocks on or off ?? oplocks = false # veto files = /.*/Desktop/ # hide dot files = yes locking = no [netlogon] path = /home/smbdata/netlogon writable = no guest ok = no comment = PDC netlogon share ## pruefen ?? muesste wohl nicht browseable sein, vorerst: browseable = yes [temp] comment = Temp auf %N (Arch: %a User: %u) path = /home/smbdata/temp read only = no # public = yes force group = smbusers create mode = 0660 directory mode = 0770 #von TNG-doc: to create automatic subdirs for the different users #chmod 1777 /home/smbdata/profile [profile] path = /home/smbdata/profile writeable = yes #create mask = 0771 #directory mask = 0771 create mask = 711 directory mask = 711 map hidden = yes map system = yes force group = smbusers # ?? oplocks ? locking? oplocks=false browseable=false #locking=no [ps] public = no print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j comment = Laser A4 doppelseitig RHRK printable = yes writable = no create mode = 0700 # path = /var/tmp/smbspool [print$] path=/usr/local/samba/printer #guest ok=yes browseable=yes read only=yes write list=pcadmin *** file listing of the profile subdirectory *** /home/smbdata/profile/mthomas# ls -lR Netzwerkumgebung/ Netzwerkumgebung/: total 12 drwx--x--x 2 mthomas smbusers 4096 Mar 15 17:40 Verkn?pfung mit archiv a uf Miraculix drwx--x--x 2 mthomas smbusers 4096 Mar 15 17:40 Verkn?pfung mit projekte au f Miraculix Netzwerkumgebung/Verkn?pfung mit archiv auf Miraculix: total 8 -rwx------ 1 mthomas smbusers 92 Mar 14 18:50 Desktop.ini -rwx------ 1 mthomas smbusers 396 Mar 14 18:50 target.lnk Netzwerkumgebung/Verkn?pfung mit projekte auf Miraculix: total 8 -rwx------ 1 mthomas smbusers 92 Mar 15 16:37 Desktop.ini -rwx------ 1 mthomas smbusers 388 Mar 15 16:37 target.lnk From tcurdt at dff.st Thu Mar 15 17:14:43 2001 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 In-Reply-To: Message-ID: > > We are still running an alpha 0 CVS snapshot quite successful > > now for a while in production environment (hurray for the brave :) > > > > Lurking to the list, I feel now is the time to upgrade to another > > CVS version. But before this I have some questions... > > > > All our users are stored in a LDAP server. Right now we use nss_ldap > > and pam_ldap for the linux authentification and try to keep > > the smbpasswd accounts in sync. (not a nice sollution) > > > > I wonder if an upgrade to the latest CVS and the use of windbind > > can help us in means of LDAP integration?! > > winbindd will help you only if you are running the Samba host > in domain mode security. Hm... so I'll have to stick to this icky sollution? Any progress with the LDAP support? I don't want to maintain two user managements. I remember there was a big rewrite of the auth interface. Is their now a reasonable way of adding a smooth integration of user auth? > > Even the alpha is so promising that it doesn't matter at all > > but... any plans to go beta? > > This will hopefully be the last alpha release. Beta after > that obviously. :-) (Yeah!) Alpha or beta ... in *nix world this seems to be what in win world releases are ;) Great work! -- Torsten From barth at cck.uni-kl.de Thu Mar 15 17:27:16 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question Message-ID: <200103151727.SAA29581@fbk.mv.uni-kl.de> The share shows the normal unix behavior: New files get the owner and the standart group (the one in /etc/passwd) of the user. If you do a "chmod g+s project_direktory", the files will get the group of the directory. In smb.conf you should set a suitable umask and must set "inheret permissions = yes" for the s-bit (the "g+s") to work (at least in my 2.0.7). This should do what you want. The owner should stay the creator of the file. You can't change this on the unix side and I do not recommend to use the "force user" paramter in smb.conf, exept you realy need it and you know what you are doing. (If the users use unix to access the files, too, you need to configure a suitable umask theire as well. A good place are the ~./cshrc ~./profile or the other start-up-files of the shell.) Christian From mthomas at rhrk.uni-kl.de Thu Mar 15 17:27:21 2001 From: mthomas at rhrk.uni-kl.de (Martin Thomas) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question Message-ID: <008401c0ad75$3110fe30$16b9f683@fuchur> chmod g+s on the directory should work, this sets the group of any file and dir in the directory to the group domain_users. Hope this helps Martin > ----- Original Message ----- > From: "Greg J. Zartman, P.E." > To: "Samba News" > Sent: Thursday, March 15, 2001 5:18 PM > Subject: Permissions question > > > > I have permissions type question that I'm sure is very elementary to the > > veteran Unix user, but confusing to a Windows person like myself. Stupid > > questions from us Windows people are OK because you guys are converting us > > to Linux, right? :o) > > > > I have a Samba PDC setup for a Win2000/NT domain. I'm having difficulty > > with permissions on the group shares. Specifically, I have a main project > > share where people store project data that I want to be accessible by all. > > I don't want to restrict access to anyone, except those that don't have an > > account on the PDC. > > > > Where my confusion comes in is the Unix/Linux filesystem security. I've > > setup a Unix group called domain_users and made everyone on my network a > > member of that group. I set the ownership of the shared project directory, > > Linux, to the domain_users group and made it readable, writable, and > > executable to this group. On the samba end, I set valid user = > > @domain_users, create mode = 0770, and directory mode = 0770. But, when my > > users create a directory or file in the shared directory tree, the ownership > > of the directory or file is set to the creator's username and group name. > > What I want is for the group ownership to be automatically set to > > domain_users, so everyone can access the file or directory. Is the only > > option to make this happen to use the force group parameter in my smb.conf > > file? > > > > Thank you. > > > > > > Greg J. Zartman, P.E. > > > > > From greg at kwikfind.com Thu Mar 15 17:31:29 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question References: <200103151727.SAA29581@fbk.mv.uni-kl.de> Message-ID: <00de01c0ad75$c5f5c0d0$6f00a8c0@leinet> Thanks to all for the very good advice. This answers a few questions. Thank you. Greg ----- Original Message ----- From: "Christian Barth" To: ; Sent: Thursday, March 15, 2001 9:27 AM Subject: Re: Permissions question > The share shows the normal unix behavior: New files get the owner and the standart group (the one in /etc/passwd) of the user. If you do a "chmod g+s project_direktory", the files will get the group of the directory. In smb.conf you should set a suitable umask and must set "inheret permissions = yes" for the s-bit (the "g+s") to work (at least in my 2.0.7). This should do what you want. > > The owner should stay the creator of the file. You can't change this on the unix side and I do not recommend to use the "force user" paramter in smb.conf, exept you realy need it and you know what you are doing. > > (If the users use unix to access the files, too, you need to configure a suitable umask theire as well. A good place are the ~./cshrc ~./profile or the other start-up-files of the shell.) > > Christian > > > From greg at kwikfind.com Thu Mar 15 17:46:30 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:44 2003 Subject: samba2.2aplah2 References: Message-ID: <011d01c0ad77$de86e5f0$6f00a8c0@leinet> I agree, the Samba team has done a tremendous job on this application (even if they do call it alpha). I'm running Samba 2.2 from very current CVS in a production environment and I can't believe the improvement over Win2k server. Great work!!! Greg ----- Original Message ----- From: "Torsten Curdt" To: "Gerald Carter" Cc: Sent: Thursday, March 15, 2001 9:14 AM Subject: RE: samba2.2aplah2 > > > We are still running an alpha 0 CVS snapshot quite successful > > > now for a while in production environment (hurray for the brave :) > > > > > > Lurking to the list, I feel now is the time to upgrade to another > > > CVS version. But before this I have some questions... > > > > > > All our users are stored in a LDAP server. Right now we use nss_ldap > > > and pam_ldap for the linux authentification and try to keep > > > the smbpasswd accounts in sync. (not a nice sollution) > > > > > > I wonder if an upgrade to the latest CVS and the use of windbind > > > can help us in means of LDAP integration?! > > > > winbindd will help you only if you are running the Samba host > > in domain mode security. > > Hm... so I'll have to stick to this icky sollution? > > Any progress with the LDAP support? I don't want to > maintain two user managements. > > I remember there was a big rewrite of the auth interface. > Is their now a reasonable way of adding a smooth integration > of user auth? > > > > Even the alpha is so promising that it doesn't matter at all > > > but... any plans to go beta? > > > > This will hopefully be the last alpha release. Beta after > > that obviously. :-) (Yeah!) > > Alpha or beta ... in *nix world this seems to be what > in win world releases are ;) > > Great work! > -- > Torsten > > > From Jonathan.W.Miner at lmco.com Thu Mar 15 17:56:52 2001 From: Jonathan.W.Miner at lmco.com (Jonathan W Miner) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question References: <008401c0ad75$3110fe30$16b9f683@fuchur> Message-ID: <3AB10264.25830D0@lmco.com> Here is how we do it at work: UNIX: drwxrws--x 7 jminer dhcptest 512 Nov 7 17:23 /proj/dhcptest SAMBA: (smb.conf) [dhcptest] path = /proj/dhcptest valid users = @dhcptest force group = dhcptest read only = No At home I do the following to create a shared area between all my local windows machines. This allows my wife & I to delete each others files (in this share) UNIX: drwxrwxrwt 3 root root 1024 Mar 15 04:02 /usr/tmp SAMBA: (smb.conf) [public] comment = Shared area between our local machines path = /usr/tmp writeable = Yes force user = nobody -- | Jonathan Miner _o) | LM-Xpress: jonathan.w.miner@lmco.com /\\ _o) _o) | Phone: 603 885 UNIX - Fax: 603 885 3850 _\_V _(\) _(\) | USmail: PO Box 868, NCA01-3719, Nashua, NH 03061-0868 From don_mccall at hp.com Thu Mar 15 18:40:27 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:44 2003 Subject: samba_2_2 cvs: W2Ksp1 (german) profile creation fails Message-ID: <079FD72E42C9D311B854009027650E6F040508C3@xatl02.atl.hp.com> Hi Axel, Is it possible that these three directories are being affected by the default "map archive=yes" parameter, where the user execute bit gets set depending on the archive bit that NT wants to set? Don -----Original Message----- From: Axel Thimm [mailto:Axel.Thimm@physik.fu-berlin.de] Sent: Thursday, March 15, 2001 6:41 AM To: samba-ntdom@samba.org Subject: samba_2_2 cvs: W2Ksp1 (german) profile creation fails Still having profile creating problems. Logging onto a recent cvs samba server without a profile W2K creates the standard profile. When logging out it is saved at the specified profile path. But some (not all ...) permissions of the directories are messed up: # ls -ld profile drwxr-x--x 13 thimm ag-linke 8192 Mar 15 12:12 profile/ # ls -ltr profile total 296 -rw-r----- 1 thimm ag-linke 20 Mar 15 12:07 ntuser.ini drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Recent/ drw-r----- 3 thimm ag-linke 8192 Mar 15 12:12 Startmen?/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 SendTo/ drw-r----- 3 thimm ag-linke 8192 Mar 15 12:12 Eigene Dateien/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Druckumgebung/ drw-r----- 2 thimm ag-linke 8192 Mar 15 12:12 Desktop/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Netzwerkumgebung/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Cookies/ drwxr-x--x 4 thimm ag-linke 8192 Mar 15 12:12 Favoriten/ drwxr-x--x 4 thimm ag-linke 8192 Mar 15 12:12 Anwendungsdaten/ drwxr-x--x 2 thimm ag-linke 8192 Mar 15 12:12 Vorlagen/ -rw-r----- 1 thimm ag-linke 192512 Mar 15 12:12 NTUSER.DAT -rw-r----- 1 thimm ag-linke 1024 Mar 15 12:12 ntuser.dat.LOG So execute permissions are removed for the directories "Startmen?", "Eigene Dateien" and "Desktop". One could argue that the first could be a codepage problem (but my codepages are fine, I can access that file from Windows and Unix and it does have always the Umlauts), or that the second has a space in its name. But especially the last one, "Desktop", does not give any clue why something could go wrong. And finally all others are fine. Any clues? Thanks, Axel. -- Axel.Thimm@physik.fu-berlin.de From kkc at uclink4.berkeley.edu Thu Mar 15 18:58:02 2001 From: kkc at uclink4.berkeley.edu (Kevin Chan) Date: Tue Dec 2 02:33:44 2003 Subject: compiling issues with directories Message-ID: <4.3.2.7.2.20010315105142.00ad99d0@uclink4.berkeley.edu> Hi to everyone, I have been trying to install Samba 2.0.7 on my Redhat Linux 6.2 as both a file server and an NT domain controller. I am encountering a problem that is quite odd and I am not sure why I am having this problem. When I installed Redhat, I had it install the samba files thinking that I would just overwrite them with the samba 2.0.7 install. However, after compiling and installing samba, there is no smb.conf file in the lib directory and no private folder. This issue is easily overcome as I have a copy of smb.conf from the redhat install of samba (it installs it in /etc/samba) and I can create the smbpasswd file by calling the smbpasswd binary. However, the mapping of the directories appear to be from the redhat install of samba. When I start smbd, it is still looking for the smb.conf file in /etc/samba, not /usr/local/samba/lib. And when I create an smbpasswd file by calling the smbpasswd binary, it creates it in /etc/samba/private). I have reconfigured the 2.0.7 samba and this problem still exists. Any insight on this matter will be welcomed. Thanks in advance, Kevin Chan Systems Administrator Administrative Computing From mpineault at osginformatique.com Thu Mar 15 19:02:18 2001 From: mpineault at osginformatique.com (Martin Pineault) Date: Tue Dec 2 02:33:44 2003 Subject: Migrating profile from NT server to Linux Samba PDF Message-ID: <000d01c0ad82$75a7aa50$01107bce@osginformatique2.com> HowTo Migrate profiles from NT server to Linux Samba PDF? Does anyone have a clue. Even if it's manually since we have few user. Thank you. MPLT From greg at kwikfind.com Thu Mar 15 19:13:56 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:44 2003 Subject: compiling issues with directories References: <4.3.2.7.2.20010315105142.00ad99d0@uclink4.berkeley.edu> Message-ID: <001e01c0ad84$15e45df0$6f00a8c0@leinet> Kevin, If you are installing from the sources for the first time, then you'll need to play around with the pathing a little. Here is a document that speaks well to this issue home.germany.net/101-69082/samba.html Look on page 8. Good luck Greg ----- Original Message ----- From: "Kevin Chan" To: Sent: Thursday, March 15, 2001 10:58 AM Subject: compiling issues with directories > Hi to everyone, > > I have been trying to install Samba 2.0.7 on my Redhat Linux 6.2 as both a > file server and an NT domain controller. I am encountering a problem that > is quite odd and I am not sure why I am having this problem. > > When I installed Redhat, I had it install the samba files thinking that I > would just overwrite them with the samba 2.0.7 install. However, after > compiling and installing samba, there is no smb.conf file in the lib > directory and no private folder. This issue is easily overcome as I have a > copy of smb.conf from the redhat install of samba (it installs it in > /etc/samba) and I can create the smbpasswd file by calling the smbpasswd > binary. > > However, the mapping of the directories appear to be from the redhat > install of samba. When I start smbd, it is still looking for the smb.conf > file in /etc/samba, not /usr/local/samba/lib. And when I create an > smbpasswd file by calling the smbpasswd binary, it creates it in > /etc/samba/private). I have reconfigured the 2.0.7 samba and this problem > still exists. > > Any insight on this matter will be welcomed. > > Thanks in advance, > > Kevin Chan > Systems Administrator > Administrative Computing > > > > > From greg at leiinc.com Thu Mar 15 19:35:06 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:44 2003 Subject: Has configure changed for compiliing? Message-ID: <003101c0ad87$0a8f2f40$6f00a8c0@leinet> I noticed something that seems to have changed. When I compile samba 2.2 from CVS, I use the configure command: ./configure --bindir=/usr/bin --sbindir=/usr/sbin --with-smbmount --with-pri vatedir=/etc/private --libdir=/etc --localstatedir=/var/log --with-lockdir=/ var/lock/smaba This used to put my executables in the /usr/bin directory, now it puts part of them in this directory (eg, smbpasswd) by the samba daemons in the /urs/local/bin directory? Am I doing something wrong?? Thanks Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 369 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010315/3a856f7c/GregJ.Zartman.vcf From edmundo at shitepie.net Thu Mar 15 20:46:11 2001 From: edmundo at shitepie.net (Stokes) Date: Tue Dec 2 02:33:44 2003 Subject: Win2k home directory drive mapping.. Message-ID: <00c101c0ad90$f8a4f530$010aa8c0@shitepie> Sorry if this is something that is stated elsewhere, but I can't seem to find a way to change the drive that gets mapped to the user's home directory from Z: to something else... Anyone know how to do this? _________________________________________ Marshall Stokes Programmer / Systems Administrator Center for Secure and Dependable Software University of Idaho JEB240, 208-885-6939 From damason at davenet.mine.nu Thu Mar 15 20:58:08 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:44 2003 Subject: Permissions question In-Reply-To: <006401c0ad6b$a10c7cf0$6f00a8c0@leinet> Message-ID: If you add one more parameter to the share, it should fix it: force group = domain_users What is happening now is that members of domain_users are allowed to connect, but they are not acting as that group, but rather as their default group. force group will cause them to act as that group when working in that directory. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Greg J. Zartman, P.E. Sent: Thursday, March 15, 2001 08:19 To: Samba News Subject: Permissions question I have permissions type question that I'm sure is very elementary to the veteran Unix user, but confusing to a Windows person like myself. Stupid questions from us Windows people are OK because you guys are converting us to Linux, right? :o) I have a Samba PDC setup for a Win2000/NT domain. I'm having difficulty with permissions on the group shares. Specifically, I have a main project share where people store project data that I want to be accessible by all. I don't want to restrict access to anyone, except those that don't have an account on the PDC. Where my confusion comes in is the Unix/Linux filesystem security. I've setup a Unix group called domain_users and made everyone on my network a member of that group. I set the ownership of the shared project directory, Linux, to the domain_users group and made it readable, writable, and executable to this group. On the samba end, I set valid user = @domain_users, create mode = 0770, and directory mode = 0770. But, when my users create a directory or file in the shared directory tree, the ownership of the directory or file is set to the creator's username and group name. What I want is for the group ownership to be automatically set to domain_users, so everyone can access the file or directory. Is the only option to make this happen to use the force group parameter in my smb.conf file? Thank you. Greg J. Zartman, P.E. From gcarter at valinux.com Thu Mar 15 21:04:06 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:44 2003 Subject: Win2k home directory drive mapping.. In-Reply-To: <00c101c0ad90$f8a4f530$010aa8c0@shitepie> Message-ID: On Thu, 15 Mar 2001, Stokes wrote: > Sorry if this is something that is stated elsewhere, but I can't seem > to find a way to change the drive that gets mapped to the user's home > directory from Z: to something else... > See the login drive parameter in smb.conf(5) Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From damason at davenet.mine.nu Thu Mar 15 21:02:46 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:44 2003 Subject: compiling issues with directories In-Reply-To: <4.3.2.7.2.20010315105142.00ad99d0@uclink4.berkeley.edu> Message-ID: The directions in the documentation section of www.samba.org provide the specifics for creating a private directory and setting its permissions correctly, as well as a sample rc script (/etc/rc.d/init.d/smbd). It is also normal for it not to create a smb.conf in the lib directory; you will have to write one. What you should do to prevent the default rpm samba from getting in the way is chkconfig smb off (or whatever the name of your smb startup script is) Then, use the sample rc script in the documentation to create a new smb22a or something. Be sure to set the permissions correctly (you can use the same permissions as the old smb rc script). Then, follow the documentation for creating your smb.conf in the lib directory. Then, start samba: service smb22a start or /etc/rc.d/init.d/smb22a start -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Kevin Chan Sent: Thursday, March 15, 2001 10:58 To: samba-ntdom@samba.org Subject: compiling issues with directories Hi to everyone, I have been trying to install Samba 2.0.7 on my Redhat Linux 6.2 as both a file server and an NT domain controller. I am encountering a problem that is quite odd and I am not sure why I am having this problem. When I installed Redhat, I had it install the samba files thinking that I would just overwrite them with the samba 2.0.7 install. However, after compiling and installing samba, there is no smb.conf file in the lib directory and no private folder. This issue is easily overcome as I have a copy of smb.conf from the redhat install of samba (it installs it in /etc/samba) and I can create the smbpasswd file by calling the smbpasswd binary. However, the mapping of the directories appear to be from the redhat install of samba. When I start smbd, it is still looking for the smb.conf file in /etc/samba, not /usr/local/samba/lib. And when I create an smbpasswd file by calling the smbpasswd binary, it creates it in /etc/samba/private). I have reconfigured the 2.0.7 samba and this problem still exists. Any insight on this matter will be welcomed. Thanks in advance, Kevin Chan Systems Administrator Administrative Computing From aalang at rutgersinsurance.com Thu Mar 15 21:07:06 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:44 2003 Subject: Win2k home directory drive mapping.. References: <00c101c0ad90$f8a4f530$010aa8c0@shitepie> Message-ID: <003001c0ad93$e4468b00$330a0a0a@rutgersinsurance.com> http://www.snapappliances.com/security.asp I have a question about this. Would the following imply that it would work with Samba authentication? "Snap Servers can obtain a user and group list from your NT Domain Controller for authenticating users. When integrating with a Microsoft NT Domain, the Snap Server takes advantage of the security settings that are already established. In a Microsoft domain, Snap Servers allow pass-through authentication for the global users and groups from the domain controller and support host name resolution from a WINS server. " Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com From damason at davenet.mine.nu Thu Mar 15 21:12:21 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:45 2003 Subject: Win2k home directory drive mapping.. In-Reply-To: <003001c0ad93$e4468b00$330a0a0a@rutgersinsurance.com> Message-ID: It is my impression that Snap servers run Samba, which would lead one to expect some degree of compatibility to Samba. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Adam Lang Sent: Thursday, March 15, 2001 13:07 To: samba-ntdom Subject: Re: Win2k home directory drive mapping.. http://www.snapappliances.com/security.asp I have a question about this. Would the following imply that it would work with Samba authentication? "Snap Servers can obtain a user and group list from your NT Domain Controller for authenticating users. When integrating with a Microsoft NT Domain, the Snap Server takes advantage of the security settings that are already established. In a Microsoft domain, Snap Servers allow pass-through authentication for the global users and groups from the domain controller and support host name resolution from a WINS server. " Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com From jbeauchamp at gesinc.com Fri Mar 16 00:35:15 2001 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:33:45 2003 Subject: log.smb errors Message-ID: <007b01c0adb0$fc668380$1d01a8c0@gesinc.com> Hi all: I am running Samba 2.0.7 on an HP netserver running RH Linux 6.2. I have a small network with Win9x but mostly winnt machines. In looking at my log.smb I see the following error: /lib/util_sock.c:client_name (1007) gethostbyaddr failed for 192.168.1.x where x is an address on my network. This message is repeated over and over for every client on the network. Any idea what is causing this? BTW this same machine is also running DHCP for my network clients and Samba is the WINS server. TIA James Beauchamp, P.E. Global Environmental Solutions, Inc. 2621 Sandy Plains Road - Suite 102 Marietta, GA 30066 www.gesinc.com 770-579-6097 - ext. 227 770-579-6099 (fax) From greg at leiinc.com Thu Mar 15 21:49:21 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:45 2003 Subject: Compile Differences Message-ID: <00d401c0ad99$cb9b0670$6f00a8c0@leinet> I posted a comment a little earlier today about an issue that I ran into where the recent Samba2.2 CVS source was installing the samba executables in different directories that I was used to. After playing around with this a little, it appears that a CVS download that I have from Feb 26th, 2001 compiles and installs much differently than a download from today (3/15/01). To compile, I have a very simple shell script with the command: ./configure --bindir=/usr/bin --sbindir=/usr/sbin --with-smbmount --with-pri vatedir=/etc/private --libdir=/etc --localstatedir=/var/log --with-lockdir=/ var/lock/samba When I run this script on the source from Feb 26th, I get an install that I would expect. The executables go in the /usr/bin directory and the smb.conf file is located in the /etc directory. If I run this script on the source that I downloaded this morning, I get a very unexpected result. It appears that the configure routine is ignoring the command line parameters in my script and compiling and installing using default type paths on a selection of the executables. For example, if I install using the compiled code from today, the smbpasswd executable cannot find my smb.conf file (also turn for smbclient, smbstatus, testparam). Is there a new method that needs to be used to compile the samba source from CVS? Thank you Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 369 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010315/2687429b/GregJ.Zartman.vcf From lynn at tsunami.cis.usouthal.edu Thu Mar 15 22:04:36 2001 From: lynn at tsunami.cis.usouthal.edu (Keith Lynn) Date: Tue Dec 2 02:33:45 2003 Subject: Internet Access In-Reply-To: <86256A10.005465FE.00@amoa.org> Message-ID: Thank you for your help. This solved the problem. Keith Lynn Systems Administrator School of Computer and Information Sciences University of South Alabama Mobile, AL 36608 Phone: (334) 460-6390 Fax: (334) 460-7274 Alternative E-mail: lynn@gateway.cis.usouthal.edu URL: http://www.cis.usouthal.edu/~lynn/ On Thu, 15 Mar 2001 ctooley@amoa.org wrote: > > > Did you turn on ip_forward? If not you do that by: > > echo 1 > /proc/sys/net/ipv4/ip_forward > > This turns on the ability to forward packets that come to that machine and are > bound for somewhere else. > > Chris Tooley > > > > > > > > Keith Lynn on 03/15/2001 09:23:04 AM > > > > To: samba-ntdom@samba.org > > cc: (bcc: Chris Tooley/AMOA) > > > > Subject Internet Access > : > > > > > > > > Hello everyone, > This question may be slightly off the subject, but I thought someone > might be able to help me with this. > I run several computer labs, each running Windows NT 4.0 clients with > a Samba server running on RedHat Linux. > What I would like to do is have this server not only run Samba but > act as a pseudorouter. That is, there is a main router in our University, > and each client is set to use that router as its gateway. > What I want to do is change the gateway on each client to the server > running Samba, and then as needed shut off routed so that packets can't > get to the real router. However, I have not been able to get routed to > work on the server. > The specifics of the problem are that a client machine has IP address > 192.168.103.11, and the Samba server has IP address 192.168.103.149. I've > tried running routed and setting up /etc/gateways, but I can't get > 192.168.103.11 to ping any machines outside the subnet. Has anyone had > experience using routed? Thanks. > > Keith Lynn > Systems Administrator > School of Computer and Information Sciences > University of South Alabama > Mobile, AL 36608 > Phone: (334) 460-6390 > Fax: (334) 460-7274 > Alternative E-mail: lynn@gateway.cis.usouthal.edu > URL: http://www.cis.usouthal.edu/~lynn/ > > > > > > > From peter.milburn at sofcom.com.au Thu Mar 15 22:44:36 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:45 2003 Subject: Samba 2.2aplha3 Message-ID: I have just got the latest CVS of samba2.2 I have tried to get a w2k machine to join the domain, but with no luck. I made the machine account as follows adduser -g machines -d /dev/null -s /bin/false -n machinename$ smbpasswd -a -m machinename when I try to get the w2k box to join , I get the following error. Your computer could not be joined to the domain because of the following error: The credentials supplied conflict with an existing set of credentials. Any help on this would be muchly appreciated. Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: BDY.RTF Type: application/rtf Size: 1830 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010316/e78b4a80/BDY.rtf From jeremy at valinux.com Thu Mar 15 23:29:26 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:45 2003 Subject: Compile Differences In-Reply-To: <00d401c0ad99$cb9b0670$6f00a8c0@leinet>; from greg@leiinc.com on Thu, Mar 15, 2001 at 01:49:21PM -0800 References: <00d401c0ad99$cb9b0670$6f00a8c0@leinet> Message-ID: <20010315152926.B29505@valinux.com> On Thu, Mar 15, 2001 at 01:49:21PM -0800, Greg J. Zartman, P.E. wrote: > I posted a comment a little earlier today about an issue that I ran into > where the recent Samba2.2 CVS source was installing the samba executables in > different directories that I was used to. > > After playing around with this a little, it appears that a CVS download that > I have from Feb 26th, 2001 compiles and installs much differently than a > download from today (3/15/01). > > To compile, I have a very simple shell script with the command: > ./configure --bindir=/usr/bin --sbindir=/usr/sbin --with-smbmount --with-pri > vatedir=/etc/private --libdir=/etc --localstatedir=/var/log --with-lockdir=/ > var/lock/samba Yes, this was due to a --with-fhs patch that was applied. I've added more code and regenerated the ./configure script with autoconf in the CVS 2.2 tree. Try checking out again - should be fine now (it is here). Thanks for reporting the bug, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From greg at leiinc.com Fri Mar 16 00:25:44 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:45 2003 Subject: Compile Differences References: <00d401c0ad99$cb9b0670$6f00a8c0@leinet> <20010315152926.B29505@valinux.com> Message-ID: <004501c0adaf$a4ae6af0$6f00a8c0@leinet> Jeremy, I've downloaded an update to the Samba 2.2 source a couple times not and have been playing around with compiling and installing and am still getting strange results. For example, I specified the --libdir=/etc and the make routine compiles the executables to look for the smb.conf file in /usr/local/samba/etc/samba directory. I even played around with setting the --with-fhs=no, and I didn't get what I expected. Should I be looking at using a different set of paths for samba. It appears to me like it is preferred to have everything in the /usr/local/samba directory tree. Thank you Regards, Greg ----- Original Message ----- From: "Jeremy Allison" To: "Greg J. Zartman, P.E." Cc: "Samba News" Sent: Thursday, March 15, 2001 3:29 PM Subject: Re: Compile Differences > On Thu, Mar 15, 2001 at 01:49:21PM -0800, Greg J. Zartman, P.E. wrote: > > I posted a comment a little earlier today about an issue that I ran into > > where the recent Samba2.2 CVS source was installing the samba executables in > > different directories that I was used to. > > > > After playing around with this a little, it appears that a CVS download that > > I have from Feb 26th, 2001 compiles and installs much differently than a > > download from today (3/15/01). > > > > To compile, I have a very simple shell script with the command: > > ./configure --bindir=/usr/bin --sbindir=/usr/sbin --with-smbmount --with-pri > > vatedir=/etc/private --libdir=/etc --localstatedir=/var/log --with-lockdir=/ > > var/lock/samba > > Yes, this was due to a --with-fhs patch that was applied. > I've added more code and regenerated the ./configure > script with autoconf in the CVS 2.2 tree. Try checking > out again - should be fine now (it is here). > > Thanks for reporting the bug, > > Jeremy. > > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > > From jeremy at valinux.com Fri Mar 16 00:50:09 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:45 2003 Subject: Compile Differences In-Reply-To: <004501c0adaf$a4ae6af0$6f00a8c0@leinet>; from greg@leiinc.com on Thu, Mar 15, 2001 at 04:25:44PM -0800 References: <00d401c0ad99$cb9b0670$6f00a8c0@leinet> <20010315152926.B29505@valinux.com> <004501c0adaf$a4ae6af0$6f00a8c0@leinet> Message-ID: <20010315165009.A31521@valinux.com> On Thu, Mar 15, 2001 at 04:25:44PM -0800, Greg J. Zartman, P.E. wrote: > Jeremy, > > I've downloaded an update to the Samba 2.2 source a couple times not and > have been playing around with compiling and installing and am still getting > strange results. > > For example, I specified the --libdir=/etc and the make routine compiles the > executables to look for the smb.conf file in /usr/local/samba/etc/samba > directory. I even played around with setting the --with-fhs=no, and I > didn't get what I expected. > > Should I be looking at using a different set of paths for samba. It appears > to me like it is preferred to have everything in the /usr/local/samba > directory tree. That's the default. The paths to various files are controlled by the following things : --bindir = Path to binaries client --sbindir = Path to server binaries (defaults to same as --bindir) --with-configdir = Path to smb.conf file (defaults to same as --libdir) --with-lockdir = Path to Samba lock files --with-privatedir = Path to smbpasswd file. If you use the same path you specified in your original bug report it should now put everything where you want (it did in my tests). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From kiko.linux at uol.com.br Fri Mar 16 02:39:10 2001 From: kiko.linux at uol.com.br (Kiko) Date: Tue Dec 2 02:33:45 2003 Subject: PDC and BDC Message-ID: <000e01c0adc2$48549fa0$9737ddc8@yoda> Hi everybody.. I?m new in samba working with PDC and BDC, so I?m having some troubles with my Linux box working with my PDC and BDC When I tried to connect to my Linux Box using a domain user it doesn?t log in... My configuration is set to: security = domain password server = PDC, BDC workgroup = DomainName encrypt passwords = yes Ok..that?s some lines of my configuration file... How should i configure my shares(like users that can use those shares) to NTWs be able to log in the linux box?? Should i make anymore configuration on [global] settings?? Maybe this is a stupid question, but I could?n find it on the samba documentations, and couldn?t implement using my knowlegments in Linux..=( Thanks, Kiko -------------- next part -------------- HTML attachment scrubbed and removed From simo.sorce at polimi.it Fri Mar 16 07:32:36 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:45 2003 Subject: compiling issues with directories In-Reply-To: <4.3.2.7.2.20010315105142.00ad99d0@uclink4.berkeley.edu> Message-ID: First uninstall the stock samba (rpm -e samba) then compile the downloaded one. If you do not specify any path to ./configure then you'll find samba in /use/local/samba after a "make install" On Thu, 15 Mar 2001, Kevin Chan wrote: > Hi to everyone, > > I have been trying to install Samba 2.0.7 on my Redhat Linux 6.2 as both a > file server and an NT domain controller. I am encountering a problem that > is quite odd and I am not sure why I am having this problem. > > When I installed Redhat, I had it install the samba files thinking that I > would just overwrite them with the samba 2.0.7 install. However, after > compiling and installing samba, there is no smb.conf file in the lib > directory and no private folder. This issue is easily overcome as I have a > copy of smb.conf from the redhat install of samba (it installs it in > /etc/samba) and I can create the smbpasswd file by calling the smbpasswd > binary. > > However, the mapping of the directories appear to be from the redhat > install of samba. When I start smbd, it is still looking for the smb.conf > file in /etc/samba, not /usr/local/samba/lib. And when I create an > smbpasswd file by calling the smbpasswd binary, it creates it in > /etc/samba/private). I have reconfigured the 2.0.7 samba and this problem > still exists. > > Any insight on this matter will be welcomed. > > Thanks in advance, > > Kevin Chan > Systems Administrator > Administrative Computing > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From samba at velans.net Fri Mar 16 09:18:09 2001 From: samba at velans.net (SenthilVelan PI) Date: Tue Dec 2 02:33:45 2003 Subject: compiling issues with directories References: Message-ID: <000101c0ae03$65cf6740$0e0aa8c0@dsl> Try to hard link the /etc/samba/smb.com with /usr/local/samba/lib/smb.conf and /etc/samba/smbpasswd with /usr/local/samba/private/smbpasswd ----- Original Message ----- From: Simo Sorce To: Kevin Chan Cc: Sent: Friday, March 16, 2001 1:02 PM Subject: Re: compiling issues with directories > First uninstall the stock samba (rpm -e samba) > then compile the downloaded one. > If you do not specify any path to ./configure > then you'll find samba in /use/local/samba after a "make install" > > > On Thu, 15 Mar 2001, Kevin Chan wrote: > > > Hi to everyone, > > > > I have been trying to install Samba 2.0.7 on my Redhat Linux 6.2 as both a > > file server and an NT domain controller. I am encountering a problem that > > is quite odd and I am not sure why I am having this problem. > > > > When I installed Redhat, I had it install the samba files thinking that I > > would just overwrite them with the samba 2.0.7 install. However, after > > compiling and installing samba, there is no smb.conf file in the lib > > directory and no private folder. This issue is easily overcome as I have a > > copy of smb.conf from the redhat install of samba (it installs it in > > /etc/samba) and I can create the smbpasswd file by calling the smbpasswd > > binary. > > > > However, the mapping of the directories appear to be from the redhat > > install of samba. When I start smbd, it is still looking for the smb.conf > > file in /etc/samba, not /usr/local/samba/lib. And when I create an > > smbpasswd file by calling the smbpasswd binary, it creates it in > > /etc/samba/private). I have reconfigured the 2.0.7 samba and this problem > > still exists. > > > > Any insight on this matter will be welcomed. > > > > Thanks in advance, > > > > Kevin Chan > > Systems Administrator > > Administrative Computing > > > > > > > > -- > Simo Sorce - Linux Systems Consultant > E-mail: simo.sorce@polimi.it > Tel: +39 0348 7149179 - Fax: +39 02 700442399 > ----------------------------------------------------------------- > Be happy, use Linux! > > > > From don_mccall at hp.com Fri Mar 16 13:28:38 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:45 2003 Subject: PDC and BDC Message-ID: <079FD72E42C9D311B854009027650E6F040508C5@xatl02.atl.hp.com> Kiko, have you added your linux machine name to the NT domain using server manager? And then run smbpasswd -j DomainName -r PDC ? Don -----Original Message----- From: Kiko [mailto:kiko.linux@uol.com.br] Sent: Thursday, March 15, 2001 9:39 PM To: samba-ntdom@us5.samba.org Subject: PDC and BDC Hi everybody.. I?m new in samba working with PDC and BDC, so I?m having some troubles with my Linux box working with my PDC and BDC When I tried to connect to my Linux Box using a domain user it doesn?t log in... My configuration is set to: security = domain password server = PDC, BDC workgroup = DomainName encrypt passwords = yes Ok..that?s some lines of my configuration file... How should i configure my shares(like users that can use those shares) to NTWs be able to log in the linux box?? Should i make anymore configuration on [global] settings?? Maybe this is a stupid question, but I could?n find it on the samba documentations, and couldn?t implement using my knowlegments in Linux..=( Thanks, Kiko From linux at fenix.uam.mx Fri Mar 16 14:58:34 2001 From: linux at fenix.uam.mx (Ing. Romy Perez Moreno) Date: Tue Dec 2 02:33:45 2003 Subject: Samba 2.2aplha3 In-Reply-To: Message-ID: hi peter, i had the same message and it was because when i tried to log in the domain some network connections were alive, break down any shared network connections of your session, log out and try again. romy. From kiko.linux at uol.com.br Fri Mar 16 15:55:08 2001 From: kiko.linux at uol.com.br (Kiko) Date: Tue Dec 2 02:33:45 2003 Subject: PDC and BDC References: <079FD72E42C9D311B854009027650E6F040508C5@xatl02.atl.hp.com> Message-ID: <001501c0ae31$7c94a200$9737ddc8@yoda> Yes, Don.. i did it...But i couldn?t log in the linux box using a domain account.. There is any coniguration os shares that could blocking the connection?? Like users allowed?? Thanks, Kiko ----- Original Message ----- From: "MCCALL,DON (HP-USA,ex1)" To: "'Kiko'" ; Sent: Friday, March 16, 2001 10:28 AM Subject: RE: PDC and BDC > Kiko, > have you added your linux machine name to the NT domain using server > manager? > And then run smbpasswd -j DomainName -r PDC > ? > Don > > -----Original Message----- > From: Kiko [mailto:kiko.linux@uol.com.br] > Sent: Thursday, March 15, 2001 9:39 PM > To: samba-ntdom@us5.samba.org > Subject: PDC and BDC > > > Hi everybody.. > > I?m new in samba working with PDC and BDC, so I?m having some troubles with > my Linux box working with my PDC and BDC > > When I tried to connect to my Linux Box using a domain user it doesn?t log > in... > > My configuration is set to: > > security = domain > password server = PDC, BDC > workgroup = DomainName > encrypt passwords = yes > > Ok..that?s some lines of my configuration file... > How should i configure my shares(like users that can use those shares) to > NTWs be able to log in the linux box?? > Should i make anymore configuration on [global] settings?? > > > Maybe this is a stupid question, but I could?n find it on the samba > documentations, and couldn?t implement using my knowlegments in Linux..=( > > Thanks, > > Kiko > > From greg at kwikfind.com Fri Mar 16 16:05:24 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:45 2003 Subject: Compile Differences References: <00d401c0ad99$cb9b0670$6f00a8c0@leinet> <20010315152926.B29505@valinux.com> <004501c0adaf$a4ae6af0$6f00a8c0@leinet> <20010315165009.A31521@valinux.com> Message-ID: <000701c0ae32$ea173080$6f00a8c0@leinet> You are correct, it was a problem on my end. I'm not sure if I didn't get a good update from the CVS code tree, or what it was. I re-downloaded the Samba source and recompiled and everything works sweet. I also noticed that you fixed the "stub" issue related to changing passwords remotely on a win2000 machine. Excellent work!!! Regards, Greg ----- Original Message ----- From: "Jeremy Allison" To: "Greg J. Zartman, P.E." Cc: "Samba News" Sent: Thursday, March 15, 2001 4:50 PM Subject: Re: Compile Differences > On Thu, Mar 15, 2001 at 04:25:44PM -0800, Greg J. Zartman, P.E. wrote: > > Jeremy, > > > > I've downloaded an update to the Samba 2.2 source a couple times not and > > have been playing around with compiling and installing and am still getting > > strange results. > > > > For example, I specified the --libdir=/etc and the make routine compiles the > > executables to look for the smb.conf file in /usr/local/samba/etc/samba > > directory. I even played around with setting the --with-fhs=no, and I > > didn't get what I expected. > > > > Should I be looking at using a different set of paths for samba. It appears > > to me like it is preferred to have everything in the /usr/local/samba > > directory tree. > > That's the default. The paths to various files are controlled > by the following things : > > --bindir = Path to binaries client > --sbindir = Path to server binaries (defaults to same as --bindir) > --with-configdir = Path to smb.conf file (defaults to same as --libdir) > --with-lockdir = Path to Samba lock files > --with-privatedir = Path to smbpasswd file. > > If you use the same path you specified in your original bug > report it should now put everything where you want (it did > in my tests). > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > > > From don_mccall at hp.com Fri Mar 16 16:06:47 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:46 2003 Subject: PDC and BDC Message-ID: <079FD72E42C9D311B854009027650E6F040508CF@xatl02.atl.hp.com> Kiko, If you want, you can set (in the global section of smb.conf); log level = 10 log file = /..../log.%m Then attempt to attach to the samba share from your pc workstation; this should generate a log file called log. that will have information in it as to WHY this is happening. I'd be glad to take a quick look at it, if you want to send it to me off-list. Thanks, Don -----Original Message----- From: Kiko [mailto:kiko.linux@uol.com.br] Sent: Friday, March 16, 2001 10:55 AM To: samba-ntdom@us5.samba.org Subject: Re: PDC and BDC Yes, Don.. i did it...But i couldn?t log in the linux box using a domain account.. There is any coniguration os shares that could blocking the connection?? Like users allowed?? Thanks, Kiko ----- Original Message ----- From: "MCCALL,DON (HP-USA,ex1)" To: "'Kiko'" ; Sent: Friday, March 16, 2001 10:28 AM Subject: RE: PDC and BDC > Kiko, > have you added your linux machine name to the NT domain using server > manager? > And then run smbpasswd -j DomainName -r PDC > ? > Don > > -----Original Message----- > From: Kiko [mailto:kiko.linux@uol.com.br] > Sent: Thursday, March 15, 2001 9:39 PM > To: samba-ntdom@us5.samba.org > Subject: PDC and BDC > > > Hi everybody.. > > I?m new in samba working with PDC and BDC, so I?m having some troubles with > my Linux box working with my PDC and BDC > > When I tried to connect to my Linux Box using a domain user it doesn?t log > in... > > My configuration is set to: > > security = domain > password server = PDC, BDC > workgroup = DomainName > encrypt passwords = yes > > Ok..that?s some lines of my configuration file... > How should i configure my shares(like users that can use those shares) to > NTWs be able to log in the linux box?? > Should i make anymore configuration on [global] settings?? > > > Maybe this is a stupid question, but I could?n find it on the samba > documentations, and couldn?t implement using my knowlegments in Linux..=( > > Thanks, > > Kiko > > From drak at mdm-net.it Fri Mar 16 21:57:06 2001 From: drak at mdm-net.it (Drak) Date: Tue Dec 2 02:33:46 2003 Subject: only a FEW clients coul find PDC Message-ID: <000b01c0ae64$0dd37b60$8ec978c3@drk> Hi everybody, I have network (192.168.0.1 with a NT PDC (domain=NCDOMAIN) 192.168.0.2 with LINUX, 192.168.0.3 to 192.168.0.27) with NT4 and NT2000 clients that I want to add to a domain controlled by samba 2.0.7 (included in Linux Mandrake 7.2 distribution. IP: 192.168.0.2/255.255.255.0). I tried to add a NT4 client (a firewall at this time DISABLED with 3 network interfaces. IP: 192.168.0.5/255.255.255.0) in the domain, and after a few tries the client joined the domain. The other NT4 clients complain they cant' find a PDC for that domain. They don' t show it in network neighbourhood and they can' t find it even with find computer. They can find it only after having restarted samba services by find computer. I made a machine account for each client (adduser -g machines -c WorkstationNT -d /dev/null -s /bin/false -m machine$ ; smbpasswd -a -m machine$. notice that i had to add manually entries for the machines group in /etc/group). After made an entry in smbpasswd file for administrator, I log on the client with a local account that has the same username/password pair of the domain admin user and try to make the client to joi the domain. The client always respond it cannot find the domain controller Here is my smb.conf file [global] debug level = 4 available = yes time server = true remote announce = 192.168.0.255 default service = reference nt acl support = yes nt smb support = yes nt pipe support = yes preferred master = yes dead time = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 getwd cache = yes log file = /var/log/samba/log.%m security = user status = yes netbios name = linux announce as = NT Server protocol = NT1 workgroup = dominio wins support = yes smbpasswd file = /usr/local/samba/private/smbpasswd encrypt passwords = yes domain logons = yes logon script = scripts\%U.bat logon path = //%L/profiles/%U domain admin users = administrator domain admin group = @domainadmin add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false -n %m$ guest account = nobody share modes = no os level = 65 domain master = yes [homes] guest ok = no read only = no create mask = 0700 directory mask = 0700 oplocks = false locking = no [netlogon] path = /home/netlogon writeable = no guest ok = no [profiles] browseable = yes public = yes guest only = no writeable = yes only user = no create mask = 0777 directory mask = 0777 path = /home/profiles [GraficaNuova] write list = @grafici create mask = 0775 directory mask = 0755 path = /home/samba/grafica_nuova [GraficaFatta] write list = @scasi create mask = 0775 directory mask = 0755 path = /home/samba/grafica_esistente [ArchivioCDR] write list = @scasi create mask = 0775 directory mask = 0755 path = /home/samba/cdr_operativi [ArchivioEXP] write list = @scasi create mask = 0775 directory mask = 0755 path = /home/samba/export_operativi I set debug level to 4. here are log.smb and log.nmb after starting services LOG.SMB [2001/03/16 19:00:44, 1] smbd/server.c:main(641) smbd version 2.0.7 started. Copyright Andrew Tridgell 1992-1998 doing parameter available = yes doing parameter time server = true doing parameter remote announce = 192.168.0.255 doing parameter default service = reference doing parameter nt acl support = yes doing parameter nt smb support = yes doing parameter nt pipe support = yes doing parameter preferred master = yes doing parameter dead time = 0 doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter getwd cache = yes doing parameter log file = /var/log/samba/log.%m doing parameter security = user doing parameter status = yes doing parameter netbios name = linux [2001/03/16 19:00:44, 4] param/loadparm.c:handle_netbios_name(1930) handle_netbios_name: set global_myname to: LINUX doing parameter announce as = NT Server doing parameter protocol = NT1 doing parameter workgroup = dominio doing parameter wins support = yes doing parameter smbpasswd file = /usr/local/samba/private/smbpasswd doing parameter encrypt passwords = yes doing parameter domain logons = yes doing parameter logon script = scripts\%U.bat doing parameter logon path = //%L/profiles/%U doing parameter domain admin users = administrator doing parameter domain admin group = @domainadmin doing parameter add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false -n %m$ doing parameter guest account = nobody doing parameter share modes = no doing parameter os level = 65 doing parameter domain master = yes [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[homes]" doing parameter guest ok = no doing parameter read only = no doing parameter create mask = 0700 doing parameter directory mask = 0700 doing parameter oplocks = false doing parameter locking = no [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[netlogon]" doing parameter path = /home/netlogon doing parameter writeable = no doing parameter guest ok = no [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[profiles]" doing parameter browseable = yes doing parameter public = yes doing parameter guest only = no doing parameter writeable = yes doing parameter only user = no doing parameter create mask = 0777 doing parameter directory mask = 0777 doing parameter path = /home/profiles [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[GraficaNuova]" doing parameter write list = @grafici doing parameter create mask = 0775 doing parameter directory mask = 0755 doing parameter path = /home/samba/grafica_nuova [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[GraficaFatta]" doing parameter write list = @scasi doing parameter create mask = 0775 doing parameter directory mask = 0755 doing parameter path = /home/samba/grafica_esistente [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[ArchivioCDR]" doing parameter write list = @scasi doing parameter create mask = 0775 doing parameter directory mask = 0755 doing parameter path = /home/samba/cdr_operativi [2001/03/16 19:00:44, 2] param/loadparm.c:do_section(2481) Processing section "[ArchivioEXP]" doing parameter write list = @scasi doing parameter create mask = 0775 doing parameter directory mask = 0755 doing parameter path = /home/samba/export_operativi [2001/03/16 19:00:44, 3] param/loadparm.c:lp_load(2805) pm_process() returned Yes [2001/03/16 19:00:44, 3] param/loadparm.c:lp_add_ipc(1594) adding IPC service [2001/03/16 19:00:44, 2] lib/interface.c:add_interface(83) added interface ip=192.168.0.2 bcast=192.168.0.255 nmask=255.255.255.0 [2001/03/16 19:00:44, 1] smbd/files.c:file_init(216) file_init: Information only: requested 10000 open files, 1014 are available. [2001/03/16 19:00:44, 3] smbd/server.c:main(704) loaded services [2001/03/16 19:00:44, 3] smbd/server.c:main(712) Becoming a daemon. [2001/03/16 19:00:44, 3] lib/util_sock.c:open_socket_in(875) bind succeeded on port 139 [2001/03/16 19:00:44, 2] smbd/server.c:open_sockets(181) waiting for a connection and here things seems fine here is LOG.NMB after starting service **** various log message above reportin startup of service, then ... Samba name server LINUX is now a local master browser for workgroup DOMINIO on subnet 192.168.0.2 ***** [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet 192.168.0.2: found. [2001/03/16 19:01:07, 3] nmbd/nmbd_sendannounce.c:send_local_master_announcement(176) send_local_master_announcement: type c9b2b for name LINUX on subnet 192.168.0.2 for workgroup DOMINIO [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:send_mailslot(1959) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from LINUX<00> IP 192.168.0.2 to DOMINIO<1e> IP 192.168.0.255 [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:debug_browse_data(103) debug_browse_data(): 0 char ......LINUX..... hex 0f 03 c0 d4 01 00 4c 49 4e 55 58 00 00 00 00 00 10 char ........+.....U. hex 00 00 00 00 00 00 04 02 2b 9b 0c 00 0f 01 55 aa 20 char Samba 2.0.7. hex 53 61 6d 62 61 20 32 2e 30 2e 37 00 [2001/03/16 19:01:07, 3] nmbd/nmbd_sendannounce.c:send_workgroup_announcement(195) send_workgroup_announcement: on subnet 192.168.0.2 for workgroup DOMINIO [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:send_mailslot(1959) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from LINUX<00> IP 192.168.0.2 to __MSBROWSE__<01> IP 192.168.0.255 [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:debug_browse_data(103) debug_browse_data(): 0 char ......DOMINIO... hex 0c 03 c0 d4 01 00 44 4f 4d 49 4e 49 4f 00 00 00 10 char ..............U. hex 00 00 00 00 00 00 04 02 00 10 00 80 0f 01 55 aa 20 char LINUX. hex 4c 49 4e 55 58 00 [2001/03/16 19:01:07, 4] nmbd/nmbd_sendannounce.c:announce_myself_to_domain_master_browser(422) announce_myself_to_domain_master_browser: I am a local master browser for workgroup DOMINIO on subnet 192.168.0.2 [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 2] nmbd/nmbd_browsesync.c:announce_local_master_browser_to_domain_master_browse r(120) announce_local_master_browser_to_domain_master_browser: We are both a domain and a local master browser for workgroup DOMINIO. Do not announce to ourselves. [2001/03/16 19:01:07, 2] nmbd/nmbd_browsesync.c:sync_with_dmb(159) sync_with_dmb: Initiating sync with domain master browser LINUX<20> at IP 192.168.0.2 for workgroup DOMINIO [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet 192.168.0.2: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet 192.168.0.2: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:process_dgram(1244) process_dgram: datagram from FABRIZIO<20> to DOMINIO<1d> IP 192.168.0.5 for \MAILSLOT\BROWSE of type 1 len=33 [2001/03/16 19:01:07, 4] nmbd/nmbd_packets.c:debug_browse_data(103) debug_browse_data(): 0 char ......FABRIZIO.. hex 01 00 80 fc 0a 00 46 41 42 52 49 5a 49 4f 00 00 10 char ..............U. hex 00 00 00 00 00 00 04 00 03 10 01 00 0f 01 55 aa 20 char . hex 00 [2001/03/16 19:01:07, 3] nmbd/nmbd_incomingdgrams.c:process_host_announce(117) process_host_announce: from FABRIZIO<00> IP 192.168.0.5 to DOMINIO<1d> for server FABRIZIO. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet 192.168.0.2: found. [2001/03/16 19:01:07, 3] nmbd/nmbd_serverlistdb.c:create_server_on_workgroup(173) create_server_on_workgroup: Created server entry FABRIZIO of type 40011003 () on workgroup DOMINIO. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet 192.168.0.2: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. [2001/03/16 19:01:07, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) find_workgroup_on_subnet: workgroup search for DOMINIO on subnet UNICAST_SUBNET: found. I think also this is OK. But why at this point other clients (out of the domain)could not view the samba server in network neighboorhood and with find computer? I restarted services and finally clients see the server with find computer her is the transcription after find computer from NT client [2001/03/16 19:15:29, 0] lib/util_sock.c:read_socket_data(477) [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 1 of length 174 read_socket_data: recv failure for 4. Error = Connessione abbattuta dal corrispondente [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBnegprot (pid 3815) [2001/03/16 19:15:29, 3] smbd/process.c:timeout_processing(863) receive_smb error (Connessione abbattuta dal corrispondente) exiting [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [PC NETWORK PROGRAM 1.0] [2001/03/16 19:15:29, 2] smbd/server.c:exit_server(408) [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Closing connections Requested protocol [XENIX CORE] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [MICROSOFT NETWORKS 1.03] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LANMAN1.0] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [Windows for Workgroups 3.1a] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LM1.2X002] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LANMAN2.1] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [NT LM 0.12] [2001/03/16 19:15:29, 3] smbd/negprot.c:reply_negprot(424) Selected protocol NT LM 0.12 [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 2 of length 130 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBsesssetupX (pid 3815) [2001/03/16 19:15:29, 3] smbd/server.c:exit_server(435) [2001/03/16 19:15:29, 3] smbd/reply.c:reply_sesssetup_and_X(805) Server exit (normal exit) Domain=[] NativeOS=[Windows NT 1381] NativeLanMan=[] [2001/03/16 19:15:29, 3] smbd/reply.c:reply_sesssetup_and_X(809) sesssetupX:name=[] [2001/03/16 19:15:29, 3] smbd/password.c:setup_groups(192) nobody is in 1 groups: 99 [2001/03/16 19:15:29, 3] smbd/password.c:register_vuid(270) uid 99 registered to name nobody [2001/03/16 19:15:29, 3] smbd/password.c:register_vuid(272) Clearing default real name [2001/03/16 19:15:29, 3] smbd/process.c:chain_reply(775) Chained message [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBtconX (pid 3815) [2001/03/16 19:15:29, 4] smbd/reply.c:reply_tcon_and_X(311) Got device type IPC [2001/03/16 19:15:29, 3] smbd/password.c:authorise_login(816) ACCEPTED: guest account and guest ok [2001/03/16 19:15:29, 3] smbd/service.c:make_connection(441) Connect path is /tmp [2001/03/16 19:15:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /tmp [2001/03/16 19:15:29, 3] smbd/service.c:make_connection(550) fabrizio (217.56.63.3) connect to service IPC$ as user nobody (uid=99, gid=99) (pid 3815) [2001/03/16 19:15:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba [2001/03/16 19:15:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba [2001/03/16 19:15:29, 3] smbd/reply.c:reply_tcon_and_X(358) tconX service=ipc$ user=nobody [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 3 of length 95 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3815) [2001/03/16 19:15:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /tmp [2001/03/16 19:15:29, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \srvsvc. [2001/03/16 19:15:29, 3] smbd/nttrans.c:nt_open_pipe(576) nt_open_pipe: Known pipe srvsvc opening. [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(116) Open pipe requested srvsvc (pipes_open=0) [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(205) Opened pipe srvsvc with handle 7036 (pipes_open=1) [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 4 of length 152 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=72 params=0 setup=2 [2001/03/16 19:15:29, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7036 [2001/03/16 19:15:29, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7036)api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\ntsvcs [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 5 of length 140 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=60 params=0 setup=2 [2001/03/16 19:15:29, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7036 [2001/03/16 19:15:29, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7036)Doing \PIPE\srvsvc [2001/03/16 19:15:29, 4] rpc_server/srv_pipe.c:api_rpcTNP(1084) api_rpcTNP: api_srvsvc_rpc op 0x15 - api_rpcTNP: rpc command: SRV_NET_SRV_GET_INFO [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 6 of length 46 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBclose (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7036 [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(784) closed pipe name srvsvc pnum=7036 (pipes_open=0) [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 7 of length 95 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \srvsvc. [2001/03/16 19:15:29, 3] smbd/nttrans.c:nt_open_pipe(576) nt_open_pipe: Known pipe srvsvc opening. [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(116) Open pipe requested srvsvc (pipes_open=0) [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(205) Opened pipe srvsvc with handle 7037 (pipes_open=1) [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 8 of length 152 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=72 params=0 setup=2 [2001/03/16 19:15:29, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7037 [2001/03/16 19:15:29, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7037)api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\ntsvcs [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 9 of length 140 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=60 params=0 setup=2 [2001/03/16 19:15:29, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7037 [2001/03/16 19:15:29, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7037)Doing \PIPE\srvsvc [2001/03/16 19:15:29, 4] rpc_server/srv_pipe.c:api_rpcTNP(1084) api_rpcTNP: api_srvsvc_rpc op 0x15 - api_rpcTNP: rpc command: SRV_NET_SRV_GET_INFO [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 10 of length 46 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBclose (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7037 [2001/03/16 19:15:29, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(784) closed pipe name srvsvc pnum=7037 (pipes_open=0) [2001/03/16 19:15:29, 3] smbd/process.c:process_smb(618) Transaction 11 of length 96 [2001/03/16 19:15:29, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3815) [2001/03/16 19:15:29, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:15:29, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \browser. [2001/03/16 19:15:29, 3] smbd/error.c:error_packet(138) error packet at line 568 cmd=162 (SMBntcreateX) eclass=2 ecode=4 [2001/03/16 19:16:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba [2001/03/16 19:16:29, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba I dont know if the above log says everything is right or not :( HERE IS THE LOG OF THE CLIENT AFTER TRYING TO JOIN THE DOMAIN log.fabrizio [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 1 of length 174 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBnegprot (pid 3742) [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [PC NETWORK PROGRAM 1.0] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [XENIX CORE] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [MICROSOFT NETWORKS 1.03] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LANMAN1.0] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [Windows for Workgroups 3.1a] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LM1.2X002] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [LANMAN2.1] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(341) Requested protocol [NT LM 0.12] [2001/03/16 19:06:37, 3] smbd/negprot.c:reply_negprot(424) Selected protocol NT LM 0.12 [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 2 of length 196 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBsesssetupX (pid 3742) [2001/03/16 19:06:37, 3] smbd/reply.c:reply_sesssetup_and_X(805) Domain=[STUDIOVIDEO] NativeOS=[Windows NT 1381] NativeLanMan=[] [2001/03/16 19:06:37, 3] smbd/reply.c:reply_sesssetup_and_X(809) sesssetupX:name=[mcarcano] [2001/03/16 19:06:37, 4] smbd/password.c:smb_password_ok(400) Checking SMB password for user mcarcano [2001/03/16 19:06:37, 4] smbd/password.c:smb_password_ok(427) smb_password_ok: Checking NT MD4 password [2001/03/16 19:06:37, 4] smbd/password.c:smb_password_ok(431) NT MD4 password check succeeded [2001/03/16 19:06:37, 3] param/loadparm.c:lp_add_home(1553) adding home directory mcarcano at /home/mcarcano [2001/03/16 19:06:37, 3] smbd/password.c:setup_groups(192) mcarcano is in 2 groups: 530, 532 [2001/03/16 19:06:37, 3] smbd/password.c:register_vuid(270) uid 513 registered to name mcarcano [2001/03/16 19:06:37, 3] smbd/password.c:register_vuid(272) Clearing default real name [2001/03/16 19:06:37, 3] smbd/process.c:chain_reply(775) Chained message [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtconX (pid 3742) [2001/03/16 19:06:37, 4] smbd/reply.c:reply_tcon_and_X(311) Got device type IPC [2001/03/16 19:06:37, 3] smbd/password.c:authorise_login(759) ACCEPTED: validated uid ok as non-guest [2001/03/16 19:06:37, 3] smbd/service.c:make_connection(441) Connect path is /tmp [2001/03/16 19:06:37, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /tmp [2001/03/16 19:06:37, 3] smbd/service.c:make_connection(550) studiovideo (192.168.0.254) connect to service IPC$ as user mcarcano (uid=513, gid=530) (pid 3742) [2001/03/16 19:06:37, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba [2001/03/16 19:06:37, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /var/log/samba [2001/03/16 19:06:37, 3] smbd/reply.c:reply_tcon_and_X(358) tconX service=ipc$ user=mcarcano [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 3 of length 95 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3742) [2001/03/16 19:06:37, 3] lib/doscalls.c:dos_ChDir(342) dos_ChDir to /tmp [2001/03/16 19:06:37, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \wkssvc. [2001/03/16 19:06:37, 3] smbd/nttrans.c:nt_open_pipe(576) nt_open_pipe: Known pipe wkssvc opening. [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(116) Open pipe requested wkssvc (pipes_open=0) [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(205) Opened pipe wkssvc with handle 7023 (pipes_open=1) [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 4 of length 152 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=72 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7023 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "wkssvc" (pnum 7023)api_pipe_bind_req: \PIPE\wkssvc -> \PIPE\ntsvcs [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 5 of length 140 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=60 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7023 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "wkssvc" (pnum 7023)Doing \PIPE\wkssvc [2001/03/16 19:06:37, 4] rpc_server/srv_pipe.c:api_rpcTNP(1084) api_rpcTNP: api_wkssvc_rpc op 0x0 - api_rpcTNP: rpc command: WKS_Q_QUERY_INFO [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 6 of length 46 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBclose (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7023 [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(784) closed pipe name wkssvc pnum=7023 (pipes_open=0) [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 7 of length 95 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \srvsvc. [2001/03/16 19:06:37, 3] smbd/nttrans.c:nt_open_pipe(576) nt_open_pipe: Known pipe srvsvc opening. [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(116) Open pipe requested srvsvc (pipes_open=0) [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(205) Opened pipe srvsvc with handle 7024 (pipes_open=1) [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 8 of length 152 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=72 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7024 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7024)api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\ntsvcs [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 9 of length 140 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=60 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7024 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "srvsvc" (pnum 7024)Doing \PIPE\srvsvc [2001/03/16 19:06:37, 4] rpc_server/srv_pipe.c:api_rpcTNP(1084) api_rpcTNP: api_srvsvc_rpc op 0x15 - api_rpcTNP: rpc command: SRV_NET_SRV_GET_INFO [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 10 of length 46 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBclose (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7024 [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(784) closed pipe name srvsvc pnum=7024 (pipes_open=0) [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 11 of length 95 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBntcreateX (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 4] smbd/nttrans.c:nt_open_pipe(560) nt_open_pipe: Opening pipe \wkssvc. [2001/03/16 19:06:37, 3] smbd/nttrans.c:nt_open_pipe(576) nt_open_pipe: Known pipe wkssvc opening. [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(116) Open pipe requested wkssvc (pipes_open=0) [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(205) Opened pipe wkssvc with handle 7025 (pipes_open=1) [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 12 of length 152 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=72 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7025 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "wkssvc" (pnum 7025)api_pipe_bind_req: \PIPE\wkssvc -> \PIPE\ntsvcs [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 13 of length 140 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBtrans (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 3] smbd/ipc.c:reply_trans(3659) trans <\PIPE\> data=60 params=0 setup=2 [2001/03/16 19:06:37, 3] smbd/ipc.c:named_pipe(3516) named pipe command on <> name [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7025 [2001/03/16 19:06:37, 3] smbd/ipc.c:api_fd_reply(3318) Got API command 0x26 on pipe "wkssvc" (pnum 7025)Doing \PIPE\wkssvc [2001/03/16 19:06:37, 4] rpc_server/srv_pipe.c:api_rpcTNP(1084) api_rpcTNP: api_wkssvc_rpc op 0x0 - api_rpcTNP: rpc command: WKS_Q_QUERY_INFO [2001/03/16 19:06:37, 3] smbd/process.c:process_smb(618) Transaction 14 of length 46 [2001/03/16 19:06:37, 3] smbd/process.c:switch_message(448) switch message SMBclose (pid 3742) [2001/03/16 19:06:37, 4] smbd/uid.c:become_user(186) Skipping become_user - already user [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(817) search for pipe pnum=7025 [2001/03/16 19:06:37, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(784) closed pipe name wkssvc pnum=7025 (pipes_open=0) I also got several errors like this when joining the domain [2001/03/16 18:58:35, 4] locking/shmem_sysv.c:sysv_shm_open(547) Trying sysv shmem open of size 1048576 [2001/03/16 18:58:35, 0] locking/shmem_sysv.c:sysv_shm_open(667) Can't create or use IPC area. Error was Il file esiste (file exist) [2001/03/16 18:58:35, 0] locking/locking.c:locking_init(174) ERROR: Failed to initialise share modes [2001/03/16 18:58:35, 4] locking/shmem_sysv.c:sysv_shm_open(547) Trying sysv shmem open of size 1048576 [2001/03/16 18:58:35, 0] locking/shmem_sysv.c:sysv_shm_open(667) Can't create or use IPC area. Error was Il file esiste (file exist) [2001/03/16 18:58:35, 0] locking/locking.c:locking_init(174) ERROR: Failed to initialise share modes samba fans, how can I manage? Any help muchly appreciated thanks, Marco From linux at fenix.uam.mx Sat Mar 17 00:31:23 2001 From: linux at fenix.uam.mx (Ing. Romy Perez Moreno) Date: Tue Dec 2 02:33:46 2003 Subject: (no subject) Message-ID: hi, i've just done it! using a cvs samba version my w2k machine joins the domain, but i have a few questions: 1. when a logout as any user, i get the message fron the w2k machine: Windows can not update your roaming profile, DETAIL: The system cannot find the specified file. What can I do? the logon path is set \\%L\profiles\%U whic exists and is readable by the user. 2. How can I restrict the user from changing his password? the one assigned in the samba server. 3. How do I create the profiles? thank you. From afeldhacker at cbrepro.com Sat Mar 17 01:12:05 2001 From: afeldhacker at cbrepro.com (Andrew Feldhacker) Date: Tue Dec 2 02:33:46 2003 Subject: WINS woes Message-ID: Hello all, Sorry for yet one more message to the list, but I have been unable to find any other resources or definitive answeres to my particluar scenario. What I have setup and what I'm trying to do are both relatively simple. The scenario is this: I have a linux packet filter with 3 nics, acting as a firewall between the Internet, a dmz, and an internal lan. Let's assume that I've made all the necessary changes to allow appropriate communication for the nameserver and all netbios-* ports that would allow communication between the smb services on the internal lan and dmz. On the internal lan, I have a w2k PDC, with which I am trying to pull a WINS database from a samba-based DMZ PDC/WINS server, which just isn't happening. The event log on the 2k system spits out the following: "An attempt to contact the remote WINS server at with address addy.of.dmz.wins returned with an error. Check to see that the remote WINS server is running and availible, and that WINS is running on that server." I guess my first and foremost question is, does Samba 2.0.7, or any other version, have WINS support that will work in a sitiuation where a 2k WINS server is trying to pull the WINS database from the Samba server? Any help to my particluar scenario is greatly appreciated, as well is this lists ongoing effort in supporting the Samba community. Andrew J. Feldhacker Network Administrator Thomas Reprographics, Inc. Commercial Blueprint Reprographics, Inc. -------------- next part -------------- HTML attachment scrubbed and removed From linux at fenix.uam.mx Sat Mar 17 01:25:27 2001 From: linux at fenix.uam.mx (Ing. Romy Perez Moreno) Date: Tue Dec 2 02:33:46 2003 Subject: more about w2k ws. Message-ID: hi, i forgot to mention in the previos mail that no file is created in the logon path subdirectory when any user logs in. any ideas about this? thank you romy From afeldhacker at cbrepro.com Sat Mar 17 01:28:48 2001 From: afeldhacker at cbrepro.com (Andrew Feldhacker) Date: Tue Dec 2 02:33:46 2003 Subject: WINS woes Message-ID: Sorry about the HTML the previous message spewed forth. I assure everyone that everything I send from now will be in plaintext. Andrew J. Feldhacker Network Administrator Thomas Reprographics, Inc. Commercial Blueprint Reprographics, Inc. From pothi_k at yahoo.com Sat Mar 17 15:03:05 2001 From: pothi_k at yahoo.com (POTHI) Date: Tue Dec 2 02:33:46 2003 Subject: problem with userdir password Message-ID: <20010317150305.965.qmail@web4107.mail.yahoo.com> Hello, I am using samba server along with win 4.0 nt server (badly this is the main server) and 2 win 98 machines. And i am separated the directory accesses as public, staffs and userdir as mentioned in samba's sample configuration file(smb.conf). What's my main problem is that i can not able to access the userdir which repeatedly ask password and denied all password i have used (even worst problem is in the win 4.0 nt server, i tried all my user names along with password). Please give me some suggestion to overcome this problem. my smb.conf details are: workgroup = same as win 4.0 server group security = server password server = win nt server name and one more thing in the userdir preference, i included all the unix user names as well as all the machine names. thanks, pothi k. __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ From bkelly at coastsystems.net Sun Mar 18 04:08:35 2001 From: bkelly at coastsystems.net (Boyd Kelly) Date: Tue Dec 2 02:33:46 2003 Subject: Infamous 'No mapping between account names and security ID's' message Message-ID: Hello all, + the other Remote procedure calls, credentials conflit etc messages. Yes I am having this same problem - spent most of the day on it with no success. Following instructions to the T. Recompining. Have scanned all the posts about it, and don't seem to find any logic. Some say it's after removing rpm's that things work. Others its the Wins server pointing to itself. Odd/Even domain names? Yes root was added to smbpasswd. Followed the Howtos. Tried deleting accounts, recreating manually and let win2k do it. Does someone really know what the issue is here? Let's put this in a FAQ. Thanks for some more input. Boyd Kelly -------------- next part -------------- HTML attachment scrubbed and removed From mark at axeon.screaming.net Sun Mar 18 09:56:53 2001 From: mark at axeon.screaming.net (Mark) Date: Tue Dec 2 02:33:46 2003 Subject: Windows XP & Samba Message-ID: <000501c0af91$dd840770$0b01a8c0@markxp> I am trying to make my windows XP (the new version, due for release in june) box join my SAMBA domain. It acts just like Win2K in regards to networking (I think), but when I try to join the domain, i get the message 'Access is denied' on the Windows box, and in my smbd.log i get (I think this is the relavent bit): 2001/03/18 09:29:50, 3] rpc_server/srv_pipe.c:api_rpcTNP(1179) api_rpcTNP: rpc command: SAMR_SET_USERINFO [2001/03/18 09:29:50, 2] rpc_parse/parse_samr.c:samr_io_userinfo_ctr(5825) samr_io_userinfo_ctr: unknown switch level 0x1a [2001/03/18 09:29:50, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(672) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2001/03/18 09:29:50, 0] rpc_server/srv_pipe.c:api_rpcTNP(1199) api_rpcTNP: api_samr_rpc: SAMR_SET_USERINFO failed. I have added root to the smbpasswd file, and so think this should work. Any ideas? From grobe at gmx.net Sun Mar 18 15:02:04 2001 From: grobe at gmx.net (grobe@gmx.net) Date: Tue Dec 2 02:33:46 2003 Subject: Samba_2_2 from cvs, Win2Kpro german, Profiles Message-ID: <6547.984927724@www32.gmx.net> Hi! First, I'm new to this list. I am administrating the files services (and anything on Linux) in a students' computer lab at the department of architecture of the university of technology Darmstadt. We have a heterogenous net with about 70 clients, 20 are Windows2K, most are Macs. As we upgraded to Win2K and samba has been doing PDC and file services here, I got the last cvs of 2_2 and installed (I need profiles, because we use CAD applications storing there settings in NT-profiles). Now we have the problem that we get strange permissions on the profiles (the same as in the 2_2alpha2). I send you the output of ls -la. I know that others have been reporting this problem before, so for those who want to debug a bit over the weekend ;-) my configuration defines a special profiles-share (\\Zeus\profiles) which is a link to a subdirectory called Profiles in the users home. Maybe someone can help.... and if not - should I consider to move to HEAD? I really need the profiles with Win2K/Pro and PDC-functionality, as it worked fine with NT4-clients, and all NT-users depend on this... Thank You, CU, Lars. www.rechnerpool.com -- bash: Zeus:/home/admin/lars/Profiles/NT: No such file or directory Zeus:/home/admin/lars/Profiles/NT # ls -la total 288 drwxr-s--- 13 lars admins 4096 Mar 18 15:09 . drwxr-s--- 12 lars admins 4096 Sep 19 16:33 .. -rwxr-s--- 1 lars admins 404 Sep 27 08:24 .nessus.keys -rwxr-s--- 1 lars admins 458 Sep 27 09:09 .nessusrc drwxr-s--- 4 lars admins 4096 Mar 18 15:09 Anwendungsdaten drwxr-s--- 2 lars admins 4096 Mar 18 15:09 Cookies d-----S--- 2 lars admins 4096 Mar 18 15:09 Desktop drwxr-s--- 2 lars admins 4096 Mar 18 15:09 Druckumgebung d-----S--- 3 lars admins 4096 Mar 18 15:09 Eigene Dateien d-----S--- 4 lars admins 4096 Mar 18 15:09 Favoriten -rwxr----- 1 lars admins 221184 Mar 18 15:09 NTUSER.DAT drwxr-s--- 2 lars admins 4096 Mar 18 15:09 Netzwerkumgebung drwxr-s--- 2 lars admins 4096 Mar 18 15:09 Recent drwxr-s--- 2 lars admins 4096 Mar 18 15:09 SendTo d-----S--- 3 lars admins 4096 Mar 18 15:09 Startmen? drwxr-s--- 2 lars admins 4096 Mar 18 15:09 Vorlagen -rwxr----- 1 lars admins 1024 Mar 18 15:09 ntuser.dat.LOG -rwxr----- 1 lars admins 192 Mar 17 23:29 ntuser.ini Zeus:/home/admin/lars/Profiles/NT # -- Sent through GMX FreeMail - http://www.gmx.net From chameio at yahoo.com Sun Mar 18 15:42:09 2001 From: chameio at yahoo.com (Andre Leonidas) Date: Tue Dec 2 02:33:46 2003 Subject: Samba CVS .. TNG Message-ID: <20010318154209.26795.qmail@web1101.mail.yahoo.com> What is samba-cvs and samba tng ?? what´s the diference with the samba? __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ From lynn at tsunami.cis.usouthal.edu Sun Mar 18 16:04:55 2001 From: lynn at tsunami.cis.usouthal.edu (Keith Lynn) Date: Tue Dec 2 02:33:46 2003 Subject: Routing Message-ID: Hello everyone, I posted a query recently and received several very helpful responses. But I'm still having trouble and wondered if someone could help me. The situation is that I have several machines on a private non-routed subnet, 192.168.103. Each of these workstations is running NT Workstation 4.0 and the server is Samba running on RedHat Linux. I tried to make my Samba server act as a gateway for each of these machines. That is, before I had things changed 192.168.103.1 was an alias for the router at our University. I had that changed so that now the subnet isn't routed. I wasn't able to get the Samba server to act as a gateway so I am trying to have my Solaris server act as a gateway for the machines. I have a qfe interface that I set to have IP address 192.168.103.1. The routing table gets built by the operating system, and I turn on ip forwarding. I can ping the 192.168.103 subnet from the Solaris server, and I can ping the Solaris server from the subnet. However, from the subnet I cannot ping any address beyond the Solaris server. I do have a default route set on the Solaris server, and I ran in.routed. Can someone tell me if there's anything else I need to do to have the Solaris server act as a gateway for the subnet? Thank you. Keith Lynn Systems Administrator School of Computer and Information Sciences University of South Alabama Mobile, AL 36608 Phone: (334) 460-6390 Fax: (334) 460-7274 Alternative E-mail: lynn@gateway.cis.usouthal.edu URL: http://www.cis.usouthal.edu/~lynn/ From grobe at gmx.net Sun Mar 18 17:28:34 2001 From: grobe at gmx.net (grobe@gmx.net) Date: Tue Dec 2 02:33:47 2003 Subject: testparm (Samba_2_2 from cvs, Win2Kpro german, Profiles) References: <6547.984927724@www32.gmx.net> Message-ID: <31561.984936514@www32.gmx.net> Hi! I tried testparm, and I see some funny settings (which I didn't define;-): create mask = 0744 force create mode = 00 security mask = -1 force security mode = -1 directory mask = 0755 force directory mode = 00 directory security mask = -1 force directory security mode = -1 Maybe this is causing the profiles' permissions problem? CU, Lars. -- Sent through GMX FreeMail - http://www.gmx.net From chameio at yahoo.com Sun Mar 18 17:32:22 2001 From: chameio at yahoo.com (Andre Leonidas) Date: Tue Dec 2 02:33:47 2003 Subject: About samba-cvs Message-ID: <20010318173222.9754.qmail@web1103.mail.yahoo.com> How samba works with cvs?? samba-cvs support win2k clients in a samba domain? Is samba-cvs updated automatically?? __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ From M.Puchta at fscodes.cz Sun Mar 18 21:12:26 2001 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:33:47 2003 Subject: One more page... Message-ID: <41ED6A8C8BE7D21194610008C724FD0A098E4B@ANNA> Scenario: Samba 2.0.7 W98 clients HP 1100A printer all works ... except for after every document printed I obtain one more blank page. I have found no special settings for disabling blank pages... Any idea? TIA Milos From giulioo at pobox.com Sun Mar 18 21:36:34 2001 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:33:47 2003 Subject: One more page... In-Reply-To: <41ED6A8C8BE7D21194610008C724FD0A098E4B@ANNA> References: <41ED6A8C8BE7D21194610008C724FD0A098E4B@ANNA> Message-ID: <20010318213720.86A55163D6@i3.golden.dom> On Sun, 18 Mar 2001 22:12:26 +0100, you wrote: >Scenario: Samba 2.0.7 > W98 clients > HP 1100A printer >all works ... except for after every document printed I obtain one more >blank page. >I have found no special settings for disabling blank pages... Try using a raw printer on the unix side (without any printfilter, if: ..., since win9x will send the correct format already), specifically a printer with "send EOF" disabled. -- giulioo@pobox.com From peter.milburn at sofcom.com.au Mon Mar 19 02:51:04 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:47 2003 Subject: Joining a domain Message-ID: Hi, all I am still having great difficulties with geting either a windows or linux machine to join a samba PDC. I am using a cvs from a couple of days ok, can someone help me fix this problem. Pete -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: BDY.RTF Type: application/rtf Size: 1424 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010319/b9d06bc9/BDY.rtf From chris at xpedio.com Mon Mar 19 08:47:14 2001 From: chris at xpedio.com (Christopher Arnold) Date: Tue Dec 2 02:33:47 2003 Subject: Routing In-Reply-To: Message-ID: On Sun, 18 Mar 2001, Keith Lynn wrote: > I wasn't able to get the Samba server to act as a gateway so I am > trying to have my Solaris server act as a gateway for the machines. I have > a qfe interface that I set to have IP address 192.168.103.1. The routing > table gets built by the operating system, and I turn on ip forwarding. I > can ping the 192.168.103 subnet from the Solaris server, and I can ping > the Solaris server from the subnet. However, from the subnet I cannot ping > any address beyond the Solaris server. I do have a default route set on > the Solaris server, and I ran in.routed. Can someone tell me if there's > anything else I need to do to have the Solaris server act as a gateway for > I belive that your issues is due to no routing for 192.168.193 outside the solaris server. That means that the next machine after your Solaris server must know that it should send packets to it. (and the next, and next...) So you basically have to tell the other routers on your net where to send trafic to your net. And a sideline: If you need to communicate with the public internet, you will need an adress which is carried there. yours isn?t. In that casee you will need to run NAT in the solaris and translate it to "officiall" adresses. /Chris From ken at satsof.com.au Mon Mar 19 09:41:01 2001 From: ken at satsof.com.au (Ken Cole) Date: Tue Dec 2 02:33:47 2003 Subject: Which Samba & How with Win2k Message-ID: <3AB5D42D.57E2178E@satsof.com.au> Hi all. I am a newbie on the list and a newbie to Samba but have a fair bit (16 years) Unix and Linux (3 years) experience. I have a site with a Win2k PDC and a Redhat Linux 6.2 server with Samba 2.0.6. I need the Linux server to be a BDC for the domain. Can this be done? If so with which version and what are the primary smb.conf variables I need to set? I have tried a number of settings but none even allow for the linux server to be "seen" when doing a Find-Computer on a Win98 workstation. Thanks Ken From simo.sorce at polimi.it Mon Mar 19 09:43:04 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:47 2003 Subject: Which Samba & How with Win2k In-Reply-To: <3AB5D42D.57E2178E@satsof.com.au> Message-ID: On Mon, 19 Mar 2001, Ken Cole wrote: > Hi all. > > I am a newbie on the list and a newbie to Samba but have a > fair bit (16 years) Unix and Linux (3 years) experience. > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > with Samba 2.0.6. I need the Linux server to be a BDC for > the domain. Can this be done? No, It can't be done at this point. Samba 2.2 can be a PDC also for win2k and samba 2.0.7 (not 2.0.6) is able to share files to win2k. > If so with which version and what are the primary smb.conf > variables I need to set? > > I have tried a number of settings but none even allow for > the > linux server to be "seen" when doing a Find-Computer on a > Win98 > workstation. To have the best resoults, use a wins server and make all machines register with it. > > > Thanks > > Ken > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From mafoe at munich.sgi.com Mon Mar 19 10:04:59 2001 From: mafoe at munich.sgi.com (Martin Foerster) Date: Tue Dec 2 02:33:47 2003 Subject: couldn't find service Message-ID: <000701c0b05c$0ed95da0$0100000a@munich.sgi.com> Hello, I have a Samba Server (Irix, 2.07) and around 170 NT users connecting to it. Everything works fine. But 4 users can't connect to any samba share. If I try to mount the same share from a different workstation it works. The log says [2001/03/19 10:21:38, 0] smbd/service.c:(213) zc1cl (144.253.197.234) couldn't find service horst It doesn't matter which share I try to mount nor if I try it as root or user. It must be something on the client site. Any suggestions? thanx Martin From ken at satsof.com.au Mon Mar 19 10:18:55 2001 From: ken at satsof.com.au (Ken Cole) Date: Tue Dec 2 02:33:47 2003 Subject: Which Samba & How with Win2k References: Message-ID: <3AB5DD0F.7D428F0D@satsof.com.au> Simo, Simo Sorce wrote: > > On Mon, 19 Mar 2001, Ken Cole wrote: > > > Hi all. > > > > I am a newbie on the list and a newbie to Samba but have a > > fair bit (16 years) Unix and Linux (3 years) experience. > > > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > > with Samba 2.0.6. I need the Linux server to be a BDC for > > the domain. Can this be done? > > No, It can't be done at this point. > Samba 2.2 can be a PDC also for win2k and samba 2.0.7 (not 2.0.6) is able > to share files to win2k. > Is 2.2 stable for a production server? What do you mean by 2.0.7 can share to win2k? Can I smbmount win2k shares to 2.06, 2.0.7 or 2.2 Samba? > > If so with which version and what are the primary smb.conf > > variables I need to set? > > > > I have tried a number of settings but none even allow for > > the > > linux server to be "seen" when doing a Find-Computer on a > > Win98 > > workstation. > > To have the best resoults, use a wins server and make all machines > register with it. Do you mean make the Samba server a wins server or wins client? Thanks Ken From danilapanero at hotmail.com Mon Mar 19 11:18:09 2001 From: danilapanero at hotmail.com (Danila Panero) Date: Tue Dec 2 02:33:47 2003 Subject: problem smbpasswd-NT4 Message-ID: Hi everyones!! I have a problem with sbmpasswd authentication: when I run the command line smbpasswd -j -r -U display this error message: cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine . Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. 2001/03/19 14:18:39 : change_trust_account_password: Failed to change password for domain . Any help is appreciated. Thank Danila Panero _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. From eder at uems.br Mon Mar 19 11:40:24 2001 From: eder at uems.br (eder@uems.br) Date: Tue Dec 2 02:33:47 2003 Subject: Profiles Message-ID: <200103191140.f2JBeOe17907@ns.uems.br> We have 50 machines win98 and a server with samba 2.0.7 in a laboratory. The client machines must have the same start menu to all of users, but not the same profiles. How can I do that! ________________________________________________________________ Esta mensagem foi gerada pelo Webmail da UEMS. Para maiores informacoes acesse www.uems.br From weehawk at weehawk.de Mon Mar 19 12:02:57 2001 From: weehawk at weehawk.de (Christian Hergl) Date: Tue Dec 2 02:33:48 2003 Subject: Problem with Samba 2.2.0 CVS from March 18 Message-ID: <3AB5F571.9010707@weehawk.de> Good morning, list. This weekend I did an update to the latest CVS (means: Version from March 6 to March 18). I restarted it remotely and expected it to work today. But it doesn't =P My log.smbd gets the following lines, when a Win2k user logs in (roaming profiles, login script, all the nifty usual things like share): [2001/03/19 11:01:49, 0] rpc_parse/parse_prs.c:prs_grow(222) prs_grow: Buffer overflow - unable to expand buffer by 4 bytes. [2001/03/19 11:01:49, 0] rpc_server/srv_srvsvc.c:api_srv_net_share_get_info(186) api_srv_net_share_get_info: Failed to unmarshall SRV_Q_NET_SHARE_GET_INFO. [2001/03/19 11:01:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1199) api_rpcTNP: api_srvsvc_rpc: SRV_NET_SHARE_GET_INFO failed. [2001/03/19 11:01:49, 0] rpc_parse/parse_prs.c:prs_grow(222) prs_grow: Buffer overflow - unable to expand buffer by 4 bytes. [2001/03/19 11:01:49, 0] rpc_server/srv_srvsvc.c:api_srv_net_share_enum(156) api_srv_net_share_enum: Failed to unmarshall SRV_Q_NET_SHARE_ENUM. [2001/03/19 11:01:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1199) api_rpcTNP: api_srvsvc_rpc: SRV_NETSHAREENUM failed. [2001/03/19 11:01:49, 0] rpc_parse/parse_prs.c:prs_grow(222) prs_grow: Buffer overflow - unable to expand buffer by 4 bytes. [2001/03/19 11:01:49, 0] rpc_server/srv_srvsvc.c:api_srv_net_share_get_info(186) api_srv_net_share_get_info: Failed to unmarshall SRV_Q_NET_SHARE_GET_INFO. [2001/03/19 11:01:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1199) api_rpcTNP: api_srvsvc_rpc: SRV_NET_SHARE_GET_INFO failed. [2001/03/19 11:01:49, 0] rpc_parse/parse_prs.c:prs_grow(222) prs_grow: Buffer overflow - unable to expand buffer by 4 bytes. [2001/03/19 11:01:49, 0] rpc_server/srv_srvsvc.c:api_srv_net_share_enum(156) api_srv_net_share_enum: Failed to unmarshall SRV_Q_NET_SHARE_ENUM. [2001/03/19 11:01:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1199) api_rpcTNP: api_srvsvc_rpc: SRV_NETSHAREENUM failed. The results are: - The login script no longer works. - Only the home directory is mapped (how?) - The server can't be browsed at all (Getting: The process ID is too large) - No printers. - A shortcut to one of the shares only includes another shortcut called 'transfer' (iirc). Clicking to it finally brought me into the share. So....erh.... I used the exact same smb.conf of the March 6th version, which worked great till now. Something must have been change, someone having a clue? Does anyone else having a problem with the latest CVS? I switched back for now to the version of March 6th (thank god to the ones who included the uninstall flag....). Regards, Christian Hergl From D.Bannon at latrobe.edu.au Mon Mar 19 12:26:32 2001 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:33:48 2003 Subject: About samba-cvs In-Reply-To: <20010318173222.9754.qmail@web1103.mail.yahoo.com> Message-ID: <3.0.6.32.20010319232632.007ca250@bioserve.latrobe.edu.au> At 09:32 AM 18/3/2001 -0800, Andre Leonidas wrote: > > How samba works with cvs?? >samba-cvs support win2k clients in a samba domain? > >Is samba-cvs updated automatically?? Its all in the samba 2.2 PDC Howto and FAQ on the Samba wep pages. ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 479 2197 La Trobe University, Plenty Rd, Fax 61 03 479 2467 Bundoora, Vic, Australia, 3083 ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From simo.sorce at polimi.it Mon Mar 19 12:40:21 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:48 2003 Subject: Which Samba & How with Win2k In-Reply-To: <3AB5DD0F.7D428F0D@satsof.com.au> Message-ID: On Mon, 19 Mar 2001, Ken Cole wrote: > Simo, > > Simo Sorce wrote: > > > > On Mon, 19 Mar 2001, Ken Cole wrote: > > > > > Hi all. > > > > > > I am a newbie on the list and a newbie to Samba but have a > > > fair bit (16 years) Unix and Linux (3 years) experience. > > > > > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > > > with Samba 2.0.6. I need the Linux server to be a BDC for > > > the domain. Can this be done? > > > > No, It can't be done at this point. > > Samba 2.2 can be a PDC also for win2k and samba 2.0.7 (not 2.0.6) is able > > to share files to win2k. > > > > Is 2.2 stable for a production server? The branch is still marked as alpha software, but someone just use it in production. You may give it a try. > What do you mean by 2.0.7 can share to win2k? Samba versions previous than 2.0.7 may have problems serving files to w2k. > Can I smbmount win2k shares to 2.06, 2.0.7 or 2.2 Samba? > > > > If so with which version and what are the primary smb.conf > > > variables I need to set? > > > > > > I have tried a number of settings but none even allow for > > > the > > > linux server to be "seen" when doing a Find-Computer on a > > > Win98 > > > workstation. > > > > To have the best resoults, use a wins server and make all machines > > register with it. > > Do you mean make the Samba server a wins server or wins > client? If you have a wins server make the samba server register himself see wins directives in smb.conf(5) > > Thanks > > Ken > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From malyprogservices at flashmail.com Mon Mar 19 15:23:35 2001 From: malyprogservices at flashmail.com (Tomas Maly) Date: Tue Dec 2 02:33:48 2003 Subject: Samba 3.0 Message-ID: <3AB62477.EF58302C@flashmail.com> Just a dumb question....Any idea on the estimated time (long or short) when you think TNG and Samba 2.2 will both be stable to the point that it may merge to Samba 3.0? And any idea when perhaps 3.0 would become production-level after that? I know you guys probably don't know, but perhaps you can guestimate it (by perhaps relating it to other projects)? I'm just wondering, because I've seen sources saying it's a matter of months, but realistically that could be bullcrap. Also (to the TNG list), what exactly is the status of TNG? How stable is it, what is not stable (or rather, what has not been verified to be stable), and To both TNG and HEAD, how well developed, and stable is the LDAP code for using LDAP as a SAM backend? When (in time) would it be guestimated that Samba 2.2 would have decent LDAP code that is usable in production situations? To just the HEAD list, what does 2.2 have that is stable, lack, and what is planned to be implemented/fixed before 2.2.0 becomes beta (or production)? Thanks a bunch. From jorgen at naxos.se Mon Mar 19 15:25:51 2001 From: jorgen at naxos.se (Jorgen Overgaard) Date: Tue Dec 2 02:33:48 2003 Subject: SV: Joining a domain Message-ID: <01C0B091.43F5C2A0.jorgen@naxos.se> Hi, I to have the same problem... Anyone got any ideas? Regards / Jörgen > -----Ursprungligt meddelande----- > Från: peter.milburn@sofcom.com.au [SMTP:peter.milburn@sofcom.com.au] > Skickat: den 19 mars 2001 03:51 > Till: samba-ntdom@us5.samba.org > Ämne: Joining a domain > > Hi, all I am still having great difficulties with geting either a > windows or linux machine to join a samba PDC. > > I am using a cvs from a couple of days ok, can someone help me fix this > problem. > > > Pete > > -- > Peter Milburn > Systems Manager > Software Communication Group Ltd > > > peter.milburn@sofcom.com.au > > > Ph: +613 9826 8300 Fax: +613 9826 8336 > > > Level 16, 644 Chapel St > South Yarra, Vic 3141 > > > www.sofcom.com.au > > > ******************************************** > This message contains privileged and confidential information intended > only > for the use of the addressee named above. If you are not the intended > recipient of this message you must not disseminate, copy or take any > action > in reliance on it. If you have received this message in error, please > notify Software Communication Group immediately. > > > Any views expressed in this message are those of the individual sender > except where the sender specifically states them to be the views of > Software > Communication Group. > > > ******************************************** > > > > > > > > > > <> From aalang at rutgersinsurance.com Mon Mar 19 15:36:57 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:48 2003 Subject: Samba 3.0 References: <3AB62477.EF58302C@flashmail.com> Message-ID: <00cc01c0b08a$6eb05840$330a0a0a@rutgersinsurance.com> Answers to the first two paragraphs are in the FAQ. Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Tomas Maly" To: ; Sent: Monday, March 19, 2001 10:23 AM Subject: Samba 3.0 > Just a dumb question....Any idea on the estimated time (long or > short) when you think TNG and Samba 2.2 will both be stable to the point > that it may merge to Samba 3.0? And any idea when perhaps 3.0 would > become production-level after that? I know you guys probably don't know, > but perhaps you can guestimate it (by perhaps relating it to other > projects)? I'm just wondering, because I've seen sources saying it's a > matter of months, but realistically that could be bullcrap. > > Also (to the TNG list), what exactly is the status of TNG? How stable is > it, what is not stable (or rather, what has not been verified to be > stable), and From greg at kwikfind.com Mon Mar 19 08:02:00 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:48 2003 Subject: Which Samba & How with Win2k References: <3AB5D42D.57E2178E@satsof.com.au> Message-ID: <001d01c0b04a$e1712110$6f00a8c0@logeng.net> Ken, Samba2.2 currently does not have the ability to perform as a BDC, but I'm sure the ability is not far away. I'm not all that familar with the head branch code of Samba, but I do know that alot more development in this area is being done there. You may want to post a question asking about this. Good luck. Greg ----- Original Message ----- From: "Ken Cole" To: Sent: Monday, March 19, 2001 1:41 AM Subject: Which Samba & How with Win2k > Hi all. > > I am a newbie on the list and a newbie to Samba but have a > fair bit (16 years) Unix and Linux (3 years) experience. > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > with Samba 2.0.6. I need the Linux server to be a BDC for > the domain. Can this be done? > > If so with which version and what are the primary smb.conf > variables I need to set? > > I have tried a number of settings but none even allow for > the > linux server to be "seen" when doing a Find-Computer on a > Win98 > workstation. > > > Thanks > > Ken > > > > From pilger at higp.hawaii.edu Mon Mar 19 16:05:24 2001 From: pilger at higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:33:48 2003 Subject: Infamous 'No mapping between account names and security ID's' message References: Message-ID: <3AB62E43.74D71028@higp.hawaii.edu> Hear, hear! I recently tried for what must have been my 10th time. Rebuild from CVS, start with a fresh Win2K install, "simple" smb.conf, 5 digit domain name, proper add user script, yada, yada, yada. Still got the same message about how I'm using a "computer account" and I should instead be using a "local or global user account". And then it adds an entry to the smbpasswd file for the machine, and disables it. What is this bloody "computer account" business? I have root in the smbpasswd file, and that's what I'm using. Boyd Kelly wrote: > Hello all,+ the other Remote procedure calls, credentials conflit etc > messages.Yes I am having this same problem - spent most of the day on > it with no success. Following instructions to the T. Recompining. > Have scanned all the posts about it, and don't seem to find any > logic.Some say it's after removing rpm's that things work. Others its > the Wins server pointing to itself. Odd/Even domain names? Yes root > was added to smbpasswd. Followed the Howtos. Tried deleting > accounts, recreating manually and let win2k do it.Does someone really > know what the issue is here? Let's put this in a FAQ. Thanks for > some more input.Boyd Kelly -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 (Voice/FAX) From greg at kwikfind.com Mon Mar 19 08:05:53 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:48 2003 Subject: Which Samba & How with Win2k References: Message-ID: <003301c0b04b$6cd0c170$6f00a8c0@logeng.net> I am currently using Samba 2.2 alpha3 in a low volume production environment and it works wonderfully. Much better, in fact, that the Win2k server that it replaced. If you are into all of the admin bells and whistles, you may be a little disappointed, but the performance is great. Regards, Greg J. Zartman ----- Original Message ----- From: "Simo Sorce" To: "Ken Cole" Cc: Sent: Monday, March 19, 2001 4:40 AM Subject: Re: Which Samba & How with Win2k > On Mon, 19 Mar 2001, Ken Cole wrote: > > > Simo, > > > > Simo Sorce wrote: > > > > > > On Mon, 19 Mar 2001, Ken Cole wrote: > > > > > > > Hi all. > > > > > > > > I am a newbie on the list and a newbie to Samba but have a > > > > fair bit (16 years) Unix and Linux (3 years) experience. > > > > > > > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > > > > with Samba 2.0.6. I need the Linux server to be a BDC for > > > > the domain. Can this be done? > > > > > > No, It can't be done at this point. > > > Samba 2.2 can be a PDC also for win2k and samba 2.0.7 (not 2.0.6) is able > > > to share files to win2k. > > > > > > > Is 2.2 stable for a production server? > The branch is still marked as alpha software, but someone just use it in > production. You may give it a try. > > > What do you mean by 2.0.7 can share to win2k? > Samba versions previous than 2.0.7 may have problems serving files to w2k. > > > Can I smbmount win2k shares to 2.06, 2.0.7 or 2.2 Samba? > > > > > > If so with which version and what are the primary smb.conf > > > > variables I need to set? > > > > > > > > I have tried a number of settings but none even allow for > > > > the > > > > linux server to be "seen" when doing a Find-Computer on a > > > > Win98 > > > > workstation. > > > > > > To have the best resoults, use a wins server and make all machines > > > register with it. > > > > Do you mean make the Samba server a wins server or wins > > client? > > If you have a wins server make the samba server register himself > see wins directives in smb.conf(5) > > > > > Thanks > > > > Ken > > > > -- > Simo Sorce - Linux Systems Consultant > E-mail: simo.sorce@polimi.it > Tel: +39 0348 7149179 - Fax: +39 02 700442399 > ----------------------------------------------------------------- > Be happy, use Linux! > > > > > From andre at dei.isep.ipp.pt Mon Mar 19 15:55:08 2001 From: andre at dei.isep.ipp.pt (Andre Moreira) Date: Tue Dec 2 02:33:48 2003 Subject: Users can't delete their own local files Message-ID: <001101c0b08d$3db19760$38cd17c3@winbox> We are using samba 2.07 as PDC and there are around 800 users who share some 50 NTW4/SP6. Everything works ok, except that local profiles are not removed when the user logouts. That's on the the system policy that is loaded ok from the PDC. There is yet another problem, probably the cause for the first one: USERS CAN'T REMOVE THEIR OWN LOCAL FILES. If a user creates a shortcut on his desktop (local profile) he won't be able to remove it then. Same thing on C:\TEMP. If you check the owner of the file it's ok. If you check the security of the file the owner is "unknown". Also userlists requested to the server are incomplete, only some users show up. Any ideas ... From greg at kwikfind.com Mon Mar 19 08:14:22 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:48 2003 Subject: Profiles References: <200103191140.f2JBeOe17907@ns.uems.br> Message-ID: <004b01c0b04c$9b562110$6f00a8c0@logeng.net> Eder, Depending on the amount of flexibility that you'd like to provide your clients, I think you have a few options: 1) Set up a mandatory profile (you could have one or many). The profile would have a standardized start menu for all. 2) Build a startup script that is called by your login script to build a start menu for you. If I were to do this, I'd store the start menu on the server and have the startup script copy if over the existing start menu. 3) This may be able to be done with policies, but now sure about that. Good luck. Greg ----- Original Message ----- From: To: Sent: Monday, March 19, 2001 3:40 AM Subject: Profiles > We have 50 machines win98 and a server with samba 2.0.7 in a laboratory. The > client machines must have the same start menu to all of users, but not the > same profiles. How can I do that! > > ________________________________________________________________ > > Esta mensagem foi gerada pelo Webmail da UEMS. > Para maiores informacoes acesse www.uems.br > > > > > From schindler at az1.de Mon Mar 19 16:28:00 2001 From: schindler at az1.de (Andreas G. Schindler) Date: Tue Dec 2 02:33:48 2003 Subject: samba-ntdom -- confirmation of subscription -- request 949925 Message-ID: <3AB63390.108DD08E@az1.de> confirm 949925 From bennegl at shands.ufl.edu Mon Mar 19 16:29:05 2001 From: bennegl at shands.ufl.edu (Gary Bennett) Date: Tue Dec 2 02:33:48 2003 Subject: Samba v. Solaris PC NetLink Message-ID: I have an interface engine running on a Solaris 8 box running Samba 2.0.7. The interface needs to copy app. 10k files of 500 bytes to different NT fileservers each day. Is smbclient sufficient for this purpose or would installing PC NetLink be a better sol'n? NFS is always a possibility, but I would prefer not running that if at all possible. TIA for any suggestions. gary gary bennett shands hospital at uf information services From thutten at info.fundp.ac.be Mon Mar 19 16:37:30 2001 From: thutten at info.fundp.ac.be (HUTTEN Thomas) Date: Tue Dec 2 02:33:48 2003 Subject: Infamous 'No mapping between account names and security ID's' message References: <3AB62E43.74D71028@higp.hawaii.edu> Message-ID: <3AB635CA.CF7317C7@info.fundp.ac.be> I recently got it to work I'm not absolutely sure why it suddenly worked but here are the modifs i did wich aparently made it work. I changed the computer account entrys in /etc/passwd and /etc/smbpasswd to uppercase. I already had the user root in my smbpasswd but now i enabled it (smbpasswd -e root). Then i tried to join the domain with a W2k machine and again i uppercased the computername before joining. Then it worked. Eric Pilger a ?crit : > > Hear, hear! I recently tried for what must have been my 10th time. > Rebuild from CVS, start with a fresh Win2K install, "simple" smb.conf, 5 > digit domain name, proper add user script, yada, yada, yada. > > Still got the same message about how I'm using a "computer account" and > I should instead be using a "local or global user account". And then it > adds an entry to the smbpasswd file for the machine, and disables it. > > What is this bloody "computer account" business? I have root in the > smbpasswd file, and that's what I'm using. > > Boyd Kelly wrote: > > > Hello all,+ the other Remote procedure calls, credentials conflit etc > > messages.Yes I am having this same problem - spent most of the day on > > it with no success. Following instructions to the T. Recompining. > > Have scanned all the posts about it, and don't seem to find any > > logic.Some say it's after removing rpm's that things work. Others its > > the Wins server pointing to itself. Odd/Even domain names? Yes root > > was added to smbpasswd. Followed the Howtos. Tried deleting > > accounts, recreating manually and let win2k do it.Does someone really > > know what the issue is here? Let's put this in a FAQ. Thanks for > > some more input.Boyd Kelly -- - Tom - From greg at kwikfind.com Mon Mar 19 08:52:48 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:48 2003 Subject: Which Samba & How with Win2k References: <41ED6A8C8BE7D21194610008C724FD0A098E80@ANNA> Message-ID: <00db01c0b051$f9800490$6f00a8c0@logeng.net> The only think that a W2k PDC has going for it is the active directory and to be honest, I don't think it's all that great. I spent two days getting my DNS server sorted out after installing the active directory and "linking" it to the DNS. Additionally some of my users were confused by the active directory front end. Unless you are a type of person that browses the network neighborhood looking for shares, Active Directory just doesn't seem to do much for you. Personally, I'd rather "hard wire" all of the shares I want people to use in a login script and minimize "network neighborhood surfing." I always hate getting the question "why isn't the LaserJet on serverc any longer?", because a person is trying to find it by surfing the network instead of realizing that I've already mapped it for them with the login script. My 2 cents on Microsoft networking. Greg ----- Original Message ----- From: "Puchta, Milos" To: "Greg J. Zartman" Sent: Monday, March 19, 2001 8:27 AM Subject: RE: Which Samba & How with Win2k ....or perhaps the development will skip this phase and there will be W2K like domain controllers.... Regards, Milos -----Original Message----- From: Greg J. Zartman [mailto:greg@kwikfind.com] Sent: 19. b?ezna 2001 9:02 To: ken@satsof.com.au Cc: Samba News Subject: Re: Which Samba & How with Win2k Ken, Samba2.2 currently does not have the ability to perform as a BDC, but I'm sure the ability is not far away. I'm not all that familar with the head branch code of Samba, but I do know that alot more development in this area is being done there. You may want to post a question asking about this. Good luck. Greg ----- Original Message ----- From: "Ken Cole" To: Sent: Monday, March 19, 2001 1:41 AM Subject: Which Samba & How with Win2k > Hi all. > > I am a newbie on the list and a newbie to Samba but have a > fair bit (16 years) Unix and Linux (3 years) experience. > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > with Samba 2.0.6. I need the Linux server to be a BDC for > the domain. Can this be done? > > If so with which version and what are the primary smb.conf > variables I need to set? > > I have tried a number of settings but none even allow for > the > linux server to be "seen" when doing a Find-Computer on a > Win98 > workstation. > > > Thanks > > Ken > > > > From info at kwnet.at Mon Mar 19 18:31:24 2001 From: info at kwnet.at (=?iso-8859-1?Q?Kurt_Wei=DF?=) Date: Tue Dec 2 02:33:49 2003 Subject: Users can't delete their own local files References: <001101c0b08d$3db19760$38cd17c3@winbox> Message-ID: <000101c0b0a3$d06b1390$0a0aa8c0@win2000> check and in your smb.conf ???? ----- Original Message ----- From: "Andre Moreira" To: Sent: Monday, March 19, 2001 4:55 PM Subject: Users can't delete their own local files > We are using samba 2.07 as PDC and there are > around 800 users who share some 50 NTW4/SP6. > > Everything works ok, except that local profiles are > not removed when the user logouts. That's on the > the system policy that is loaded ok from the PDC. > > There is yet another problem, probably the cause for > the first one: USERS CAN'T REMOVE THEIR OWN > LOCAL FILES. > If a user creates a shortcut on his desktop (local profile) > he won't be able to remove it then. Same thing on C:\TEMP. > If you check the owner of the file it's ok. > If you check the security of the file the owner is "unknown". > Also userlists requested to the server are incomplete, only > some users show up. > > Any ideas ... > > > From damason at davenet.mine.nu Mon Mar 19 18:38:24 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:49 2003 Subject: Profiles In-Reply-To: <200103191140.f2JBeOe17907@ns.uems.br> Message-ID: I would recommend creating the profiles (perhaps adding elements of a default profile to /etc/skel/) and replacing Start Menus with symbolic links to one in a share which is available read-only to all users. This might cause profile saving errors at logout, though. Or you could use the registry to redirect the location of the users' Start Menu to a network path. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of eder@uems.br Sent: Monday, March 19, 2001 03:40 To: samba-ntdom@samba.org Subject: Profiles We have 50 machines win98 and a server with samba 2.0.7 in a laboratory. The client machines must have the same start menu to all of users, but not the same profiles. How can I do that! ________________________________________________________________ Esta mensagem foi gerada pelo Webmail da UEMS. Para maiores informacoes acesse www.uems.br From greg at kwikfind.com Mon Mar 19 18:41:20 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:49 2003 Subject: Profiles References: <200103191822.f2JILve02424@ns.uems.br> Message-ID: <022501c0b0a4$31a27770$6f00a8c0@logeng.net> Well, with Win9x machines you're very limited in what you can force people to do or not do. You can kind of fake security with a domain (although I've been corrected in saying that a win9x is a true member of a domain), but even then you are limited. Your best option may be to set the Win9x machine to share level security, not user level security. That way everyone logs on under the same account. The start menu would then be the same for all, provided you made sure people aren't installing software on their own. Maybe even put together a little VB program to write over the start menu each time at bootup (very messy though). Good luck. Greg ----- Original Message ----- From: To: "Greg J. Zartman" Sent: Monday, March 19, 2001 10:21 AM Subject: Re: Profiles > Hi, first thanks for your tip! > > "Greg J. Zartman" wrote: > > > 1) Set up a mandatory profile (you could have one or many). The profile > > would have a standardized start menu for all. > > > That's the best option. We already have a standard menu, but how can we put > it in client machines, I mean, without logon script? > > ________________________________________________________________ > > Esta mensagem foi gerada pelo Webmail da UEMS. > Para maiores informacoes acesse www.uems.br > > From don_mccall at hp.com Mon Mar 19 19:17:45 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:49 2003 Subject: Users can't delete their own local files Message-ID: <079FD72E42C9D311B854009027650E6F040508DB@xatl02.atl.hp.com> Andre, Check the following: 1. what share are the local profiles kept on? Is this share writeable? 2. check the unix permissions and ownership of the DIRECTORY that the profiles are kept in; does this ownership/permissions allow for the users to delete files in that directory? Hope this helps, Don -----Original Message----- From: Andre Moreira [mailto:andre@dei.isep.ipp.pt] Sent: Monday, March 19, 2001 10:55 AM To: samba-ntdom@samba.org Subject: Users can't delete their own local files We are using samba 2.07 as PDC and there are around 800 users who share some 50 NTW4/SP6. Everything works ok, except that local profiles are not removed when the user logouts. That's on the the system policy that is loaded ok from the PDC. There is yet another problem, probably the cause for the first one: USERS CAN'T REMOVE THEIR OWN LOCAL FILES. If a user creates a shortcut on his desktop (local profile) he won't be able to remove it then. Same thing on C:\TEMP. If you check the owner of the file it's ok. If you check the security of the file the owner is "unknown". Also userlists requested to the server are incomplete, only some users show up. Any ideas ... From greg at kwikfind.com Mon Mar 19 19:42:06 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:49 2003 Subject: Which Samba & How with Win2k References: <41ED6A8C8BE7D21194610008C724FD0A098E84@ANNA> Message-ID: <026601c0b0ac$aed19c50$6f00a8c0@logeng.net> Milos, Yes, BIND 8 does support dynamic DNS update. I'm currently using Bind 8.2.3 with DHCPD 3b3pl9 and the DDNS update works like a champ. Very easy to setup and maintain. I'm not so sure that Linux admin is more difficult to learn than Windows admin. I've been working with Windows since 1989, so most aspects of it come pretty easily for me. I would expect that after spending nearly 12 years with an OS, I would be fairly proficient with it. I started using Linux about 2-3 months ago. Before that, the closest I'd ever gotten to a Unix OS was accessing a site using command prompt FTP. Yes, it was a difficult transitions at first. I had to do alot of reading and posting on news groups such as this one. But, in that time I converted all of my major network services from Windows to Linux. The only thing I use windows for now are client machines. When you look at the learning curve for me learning Linux network admin, I'd say it's very favorable. Once you learn the basic concepts of how Unix works, most of the admin functions can be figured out by doing a little reading. I know for a fact, I haven't spend enough time working with this to equate to the cost of a Microsoft Enterprise setup. Additionally, I feel like I now know more about how my network is functioning than I did with the Windows setup. With windows, everything is in a "black box." You really never know for sure what's going on. With my Linux setup, I know exactly how things are functioning as I can look at the config files and log files and see exactly what's right or wrong with my setup. When I ask my Windows network buddies questions about DNS theory, for example, many don't really know how it works, they only know how to set it up in windows. After reading HOWTOs and newsgroup posts and working with this stuff, I feel that I have a good understanding of these primary network functions actually work. If you are looking for the best bang for your buck, my money would be on Linux hands down. My two cents. Greg ----- Original Message ----- From: "Puchta, Milos" To: "Greg J. Zartman" Sent: Monday, March 19, 2001 11:05 AM Subject: RE: Which Samba & How with Win2k You are perfectly right. The W2k systems (and marketing plans of MS) aim at large corporations. That's why the new "light" version will be "soon" here. For the W2K people are expected to spent more than 2 days playing with SW... (BTW DNS should support dynamic update, correct me if it is not true, BIND 8.2.2 support it...) I am respectful to both Linux and Windows development groups... (I have returned to Linux after 6 years of Windows experience... for more small companies have money enough to buy MS SW and applications based on MS W) Compare the learning curve for Linux and Windows. People say that Linux is cheaper, but it is your or mine time we pay for ...The strong positive aspect is based on the fact that people are able and willing to cooperate on the nonprofit base. And it is exciting moment for me. Regards, Milos -----Original Message----- From: Greg J. Zartman [mailto:greg@kwikfind.com] Sent: 19. b?ezna 2001 9:53 To: Puchta, Milos Cc: Samba News Subject: Re: Which Samba & How with Win2k The only think that a W2k PDC has going for it is the active directory and to be honest, I don't think it's all that great. I spent two days getting my DNS server sorted out after installing the active directory and "linking" it to the DNS. Additionally some of my users were confused by the active directory front end. Unless you are a type of person that browses the network neighborhood looking for shares, Active Directory just doesn't seem to do much for you. Personally, I'd rather "hard wire" all of the shares I want people to use in a login script and minimize "network neighborhood surfing." I always hate getting the question "why isn't the LaserJet on serverc any longer?", because a person is trying to find it by surfing the network instead of realizing that I've already mapped it for them with the login script. My 2 cents on Microsoft networking. Greg ----- Original Message ----- From: "Puchta, Milos" To: "Greg J. Zartman" Sent: Monday, March 19, 2001 8:27 AM Subject: RE: Which Samba & How with Win2k .....or perhaps the development will skip this phase and there will be W2K like domain controllers.... Regards, Milos -----Original Message----- From: Greg J. Zartman [mailto:greg@kwikfind.com] Sent: 19. b?ezna 2001 9:02 To: ken@satsof.com.au Cc: Samba News Subject: Re: Which Samba & How with Win2k Ken, Samba2.2 currently does not have the ability to perform as a BDC, but I'm sure the ability is not far away. I'm not all that familar with the head branch code of Samba, but I do know that alot more development in this area is being done there. You may want to post a question asking about this. Good luck. Greg ----- Original Message ----- From: "Ken Cole" To: Sent: Monday, March 19, 2001 1:41 AM Subject: Which Samba & How with Win2k > Hi all. > > I am a newbie on the list and a newbie to Samba but have a > fair bit (16 years) Unix and Linux (3 years) experience. > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > with Samba 2.0.6. I need the Linux server to be a BDC for > the domain. Can this be done? > > If so with which version and what are the primary smb.conf > variables I need to set? > > I have tried a number of settings but none even allow for > the > linux server to be "seen" when doing a Find-Computer on a > Win98 > workstation. > > > Thanks > > Ken > > > > From greg at kwikfind.com Mon Mar 19 20:06:43 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:49 2003 Subject: Which Samba & How with Win2k References: Message-ID: <028001c0b0b0$1ef8d310$6f00a8c0@logeng.net> Romy, I'm sure there is a way to prevent a person from changing his/her password as it is Win NT4.0 domain account option, I just don't know how to do it. You could probably do it with a policy. Greg ----- Original Message ----- From: "Lista linux" To: "Greg J. Zartman" Sent: Monday, March 19, 2001 11:51 AM Subject: Re: Which Samba & How with Win2k > hi, > > i agree with you, but i can't avoid a samba user changes his passwd. Do > you have any idea? I guess it could be solved on the w2k ws, but i can't > get it. If the user is local, there is no problem. > > thank you for your comments. > > romy > > From andre at dei.isep.ipp.pt Tue Mar 20 00:18:00 2001 From: andre at dei.isep.ipp.pt (Andre Moreira) Date: Tue Dec 2 02:33:49 2003 Subject: Users can't delete their own local files References: <001101c0b08d$3db19760$38cd17c3@winbox> <000101c0b0a3$d06b1390$0a0aa8c0@win2000> Message-ID: <001201c0b0d3$566c4ca0$e2cd17c3@winbox> Hi Create and directory masks are ok (defaults 0744 and 0755), users can remove files from their profile on the server, the profile on the server is updated when the user logouts. The problem is with the localy cached profile and in general any file created on the workstation. > check and in your smb.conf ???? > > ----- Original Message ----- > From: "Andre Moreira" > To: > Sent: Monday, March 19, 2001 4:55 PM > Subject: Users can't delete their own local files > > > > We are using samba 2.07 as PDC and there are > > around 800 users who share some 50 NTW4/SP6. > > > > Everything works ok, except that local profiles are > > not removed when the user logouts. That's on the > > the system policy that is loaded ok from the PDC. > > > > There is yet another problem, probably the cause for > > the first one: USERS CAN'T REMOVE THEIR OWN > > LOCAL FILES. > > If a user creates a shortcut on his desktop (local profile) > > he won't be able to remove it then. Same thing on C:\TEMP. > > If you check the owner of the file it's ok. > > If you check the security of the file the owner is "unknown". > > Also userlists requested to the server are incomplete, only > > some users show up. > > > > Any ideas ... > > > > > > > > From Jim at Morris.net Tue Mar 20 07:35:39 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:49 2003 Subject: Authenticating NT Shares against Samba PDC users/groups Message-ID: <351812301.20010320013539@Morris.net> Hello Samba gurus, I've got a Samba 2.0.7 "psuedo" PDC configuration running very well in a production environment consisting of about 100 Windows 98 clients. An NT 4 Server system was recently added to this mix in order to run a proprietary Windows-based software package that requires NT. Ironically, the Samba PDC replaced the NT4 server 3 years ago, and the NT4 Server license has been sitting unused this long! Anyway, the NT4 server system is sucessfully joined to the domain, and domain logons work from the NT system. No problems there. Now, here's what I am trying to do, and coming up short on. I have a LOT of different user groups on the Linux server that are used to control file access rights on the Samba shares (with SUID bits and stuff like that in the create masks on the share). Works great. I would LIKE to be able to have a share on the NT server that is restricted to access to a certain user group, with that being one of the existing groups on the Samba server. I've actually gotten so far as to create a new user group on the NT box using the USer Manager for Domains that has the same name as one of the existing Unix groups on the Samba PDC. I have then setup the access rights for the share such that only that group has access to the share (using "Full Control"). I can logon to the domain from a Win98 client, using an account that is in that group, and am allowed to connect to the share on the NT box. If I logon as a user who is NOT in the group, the NT box will NOT allow me to connect to the share. This all seems well and good. BUT - the user account that can connect to the share sees no files on it! If I change the share permissions to give "Everyone" full control on the share, then I see the files. According to NT Explorer, the files and directories on this share, including the shared folder itself, are all set to Full Control for Everyone. So it would seem that if I can connect to the share, I *should* see the files. Can anyone give me a clue as to what is going on here? Is it possible to have the NT box authenticate share and file access using the users and groups on the Samba PDC? Or am I wasting my time? I spent a while this afternoon looking through the online FAQ's and HOWTO's for the upcoming Samba 2.2 release, and have not really found any information that addresses this specific question... so any advice will be GREATLY appreciated. Best regards, Jim Morris mailto:Jim@Morris.net From harrietr at mailstreet.nl Tue Mar 20 09:25:17 2001 From: harrietr at mailstreet.nl (Harrie ter Rele) Date: Tue Dec 2 02:33:49 2003 Subject: NT Server as a client in Samba 2.0.6 Message-ID: <01C0B128.0FE75180.harrietr@mailstreet.nl> Hi, I have Samba running on version 2.0.6. Now i have some NT-Workstations (4 sp6) as clients this is working fine. I also have one NT-Server machine which also has to connect as a client to the samba service. Is this possible and when it is: What do i have to configure on the NT-Server to get this working, or do i have to change something in the samba-configuration. (or where can i find some information about this) Thanks. Harrie ter Rele harrietr@mailstreet.nl From bgmilne at cae.co.za Tue Mar 20 10:10:25 2001 From: bgmilne at cae.co.za (Buchan Milne) Date: Tue Dec 2 02:33:49 2003 Subject: Users can't delete their own local files References: <20010319200126.355C2820C@lists.samba.org> Message-ID: <3AB72C91.9060108@cae.co.za> > We are using samba 2.07 as PDC and there are > around 800 users who share some 50 NTW4/SP6. > > Everything works ok, except that local profiles are > not removed when the user logouts. That's on the > the system policy that is loaded ok from the PDC. > > There is yet another problem, probably the cause for > the first one: USERS CAN'T REMOVE THEIR OWN > LOCAL FILES. > If a user creates a shortcut on his desktop (local profile) > he won't be able to remove it then. Same thing on C:\TEMP. > If you check the owner of the file it's ok. > If you check the security of the file the owner is "unknown". > Also userlists requested to the server are incomplete, only > some users show up. > > Any ideas ... > > > If you have users not showing up in the list, check to make sure that every user in the smbpasswd file corresponds to a valid unix account, both in username and uid. Otherwise it will truncate the list at the first account that does not have a corresponding unix account. Buchan From magnus at hig.se Tue Mar 20 11:16:18 2001 From: magnus at hig.se (Magnus Larsson) Date: Tue Dec 2 02:33:49 2003 Subject: smbpasswd Message-ID: Hi! I have a problem with my smbpasswd file, the thing is that user sometimes get deleted from this file so I have to add the user again. Does anyone know what may cause this problem? Have anyone else been experience this? //Regards Magnus Larsson From info at kwnet.at Tue Mar 20 11:21:13 2001 From: info at kwnet.at (=?iso-8859-1?Q?Kurt_Wei=DF?=) Date: Tue Dec 2 02:33:49 2003 Subject: Users can't delete their own local files References: <001101c0b08d$3db19760$38cd17c3@winbox> <000101c0b0a3$d06b1390$0a0aa8c0@win2000> <001201c0b0d3$566c4ca0$e2cd17c3@winbox> Message-ID: <002501c0b130$b776b2d0$0a0aa8c0@win2000> do you have sp6 or sp6a???? please check updateing to 6a (may be) i had extreme problems with sp6 another possibility could be: exclude the special directorys from roaming with poledit (winnt): create a "ntconfig.pol" in your netlogon share. so i solved a similar problem with an nt-server. -- Ing. Kurt Wei? Softwareentwicklung, EDV Beratung und - Betreuung A-6425 Haiming, Gartenweg 3 Tel.: +43 699 1 272 9926 / Fax: +43 699 4 272 9926 E-Mail: info@kwnet.at Web: http://www.kwnet.at http://www.oberlandinfo.at ----- Original Message ----- From: "Andre Moreira" To: Sent: Tuesday, March 20, 2001 1:18 AM Subject: Re: Users can't delete their own local files > Hi > Create and directory masks are ok (defaults 0744 and 0755), > users can remove files from their profile on the server, the > profile on the server is updated when the user logouts. The > problem is with the localy cached profile and in general any > file created on the workstation. > > > > > check and in your smb.conf ???? > > > > ----- Original Message ----- > > From: "Andre Moreira" > > To: > > Sent: Monday, March 19, 2001 4:55 PM > > Subject: Users can't delete their own local files > > > > > > > We are using samba 2.07 as PDC and there are > > > around 800 users who share some 50 NTW4/SP6. > > > > > > Everything works ok, except that local profiles are > > > not removed when the user logouts. That's on the > > > the system policy that is loaded ok from the PDC. > > > > > > There is yet another problem, probably the cause for > > > the first one: USERS CAN'T REMOVE THEIR OWN > > > LOCAL FILES. > > > If a user creates a shortcut on his desktop (local profile) > > > he won't be able to remove it then. Same thing on C:\TEMP. > > > If you check the owner of the file it's ok. > > > If you check the security of the file the owner is "unknown". > > > Also userlists requested to the server are incomplete, only > > > some users show up. > > > > > > Any ideas ... > > > > > > > > > > > > > > > From cagatay at ae.metu.edu.tr Tue Mar 20 12:53:02 2001 From: cagatay at ae.metu.edu.tr (Cagatay Koksoy) Date: Tue Dec 2 02:33:49 2003 Subject: (no subject) Message-ID: confirm 543426 Cagatay Koksoy ______________________________________________________________________________ cagatay@evolution.bilten.metu.edu.tr cagatay@ae.metu.edu.tr kcagatay@metu.edu.tr _______________________________________________________________________________ From mpineault at osginformatique.com Tue Mar 20 13:32:52 2001 From: mpineault at osginformatique.com (Martin Pineault) Date: Tue Dec 2 02:33:49 2003 Subject: TR: Migrating profile from NT server to Linux Samba PDF Message-ID: <000301c0b142$43771750$01107bce@osginformatique2.com> Can't believe no one has done that before? No one has change from NT server to Linux and wan to keep their profile? Please... Thank you. MPLT -----Message d'origine----- De : Martin Pineault [mailto:mpineault@osginformatique.com] Envoy? : 15 mars, 2001 14:02 ? : 'samba-ntdom@lists.samba.org' Objet : Migrating profile from NT server to Linux Samba PDF HowTo Migrate profiles from NT server to Linux Samba PDF? Does anyone have a clue. Even if it's manually since we have few user. Thank you. MPLT From admin at techmuk.ac.ug Tue Mar 20 12:46:18 2001 From: admin at techmuk.ac.ug (Faculty System Admin) Date: Tue Dec 2 02:33:49 2003 Subject: confirm 273225 In-Reply-To: Message-ID: On Thu, 8 Mar 2001, Johan Strydom wrote: > confirm 273225 > > > From don_mccall at hp.com Tue Mar 20 13:55:49 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:49 2003 Subject: Migrating profile from NT server to Linux Samba PDF Message-ID: <079FD72E42C9D311B854009027650E6F040508DF@xatl02.atl.hp.com> Hi Martin, Sure, its been done. In fact, the book "Using Samba" from O'Reilly, starting on pg. 194 talks about HOW to set up Samba to using roaming profiles. If you're MIGRATING your user profiles from an NT server, it just means that after you have set up samba with the appropriat paths and directories to serve profiles to your clients, instead of CREATING them, you can just copy them to the appropriate directories on your Linux Samba server. If you are going to be administering the Samba server, I would highly recommend you get one of the following books - it will really help you out: "Using Samba" from O'Reilly (this is also available immediately for your need in html format at http://www.samba.org/samba/oreilly/using_samba There is also "Teaching Yourself Samba in 24 hours" from SAMS and "Using Samba" Special Edition from Richard Sharpe You can get any of these from Amazon.com, or other online bookstores. In the meantime, check out the reference above in the "Using Samba" on the html site and see if that will get you started - if you run into problems getting it to work from the examples there, give us a holler! Hope this helps, Don -----Original Message----- From: Martin Pineault [mailto:mpineault@osginformatique.com] Sent: Tuesday, March 20, 2001 8:33 AM To: samba-ntdom@us5.samba.org Subject: TR: Migrating profile from NT server to Linux Samba PDF Can't believe no one has done that before? No one has change from NT server to Linux and wan to keep their profile? Please... Thank you. MPLT -----Message d'origine----- De : Martin Pineault [mailto:mpineault@osginformatique.com] Envoy? : 15 mars, 2001 14:02 ? : 'samba-ntdom@lists.samba.org' Objet : Migrating profile from NT server to Linux Samba PDF HowTo Migrate profiles from NT server to Linux Samba PDF? Does anyone have a clue. Even if it's manually since we have few user. Thank you. MPLT From ejs at delfi.lt Tue Mar 20 08:47:46 2001 From: ejs at delfi.lt (Augis) Date: Tue Dec 2 02:33:49 2003 Subject: Authenticating NT Shares against Samba PDC users/groups References: <351812301.20010320013539@Morris.net> Message-ID: <3AB71932.10600@delfi.lt> Hi, Jim Morris wrote: > I've actually gotten so far as to create a new user group on the NT > box using the USer Manager for Domains that has the same name as one > of the existing Unix groups on the Samba PDC. I have then setup the > access rights for the share such that only that group has access to > the share (using "Full Control"). I can logon to the domain from a > Win98 client, using an account that is in that group, and am allowed > to connect to the share on the NT box. If I logon as a user who is NOT > in the group, the NT box will NOT allow me to connect to the share. > This all seems well and good. BUT - the user account that can connect > to the share sees no files on it! If I change the share permissions > to give "Everyone" full control on the share, then I see the files. Why you had to create new user group? You could simply pull out the names from Samba. After this, you should establish permitions to share like : [your group]; SYSTEM; Domain Admins - Full Controll and permitions for directory SYSTEM; Domain Admins - Full Controll I think this is because you ommited SYSTEM account you are not able to see any files. -- Augis remove -NOSPM when replying From jwitte at meome-ag.de Tue Mar 20 14:42:03 2001 From: jwitte at meome-ag.de (Jochen Witte) Date: Tue Dec 2 02:33:49 2003 Subject: Printer Driver Installation In-Reply-To: Message-ID: <35590000.985099323@li-001> Hello, after investigating that remote printerdriver-installation only works with NT4 (not with W2000), here`s one additional remark: now i get [2001/03/20 15:37:28, 0] smbd/service.c:make_connection(246) w2-001 (192.168.255.3) couldn't find service ::{2227a280-3aea-1069-a2de-08002b30309d} when connecting to the print$-share from a w2000-client. Regardless of this, the client can connect to printers and can automatically download and install the printer-drivers. Just the upload isn`t possible from a w2000-machine. Greetings -- Jochen WItte From ejs at delfi.lt Tue Mar 20 14:47:26 2001 From: ejs at delfi.lt (Augis) Date: Tue Dec 2 02:33:49 2003 Subject: TR: Migrating profile from NT server to Linux Samba PDF References: <000301c0b142$43771750$01107bce@osginformatique2.com> Message-ID: <3AB76D7E.4050507@delfi.lt> Martin Pineault wrote: > Can't believe no one has done that before? No one has change from NT server > to Linux and wan to keep their profile? > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > Does anyone have a clue. Even if it's manually since we have few user. foreach $USER in Users do login $USER; GOTO 'My Computer' -> 'Properties' -> Profiles; cp $User_Profile $SMB_Profile_Deposits; 'Permit use' -> user from domain users; done PS. Anyone has solution for 'Unknown account' bug in setting permitions? -- Augis From Eggens at teledynamics.nl Tue Mar 20 15:06:39 2001 From: Eggens at teledynamics.nl (Martin Eggens) Date: Tue Dec 2 02:33:50 2003 Subject: Domain administrator ? Message-ID: Hi, I'm using samba2.2.0alpha. I created a domain administrator by adding a user called 'admin' (passwd and smbpasswd) and assigning this user to the using group 'adm' within smb.conf I configured @adm to be the domain administrator group. When I use the 'admin' acount to join the domain using a NT4 workstation I'm able to logon but I don't seem to administrator privileges. Anybody an idea what I do wrong. Thanks Martin From Jim at Morris.net Tue Mar 20 15:12:34 2001 From: Jim at Morris.net (Jim Morris) Date: Tue Dec 2 02:33:50 2003 Subject: Authenticating NT Shares against Samba PDC users/groups In-Reply-To: <3AB71932.10600@delfi.lt> References: <351812301.20010320013539@Morris.net> <3AB71932.10600@delfi.lt> Message-ID: <19874219792.20010320091234@Morris.net> Hello Augis, Tuesday, March 20, 2001, 2:47:46 AM, you wrote: A> Why you had to create new user group? You could simply pull out the A> names from Samba. Well, I seem to have trouble doing just that. If I select a group from the Samba server on the NT box, I end up with an error that the "account doesn't exist" or something like that. That's not the exact error I get on NT - but as I'm not onsite at the moment, I cannot reproduce it right now. A> After this, you should establish permitions to share like : [your A> group]; SYSTEM; Domain Admins - Full Controll and permitions for A> directory SYSTEM; Domain Admins - Full Controll Well, I don't WANT any of these users to be domain administrators. I want a group of users with just "normal" user-level priveledges in the domain. I want that group ("accounting" for example) to be able to use the share in R/W mode, and users that are NOT in that group to not even connect to the share on the NT box. A> I think this is because you ommited SYSTEM account you are not able to A> see any files. I guess I'm not clear on how I am supposed to assign the SYSTEM account here.... Okay - I'm on a Windows 2000 box right now, and I see "SYSTEM" in the list for adding access rights to a share or file. So I put the group I want (NOT "Domain admins" hopefully) and SYSTEM in the list, and that should take care of it? I'll have the guys onsite try that and see what happens. Thanks. -- Best regards, Jim Morris mailto:Jim@Morris.net From simo.sorce at polimi.it Tue Mar 20 15:29:13 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:50 2003 Subject: Migrating profile from NT server to Linux Samba PDF In-Reply-To: <079FD72E42C9D311B854009027650E6F040508DF@xatl02.atl.hp.com> Message-ID: No, Don. Copying profiles is not enough. In every user profile directory there's also the NTUSER.DAT file that contains the users registry hive. The registry keys contained in this file have permissions only for the user of the NT domain (set by SID that will change changing the server). If I'm not wrong in some ResKit there should be a tool to change these permissions while migrating profiles. Simo. On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > Hi Martin, > Sure, its been done. In fact, the book "Using Samba" from O'Reilly, > starting on > pg. 194 talks about HOW to set up Samba to using roaming profiles. If > you're > MIGRATING your user profiles from an NT server, it just means that after you > have > set up samba with the appropriat paths and directories to serve profiles to > your > clients, instead of CREATING them, you can just copy them to the appropriate > > directories on your Linux Samba server. > If you are going to be administering the Samba server, I would highly > recommend > you get one of the following books - it will really help you out: > "Using Samba" from O'Reilly (this is also available immediately for your > need in > html format at http://www.samba.org/samba/oreilly/using_samba > There is also "Teaching Yourself Samba in 24 hours" from SAMS > and > "Using Samba" Special Edition from Richard Sharpe > You can get any of these from Amazon.com, or other online bookstores. > > In the meantime, check out the reference above in the "Using Samba" on the > html > site and see if that will get you started - if you run into problems getting > it to > work from the examples there, give us a holler! > Hope this helps, > Don > > -----Original Message----- > From: Martin Pineault [mailto:mpineault@osginformatique.com] > Sent: Tuesday, March 20, 2001 8:33 AM > To: samba-ntdom@us5.samba.org > Subject: TR: Migrating profile from NT server to Linux Samba PDF > > > Can't believe no one has done that before? No one has change from NT server > to Linux and wan to keep their profile? > > Please... Thank you. > > MPLT > -----Message d'origine----- > De : Martin Pineault [mailto:mpineault@osginformatique.com] > Envoy? : 15 mars, 2001 14:02 > ? : 'samba-ntdom@lists.samba.org' > Objet : Migrating profile from NT server to Linux Samba PDF > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > Does anyone have a clue. Even if it's manually since we have few user. > > Thank you. > > MPLT > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From don_mccall at hp.com Tue Mar 20 15:37:58 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:50 2003 Subject: Migrating profile from NT server to Linux Samba PDF Message-ID: <079FD72E42C9D311B854009027650E6F040508E3@xatl02.atl.hp.com> Hi Simo, Won't this be taken care of automatically when the nt computer/user joins the samba domain; when the user logs on, if Samba is set up right, shouldn't the client notice that the local copy of the profile is newer (since it doesn't exist on the Samba server yet), and copy it up to the appropriate place on the Samba server, including the ntuser.dat info? I had assumed (there's that WORD again!) that joining the domain would take care of this sid issue.... Any wisdom would be appreciated, Thanks, Don -----Original Message----- From: Simo Sorce [mailto:simo.sorce@polimi.it] Sent: Tuesday, March 20, 2001 10:29 AM To: MCCALL,DON (HP-USA,ex1) Cc: 'mpineault@osginformatique.com'; samba-ntdom@us5.samba.org Subject: RE: Migrating profile from NT server to Linux Samba PDF No, Don. Copying profiles is not enough. In every user profile directory there's also the NTUSER.DAT file that contains the users registry hive. The registry keys contained in this file have permissions only for the user of the NT domain (set by SID that will change changing the server). If I'm not wrong in some ResKit there should be a tool to change these permissions while migrating profiles. Simo. On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > Hi Martin, > Sure, its been done. In fact, the book "Using Samba" from O'Reilly, > starting on > pg. 194 talks about HOW to set up Samba to using roaming profiles. If > you're > MIGRATING your user profiles from an NT server, it just means that after you > have > set up samba with the appropriat paths and directories to serve profiles to > your > clients, instead of CREATING them, you can just copy them to the appropriate > > directories on your Linux Samba server. > If you are going to be administering the Samba server, I would highly > recommend > you get one of the following books - it will really help you out: > "Using Samba" from O'Reilly (this is also available immediately for your > need in > html format at http://www.samba.org/samba/oreilly/using_samba > There is also "Teaching Yourself Samba in 24 hours" from SAMS > and > "Using Samba" Special Edition from Richard Sharpe > You can get any of these from Amazon.com, or other online bookstores. > > In the meantime, check out the reference above in the "Using Samba" on the > html > site and see if that will get you started - if you run into problems getting > it to > work from the examples there, give us a holler! > Hope this helps, > Don > > -----Original Message----- > From: Martin Pineault [mailto:mpineault@osginformatique.com] > Sent: Tuesday, March 20, 2001 8:33 AM > To: samba-ntdom@us5.samba.org > Subject: TR: Migrating profile from NT server to Linux Samba PDF > > > Can't believe no one has done that before? No one has change from NT server > to Linux and wan to keep their profile? > > Please... Thank you. > > MPLT > -----Message d'origine----- > De : Martin Pineault [mailto:mpineault@osginformatique.com] > Envoy? : 15 mars, 2001 14:02 > ? : 'samba-ntdom@lists.samba.org' > Objet : Migrating profile from NT server to Linux Samba PDF > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > Does anyone have a clue. Even if it's manually since we have few user. > > Thank you. > > MPLT > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From simo.sorce at polimi.it Tue Mar 20 15:51:29 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:50 2003 Subject: Migrating profile from NT server to Linux Samba PDF In-Reply-To: <079FD72E42C9D311B854009027650E6F040508E3@xatl02.atl.hp.com> Message-ID: Nope, for "security" reasons every user is authenticated by a SID and not by a name: a SID is unique for every user on every domain and changing the domain would change the users SID. So if you do not migrate the profile, what the user will get is a totally new profile, as the one present on the local machine is not recognized as being of the user becuse of different ownership. On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > Hi Simo, > Won't this be taken care of automatically when the nt computer/user > joins the samba domain; when the user logs on, if Samba is set up > right, shouldn't the client notice that the local copy of the profile > is newer (since it doesn't exist on the Samba server yet), and copy it > up to the appropriate place on the Samba server, including the ntuser.dat > info? I had assumed (there's that WORD again!) that joining the domain > would take care of this sid issue.... > Any wisdom would be appreciated, > Thanks, > Don > > -----Original Message----- > From: Simo Sorce [mailto:simo.sorce@polimi.it] > Sent: Tuesday, March 20, 2001 10:29 AM > To: MCCALL,DON (HP-USA,ex1) > Cc: 'mpineault@osginformatique.com'; samba-ntdom@us5.samba.org > Subject: RE: Migrating profile from NT server to Linux Samba PDF > > > No, Don. > Copying profiles is not enough. > In every user profile directory there's also the NTUSER.DAT file that > contains the users registry hive. > The registry keys contained in this file have permissions only for the > user of the NT domain (set by SID that will change changing the server). > > If I'm not wrong in some ResKit there should be a tool to change these > permissions while migrating profiles. > > Simo. > > On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > > > Hi Martin, > > Sure, its been done. In fact, the book "Using Samba" from O'Reilly, > > starting on > > pg. 194 talks about HOW to set up Samba to using roaming profiles. If > > you're > > MIGRATING your user profiles from an NT server, it just means that after > you > > have > > set up samba with the appropriat paths and directories to serve profiles > to > > your > > clients, instead of CREATING them, you can just copy them to the > appropriate > > > > directories on your Linux Samba server. > > If you are going to be administering the Samba server, I would highly > > recommend > > you get one of the following books - it will really help you out: > > "Using Samba" from O'Reilly (this is also available immediately for your > > need in > > html format at http://www.samba.org/samba/oreilly/using_samba > > There is also "Teaching Yourself Samba in 24 hours" from SAMS > > and > > "Using Samba" Special Edition from Richard Sharpe > > You can get any of these from Amazon.com, or other online bookstores. > > > > In the meantime, check out the reference above in the "Using Samba" on the > > html > > site and see if that will get you started - if you run into problems > getting > > it to > > work from the examples there, give us a holler! > > Hope this helps, > > Don > > > > -----Original Message----- > > From: Martin Pineault [mailto:mpineault@osginformatique.com] > > Sent: Tuesday, March 20, 2001 8:33 AM > > To: samba-ntdom@us5.samba.org > > Subject: TR: Migrating profile from NT server to Linux Samba PDF > > > > > > Can't believe no one has done that before? No one has change from NT > server > > to Linux and wan to keep their profile? > > > > Please... Thank you. > > > > MPLT > > -----Message d'origine----- > > De : Martin Pineault [mailto:mpineault@osginformatique.com] > > Envoy? : 15 mars, 2001 14:02 > > ? : 'samba-ntdom@lists.samba.org' > > Objet : Migrating profile from NT server to Linux Samba PDF > > > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > > > Does anyone have a clue. Even if it's manually since we have few user. > > > > Thank you. > > > > MPLT > > > > > > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From greg at kwikfind.com Tue Mar 20 15:59:17 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:50 2003 Subject: NT Server as a client in Samba 2.0.6 References: <01C0B128.0FE75180.harrietr@mailstreet.nl> Message-ID: <003b01c0b156$b8bad650$6f00a8c0@logeng.net> Harrie, I'm not familiar with versions of Samba prior to 2.2, but there really isn't any difference between Win NT server and Win NT workstation from the networking aspect. They both join domains join domains the same way and both act exactly the same when "playing" the client role. In my current setup, I have a Samba 2.2 alpha 3 PDC with 22 Win 2k clients and one Win 2k server. All joined the Samba domain by setting the Network Identification, properties to the Samba domain. I had to employ the trick listed in the FAQS to make it possible to join machines from the client, but it works perfectly. I'm not sure where Samba 2.0.6 was in the way of PDC functionality, but I know that ALOT of work has gone into this area of development in the past months. You may find some value in upgrading (takes me less than 15 minutes). Good luck. Greg ----- Original Message ----- From: "Harrie ter Rele" To: Sent: Tuesday, March 20, 2001 1:25 AM Subject: NT Server as a client in Samba 2.0.6 > Hi, > > I have Samba running on version 2.0.6. Now i have some NT-Workstations (4 sp6) as clients > this is working fine. I also have one NT-Server machine which also has to connect as a > client to the samba service. > > Is this possible and when it is: > What do i have to configure on the NT-Server to get this working, or do i have to change > something in the samba-configuration. (or where can i find some information about this) > > Thanks. > > Harrie ter Rele > harrietr@mailstreet.nl > > > > > From greg at kwikfind.com Tue Mar 20 16:04:13 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:50 2003 Subject: Profiles References: <200103191822.f2JILve02424@ns.uems.br> <4.3.1.0.20010320102359.00a8fec0@mail> Message-ID: <004b01c0b157$68f6f4e0$6f00a8c0@logeng.net> Dominik, To be honest, I have never had a reason to employ mandatory profiles so I can't remember exactly how to do it. I only know that they do exist and will work to force a user into a semi-static GUI. If I were to employ them, I'd likely goto the Microsoft Knowledge Base or look in some of my documentation. You suggestion of changing the extension on the user.dat to .man sounds very familiar though. Give it a shot. Worst case, you'll have to restart with a boot disk and change the extension back. Sorry I couldn't be more help. Greg ----- Original Message ----- From: "Dominik Buerkle" To: "Greg J. Zartman" Sent: Tuesday, March 20, 2001 1:25 AM Subject: Re: Profiles > Hello Greg, > > isn't it possible to rename a user.dat file to user.man, making it MANdatory, > and aren't those contents read-only? > Else how do I set up a mandatory profile, is there a special service program? > > Kind regards, > Dominik > > At 10:41 19.03.01 -0800, you wrote: > >Well, with Win9x machines you're very limited in what you can force people > >to do or not do. You can kind of fake security with a domain (although I've > >been corrected in saying that a win9x is a true member of a domain), but > >even then you are limited. > > > >Your best option may be to set the Win9x machine to share level security, > >not user level security. That way everyone logs on under the same account. > >The start menu would then be the same for all, provided you made sure people > >aren't installing software on their own. > > > >Maybe even put together a little VB program to write over the start menu > >each time at bootup (very messy though). > > > >Good luck. > > > >Greg > > > > > > > >----- Original Message ----- > >From: > >To: "Greg J. Zartman" > >Sent: Monday, March 19, 2001 10:21 AM > >Subject: Re: Profiles > > > > > > > Hi, first thanks for your tip! > > > > > > "Greg J. Zartman" wrote: > > > > > > > 1) Set up a mandatory profile (you could have one or many). The profile > > > > would have a standardized start menu for all. > > > > > > > That's the best option. We already have a standard menu, but how can we > >put > > > it in client machines, I mean, without logon script? > > > > > > ________________________________________________________________ > > > > > > Esta mensagem foi gerada pelo Webmail da UEMS. > > > Para maiores informacoes acesse www.uems.br > > > > > > > > > > From greg at kwikfind.com Tue Mar 20 17:14:05 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:51 2003 Subject: Migrating profile from NT server to Linux Samba PDF References: <000301c0b15a$8741bfe0$01107bce@osginformatique2.com> Message-ID: <00dc01c0b161$2c642ac0$6f00a8c0@logeng.net> You can download either the tarballs or CVS from www.samba.org ----- Original Message ----- From: "Martin Pineault" To: "'Greg J. Zartman'" Sent: Tuesday, March 20, 2001 8:26 AM Subject: RE: Migrating profile from NT server to Linux Samba PDF I don't have those files, where can I get them on WWW for consultation not for download? Thank you. MPLT -----Message d'origine----- De : Greg J. Zartman [mailto:greg@kwikfind.com] Envoy? : 20 mars, 2001 11:10 ? : mpineault@osginformatique.com Cc : samba-ntdom@us5.samba.or Objet : Re: Migrating profile from NT server to Linux Samba PDF Martin, Yes, this can be done and people have done it. There is a step-by-step example on how to do this in an electronic book that comes with the Samba source. It's called Using Samba and it's in the .../samba/docs/htmldocs/using_samba directory. Look on pages 194-196. You'll find lots of goodies in this book. Regards, Greg ----- Original Message ----- From: "Martin Pineault" To: Sent: Tuesday, March 20, 2001 5:32 AM Subject: TR: Migrating profile from NT server to Linux Samba PDF > Can't believe no one has done that before? No one has change from NT server > to Linux and wan to keep their profile? > > Please... Thank you. > > MPLT > -----Message d'origine----- > De : Martin Pineault [mailto:mpineault@osginformatique.com] > Envoy? : 15 mars, 2001 14:02 > ? : 'samba-ntdom@lists.samba.org' > Objet : Migrating profile from NT server to Linux Samba PDF > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > Does anyone have a clue. Even if it's manually since we have few user. > > Thank you. > > MPLT > > > > > From don_mccall at hp.com Tue Mar 20 18:07:14 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:51 2003 Subject: Migrating profile from NT server to Linux Samba PDF Message-ID: <079FD72E42C9D311B854009027650E6F040508E4@xatl02.atl.hp.com> Thanks, Simo; here's me going off to do some more playing around with profiles! Don -----Original Message----- From: Simo Sorce [mailto:simo.sorce@polimi.it] Sent: Tuesday, March 20, 2001 10:51 AM To: MCCALL,DON (HP-USA,ex1) Cc: 'Simo Sorce'; 'mpineault@osginformatique.com'; samba-ntdom@us5.samba.org Subject: RE: Migrating profile from NT server to Linux Samba PDF Nope, for "security" reasons every user is authenticated by a SID and not by a name: a SID is unique for every user on every domain and changing the domain would change the users SID. So if you do not migrate the profile, what the user will get is a totally new profile, as the one present on the local machine is not recognized as being of the user becuse of different ownership. On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > Hi Simo, > Won't this be taken care of automatically when the nt computer/user > joins the samba domain; when the user logs on, if Samba is set up > right, shouldn't the client notice that the local copy of the profile > is newer (since it doesn't exist on the Samba server yet), and copy it > up to the appropriate place on the Samba server, including the ntuser.dat > info? I had assumed (there's that WORD again!) that joining the domain > would take care of this sid issue.... > Any wisdom would be appreciated, > Thanks, > Don > > -----Original Message----- > From: Simo Sorce [mailto:simo.sorce@polimi.it] > Sent: Tuesday, March 20, 2001 10:29 AM > To: MCCALL,DON (HP-USA,ex1) > Cc: 'mpineault@osginformatique.com'; samba-ntdom@us5.samba.org > Subject: RE: Migrating profile from NT server to Linux Samba PDF > > > No, Don. > Copying profiles is not enough. > In every user profile directory there's also the NTUSER.DAT file that > contains the users registry hive. > The registry keys contained in this file have permissions only for the > user of the NT domain (set by SID that will change changing the server). > > If I'm not wrong in some ResKit there should be a tool to change these > permissions while migrating profiles. > > Simo. > > On Tue, 20 Mar 2001, MCCALL,DON (HP-USA,ex1) wrote: > > > Hi Martin, > > Sure, its been done. In fact, the book "Using Samba" from O'Reilly, > > starting on > > pg. 194 talks about HOW to set up Samba to using roaming profiles. If > > you're > > MIGRATING your user profiles from an NT server, it just means that after > you > > have > > set up samba with the appropriat paths and directories to serve profiles > to > > your > > clients, instead of CREATING them, you can just copy them to the > appropriate > > > > directories on your Linux Samba server. > > If you are going to be administering the Samba server, I would highly > > recommend > > you get one of the following books - it will really help you out: > > "Using Samba" from O'Reilly (this is also available immediately for your > > need in > > html format at http://www.samba.org/samba/oreilly/using_samba > > There is also "Teaching Yourself Samba in 24 hours" from SAMS > > and > > "Using Samba" Special Edition from Richard Sharpe > > You can get any of these from Amazon.com, or other online bookstores. > > > > In the meantime, check out the reference above in the "Using Samba" on the > > html > > site and see if that will get you started - if you run into problems > getting > > it to > > work from the examples there, give us a holler! > > Hope this helps, > > Don > > > > -----Original Message----- > > From: Martin Pineault [mailto:mpineault@osginformatique.com] > > Sent: Tuesday, March 20, 2001 8:33 AM > > To: samba-ntdom@us5.samba.org > > Subject: TR: Migrating profile from NT server to Linux Samba PDF > > > > > > Can't believe no one has done that before? No one has change from NT > server > > to Linux and wan to keep their profile? > > > > Please... Thank you. > > > > MPLT > > -----Message d'origine----- > > De : Martin Pineault [mailto:mpineault@osginformatique.com] > > Envoy? : 15 mars, 2001 14:02 > > ? : 'samba-ntdom@lists.samba.org' > > Objet : Migrating profile from NT server to Linux Samba PDF > > > > HowTo Migrate profiles from NT server to Linux Samba PDF? > > > > Does anyone have a clue. Even if it's manually since we have few user. > > > > Thank you. > > > > MPLT > > > > > > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From David.Bear at asu.edu Tue Mar 20 18:52:57 2001 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:33:51 2003 Subject: smbclient connects but not smbmount Message-ID: using smbclient and specifying the username and password I can connect. However using smbmount with the same username and password I get a session setup failed: ERRDOS - ERRnoaccess SMB connection failed Why would smbmount fail when smbclient didn't? David Bear College of Public Programs/ASU From damason at davenet.mine.nu Tue Mar 20 19:15:27 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:51 2003 Subject: Migrating profile from NT server to Linux Samba PDF In-Reply-To: <079FD72E42C9D311B854009027650E6F040508DF@xatl02.atl.hp.com> Message-ID: This might be a basic NT question, and I suspect it can't be done, but let me just poll you folks: If I rename my domain to what I would like it to be (just for aesthetics, now that the even/odd problem is fixed), and I rejoin the newly renamed domain with my 2000 workstation, will the roaming profile kept in my user directory on the Samba server still work, or will I have to reestablish all of my settings? -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of MCCALL,DON (HP-USA,ex1) Sent: Tuesday, March 20, 2001 05:56 To: 'mpineault@osginformatique.com'; samba-ntdom@us5.samba.org Subject: RE: Migrating profile from NT server to Linux Samba PDF Hi Martin, Sure, its been done. In fact, the book "Using Samba" from O'Reilly, starting on pg. 194 talks about HOW to set up Samba to using roaming profiles. If you're MIGRATING your user profiles from an NT server, it just means that after you have set up samba with the appropriat paths and directories to serve profiles to your clients, instead of CREATING them, you can just copy them to the appropriate directories on your Linux Samba server. If you are going to be administering the Samba server, I would highly recommend you get one of the following books - it will really help you out: "Using Samba" from O'Reilly (this is also available immediately for your need in html format at http://www.samba.org/samba/oreilly/using_samba There is also "Teaching Yourself Samba in 24 hours" from SAMS and "Using Samba" Special Edition from Richard Sharpe You can get any of these from Amazon.com, or other online bookstores. In the meantime, check out the reference above in the "Using Samba" on the html site and see if that will get you started - if you run into problems getting it to work from the examples there, give us a holler! Hope this helps, Don -----Original Message----- From: Martin Pineault [mailto:mpineault@osginformatique.com] Sent: Tuesday, March 20, 2001 8:33 AM To: samba-ntdom@us5.samba.org Subject: TR: Migrating profile from NT server to Linux Samba PDF Can't believe no one has done that before? No one has change from NT server to Linux and wan to keep their profile? Please... Thank you. MPLT -----Message d'origine----- De : Martin Pineault [mailto:mpineault@osginformatique.com] Envoy? : 15 mars, 2001 14:02 ? : 'samba-ntdom@lists.samba.org' Objet : Migrating profile from NT server to Linux Samba PDF HowTo Migrate profiles from NT server to Linux Samba PDF? Does anyone have a clue. Even if it's manually since we have few user. Thank you. MPLT From gcarter at valinux.com Tue Mar 20 03:22:18 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:51 2003 Subject: samba2.2aplah2 In-Reply-To: ; from tcurdt@dff.st on Thu, Mar 15, 2001 at 11:14:43 -0600 References: Message-ID: <20010319212218.A1002@pogo.plainjoe.org> On Thu, 15 Mar 2001 11:14:43 Torsten Curdt wrote: > > Any progress with the LDAP support? Not recently. Mostly in my head is all. > I remember there was a big rewrite of the auth interface. > Is their now a reasonable way of adding a smooth integration > of user auth? Yup. That was me. I'm about to revisit it some next week I think. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From damason at davenet.mine.nu Tue Mar 20 20:18:48 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:51 2003 Subject: Domain administrator ? In-Reply-To: Message-ID: You need to add the domain\admin account to the local Administrators group on the workstation. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Martin Eggens Sent: Tuesday, March 20, 2001 07:07 To: samba-ntdom@us5.samba.org Subject: Domain administrator ? Hi, I'm using samba2.2.0alpha. I created a domain administrator by adding a user called 'admin' (passwd and smbpasswd) and assigning this user to the using group 'adm' within smb.conf I configured @adm to be the domain administrator group. When I use the 'admin' acount to join the domain using a NT4 workstation I'm able to logon but I don't seem to administrator privileges. Anybody an idea what I do wrong. Thanks Martin From markd at enteract.com Tue Mar 20 20:25:14 2001 From: markd at enteract.com (Mark Deutschmann) Date: Tue Dec 2 02:33:52 2003 Subject: Forcing to a user on another system Message-ID: I Have a BSD machine running Samba, with a remote Sco system's NFS export mounted. Using SWAT to configure a share (Just so happens to be the Sco machine's exported NFS share) I am trying to force to a user of the Sco machine. Is this even possible without running Samba on the Sco machine? Thank you, Mark Deutschmann Systems Manager Henry M. Greene & Associates, Inc. + MarkDeutschmann@greeneassoc.com -------------- next part -------------- HTML attachment scrubbed and removed From bassque at yahoo.com Tue Mar 20 20:56:43 2001 From: bassque at yahoo.com (bassque) Date: Tue Dec 2 02:33:52 2003 Subject: access samba file server from 95/98 Message-ID: <016b01c0b180$4534eac0$0201a8c0@bassque.com> Is there any way to use both windows 95 and 98 clients with a samba server? It seems one wants to use encrypted passwords and the other doesn't. I have also read about and tried the patch that eliminates the encryption on win98.....but thats alot of work for the amount of machines that would need to access the samba server! I was thinking along the lines of a short script for samba that says if OS equals win95 then encryption equals no, and if OS equals win98 then encryption equals yes. Can anyone make any suggestions on how I can accomplish this? Where will be a few hundred machines......a mixture of windows 95/98 and very few NT workstation boxes who I will need to grant access to the sambe file server. Any comments and thoughts are appreciated. Thanks -------------- next part -------------- HTML attachment scrubbed and removed From eirvine at tpgi.com.au Tue Mar 20 21:04:45 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:33:52 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> Message-ID: <3AB7C5EC.4DE26F51@tpgi.com.au> Hi, Yes. The best way is to have all machines use encrypted passwords. There is a registry setting you can use to set/unset encrypted passwords. I don't have it handy but it is the same for both win95 and win98. Eddie. bassque wrote: > > Part 1.1 Type: Plain Text (text/plain) > Encoding: quoted-printable From dwcjr at inethouston.net Tue Mar 20 21:15:00 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:52 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> <3AB7C5EC.4DE26F51@tpgi.com.au> Message-ID: <000701c0b182$d29f6460$931576d8@inethouston.net> it comes in the tarball for samba, you could try running it in your login script if you want to convert 95 machines to encrypted. Also note that nt4 doesn't encrypt by default before sp3 and does after. ----- Original Message ----- From: "eirvine" To: "bassque" Cc: Sent: Tuesday, March 20, 2001 3:04 PM Subject: Re: access samba file server from 95/98 > Hi, > > Yes. The best way is to have all machines use > encrypted passwords. There is a registry setting > you can use to set/unset encrypted passwords. > > I don't have it handy but it is the same for both > win95 and win98. > > Eddie. > > bassque wrote: > > > > Part 1.1 Type: Plain Text (text/plain) > > Encoding: quoted-printable > > From bob at meeker.urban.csuohio.edu Tue Mar 20 21:20:15 2001 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:33:52 2003 Subject: W2K-Terminal Server vs Samba Message-ID: <200103202120.QAA26420@meeker.urban.csuohio.edu> Since it has been some months since this topic has popped up, I had wondered if anyone had found a way around a Windows 2000 Terminal server machine using the same smb connection for all users? Anyone else that is in this boat found a way out of it? I am setting up a pair of test servers, one Samba 2.2 and W2K terminal server to test out the PDC service on Samba 2.2. Right now I have a W2K terminal server talking to Samba 2.0.7 on my Sun boxes and that is working ok most of the time. I've been seeing the drives (always the user's home directory thus far) disconnecting itself, and not reconnecting because of a "incorrect password" problem. So, any developments since this thread popped up back in December? Thanks, Bob Martel ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From bassque at yahoo.com Tue Mar 20 21:24:03 2001 From: bassque at yahoo.com (bassque) Date: Tue Dec 2 02:33:52 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> <000601c0b181$641996b0$0b01a8c0@markxp> Message-ID: <02be01c0b184$16f97320$0201a8c0@bassque.com> can you explain briefly how this is done. I'm not familliar with the method you are refering to. thanks ----- Original Message ----- From: "Mark" To: "bassque" Sent: Tuesday, March 20, 2001 4:04 PM Subject: Re: access samba file server from 95/98 > Make up a policy that tells the stations to turn encrypted passwords off on > 98 - thats the best way, rather than fiddling around with samba source > ----- Original Message ----- > From: bassque > To: samba-ntdom@us5.samba.org > Sent: Tuesday, March 20, 2001 8:56 PM > Subject: access samba file server from 95/98 > > > Is there any way to use both windows 95 and 98 clients with a samba server? > It seems one wants to use encrypted passwords and the other doesn't. I have > also read about and tried the patch that eliminates the encryption on > win98.....but thats alot of work for the amount of machines that would need > to access the samba server! I was thinking along the lines of a short script > for samba that says if OS equals win95 then encryption equals no, and if OS > equals win98 then encryption equals yes. Can anyone make any suggestions on > how I can accomplish this? Where will be a few hundred machines......a > mixture of windows 95/98 and very few NT workstation boxes who I will need > to grant access to the sambe file server. Any comments and thoughts are > appreciated. Thanks _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com From nick at i-vision.be Tue Mar 20 21:41:12 2001 From: nick at i-vision.be (Nick De Decker) Date: Tue Dec 2 02:33:52 2003 Subject: Different profiles per machine Message-ID: Hello, I'm rather new to samba tng and i have a question about profiles. I want to store different profiles per machine and per user (so not only per user) The clients i use have different software installed on it and so profiles should differ per machine. What i want is something like : \\SERVER\profiles\MACHINE\USER instead of \\SERVER\profiles\USER I tried to use the %m option but it doesnt work logon path = \\%L\Profile\%m\%U doesnt work When i do this it creates some strange directories like ? or & etc... What am i doing wrong ? Thanks in advance, Nick From aalang at rutgersinsurance.com Tue Mar 20 21:59:12 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:52 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> <000601c0b181$641996b0$0b01a8c0@markxp> <02be01c0b184$16f97320$0201a8c0@bassque.com> Message-ID: <00a701c0b188$ffbb2fa0$330a0a0a@rutgersinsurance.com> Get a Windows 98 CD and look under tools for System policy editor. I assume that is what he is referring to. Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "bassque" To: Sent: Tuesday, March 20, 2001 4:24 PM Subject: Re: access samba file server from 95/98 > can you explain briefly how this is done. > I'm not familliar with the method you are refering to. > thanks > > ----- Original Message ----- > From: "Mark" > To: "bassque" > Sent: Tuesday, March 20, 2001 4:04 PM > Subject: Re: access samba file server from 95/98 > > > > Make up a policy that tells the stations to turn encrypted passwords off > on > > 98 - thats the best way, rather than fiddling around with samba source > > ----- Original Message ----- > > From: bassque > > To: samba-ntdom@us5.samba.org > > Sent: Tuesday, March 20, 2001 8:56 PM > > Subject: access samba file server from 95/98 > > > > > > Is there any way to use both windows 95 and 98 clients with a samba > server? > > It seems one wants to use encrypted passwords and the other doesn't. I > have > > also read about and tried the patch that eliminates the encryption on > > win98.....but thats alot of work for the amount of machines that would > need > > to access the samba server! I was thinking along the lines of a short > script > > for samba that says if OS equals win95 then encryption equals no, and if > OS > > equals win98 then encryption equals yes. Can anyone make any suggestions > on > > how I can accomplish this? Where will be a few hundred machines......a > > mixture of windows 95/98 and very few NT workstation boxes who I will need > > to grant access to the sambe file server. Any comments and thoughts are > > appreciated. Thanks > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > From aalang at rutgersinsurance.com Tue Mar 20 22:00:17 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:52 2003 Subject: Sun and Samba References: <200103202120.QAA26420@meeker.urban.csuohio.edu> Message-ID: <00bc01c0b189$2654c720$330a0a0a@rutgersinsurance.com> How does Samba run on Solaris? Work ok? Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Robert M. Martel" To: Sent: Tuesday, March 20, 2001 4:20 PM Subject: W2K-Terminal Server vs Samba > > Since it has been some months since this topic has popped up, I had > wondered if anyone had found a way around a Windows 2000 Terminal server > machine using the same smb connection for all users? Anyone else that is in > this boat found a way out of it? > > I am setting up a pair of test servers, one Samba 2.2 and W2K terminal > server to test out the PDC service on Samba 2.2. > > Right now I have a W2K terminal server talking to Samba 2.0.7 on my > Sun boxes and that is working ok most of the time. I've been seeing the drives > (always the user's home directory thus far) disconnecting itself, and not > reconnecting because of a "incorrect password" problem. > > So, any developments since this thread popped up back in December? > > Thanks, > Bob Martel > **************************************************************************** ** > Bob Martel - System Administrator | I met someone who looks a lot like you > Levin College of Urban Affairs | She does the things you do > Cleveland State University | But she is an IBM > (216) 687-2214 | > bob@meeker.csuohio.edu | -Jeff Lynne > **************************************************************************** ** > From damason at davenet.mine.nu Tue Mar 20 22:01:30 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:52 2003 Subject: Forcing to a user on another system In-Reply-To: Message-ID: My guess would be to create a user with the same UID number on your machine, to match the user on the SCO server. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Mark Deutschmann Sent: Tuesday, March 20, 2001 12:25 To: samba-ntdom@us5.samba.org Subject: Forcing to a user on another system I Have a BSD machine running Samba, with a remote Sco system's NFS export mounted. Using SWAT to configure a share (Just so happens to be the Sco machine's exported NFS share) I am trying to force to a user of the Sco machine. Is this even possible without running Samba on the Sco machine? Thank you, Mark Deutschmann Systems Manager Henry M. Greene & Associates, Inc. + MarkDeutschmann@greeneassoc.com -------------- next part -------------- HTML attachment scrubbed and removed From mgeddes at xavier.sa.edu.au Tue Mar 20 22:14:08 2001 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:33:52 2003 Subject: Sun and Samba References: <200103202120.QAA26420@meeker.urban.csuohio.edu> <00bc01c0b189$2654c720$330a0a0a@rutgersinsurance.com> Message-ID: <3AB7D630.B816AE2@xavier.sa.edu.au> Adam Lang wrote: > > How does Samba run on Solaris? Work ok? I've run it on Solaris 7 and 8 on intel. It will compile on just about any Unix, I believe. It should run similarly on most platforms. Hope it helps, Matt From bkelly at coastsystems.net Tue Mar 20 22:16:36 2001 From: bkelly at coastsystems.net (Boyd Kelly) Date: Tue Dec 2 02:33:52 2003 Subject: Infamous 'No mapping between account names and security ID's' message Message-ID: Finally got this resolved, thanks to post by HUTTEN Thomas. Changed my computer name to all caps in Windows as well as passwd, and created machine names in smbpasswd manually. All worked. Thanks BK -------------- next part -------------- HTML attachment scrubbed and removed From bkelly at coastsystems.net Tue Mar 20 22:27:25 2001 From: bkelly at coastsystems.net (Boyd Kelly) Date: Tue Dec 2 02:33:52 2003 Subject: Win2k problem with saving profiles Message-ID: Hello, I am now having this problem. Freshly compiled from cvs this morning (March 19). When profile directory was first created, I believe that only one or two of the subdirectories had wrong permissions. Others were OK. Tried changing the create mask and directory mask etc but to no avail. I can see that this has been dealt with last month. Any news on this problem? I'd appreciate very much. Thanks very much Boyd -------------- next part -------------- HTML attachment scrubbed and removed From linux at fenix.uam.mx Tue Mar 20 22:31:07 2001 From: linux at fenix.uam.mx (Lista linux) Date: Tue Dec 2 02:33:52 2003 Subject: Domain administrator ? In-Reply-To: Message-ID: i added root to smbpasswd and logged as root in a w2k ws, in that form i got the administrator privileges, with any other account it does not worked for me. On Tue, 20 Mar 2001, David A. Mason wrote: > You need to add the domain\admin account to the local Administrators group > on the workstation. > > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Martin Eggens > Sent: Tuesday, March 20, 2001 07:07 > To: samba-ntdom@us5.samba.org > Subject: Domain administrator ? > > > Hi, > > I'm using samba2.2.0alpha. > I created a domain administrator by adding a user called 'admin' (passwd and > smbpasswd) > and assigning this user to the using group 'adm' > > within smb.conf I configured @adm to be the domain administrator group. > When I use the 'admin' acount to join the domain using a NT4 workstation I'm > able to > logon but I don't seem to administrator privileges. > > Anybody an idea what I do wrong. > > Thanks > Martin > > > > -- Ing. Romy Perez Moreno e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx http://fenix.uam.mx/romy tel: 5318 9067 / 5382-7157 From gleask at intervoice.com Tue Mar 20 22:39:15 2001 From: gleask at intervoice.com (Gary Leask) Date: Tue Dec 2 02:33:53 2003 Subject: Samba File Problem Message-ID: <3AB7DC13.3000602@intervoice.com> I need a solution to a problem I have. I have created a file on an NT box, read it on the Linux box via Samba, change the file on the NT box. read it agian on the Linux Box but he changes are not visablable. gary.leask@intervoice-brite.com From makis.marmaridis at angusknight.com.au Tue Mar 20 23:11:19 2001 From: makis.marmaridis at angusknight.com.au (Makis Marmaridis) Date: Tue Dec 2 02:33:53 2003 Subject: Profiles In-Reply-To: <004b01c0b157$68f6f4e0$6f00a8c0@logeng.net> Message-ID: <000001c0b193$134d8450$ef3c0a0a@htc.com> Dominik, you are correct, to convert profiles from roaming to mandatory all that needs to be done is rename NTUser.dat to NTUser.man and that's it. What this will do is allow for the profile to get downloaded to the client machine at user logon but when the user logs off the profile will not get sent back to the server as a roaming profile would have. In a lab I have setup in the past, I used one (1) mandatory profile for all the users. in the smb.conf file, I simply pointed the profile for all users to be the same. This way every user is getting the exact same profile (same start menu etc) and even if they manage to change it somehow (they create shortcuts etc on the desktop for example) when they log off and log back on they will get another unaltered copy of the mandatory profile. I would also advise though alongside with a common mandatory profile you also make sure you put some policies in place to prevent users from accessing certain parts of the client machines otherwise you might have to re-install them / re-image them quite often! :-) HTH, Regards, Makis. > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Greg J. Zartman > Sent: Wednesday, March 21, 2001 3:04 AM > To: Dominik Buerkle > Cc: > Subject: Re: Profiles > > > Dominik, > > To be honest, I have never had a reason to employ mandatory > profiles so I > can't remember exactly how to do it. I only know that they > do exist and > will work to force a user into a semi-static GUI. If I were > to employ them, > I'd likely goto the Microsoft Knowledge Base or look in some of my > documentation. You suggestion of changing the extension on > the user.dat to > .man sounds very familiar though. Give it a shot. Worst > case, you'll have > to restart with a boot disk and change the extension back. > > > Sorry I couldn't be more help. > > Greg > > ----- Original Message ----- > From: "Dominik Buerkle" <> > To: "Greg J. Zartman" > Sent: Tuesday, March 20, 2001 1:25 AM > Subject: Re: Profiles > > > > Hello Greg, > > > > isn't it possible to rename a user.dat file to user.man, making it > MANdatory, > > and aren't those contents read-only? > > Else how do I set up a mandatory profile, is there a special service > program? > > > > Kind regards, > > Dominik > > > > At 10:41 19.03.01 -0800, you wrote: > > >Well, with Win9x machines you're very limited in what you can force > people > > >to do or not do. You can kind of fake security with a > domain (although > I've > > >been corrected in saying that a win9x is a true member of > a domain), but > > >even then you are limited. > > > > > >Your best option may be to set the Win9x machine to share > level security, > > >not user level security. That way everyone logs on under the same > account. > > >The start menu would then be the same for all, provided > you made sure > people > > >aren't installing software on their own. > > > > > >Maybe even put together a little VB program to write over > the start menu > > >each time at bootup (very messy though). > > > > > >Good luck. > > > > > >Greg > > > > > > > > > > > >----- Original Message ----- > > >From: > > >To: "Greg J. Zartman" > > >Sent: Monday, March 19, 2001 10:21 AM > > >Subject: Re: Profiles > > > > > > > > > > Hi, first thanks for your tip! > > > > > > > > "Greg J. Zartman" wrote: > > > > > > > > > 1) Set up a mandatory profile (you could have one or > many). The > profile > > > > > would have a standardized start menu for all. > > > > > > > > > That's the best option. We already have a standard > menu, but how can > we > > >put > > > > it in client machines, I mean, without logon script? > > > > > > > > ________________________________________________________________ > > > > > > > > Esta mensagem foi gerada pelo Webmail da UEMS. > > > > Para maiores informacoes acesse www.uems.br > > > > > > > > > > > > > > > > > From makis.marmaridis at angusknight.com.au Tue Mar 20 23:26:01 2001 From: makis.marmaridis at angusknight.com.au (Makis Marmaridis) Date: Tue Dec 2 02:33:53 2003 Subject: samba2.2aplah2 In-Reply-To: <20010319212218.A1002@pogo.plainjoe.org> Message-ID: <000101c0b195$217f7ae0$ef3c0a0a@htc.com> Hi Jerry, Last thing I knew the LDAP sub-team (?) was still working on design but that was a while ago (couple of months) and I didn't hear much else since then. But I am still here and keen to help out however I can! I just lost touch with the rest of the sub-team (probably because I changed emails too). So, I suggest that anybody else that was volunteering to work on LDAP support for SAMBA 3.0, lets get together again and see what needs to be done and carry on. Cheers, Makis. > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Gerald Carter > Sent: Tuesday, March 20, 2001 2:22 PM > To: Torsten Curdt > Cc: Gerald Carter; samba-ntdom@us5.samba.org > Subject: RE: samba2.2aplah2 > > > On Thu, 15 Mar 2001 11:14:43 Torsten Curdt wrote: > > > > Any progress with the LDAP support? > > Not recently. Mostly in my head is all. > > > > I remember there was a big rewrite of the auth interface. > > Is their now a reasonable way of adding a smooth integration > > of user auth? > > Yup. That was me. I'm about to revisit it some next week > I think. > > > > > > > Cheers, jerry > ---------------------------------------------------------------------- > /\ Gerald (Jerry) Carter Professional Services > \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com > http://www.samba.org/ SAMBA Team jerry@samba.org > http://www.plainjoe.org/ jerry@plainjoe.org > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) > From bferrell at microdisplay.com Tue Mar 20 23:38:05 2001 From: bferrell at microdisplay.com (Bruce Ferrell) Date: Tue Dec 2 02:33:53 2003 Subject: SAMBA 2_2 NOW ... INTERNAL ERROR: References: <3A6DC797.14DFAE67@valinux.com> Message-ID: <3AB7E9DD.3D7FE4CB@microdisplay.com> Jeremy, Has this been "solved"? I had the same problem today on a RedHat 6.2 system with a cvs pull from 3/20/2001 Here's the back trace: Attaching to program: /usr/local/samba/bin/./smbd, Pid 13467 Reading symbols from /usr/lib/libreadline.so.3...done. Reading symbols from /lib/libdl.so.2...done. Reading symbols from /lib/libcrypt.so.1...done. Reading symbols from /lib/libnsl.so.1...done. Reading symbols from /lib/libc.so.6...done. Reading symbols from /lib/libtermcap.so.2...done. Reading symbols from /lib/ld-linux.so.2...done. Reading symbols from /lib/libnss_files.so.2...done. 0x4011a8e9 in __wait4 () from /lib/libc.so.6 (gdb) bt #0 0x4011a8e9 in __wait4 () from /lib/libc.so.6 #1 0x401791ec in ?? () from /lib/libc.so.6 #2 0x400c9cec in __libc_system (line=0x81788f0 "/bin/sleep 200000") at ../sysdeps/posix/system.c:136 #3 0x80f5a07 in smb_panic () #4 0x80e7ba9 in fault_report () #5 0x80e7bef in sig_fault () #6 0x400a7c68 in __restore () at ../sysdeps/unix/sysv/linux/i386/sigaction.c:127 #7 0x804b3dc in reload_services () #8 0x804b136 in open_sockets () #9 0x804bdd5 in main () #10 0x400a19cb in __libc_start_main (main=0x804b8d0
, argc=2, argv=0xbffffb44, init=0x804a124 <_init>, fini=0x81085bc <_fini>, rtld_fini=0x4000ae60 <_dl_fini>, stack_end=0xbffffb3c) at ../sysdeps/generic/libc-start.c:92 (gdb) q The program is running. Quit anyway (and detach it)? (y or n) y Detaching from program: /usr/local/samba/bin/./smbd, Pid 13467 Jeremy Allison wrote: > sambastuff@jabba.glfc.com wrote: > > > > When trying to join someone into the domain today > > I get this error: > > > > =============================================================== > > [2001/01/23 13:30:20, 0] lib/fault.c:fault_report(41) > > INTERNAL ERROR: Signal 11 in pid 2791 (2.2.0-alpha1) > > Please read the file BUGS.txt in the distribution > > [2001/01/23 13:30:20, 0] lib/fault.c:fault_report(43) > > =============================================================== > > [2001/01/23 13:30:20, 0] lib/util.c:smb_panic(1139) > > PANIC: internal error > > > > The error message in windows "Specified Network Name is no longer > > available" > > Add the following line to smb.conf [global] section. > > panic action = /bin/sleep 200000 > > then restart. Cause smbd to crash again and you'll find > a "sleep" process with a crashed parent smbd process. > > Use gdb to attach to this process (you did compile with -g > didn't you :-) and then type "bt" to get a stack backtrace > of where it failed. This is what I do to track down crashes > (on boxes where I can't get an xterm pop up directly with > gdb). > > Then mail it to the list. > > Thanks, > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- From andre at dei.isep.ipp.pt Tue Mar 20 23:36:29 2001 From: andre at dei.isep.ipp.pt (Andre Moreira) Date: Tue Dec 2 02:33:53 2003 Subject: Users can't delete their own local files References: <001101c0b08d$3db19760$38cd17c3@winbox> <000101c0b0a3$d06b1390$0a0aa8c0@win2000> <001201c0b0d3$566c4ca0$e2cd17c3@winbox> Message-ID: <005601c0b196$a27a2ae0$e2cd17c3@winbox> I've just found why users can't delete files: they can't write to recycle-bin :-) So I suppose there are problems on my NT Workstation local configuration and I will reinstall one from scratch to check this. ----- Original Message ----- From: Andre Moreira To: Sent: Tuesday, March 20, 2001 12:18 AM Subject: Re: Users can't delete their own local files > Hi > Create and directory masks are ok (defaults 0744 and 0755), > users can remove files from their profile on the server, the > profile on the server is updated when the user logouts. The > problem is with the localy cached profile and in general any > file created on the workstation. > > > > > check and in your smb.conf ???? > > > > ----- Original Message ----- > > From: "Andre Moreira" > > To: > > Sent: Monday, March 19, 2001 4:55 PM > > Subject: Users can't delete their own local files > > > > > > > We are using samba 2.07 as PDC and there are > > > around 800 users who share some 50 NTW4/SP6. > > > > > > Everything works ok, except that local profiles are > > > not removed when the user logouts. That's on the > > > the system policy that is loaded ok from the PDC. > > > > > > There is yet another problem, probably the cause for > > > the first one: USERS CAN'T REMOVE THEIR OWN > > > LOCAL FILES. > > > If a user creates a shortcut on his desktop (local profile) > > > he won't be able to remove it then. Same thing on C:\TEMP. > > > If you check the owner of the file it's ok. > > > If you check the security of the file the owner is "unknown". > > > Also userlists requested to the server are incomplete, only > > > some users show up. > > > > > > Any ideas ... > > > > > > > > > > > > > > > From danny at danner.net Wed Mar 21 00:52:38 2001 From: danny at danner.net (Ribz) Date: Tue Dec 2 02:33:53 2003 Subject: unix password sync = True? Message-ID: <3AB7FB56.6E338379@danner.net> OK here's the problem: when i use the "smbpasswd" program it doesn't update the "passwd" file in /etc. What i want: The explicate conditions in which Samba to Unix password syncing will operate correctly on a Red Hat 7.0 (Guiness) distro with samba 2.0.7-21ssl (included in distro) IE: perrmissions on passwd and smbpasswd files, password program = ?, password chat = ?, etc... What i dont want: Anything to do to with NT to Samba connectivity, or any other cross platform related issues... All i want is for smbpasswd to update /etc/passwd, thats all. Smb.conf: # Samba config file created using SWAT # from localhost (127.0.0.1) # Date: 2001/03/20 16:03:35 # Global parameters [global] workgroup = MYGROUP netbios name = RIBLITZ interfaces = eth* encrypt passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *successful* passwd chat debug = Yes unix password sync = Yes domain logons = Yes wins support = Yes [homes] comment = Home Directories writeable = Yes [netlogon] path = /data/dos/netlogon write list = @ourgrp oplocks = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [stuff] comment = misc. path = /stuff writeable = Yes create mask = 0777 set directory = Yes From peter.milburn at sofcom.com.au Wed Mar 21 04:37:48 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:53 2003 Subject: lastest CVS Message-ID: Hi, I am in dire straights of getting some help here. I have got the latest cvs update today, but still no joy with getting a new windows or linux machine to join the domain, can someone who is running odays CVS, let me know what tey have done to get it to work. Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From jamil9610 at yahoo.com Wed Mar 21 06:54:37 2001 From: jamil9610 at yahoo.com (Jamil ahmed) Date: Tue Dec 2 02:33:53 2003 Subject: Win2k PDC In-Reply-To: <20010320200119.C575883B4@lists.samba.org> Message-ID: <20010321065437.22448.qmail@web4803.mail.yahoo.com> Hi, I have a Windows 2000 Server working as a PDC in our network. there is a linux machine in the network. I want to make this linux machine as file server for windows clients. Samba should share users home folders & authenticate with the Windows 2000 PDC. I mean password authentication will be in Windows 2000. So if a user login to the Win2k domain, he will have a folder share in the linux samba machine. I have attached my smb.conf file. Another thing, if I want to make my samba machine as PDC what should be the smb.conf?? Mail me at jamil9610@yahoo.com Keep smiling, ;o) Jamil __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -------------- next part -------------- # Samba config file created using SWAT # from 10.0.0.71 (10.0.0.71) # Date: 2000/12/11 12:36:33 # Global parameters [global] workgroup = XIRUS ###### added by jamil ######## # domain logons = yes # security = user # os level = 34 # local master = yes # encrypted passwords = yes ############################### server string = Jamil's Ontext Samba Server interfaces = eth0 10.0.0.11 bind interfaces only = Yes encrypt passwords = Yes log file = /var/log/samba/log.%m read raw = No name resolve order = lmhosts host bcast socket options = IPTOS_LOWDELAY TCP_NODELAY # os level = 65 preferred master = Yes domain master = Yes dns proxy = No create mask = 0644 hosts allow = ALL hosts deny = NONE write cache size = 262144 level2 oplocks = Yes [homes] comment = Home Directories invalid users = root bin daemon nobody named sys tty disk mem kmem users writeable = Yes [netlogon] comment = The domain logon service path = /export/samba/logon public = no writeable = no browsable = no From pj at waskiewicz.org Wed Mar 21 07:13:10 2001 From: pj at waskiewicz.org (PJ Waskiewicz) Date: Tue Dec 2 02:33:53 2003 Subject: Samba-2.2.0alpha2 PDC under Solaris 8. Message-ID: <985158790.3ab85486ecc16@dvorak.mathcs.wilkes.edu> Hi all. I got Samba-2.2.0alpha2 to compile under Solaris 8 (SPARC) by rewriting some net code in smbd/password.c. I'm getting a patch together to send in possibly (it was like 5 lines of code), but I'm having problems setting up the PDC. I have a conf file just like the PDC-Howto specifies, have the Win2k client added to /etc/passwd and /usr/local/samba/private/smbpasswd, and then when I try to enter the domain, the client responds "The domain master could not be contacted or the domain doesn't exist" which both do exist. I can mount shares from it (including home directories), but I can't join the domain. Any thoughts? Thanks in advance. PJ Waskiewicz pj@waskiewicz.org From Daniel.Moeller at de.bosch.com Wed Mar 21 12:52:13 2001 From: Daniel.Moeller at de.bosch.com (Moeller Daniel (QI/CCE21) *) Date: Tue Dec 2 02:33:53 2003 Subject: AW: Sun and Samba Message-ID: <9015FB0BD980D411BFBC00508BAE6AF74E11C2@simail5.server.bosch.com> Hi, we have serveral Sun servers with Solaris 2.6 and Samba 2.0.7. In general it works very well. Automatic disconnection can be configured via "deadtime", but reconnect should work. Kind regards, Danny -----Urspr?ngliche Nachricht----- Von: Adam Lang [mailto:aalang@rutgersinsurance.com] Gesendet: Dienstag, 20. M?rz 2001 23:00 An: samba-ntdom@us5.samba.org Betreff: Re: Sun and Samba How does Samba run on Solaris? Work ok? Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Robert M. Martel" To: Sent: Tuesday, March 20, 2001 4:20 PM Subject: W2K-Terminal Server vs Samba > > Since it has been some months since this topic has popped up, I had > wondered if anyone had found a way around a Windows 2000 Terminal server > machine using the same smb connection for all users? Anyone else that is in > this boat found a way out of it? > > I am setting up a pair of test servers, one Samba 2.2 and W2K terminal > server to test out the PDC service on Samba 2.2. > > Right now I have a W2K terminal server talking to Samba 2.0.7 on my > Sun boxes and that is working ok most of the time. I've been seeing the drives > (always the user's home directory thus far) disconnecting itself, and not > reconnecting because of a "incorrect password" problem. > > So, any developments since this thread popped up back in December? > > Thanks, > Bob Martel > **************************************************************************** ** > Bob Martel - System Administrator | I met someone who looks a lot like you > Levin College of Urban Affairs | She does the things you do > Cleveland State University | But she is an IBM > (216) 687-2214 | > bob@meeker.csuohio.edu | -Jeff Lynne > **************************************************************************** ** > From nick at i-vision.be Wed Mar 21 13:45:18 2001 From: nick at i-vision.be (Nick De Decker) Date: Tue Dec 2 02:33:53 2003 Subject: Netbios name or IP not known Message-ID: <002901c0b20d$2ac16410$0f01a8c0@sevruga> Hello, I want to use the %m %M and %I in some preexec commands and other stuff, but it always results in UNKNOWN or 0.0.0.0. When i look in my logfiles i see that the IP and computername are known there, so why not in my preexec command ?? Appreciate any help Nick From pilger at kahana.higp.hawaii.edu Wed Mar 21 16:06:23 2001 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:33:53 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> <000601c0b181$641996b0$0b01a8c0@markxp> <02be01c0b184$16f97320$0201a8c0@bassque.com> Message-ID: <3AB8D17E.E24B592E@higp.hawaii.edu> Better yet, use encrypted and switch over all your Win95 machines. The switch only has to be done once, and all the machines in the future (Win98/Me/2000) will default to encrypted. There are ".reg" files in the docs folder of the source tree that will turn off encryption. Just run the Win95 one, look in the registry for "EnablePlainTextPassword", change the 0 to a 1, and save the result to a ".reg" file. Now all you have to do is run it once on each Win95 machine and you're ready to roll. Of course a similar argument could be made for using unencrypted. After all, the new machines usually come in a few at a time and are easily changed over (once again using a ".reg" file). I stuck it out this way for a long time because it was so convenient to just use my existing UNIX passwords. I'd argue that either way is preferable to spending days trying to buck the current and make either OS do something it doesn't really want to. Those kind of things always blow up in your face later. bassque wrote: > can you explain briefly how this is done. > I'm not familliar with the method you are refering to. > thanks > > ----- Original Message ----- > From: "Mark" > To: "bassque" > Sent: Tuesday, March 20, 2001 4:04 PM > Subject: Re: access samba file server from 95/98 > > > Make up a policy that tells the stations to turn encrypted passwords off > on > > 98 - thats the best way, rather than fiddling around with samba source -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From tm9201 at hotmail.com Wed Mar 21 16:30:33 2001 From: tm9201 at hotmail.com (Tom Martin) Date: Tue Dec 2 02:33:53 2003 Subject: (no subject) Message-ID: I have an interesting question about Win98 clients connecting to Samba 2.0.7. We don't have a domain controller, so we are running Samba in security = server mode. Everything has been working fine, but when our 98 clients are writing to the Samba server via. the desktop (e.g. GUI), the performance is poor (writes take 2-3x the time vs. NT and Win2K clients). Old fashioned writes via. a win98 msdos window via. "copy" do not suffer from this poor performance. Because the performance problem is only noticed via. the GUI, and it only occurs with 98 clients, the assumption has been that this is a problem with Win98. Just for grins... :-) I setup an NT domain controller, and set security = domain. Now the Win98 writes via. the desktop run at normal speed. This is bizarre. Further testing shows that this performance drop only occurs in this one case where 1) it is a 98 client, 2) the samba server is in security = server, and 3) the client is writing via. the desktop. Any ideas? Except for running in security = domain mode (which is not an option). TIA. Tom _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com From aalang at rutgersinsurance.com Wed Mar 21 16:53:34 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:54 2003 Subject: access samba file server from 95/98 References: <016b01c0b180$4534eac0$0201a8c0@bassque.com> <000601c0b181$641996b0$0b01a8c0@markxp> <02be01c0b184$16f97320$0201a8c0@bassque.com> <3AB8D17E.E24B592E@higp.hawaii.edu> Message-ID: <010101c0b227$7745b6a0$330a0a0a@rutgersinsurance.com> And you can stick that reg file in a share and have their login script run the reg file. Keeps from having to do it manually to each system, correct? Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Eric Pilger" To: Sent: Wednesday, March 21, 2001 11:06 AM Subject: Re: access samba file server from 95/98 > > > Better yet, use encrypted and switch over all your Win95 machines. The switch > only has to be done once, and all the machines in the future (Win98/Me/2000) > will default to encrypted. > > There are ".reg" files in the docs folder of the source tree that will turn off > encryption. Just run the Win95 one, look in the registry for > "EnablePlainTextPassword", change the 0 to a 1, and save the result to a ".reg" > file. Now all you have to do is run it once on each Win95 machine and you're > ready to roll. > > Of course a similar argument could be made for using unencrypted. After all, the > new machines usually come in a few at a time and are easily changed over (once > again using a ".reg" file). I stuck it out this way for a long time because it > was so convenient to just use my existing UNIX passwords. > > I'd argue that either way is preferable to spending days trying to buck the > current and make either OS do something it doesn't really want to. Those kind of > things always blow up in your face later. > > bassque wrote: > > > can you explain briefly how this is done. > > I'm not familliar with the method you are refering to. > > thanks > > > > ----- Original Message ----- > > From: "Mark" > > To: "bassque" > > Sent: Tuesday, March 20, 2001 4:04 PM > > Subject: Re: access samba file server from 95/98 > > > > > Make up a policy that tells the stations to turn encrypted passwords off > > on > > > 98 - thats the best way, rather than fiddling around with samba source > > -- > Eric J. Pilger > > Systems Administrator > > Hawaii Institute of Geophysics and Planetology/SOEST > > pilger@pgd.hawaii.edu > > (808)956-6321 > > From satkins at skilouise.com Wed Mar 21 18:27:38 2001 From: satkins at skilouise.com (Stephen Atkins) Date: Tue Dec 2 02:33:54 2003 Subject: No logon scripts after CVS update. Message-ID: Hello all. I've been running a SAMBA CVS 2.2 for a while. One day I decided to update the source and recompile. Once I did that my logon scripts quit working on my Windows machines. Just wondering if this is expected or what. And no its not a production server so its not serious. --------------------------------------------------------------------- // Stephen Atkins Information Systems // o satkins@skilouise.com //____ http://www.skilouise.com Resorts of the Canadian Rockies /_______ "I take all knowlegde to be my province." - Francis Bacon From kkc at uclink4.berkeley.edu Wed Mar 21 18:49:20 2001 From: kkc at uclink4.berkeley.edu (Kevin Chan) Date: Tue Dec 2 02:33:54 2003 Subject: using %G in smb.conf include statement Message-ID: <4.3.2.7.2.20010321103720.00ae8870@uclink4.berkeley.edu> I am trying to configure my samba 2.0.7 smb.conf file so that only the shares of the appropriate groups will be displayed. Thus, I have added this statement near the end of my smb.conf file: include = /etc/samba/smb.conf.%G and I have included the appropriate shares in the group smb.conf config file. This is not something that was made explicit in any documentation that I have read, but I thought that it shouldn't be a problem. However, I am getting a very strange problem that I cannot pinpoint (I have used smbclient and net use among other methods of troubleshooting). Here are the symptons in detail. When I restart smbd and nmbd, I can see all the shares from Network Neighborhood (Win NT 4.0 SP6), but when I try to access them, I get an error dialog box saying "network name cannot be found" and if I reload at this moment, I get only the shares on the main smb.conf (if any are listed) and those I can access fine. A couple of odd things that occur are 1) sometimes I can access one of these shares, but when I go back up one level, I will only see this share and will not be able to access any other shares; 2) if I use the net use command before I view the shares on network neighborhood, I will not only connect properly, but the shares on network neighborhood will ALL work! But only for a while, then it reverts back and forth (this seems to always be the case) between not browsing/no access and working perfectly fine. So this is giving me a headache...and I suspect it has to do with the include line, but I am quite sure that the usage of %G is correct (it is displaying the correct shares from the correct auxiliary smb.conf file). So any help to fix this problem or another solution to splitting up the browsing of shares based on groups will be welcomed. Thanks in advance, Kevin Chan Administratvie Computing UC Berkeley From barth at cck.uni-kl.de Wed Mar 21 20:04:32 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:54 2003 Subject: using %G in smb.conf include statement In-Reply-To: <4.3.2.7.2.20010321103720.00ae8870@uclink4.berkeley.edu> Message-ID: <3AB91760.4689.2F87DA5@localhost> Just a little hint, which may also be related to an other problem with %u, ... today in this list: These parameters can only work once samba knows the group, user, .... but parts of browsing and the begin of the conection to a share are done with out these as nobody. In my expirience the network neiborhood mainly causes troble. Wy not setting "browsable = no" to all / most of the share and connect them with a loginskript to fixed drives. (BTW: fixed drive letters on a network are very handy for ReadMe's, manuals, .....) Chrsitian > I am trying to configure my samba 2.0.7 smb.conf file so that only the > shares of the appropriate groups will be displayed. Thus, I have added > this statement near the end of my smb.conf file: > > include = /etc/samba/smb.conf.%G > > and I have included the appropriate shares in the group smb.conf config > file. This is not something that was made explicit in any documentation > that I have read, but I thought that it shouldn't be a problem. However, I > am getting a very strange problem that I cannot pinpoint (I have used > smbclient and net use among other methods of troubleshooting). Here are > the symptons in detail. > > When I restart smbd and nmbd, I can see all the shares from Network > Neighborhood (Win NT 4.0 SP6), but when I try to access them, I get an > error dialog box saying "network name cannot be found" and if I reload at > this moment, I get only the shares on the main smb.conf (if any are listed) > and those I can access fine. A couple of odd things that occur are 1) > sometimes I can access one of these shares, but when I go back up one > level, I will only see this share and will not be able to access any other > shares; 2) if I use the net use command before I view the shares on network > neighborhood, I will not only connect properly, but the shares on network > neighborhood will ALL work! But only for a while, then it reverts back and > forth (this seems to always be the case) between not browsing/no access and > working perfectly fine. > > So this is giving me a headache...and I suspect it has to do with the > include line, but I am quite sure that the usage of %G is correct (it is > displaying the correct shares from the correct auxiliary smb.conf > file). So any help to fix this problem or another solution to splitting up > the browsing of shares based on groups will be welcomed. > > Thanks in advance, > Kevin Chan > Administratvie Computing > UC Berkeley > > > _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From marshallj at switch.aust.com Wed Mar 21 23:15:39 2001 From: marshallj at switch.aust.com (Marshall, Joshua) Date: Tue Dec 2 02:33:54 2003 Subject: Best way to change over NT PDC Message-ID: <3AB9361B.CFE9DC10@switch.aust.com> Hi, I've installed Samba 2.2 and have it working great as a PDC for our network. It is currently co-existing with a NT4 PDC (different domain name) - I wan't to convert the NT box to the Samba domain without affecting Exchange Server, and use the Samba PDC. Is there a way to do this? I know that NT PDC can be downgraded to BDC but not to Member server. Am I stuck with re-installing NT or is there a trick (I don't mind hacking into the registry etc) I can do to get it to work on the new domain? Regards, Josh Marshall. From bgjohnson at tasc.com Wed Mar 21 23:24:25 2001 From: bgjohnson at tasc.com (Johnson, Byron G.) Date: Tue Dec 2 02:33:54 2003 Subject: Disappearing Shares Message-ID: I am running Samba 2.0.7 on a network with a bunch of W2K workstations. I had a number of W2K shares mounted on the Linux box and everything worked okay. I did some work on a couple of the W2K boxes and they were down for a few hours. Now the shares I had mounted on the Linux box have disappeared--when I try to access them in the directory where they were, I get an error message. Also, I can't delete the directories where the shares were mounted BUT I can create new directories and re-mount the same share in a new directory. Any idea how I can delete the directories where the shares were mounted? -- Byron G. Johnson Business Development Manager, Enterprise Security Litton TASC 4801 Stonecroft Blvd Chantilly, VA 20151-3822 Voice: (703) 633-8478 Fax: (703) 449-1087 Cellular: (703) 819-6423 Pager: (888) 751-4116 Home: (703) 753-0204 E-Mail: bgjohnson@tasc.com From damason at davenet.mine.nu Thu Mar 22 00:43:13 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:54 2003 Subject: Disappearing Shares In-Reply-To: Message-ID: Did you try umounting them first, in spite of the fact that they are empty? -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Johnson, Byron G. Sent: Wednesday, March 21, 2001 15:24 To: samba-ntdom@us5.samba.org Subject: Disappearing Shares I am running Samba 2.0.7 on a network with a bunch of W2K workstations. I had a number of W2K shares mounted on the Linux box and everything worked okay. I did some work on a couple of the W2K boxes and they were down for a few hours. Now the shares I had mounted on the Linux box have disappeared--when I try to access them in the directory where they were, I get an error message. Also, I can't delete the directories where the shares were mounted BUT I can create new directories and re-mount the same share in a new directory. Any idea how I can delete the directories where the shares were mounted? -- Byron G. Johnson Business Development Manager, Enterprise Security Litton TASC 4801 Stonecroft Blvd Chantilly, VA 20151-3822 Voice: (703) 633-8478 Fax: (703) 449-1087 Cellular: (703) 819-6423 Pager: (888) 751-4116 Home: (703) 753-0204 E-Mail: bgjohnson@tasc.com From cecep at tf.itb.ac.id Thu Mar 22 03:27:18 2001 From: cecep at tf.itb.ac.id (Cecep Mahbub) Date: Tue Dec 2 02:33:54 2003 Subject: Disappearing Shares In-Reply-To: Message-ID: try umount (by root) On Wed, 21 Mar 2001, Johnson, Byron G. wrote: > I am running Samba 2.0.7 on a network with a bunch of W2K workstations. I > had a number of W2K shares mounted on the Linux box and everything worked > okay. I did some work on a couple of the W2K boxes and they were down for a > few hours. Now the shares I had mounted on the Linux box have > disappeared--when I try to access them in the directory where they were, I > get an error message. Also, I can't delete the directories where the shares > were mounted BUT I can create new directories and re-mount the same share in > a new directory. > > Any idea how I can delete the directories where the shares were mounted? > > -- > Byron G. Johnson > Business Development Manager, Enterprise Security > Litton TASC > 4801 Stonecroft Blvd > Chantilly, VA 20151-3822 > Voice: (703) 633-8478 > Fax: (703) 449-1087 > Cellular: (703) 819-6423 > Pager: (888) 751-4116 > Home: (703) 753-0204 > E-Mail: bgjohnson@tasc.com > > _ cecep@tf _ From calfpit at yahoo.co.uk Thu Mar 22 10:55:40 2001 From: calfpit at yahoo.co.uk (=?iso-8859-1?q?CALFP=20IT?=) Date: Tue Dec 2 02:33:54 2003 Subject: MS Excel simultanious file modification through samba Message-ID: <20010322105540.44776.qmail@web12205.mail.yahoo.com> We are using Samba on a Sun Solaris system having shareable folders between users of Sun and NT workstations. Having recently upgraded a number of users from Office 97 to Office 2000, we are now experiencing a situation with Excel where two users can now modify the same file at the same time. This was not allowed with Excel 97. We have not made any changes to the Samba configuration and are trying to establish whether Samba is the cause or some obscure feature of Excel 2000. Has anyone else had this problem and found a solution. Thanks Kevin ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie From lkcl at samba-tng.org Thu Mar 22 11:42:26 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:33:54 2003 Subject: TNG architecture paper under development Message-ID: http://www.samba-tng.org/docs/tng-arch/tng-arch.html this may be of interest to some people. discussion welcomed on tng-technical. luke ----- Luke Kenneth Casson Leighton ----- "i want a world of dreams, run by near-sighted visionaries" "good. that's them sorted out. now, on _this_ world..." From berland at stud.math.ntnu.no Thu Mar 22 12:34:49 2001 From: berland at stud.math.ntnu.no (=?ISO-8859-1?Q?H=E5vard_Berland?=) Date: Tue Dec 2 02:33:54 2003 Subject: Joining CVS-PDC with W2K terminal server Message-ID: Hello folks, we are having trouble at the studentslaboratory at the University in Trondheim, Norway. We want a Sun 250 running Solaris 8 function as a PDC for a W2k terminalserver, due to replace all NT-installation on our workstations. The sambaserver is running the very latest cvs-source, and it functions as a PDC for our WinNT clients. But we can't get the W2K server to join our domain (which name is of 6 characters). I've read every other post on this list and tried to follow the tutorials given there. This includes: - adding the w2k server to the /etc/passwd on the sambaserver - removed the w2k server from smbpasswd on the sambaserver - adding a root account in smbpasswd ('smbpasswd -a root') - made root a member of the admin group mentioned in smb.conf - smb.conf taken from samba-pdc-howto.txt but we only get the message "The credentials supplied conflict with an existing set of credentials". ----------------------------------------------------------------------- H?vard Berland berland@stud.math.ntnu.no www.stud.math.ntnu.no/~berland From barth at cck.uni-kl.de Thu Mar 22 13:42:32 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:54 2003 Subject: Joining CVS-PDC with W2K terminal server In-Reply-To: Message-ID: <3ABA0F58.32003.18C7783@localhost> > but we only get the message "The credentials supplied conflict with an > existing set of credentials". This sounds like a problem known form all joinings to a domain: Are you sure that you do not have any connection to any share of any server on the w2k-ts during the attemped to join the domain? In this case you get a similar message on NT. Probably thats not only with connection to shars, but with other network (ts-clients, ....) aktivity as well. Just my thoughts. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From DAVID_DELANEY at fmc.com Thu Mar 22 13:46:35 2001 From: DAVID_DELANEY at fmc.com (DELANEY, DAVID) Date: Tue Dec 2 02:33:54 2003 Subject: NT TRUST ISSUE Message-ID: <200103221347.HAA16628@igw.fmc.com> Would like to run SAMBA to share files on Unix with devices across many NT domains. Would like to avoid managing any NT trusts. Will SAMBA allow sharing data without needing any NT Trusts? Thanks. From kris.ozzy at lineone.net Thu Mar 22 15:22:22 2001 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:33:54 2003 Subject: Profiles Message-ID: Hi, I'm using 2.0.7 as a PDC, which has the profiles for nt 4 clients. Has anyone solved the problem where if a user logs on to a NT4 client and then logs off, and then another user logs on directly after, the new user will get access to the previous users profile directly. Is there a way to make the client disconnect from the profile share after loging off? Cheers Kris Part of my smb.conf logon path = \\%L\Profiles [Profiles] path = /home/Profiles/%U browseable = yes guest ok = no writable = yes locking = no ------------- Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From don_mccall at hp.com Thu Mar 22 15:40:02 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:54 2003 Subject: Netbios name or IP not known Message-ID: <079FD72E42C9D311B854009027650E6F040508ED@xatl02.atl.hp.com> Hi Nick, Don't know why - but here is a simple test that works for me: in global section of smb.conf: preexec = "/opt/samba/bin/preecho.sh %I %m %M" /opt/samba/bin/preecho.sh: echo $1 $2 $3 >>/var/opt/samba/echolog.txt make sure that echolog.txt exists and is world writeable: touch /var/opt/samba/echolog.txt chmod 777 /var/opt/samba/echolog.txt make sure that preecho.sh is executable: chmod 755 /opt/samba/bin/preecho.sh Then test: smbclient -L mysambamachinename Results in /var/opt/samba/echolog.txt: 15.44.48.49 rkm-nt rkm-nt.atl.hp.com Try this simple test to make sure it works before going to something more complicated. Hope this helps, Don -----Original Message----- From: Nick De Decker [mailto:nick@i-vision.be] Sent: Wednesday, March 21, 2001 8:45 AM To: samba-ntdom@us5.samba.org Subject: Netbios name or IP not known Hello, I want to use the %m %M and %I in some preexec commands and other stuff, but it always results in UNKNOWN or 0.0.0.0. When i look in my logfiles i see that the IP and computername are known there, so why not in my preexec command ?? Appreciate any help Nick From berland at stud.math.ntnu.no Thu Mar 22 15:57:57 2001 From: berland at stud.math.ntnu.no (=?ISO-8859-1?Q?H=E5vard_Berland?=) Date: Tue Dec 2 02:33:54 2003 Subject: Joining CVS-PDC with W2K terminal server In-Reply-To: <3ABA0F58.32003.18C7783@localhost> Message-ID: On Thu, 22 Mar 2001, Christian Barth wrote: | | > but we only get the message "The credentials supplied conflict with an | > existing set of credentials". | | This sounds like a problem known form all joinings to a domain: Are | you sure that you do not have any connection to any share of any | server on the w2k-ts during the attemped to join the domain? In this | case you get a similar message on NT. Probably thats not only with | connection to shars, but with other network (ts-clients, ....) | aktivity as well. Just my thoughts. I managed to solve the problem by restarting the samba server and rebooting the w2k-ws a couple of times. I also stripped our former smbpasswd as the log complained about it being corrupt. The machine successfully joined the domain, but regular (smbpasswd) users are not able to log on to the machine. While logging in, users immediately receives the message: "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect." But the w2k-ws has just made its entry in smbpasswd while joining the domain! In the Event Log of the w2k-ws there is an error stating: "Failed to authenticate with \\MONA, a Windows NT or Windows 2000 domain controller for domain MATH-MONA" where MONA is indeed our samba server. And, I guess because of the error in the Event Log, samba does not log anything when a user tries to log on. -- H?vard Berland www.stud.math.ntnu.no/~berland Systems Administrator and Student of Numerics at Department of Mathematical Sciences, Norwegian University of Science and Technology From greg at kwikfind.com Thu Mar 22 16:04:57 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:54 2003 Subject: Joining CVS-PDC with W2K terminal server References: Message-ID: <004a01c0b2e9$d83044e0$6f00a8c0@logeng.net> Harvard, A couple suggestions: 1. Make sure that you are not using the NETBEUI network protocol. 2. On the client WINS settings (Win2k machines), make sure you do not have Disable Netbios over TCP/IP selected. 3. Check the nmbd.log on the Samba server to make sure that Samba is declaring itself the master domain browser. 4. Try adding the machine manually on the Samba server prior to joining a client machine to the domain. Instructions are in the Samba PDC FAQs. 5. When I join Win2k machines to a domain, I use the "Properties" button (In the Network Identification Tab), not the Network ID button. I've had problems with the later, although I have no idea why. 6. I'm not sure if this makes a difference as I haven't played around with it enough, but I always modify the computer name (Click the More button in the Identifications Changes Window) and type my domain name in the Primary DNS suffix of this computer text box. As always, I'd check the samba logs for errors and use the smbstatus and smbclient utilities on the samba machine to insure that I am getting expected behavior from Samba. Good luck. Greg ----- Original Message ----- From: "H?vard Berland" To: Sent: Thursday, March 22, 2001 4:34 AM Subject: Joining CVS-PDC with W2K terminal server Hello folks, we are having trouble at the studentslaboratory at the University in Trondheim, Norway. We want a Sun 250 running Solaris 8 function as a PDC for a W2k terminalserver, due to replace all NT-installation on our workstations. The sambaserver is running the very latest cvs-source, and it functions as a PDC for our WinNT clients. But we can't get the W2K server to join our domain (which name is of 6 characters). I've read every other post on this list and tried to follow the tutorials given there. This includes: - adding the w2k server to the /etc/passwd on the sambaserver - removed the w2k server from smbpasswd on the sambaserver - adding a root account in smbpasswd ('smbpasswd -a root') - made root a member of the admin group mentioned in smb.conf - smb.conf taken from samba-pdc-howto.txt but we only get the message "The credentials supplied conflict with an existing set of credentials". ----------------------------------------------------------------------- H?vard Berland berland@stud.math.ntnu.no www.stud.math.ntnu.no/~berland From linux at fenix.uam.mx Thu Mar 22 16:21:48 2001 From: linux at fenix.uam.mx (Lista linux) Date: Tue Dec 2 02:33:55 2003 Subject: Joining CVS-PDC with W2K terminal server In-Reply-To: Message-ID: hi Harvard, i got that message when ever i tried to join the domain and i had a CURRENT network share in that machine, my solution was to breakdown all network connections (shares) in the w2k-ws and then try to log in the samba domain. see you. On Thu, 22 Mar 2001, H?vard Berland wrote: > > Hello folks, > > we are having trouble at the studentslaboratory at the University in > Trondheim, Norway. We want a Sun 250 running Solaris 8 function as a PDC > for a W2k terminalserver, due to replace all NT-installation on our > workstations. > > The sambaserver is running the very latest cvs-source, and it functions > as a PDC for our WinNT clients. But we can't get the W2K server to join > our domain (which name is of 6 characters). I've read every other post > on this list and tried to follow the tutorials given there. This > includes: > > - adding the w2k server to the /etc/passwd on the sambaserver > - removed the w2k server from smbpasswd on the sambaserver > - adding a root account in smbpasswd ('smbpasswd -a root') > - made root a member of the admin group mentioned in smb.conf > - smb.conf taken from samba-pdc-howto.txt > > but we only get the message "The credentials supplied conflict with an > existing set of credentials". > > ----------------------------------------------------------------------- > H?vard Berland berland@stud.math.ntnu.no > www.stud.math.ntnu.no/~berland > > > > > > -- Ing. Romy Perez Moreno e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx http://fenix.uam.mx/romy tel: 5318 9067 / 5382-7157 From greg at leiinc.com Thu Mar 22 18:09:02 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:33:55 2003 Subject: FTP Message-ID: <00bc01c0b2fb$2d304f10$6f00a8c0@logeng.net> Hello group, this is a non-samba question, but a short one. Which ftp server should one use on a Linux box? My distribution came with wu-ftp and pro-ftp. I do not have experience with either. Thank you. Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: Greg J. Zartman.vcf Type: text/x-vcard Size: 382 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010322/d297897a/GregJ.Zartman.vcf From noelk at bc.edu Thu Mar 22 18:14:10 2001 From: noelk at bc.edu (Kenneth Noel) Date: Tue Dec 2 02:33:55 2003 Subject: FTP References: <00bc01c0b2fb$2d304f10$6f00a8c0@logeng.net> Message-ID: <3ABA40F2.6BBFA7AA@bc.edu> WOW where did that come from. "Greg J. Zartman, P.E." wrote: > Hello group, this is a non-samba question, but a short one. > > Which ftp server should one use on a Linux box? My distribution came with > wu-ftp and pro-ftp. I do not have experience with either. > > Thank you. > > Greg J. Zartman, P.E. -------------- next part -------------- A non-text attachment was scrubbed... Name: noelk.vcf Type: text/x-vcard Size: 290 bytes Desc: Card for Kenneth Noel Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010322/a5510742/noelk.vcf From aalang at rutgersinsurance.com Thu Mar 22 19:12:26 2001 From: aalang at rutgersinsurance.com (Adam Lang) Date: Tue Dec 2 02:33:55 2003 Subject: FTP References: <00bc01c0b2fb$2d304f10$6f00a8c0@logeng.net> Message-ID: <015201c0b304$086bd6a0$330a0a0a@rutgersinsurance.com> Most people use wu-ftp Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Greg J. Zartman, P.E." To: "Samba Mailing List" Sent: Thursday, March 22, 2001 1:09 PM Subject: FTP > Hello group, this is a non-samba question, but a short one. > > Which ftp server should one use on a Linux box? My distribution came with > wu-ftp and pro-ftp. I do not have experience with either. > > Thank you. > > Greg J. Zartman, P.E. > > From darkol at padd.press.net Thu Mar 22 19:31:43 2001 From: darkol at padd.press.net (Darko Longin) Date: Tue Dec 2 02:33:55 2003 Subject: Dir Ab... works with Win2K (sort of) but not with NT4 Message-ID: Hi, We've got a subdir created on our share called "Ab...". That's with 3 full stops, tried telling users just to use 'normal' characters to no avail. NT can not access it, error message "The folder \\blah\blah\Ab..." does not exist. However, Win2K can access the dir but can not see any files within it. Created under Solaris7 on sun box with rwx for all. Samba ver 2.0.5. I've tried the mangle case and mangle names option but it does not seem to make a blind bit of difference. Any help greatly appreciated. Thanks smb.conf example (not done by me) # Global parameters [global] workgroup = TRANS netbios name = NAME server string = Samba %v security = SHARE null passwords = Yes restrict anonymous = Yes log level = 2 log file = /usr/local/samba/var/log.%U max log size = 2000 keepalive = 10 preferred master = Yes domain master = Yes invalid users = root admin users = someone short preserve case = No share modes = No mangle case = yes mangled names= yes [trans] comment = Shared Transmission Area path = /usr/local/production/trans guest account = trans read only = No guest ok = Yes fstype = FAT -- From quy at 01019freenet.de Thu Mar 22 19:39:10 2001 From: quy at 01019freenet.de (quymily) Date: Tue Dec 2 02:33:55 2003 Subject: Fw: samba server as member of NT (PDC) domain Message-ID: <005801c0b308$117897c0$0100a8c0@mshome.net> > hi, > please, can someone help me ? > > as i try to get my samba2.0.7 server (on AIX 4.3.2) to join an NT 4 (SP4) > domain, just like Jeremy Allison done: > > # smbpasswd -j DOM -r DOMPDC > > i receive this Error message: > > "cli_net_auth2:Error NT_STATUS_NO_TRUST_SAM_ACCOUNT > cli_nt_setup_creds:auth2 challenge failed > modify_trust_password:unable to setup the PDC credentials to machine > DOMPDC. > Error was:NT_STATUS_NO_TRUST_SAM_ACCOUNT. > 2001/03/22 15:04:27:change_trust_account_password:Failed to change password > for domain DOM. > Unable to join domain DOM. " > > I)My domain environment: > > 1)Client Samba server : samba 2.0.7 on IBM AIX 4.3.2 (IBM Unix) NetBIOS name > : estrella200 > 2)Domain PDC : NT 4.0 Service Pack 4 ; NetBIOS name : DOMPDC > 3)Domain name : DOM > > II)the steps i have done: > > 1)adding a machine account on the NT server DOMPDC for the client samba box > ( estrella200$) using the Server Manager. > 2)smb.conf: > [global] > security=domain > workgroup=DOM > password server=DOMPDC > > thanks > quy > P.S: eure hilfe kann auch in deutsch sein. > > From jeff at nexen.com Thu Mar 22 20:14:47 2001 From: jeff at nexen.com (Jeff Lemay) Date: Tue Dec 2 02:33:55 2003 Subject: Disappearing machine..... Message-ID: <3ABA5D37.A2383B73@nexen.com> we are running samba on a UNIX machine here, and it used to show up in the Network Neighborhood, but no longer does. We can access it by entering the ip address, but it is a pain to have to do this every time. Has anyone ever heard of this happening before, and if so, what can I do to resolve this? Thanks in advance -- Jeff Lemay Windows NT Systems Administrator Fujitsu Network Communications, Inc. 289 Great Road Acton, MA 01720 email: jeff.lemay@fnc.fujitsu.com From smccomas at picoscript.com Thu Mar 22 20:23:49 2001 From: smccomas at picoscript.com (Stacey McComas) Date: Tue Dec 2 02:33:55 2003 Subject: couple of questions Message-ID: <20010322142349.O3672@smccomas> hey everyone! i have a couple of quick questions - but first, i'd like to thank all the samba developers for making my life so much easier! my setup: samba 2.2alpha2 cvs from march 6 running on RedHat 6.2 as a PDC for win2k clients. the global, homes, and netlogon settings of my smb.conf file are exactly like those in the FAQ. question 1: the users get the following error when they try to change passwords: "System Cannot Change Your Password now because the Domain PICOSCRIPT is not available". I read through the list archives and see that there is a problem changing passwords on win2k. is there a work-around for this? as in: if i change the password in smbpasswd will that change it for the client? question 2: when i had roaming profiles enabled, it copied the *entire* contents of the user's personal directory to and from the server (we're talking "my documents" and everything else). it was my understanding that just the NTDOM file and a few others copied, but this doesn't seem to be the case. is there a way to pick and choose what you want copied to the server? i've read through the documentation, but can't seem to find anything about this. the directory it is copying is c:\documents and settings\.PICOSCRIPT any ideas? thanks in advance for any help!! Stacey -- Stacey G. McComas Senior Analyst Picoscript 713-383-8101 mailto:smccomas@picoscript.com From ssande at sandia.gov Thu Mar 22 20:29:52 2001 From: ssande at sandia.gov (Stan Sander) Date: Tue Dec 2 02:33:55 2003 Subject: Disappearing machine..... References: <3ABA5D37.A2383B73@nexen.com> Message-ID: <3ABA60C0.583B12D8@sandia.gov> Jeff Lemay wrote: > we are running samba on a UNIX machine here, and it used to show up in > the Network Neighborhood, but no longer does. We can access it by > entering the ip address, but it is a pain to have to do this every time. > Has anyone ever heard of this happening before, and if so, what can I do > to resolve this? Thanks in advance > > -- > Jeff Lemay > Windows NT Systems Administrator > Fujitsu Network Communications, Inc. > 289 Great Road > Acton, MA 01720 > email: jeff.lemay@fnc.fujitsu.com Sounds like a wins issue. Make sure your samba machine points to your wins server or runs wins itself (not both). -- Stan Sander - CSU Special Projects Sandia National Laboratories Unix System Administrator Mail Stop 0662 (505)284-4915 1515 Eubank Blvd. SE Albuquerque, NM 87123 From jmcd at us.ibm.com Thu Mar 22 20:38:29 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:33:55 2003 Subject: couple of questions Message-ID: >my setup: samba 2.2alpha2 cvs from march 6 running on RedHat 6.2 as a PDC >for win2k clients. the global, homes, and netlogon settings of my smb.conf >file are exactly like those in the FAQ. > >question 1: the users get the following error when they try to change >passwords: "System Cannot Change Your Password now because the Domain >PICOSCRIPT is not available". I read through the list archives and see >that there is a problem changing passwords on win2k. is there a >work-around for this? as in: if i change the password in smbpasswd will >that change it for the client? This has been fixed in the latest CVS. There's no other workaround of which I am aware. ---------------------------- Jim McDonough Linux Technology Center IBM Boulder Notes: Jim McDonough/Boulder/IBM @ IBMUS VNET: JMCD at IBMUSM54 Internet: jmcd@us.ibm.com Phone: (303) 924-5822 T/L: 263-5822 From dariush at forouher.de Thu Mar 22 20:44:13 2001 From: dariush at forouher.de (Dariush Forouher) Date: Tue Dec 2 02:33:55 2003 Subject: Profile Upload-Bug: wrong file-permissions Message-ID: Hello, since I've upgraded from Samba-2.2-CVS(March 15th) to the one from Monday sometimes it happens that the file permissions of an uploaded directory are set to 0000! (I'm using "directory mask = 0755"). It happens bout two times a day, but it's not reproduceable. I've noticed it because Win2K breaks at the profile-download ("Windows is not able to download the profile - Access denied", or simiar) and starts with a temporary profile. After deleting or chmod this dirs all is running well. regards Dariush Forouher The Clients are Win2K Pro or Winnt4 German. this time it were the directories efo/Anwendungsdaten/Microsoft/Excel and efo/Anwendungsdaten/Microsoft/Excel/XLStart Cut from the log.smbd (log level 2, my hd isn't big enough to save one hour of a higher debug level): [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11192 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4846 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11193 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 265 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/HTML Help] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/HTML Help] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/HTML Help level=265 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 1565 cmd=50 (SMBtrans2) eclass=1 ecode=124 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11194 of length 120 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/HTML Help] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/HTML Help] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2setfilepathinfo(1676) call_trans2setfilepathinfo(8) efo/Anwendungsdaten/Microsoft/HTML Help info_level=257 totdata=40 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11195 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4844 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11196 of length 132 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/open.c:open_file(133) Error opening file efo/Anwendungsdaten/Microsoft/Excel/XLStart. (No such file or directory) (flags=0) [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 916 cmd=162 (SMBntcreateX) eclass=1 ecode=3 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11197 of length 123 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1364) fileinfo of efo/Anwendungsdaten/Microsoft/Excel/XLStart failed (No such file or directory) [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 1370 cmd=50 (SMBtrans2) eclass=1 ecode=3 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11198 of length 132 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 0] smbd/open.c:open_directory(929) open_directory: unable to create efo/Anwendungsdaten/Microsoft/Excel/XLStart. Error was No such file or directory [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 818 cmd=162 (SMBntcreateX) eclass=1 ecode=3 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11199 of length 99 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11200 of length 99 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11201 of length 99 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 258 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten level=258 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11202 of length 109 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11203 of length 109 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11204 of length 109 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 258 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft level=258 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11205 of length 115 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1364) fileinfo of efo/Anwendungsdaten/Microsoft/Excel failed (No such file or directory) [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 1370 cmd=50 (SMBtrans2) eclass=1 ecode=2 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11206 of length 124 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11207 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4851 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11208 of length 132 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11209 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4852 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11210 of length 132 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11211 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel/XLStart level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11212 of length 74 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfsinfo(1119) call_trans2qfsinfo: level = 261 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11213 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel/XLStart level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11214 of length 132 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel/XLStart) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11215 of length 124 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11216 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(127) 32 bit error packet at line 81 cmd=160 (SMBnttrans) eclass=c0000023 [Error: Unknown error (35,49152)] [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11217 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11218 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4857 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11219 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel/XLStart level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11220 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel/XLStart [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(127) 32 bit error packet at line 81 cmd=160 (SMBnttrans) eclass=c0000023 [Error: Unknown error (35,49152)] [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11221 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel/XLStart [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11222 of length 172 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_set_security_desc(1727) call_nt_transact_set_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel/XLStart, sent 0x4 [2001/03/22 17:18:40, 3] smbd/posix_acls.c:set_nt_acl(1729) set_nt_acl: chmod efo/Anwendungsdaten/Microsoft/Excel/XLStart. perms = 040000. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11223 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4855 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11224 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 265 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel/XLStart level=265 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 1565 cmd=50 (SMBtrans2) eclass=1 ecode=124 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11225 of length 120 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel/XLStart] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2setfilepathinfo(1676) call_trans2setfilepathinfo(8) efo/Anwendungsdaten/Microsoft/Excel/XLStart info_level=257 totdata=40 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11226 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4853 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11227 of length 124 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11228 of length 120 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2setfilepathinfo(1676) call_trans2setfilepathinfo(8) efo/Anwendungsdaten/Microsoft/Excel info_level=257 totdata=40 [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11229 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4859 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11230 of length 115 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11231 of length 115 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=257 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11232 of length 115 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 258 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=258 call=5 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11233 of length 124 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11234 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11235 of length 74 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfsinfo(1119) call_trans2qfsinfo: level = 261 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11236 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11237 of length 124 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/Excel) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11238 of length 118 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11239 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 120. [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(127) 32 bit error packet at line 81 cmd=160 (SMBnttrans) eclass=c0000023 [Error: Unknown error (35,49152)] [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11240 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 120. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11241 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4864 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11242 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=257 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11243 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(127) 32 bit error packet at line 81 cmd=160 (SMBnttrans) eclass=c0000023 [Error: Unknown error (35,49152)] [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(143) error string = No such file or directory [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11244 of length 88 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1616) call_nt_transact_query_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_query_security_desc(1631) call_nt_transact_query_security_desc: sd_size = 176. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11245 of length 172 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBnttrans (pid 20778) [2001/03/22 17:18:40, 3] smbd/nttrans.c:call_nt_transact_set_security_desc(1727) call_nt_transact_set_security_desc: file = efo/Anwendungsdaten/Microsoft/Excel, sent 0x4 [2001/03/22 17:18:40, 3] smbd/posix_acls.c:set_nt_acl(1729) set_nt_acl: chmod efo/Anwendungsdaten/Microsoft/Excel. perms = 040000. [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11246 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4862 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11247 of length 76 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1310) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 265 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1376) call_trans2qfilepathinfo efo/Anwendungsdaten/Microsoft/Excel level=265 call=7 total_data=0 [2001/03/22 17:18:40, 3] smbd/error.c:error_packet(138) error packet at line 1565 cmd=50 (SMBtrans2) eclass=1 ecode=124 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11248 of length 120 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/Excel] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2setfilepathinfo(1676) call_trans2setfilepathinfo(8) efo/Anwendungsdaten/Microsoft/Excel info_level=257 totdata=40 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11249 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4860 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11250 of length 125 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBntcreateX (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/AddIns] [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/AddIns) returning 0744 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/AddIns] [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11251 of length 120 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/AddIns] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/AddIns] [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2setfilepathinfo(1676) call_trans2setfilepathinfo(8) efo/Anwendungsdaten/Microsoft/AddIns info_level=257 totdata=40 [2001/03/22 17:18:40, 3] smbd/dosmode.c:unix_mode(113) unix_mode(efo/Anwendungsdaten/Microsoft/AddIns) returning 0744 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11252 of length 45 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBclose (pid 20778) [2001/03/22 17:18:40, 3] smbd/reply.c:reply_close(2904) close directory fnum=4866 [2001/03/22 17:18:40, 3] smbd/process.c:process_smb(831) Transaction 11253 of length 116 [2001/03/22 17:18:40, 3] smbd/process.c:switch_message(650) switch message SMBtrans2 (pid 20778) [2001/03/22 17:18:40, 3] smbd/trans2.c:call_trans2qfilepathinfo(1354) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/efo/Anwendungsdaten/Microsoft/AddIns] [2001/03/22 17:18:40, 3] lib/util.c:unix_clean_name(384) unix_clean_name [efo/Anwendungsdaten/Microsoft/AddIns] and the smb.conf: ;/opt/samba-2.2.0/lib/smb.conf [global] log level = 3 max log size = 50000 interfaces = eth0 lo bind interfaces only = true status = yes domain logons = yes encrypt passwords = yes workgroup = forouher domain admin group = @admin @root printer admin = @admin printing = bsd printcap name = /etc/printcap load printers = yes logon path = \\eridiani\profile\%U server string = Forouher Homeserver (%v) logon script = %U.bat logon drive = h: netbios name = eridiani guest account = ftp security = user os level = 65 wins support = yes [homes] browsable = no guest ok = no read only = no create mask = 0600 directory mask = 0700 locking = yes [netlogon] path = /samba/netlogon locking=no browseable=yes writable= yes guest ok = no [profile] comment = Windows User Profiles path = /samba/profiles browsable = yes writeable= yes guest ok = no create mask = 0644 directory mask = 0755 [work] comment = Gemeinsamgenutzte Dokumente path = /samba/work writeable= yes guest ok = no create mask = 0666 directory mask = 0777 [programme] comment = Servergespeicherte Programme path = /files/progs writeable= yes guest ok = no create mask = 0666 directory mask = 0777 [files] comment = Stuff path = /files/stuff writeable= yes guest ok = no create mask = 0644 directory mask = 0755 [www] comment = Stuff path = /var/www writeable= yes guest ok = no create mask = 0644 directory mask = 0755 [print$] path = /samba/printer guest ok = yes browseable = yes read only = no From Jonathan.W.Miner at lmco.com Thu Mar 22 20:40:23 2001 From: Jonathan.W.Miner at lmco.com (Jonathan W Miner) Date: Tue Dec 2 02:33:56 2003 Subject: Disappearing machine..... References: <3ABA5D37.A2383B73@nexen.com> Message-ID: <3ABA6337.9F09144E@lmco.com> Jeff - I have the same problem here at work. We have over 2000 PC desktops, so the Network Neighborhood doesn't always show everything... At home, where I have 6 machines, I have no problems, all the machines including the samba server, all the time. I suspect there is some type of resource that is being exhausted in the WINS, but I'm no NT guru so I can't shed any light on why it's broke. I have to tell people to just go to Start->Run and type in \\{server} Jeff Lemay wrote: > > we are running samba on a UNIX machine here, and it used to show up in > the Network Neighborhood, but no longer does. We can access it by > entering the ip address, but it is a pain to have to do this every time. > Has anyone ever heard of this happening before, and if so, what can I do > to resolve this? Thanks in advance -- | Jonathan Miner _o) | LM-Xpress: jonathan.w.miner@lmco.com /\\ _o) _o) | Phone: 603 885 UNIX - Fax: 603 885 3850 _\_V _(\) _(\) | USmail: PO Box 868, NCA01-3719, Nashua, NH 03061-0868 From Joe_Pfaltzgraff at patapsco.com Thu Mar 22 21:49:22 2001 From: Joe_Pfaltzgraff at patapsco.com (Joe_Pfaltzgraff@patapsco.com) Date: Tue Dec 2 02:33:56 2003 Subject: Best way to change over NT PDC Message-ID: <85256A17.0077E116.00@patapsco.com> Joe Pfaltzgraff@PATAPSCO 03/22/2001 04:49 PM Unfortunately, I was never able to find a way. I had a similiar situation about 6 months ago. According to an article in Microsoft's TechNet you have to do a reinstall. I wish there was a trick.... >Hi, > >I've installed Samba 2.2 and have it working great as a PDC for our >network. It is currently co-existing with a NT4 PDC (different domain >name) - I wan't to convert the NT box to the Samba domain without >affecting Exchange Server, and use the Samba PDC. > >Is there a way to do this? I know that NT PDC can be downgraded to BDC >but not to Member server. Am I stuck with re-installing NT or is there a >trick (I don't mind hacking into the registry etc) I can do to get it to >work on the new domain? > >Regards, >Josh Marshall. From jeff at nexen.com Thu Mar 22 22:16:35 2001 From: jeff at nexen.com (Jeff Lemay) Date: Tue Dec 2 02:33:56 2003 Subject: Disappearing machine..... References: <3ABA5D37.A2383B73@nexen.com> Message-ID: <3ABA79C3.5FF8F7D0@nexen.com> I have checked the WINS database, and it wasn't showing up there... I since removed the machine from the Server Manager, and added it again, but it is still not showing up in Network Neighborhood....any more suggestions? Jeff Lemay wrote: > > we are running samba on a UNIX machine here, and it used to show up in > the Network Neighborhood, but no longer does. We can access it by > entering the ip address, but it is a pain to have to do this every time. > Has anyone ever heard of this happening before, and if so, what can I do > to resolve this? Thanks in advance > > -- > Jeff Lemay > Windows NT Systems Administrator > Fujitsu Network Communications, Inc. > 289 Great Road > Acton, MA 01720 > email: jeff.lemay@fnc.fujitsu.com -- Jeff Lemay Windows NT Systems Administrator Fujitsu Network Communications, Inc. 289 Great Road Acton, MA 01720 Phone: (978) 266-3441 Fax: (978) 266-2300 email: jeff.lemay@fnc.fujitsu.com From simo.sorce at polimi.it Thu Mar 22 22:16:07 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:56 2003 Subject: Disappearing machine..... In-Reply-To: <3ABA6337.9F09144E@lmco.com> Message-ID: To avoid that you may also create a shortcut into network neihbourhood folder that point to the server, and as it is local it is always there. On Thu, 22 Mar 2001, Jonathan W Miner wrote: > Jeff - > > I have the same problem here at work. We have over 2000 PC desktops, so > the Network Neighborhood doesn't always show everything... At home, > where I have 6 machines, I have no problems, all the machines including > the samba server, all the time. > > I suspect there is some type of resource that is being exhausted in the > WINS, but I'm no NT guru so I can't shed any light on why it's broke. I > have to tell people to just go to Start->Run and type in \\{server} > > > Jeff Lemay wrote: > > > > we are running samba on a UNIX machine here, and it used to show up in > > the Network Neighborhood, but no longer does. We can access it by > > entering the ip address, but it is a pain to have to do this every time. > > Has anyone ever heard of this happening before, and if so, what can I do > > to resolve this? Thanks in advance > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From pilger at kahana.higp.hawaii.edu Thu Mar 22 22:42:19 2001 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:33:56 2003 Subject: Dir Ab... works with Win2K (sort of) but not with NT4 References: Message-ID: <3ABA7FCB.DBB7C0BE@higp.hawaii.edu> Interesting. Seems like it is willing to read the "..." (like showing you it's there), but not write it (like when you actually want to use it). I'd just write it off as a loss and change the name. Darko Longin wrote: > Hi, > > We've got a subdir created on our share called "Ab...". That's with 3 > full stops, tried telling users just to use 'normal' characters to no > avail. NT can not access it, error message "The folder \\blah\blah\Ab..." > does not exist. However, Win2K can access the dir but can not see any > files within it. > > Created under Solaris7 on sun box with rwx for all. Samba ver 2.0.5. I've > tried the mangle case and mangle names option but it does not seem to make > a blind bit of difference. Any help greatly appreciated. Thanks > > smb.conf example (not done by me) > > # Global parameters > [global] > workgroup = TRANS > netbios name = NAME > server string = Samba %v > security = SHARE > null passwords = Yes > restrict anonymous = Yes > log level = 2 > log file = /usr/local/samba/var/log.%U > max log size = 2000 > keepalive = 10 > preferred master = Yes > domain master = Yes > invalid users = root > admin users = someone > short preserve case = No > share modes = No > mangle case = yes > mangled names= yes > > [trans] > comment = Shared Transmission Area > path = /usr/local/production/trans > guest account = trans > read only = No > guest ok = Yes > fstype = FAT > > -- -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From santhosh at ece.cet.ac.in Thu Mar 22 17:06:11 2001 From: santhosh at ece.cet.ac.in (santhosh) Date: Tue Dec 2 02:33:56 2003 Subject: (no subject) Message-ID: <001201c0b2f2$66116660$5f64a8c0@himadri> Hi, I have set up a samba PDC with 20 machines (windows nt server) in stand alone mode. Each day several students are logging to these machines. The problem is that the local hard disk is filled in the profile directory, which eats a lot of space (there are 300 students) login for each day. How can I avoid this problem Help me !!!!!!!!!!!1 Santhosh kumar.S -------------- next part -------------- HTML attachment scrubbed and removed From damason at davenet.mine.nu Fri Mar 23 05:37:36 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:33:56 2003 Subject: Best way to change over NT PDC In-Reply-To: <85256A17.0077E116.00@patapsco.com> Message-ID: You might save yourself some headaches by exporting the registry trees having to do with Exchange's services beforehand. -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Joe_Pfaltzgraff@patapsco.com Sent: Thursday, March 22, 2001 1:49 PM To: samba-ntdom@us5.samba.org Subject: Re: Best way to change over NT PDC Joe Pfaltzgraff@PATAPSCO 03/22/2001 04:49 PM Unfortunately, I was never able to find a way. I had a similiar situation about 6 months ago. According to an article in Microsoft's TechNet you have to do a reinstall. I wish there was a trick.... >Hi, > >I've installed Samba 2.2 and have it working great as a PDC for our >network. It is currently co-existing with a NT4 PDC (different domain >name) - I wan't to convert the NT box to the Samba domain without >affecting Exchange Server, and use the Samba PDC. > >Is there a way to do this? I know that NT PDC can be downgraded to BDC >but not to Member server. Am I stuck with re-installing NT or is there a >trick (I don't mind hacking into the registry etc) I can do to get it to >work on the new domain? > >Regards, >Josh Marshall. From Chris.Odgers at sausage.com Fri Mar 23 06:13:26 2001 From: Chris.Odgers at sausage.com (Chris Odgers) Date: Tue Dec 2 02:33:56 2003 Subject: Best way to change over NT PDC Message-ID: <9A0F63A07282D4119C4100D0B72017AA7E2B37@fatboy.sausage.com.au> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There's a bit of software called 'upromote' which I've successfully used to do just this. http://www.algintech.com/UTools/UPromote.asp However, I'm not sure if exchange will run with a samba 2.2 server -- I remember reading on this list a while back that TNG had enough of the PDC functionality implemented for exchange to work, but 2.2 didn't. Could be wrong, though. > -----Original Message----- > From: David A. Mason [mailto:damason@davenet.mine.nu] > Sent: Friday, March 23, 2001 4:38 PM > To: Joe_Pfaltzgraff@patapsco.com; samba-ntdom@us5.samba.org > Subject: RE: Best way to change over NT PDC > > > You might save yourself some headaches by exporting the registry > trees having to do with Exchange's services beforehand. > > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of > Joe_Pfaltzgraff@patapsco.com > Sent: Thursday, March 22, 2001 1:49 PM > To: samba-ntdom@us5.samba.org > Subject: Re: Best way to change over NT PDC > > > > > > > Joe Pfaltzgraff@PATAPSCO > 03/22/2001 04:49 PM > > Unfortunately, I was never able to find a way. I had a > similiar situation > about > 6 months ago. According to an article in Microsoft's TechNet > you have to do > a > reinstall. I wish there was a trick.... > > >Hi, > > > >I've installed Samba 2.2 and have it working great as a PDC for > >our network. It is currently co-existing with a NT4 PDC (different > >domain name) - I wan't to convert the NT box to the Samba domain > >without affecting Exchange Server, and use the Samba PDC. > > > >Is there a way to do this? I know that NT PDC can be > downgraded to BDC > >but not to Member server. Am I stuck with re-installing NT > or is there a > >trick (I don't mind hacking into the registry etc) I can do > to get it to > >work on the new domain? > > > >Regards, > >Josh Marshall. > > > > > > -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use iQA/AwUBOrpcxa5S0FuupP0+EQJMqwCgnSyDkXppQYaG9PX6yntc01mXMh4AnRYG OekzHGq3T+fjrWR/L1OzvTyy =oGZa -----END PGP SIGNATURE----- CAUTION - This message may contain privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you are hereby notified that any use, dissemination, distribution or reproduction of this message is prohibited. If you have received this message in error, please notify the sender immediately. From barth at cck.uni-kl.de Fri Mar 23 06:38:34 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:56 2003 Subject: (no subject) In-Reply-To: <001201c0b2f2$66116660$5f64a8c0@himadri> Message-ID: <3ABAFD7A.7114.170D38@localhost> You can use this registry key on the clients, to delete the localy cached profiles on the NT clients: -----> CUT HERE <----- REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon] "DeleteRoamingCache"=dword:00000001 -----> END CUT <----- Thanks to Brendon_Meyer@fmi.com for sending me this key two years ago. Or you can setup policies (NTconfig.pol in the netlogon share) an configure the same there. Christian > Hi, > > I have set up a samba PDC with 20 machines (windows nt server) in > stand alone mode. Each day several students are logging to these > machines. The problem is that the local hard disk is filled in the > profile directory, which eats a lot of space (there are 300 > students) login for each day. How can I avoid this problem > > Help me !!!!!!!!!!!1 > Santhosh kumar.S > _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From simo.sorce at polimi.it Fri Mar 23 07:00:43 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:33:56 2003 Subject: (no subject) In-Reply-To: <001201c0b2f2$66116660$5f64a8c0@himadri> Message-ID: Use poledit to change the workstations configuration to not allow caching of roaming profiles (delete them at logout). On Thu, 22 Mar 2001, santhosh wrote: > Hi, > > I have set up a samba PDC with 20 machines (windows nt server) in stand alone mode. Each day several students are logging to these machines. The problem is that the local hard disk is filled in the profile directory, which eats a lot of space (there are 300 students) login for each day. How can I avoid this problem > > Help me !!!!!!!!!!!1 > Santhosh kumar.S > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From cagatay at ae.metu.edu.tr Fri Mar 23 08:56:18 2001 From: cagatay at ae.metu.edu.tr (Cagatay Koksoy) Date: Tue Dec 2 02:33:56 2003 Subject: roaming profiles Message-ID: Hi I want to create roaming profiles not for the users but for the groups. So the less number of profiles i have to keep. Can you help me how can i do that? Cagatay Koksoy ______________________________________________________________________________ cagatay@evolution.bilten.metu.edu.tr cagatay@ae.metu.edu.tr kcagatay@metu.edu.tr _______________________________________________________________________________ From nick at i-vision.be Fri Mar 23 10:06:29 2001 From: nick at i-vision.be (Nick De Decker) Date: Tue Dec 2 02:33:56 2003 Subject: % options dont work Message-ID: Hello again, As i was adviced i tried a simple test with the % options (preexec in global sections which did /usr/local/samba/bin/preecho %M %I, with preecho containing echo $1 $2 >> /tmp/echo.txt) This works perfectly, but then i tried to use %M and %I in some other things in my smb.conf and it doesnt work there :( whats wrong with : server string = server %L %M %m %I %v logon path = \\%L\Profiles\%M\%U server string gives me : server beluga UNKNOWN nmb 0.0.0.0 TNG-alpha Same for logon path :( How comes it worked in the preexec thing but not here ? Nick From Roman.Orth at educators.de Fri Mar 23 10:31:41 2001 From: Roman.Orth at educators.de (Roman Orth) Date: Tue Dec 2 02:33:56 2003 Subject: FTP In-Reply-To: <00bc01c0b2fb$2d304f10$6f00a8c0@logeng.net> Message-ID: <002d01c0b384$73a65730$640aa8c0@educators.de> ProFTP has a nice apachelike configurationfile, so I prefer it. It has every feature one would expect from a ftpd. See http://www.proftpd.org/ for more info. Greg J. Zartman wrote > Hello group, this is a non-samba question, but a short one. Please keep this samba only. Thanx Regards Roman Orth From johng at tagish.com Fri Mar 23 13:22:48 2001 From: johng at tagish.com (John Gardner) Date: Tue Dec 2 02:33:57 2003 Subject: How does NT see Samba in terms of a user? Message-ID: I'm hoping some of you could help me. I've got a linux box which is setup as a central webstats server, it basically produces pretty graphs from logs that all of our other web servers produce. I've set Samba shares up to connect to the log directories on all of the NT servers in our NT domain, and a script runs every night to pull over the logs onto the Linux box... or at least it did until a couple of months ago when it stopped... the script is still running, but it can't seem to pull over the log files anymore... The strangest thing is though, when I run the script manually, it works! So, when I run the script it copies the files over, but the cron job won't... So immediately, I thought it must be something to do with how NT sees the the Samba connection... even though I log on as root and run the script fine, does NT somehow see this differently from the Server running as root? I would be really interested to see if anyone else has any insight on this... Thanks in advance! John -- +-------------------------+ | John Gardner - Tagish | +-------------------------+ -------------- next part -------------- HTML attachment scrubbed and removed From christian.westphal at insyte.de Fri Mar 23 13:51:09 2001 From: christian.westphal at insyte.de (Christian Westphal) Date: Tue Dec 2 02:33:57 2003 Subject: AW: How does NT see Samba in terms of a user? In-Reply-To: Message-ID: <001901c0b3a0$511e66a0$0201a8c0@insyte.intranet> Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: PGPexch.rtf.asc Type: application/octet-stream Size: 2021 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010323/94a9b40f/PGPexch.rtf.obj From stephen.atkins at home.com Fri Mar 23 14:25:53 2001 From: stephen.atkins at home.com (Stephen Atkins) Date: Tue Dec 2 02:33:57 2003 Subject: FW: Procedure number out of range Message-ID: Hello all. I'm running the CVS 2.2 on Mandrake 7.2. I'm running into a problem when I try to connect to my Linux box from win2k. It's giving me an error of "Procedure number is out of range". If I try with encrypt password = no it tells me "The account is not authorized to log in from this station". And yes the user account is in smbpasswd and /etc/passwd with the same passwords. If encrypt password = yes then it gives me and "Procedure number is out of range". If anyone can tell me why its giving me this problem please let me know. I've attached my smb.conf file below. Thanks Stephen Atkins -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 739 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010323/929a9d61/smb.obj From bferrell at microdisplay.com Fri Mar 23 15:57:59 2001 From: bferrell at microdisplay.com (Bruce Ferrell) Date: Tue Dec 2 02:33:57 2003 Subject: SAMBA 2_2 NOW ... INTERNAL ERROR: Message-ID: <3ABB7286.1DC5102D@microdisplay.com> Jeremy, I can cause this at will by killall -HUP smbd and it also seems to happen when smbd re-read smb.conf Has this been "solved"? I had the same problem today on a RedHat 6.2 system with a cvs pull from 3/20/2001 Here's the back trace: Attaching to program: /usr/local/samba/bin/./smbd, Pid 13467 Reading symbols from /usr/lib/libreadline.so.3...done. Reading symbols from /lib/libdl.so.2...done. Reading symbols from /lib/libcrypt.so.1...done. Reading symbols from /lib/libnsl.so.1...done. Reading symbols from /lib/libc.so.6...done. Reading symbols from /lib/libtermcap.so.2...done. Reading symbols from /lib/ld-linux.so.2...done. Reading symbols from /lib/libnss_files.so.2...done. 0x4011a8e9 in __wait4 () from /lib/libc.so.6 (gdb) bt #0 0x4011a8e9 in __wait4 () from /lib/libc.so.6 #1 0x401791ec in ?? () from /lib/libc.so.6 #2 0x400c9cec in __libc_system (line=0x81788f0 "/bin/sleep 200000") at ../sysdeps/posix/system.c:136 #3 0x80f5a07 in smb_panic () #4 0x80e7ba9 in fault_report () #5 0x80e7bef in sig_fault () #6 0x400a7c68 in __restore () at ../sysdeps/unix/sysv/linux/i386/sigaction.c:127 #7 0x804b3dc in reload_services () #8 0x804b136 in open_sockets () #9 0x804bdd5 in main () #10 0x400a19cb in __libc_start_main (main=0x804b8d0
, argc=2, argv=0xbffffb44, init=0x804a124 <_init>, fini=0x81085bc <_fini>, rtld_fini=0x4000ae60 <_dl_fini>, stack_end=0xbffffb3c) at ../sysdeps/generic/libc-start.c:92 (gdb) q The program is running. Quit anyway (and detach it)? (y or n) y Detaching from program: /usr/local/samba/bin/./smbd, Pid 13467 Jeremy Allison wrote: > sambastuff@jabba.glfc.com wrote: > > > > When trying to join someone into the domain today > > I get this error: > > > > =============================================================== > > [2001/01/23 13:30:20, 0] lib/fault.c:fault_report(41) > > INTERNAL ERROR: Signal 11 in pid 2791 (2.2.0-alpha1) > > Please read the file BUGS.txt in the distribution > > [2001/01/23 13:30:20, 0] lib/fault.c:fault_report(43) > > =============================================================== > > [2001/01/23 13:30:20, 0] lib/util.c:smb_panic(1139) > > PANIC: internal error > > > > The error message in windows "Specified Network Name is no longer > > available" > > Add the following line to smb.conf [global] section. > > panic action = /bin/sleep 200000 > > then restart. Cause smbd to crash again and you'll find > a "sleep" process with a crashed parent smbd process. > > Use gdb to attach to this process (you did compile with -g > didn't you :-) and then type "bt" to get a stack backtrace > of where it failed. This is what I do to track down crashes > (on boxes where I can't get an xterm pop up directly with > gdb). > > Then mail it to the list. > > Thanks, > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- From greg at kwikfind.com Fri Mar 23 16:03:07 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:57 2003 Subject: roaming profiles References: Message-ID: <008701c0b3b2$c0f92d40$6f00a8c0@logeng.net> I think if you played around with samba configuration file variables, you may be able to pull this off. I'm quite sure you couldn't do with a Windows PDC. The %g variable will give you the group name for a given user. I think I would try this in concert with the logon path or logon home global variables to point people to a specific profile tree. To force a single profile to be downloaded to all people in a group, you may need to make the a mandatory profile. Good luck and I'd be interested to see where you end up with this. Greg ----- Original Message ----- From: "Cagatay Koksoy" To: Sent: Friday, March 23, 2001 12:56 AM Subject: roaming profiles > Hi > I want to create roaming profiles not for the users but for the groups. > So the less number of profiles i have to keep. > Can you help me how can i do that? > > Cagatay Koksoy > ____________________________________________________________________________ __ > cagatay@evolution.bilten.metu.edu.tr > cagatay@ae.metu.edu.tr > kcagatay@metu.edu.tr > ____________________________________________________________________________ ___ > > > > From greg at kwikfind.com Fri Mar 23 16:25:08 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:57 2003 Subject: Procedure number out of range References: Message-ID: <00b701c0b3b5$d4588f40$6f00a8c0@logeng.net> Stephen, I'm currently running Mandrake 7.2 with Samba 2.2 from CVS and it works flawlessly. Getting Samba to function as a PDC for Win2k machines wasn't without headaches however. I had a look at your smb.conf file and I noted a couple things that are going to prevent your setup from working (from the info you've put in your smb.conf file, I'm betting you are a windows person like myself): 1. Encrypt passwords needs to be set to yes. Every OS after Win95 and Win NT SP3 send passwords encrypted. 2. Your logon path isn't set to anything. You need to give this a Unix path to a readable directory on your samba machine (e.g. /usr/local/samba/logon, or something like that). 3. Get rid of the logon drive variable. It really isn't doing you any good. 4. You have "security" set to user, "domain logons" set to no, and yet you have the "add user script" variable included. Are you try to setup a workgroup or a domain? They are two very different beasts from an implementation standpoint (although, from what I've learned from the samba development team, there isn't much of a distinction within samba itself.) 5. Guest account = ftp. This looks like you pulled this from an example somewhere. It really doesn't help with anything unless you are trying to setup ftp access to one of your shares. 6. Interfaces: I would remove this until you get your samba working. Besides, in order to for this function to work (i.e., Samba to listen on a given interface) you need to also set the "bind interfaces only" parameter to yes. I had a difficult time when I first started with Samba, primarily because I tried to trouble shoot everything at once. I finally started making progress when I quite using SWAT and started simply with my configuration file. I put in only the essential parameters and then fired up the daemons. If you are clueless about Samba, as I was when I started, I'd HIGHLY recommend that you read the Using Samba book that comes with the Samba source. It is an EXCELLENT book. It's getting a little out of date for the newer Samba 2.2 CVS trees, but the basics are still good. (if you are really in a bind, I wouldn't mind sending you my smb.conf file) Also, if you are installing Samba from the sources for the first time on Mandrake, you need to do a little work on pathing. Here is a document that helped me out with that http://home.germany.net/101-69082/samba.html Look on pages 7-9. Good luck. Greg ----- Original Message ----- From: "Stephen Atkins" To: Sent: Friday, March 23, 2001 6:25 AM Subject: FW: Procedure number out of range > Hello all. I'm running the CVS 2.2 on Mandrake 7.2. I'm running into a > problem when I try to connect to my Linux box from win2k. It's giving me an > error of "Procedure number is out of range". If I try with encrypt password > = no it tells me "The account is not authorized to log in from this > station". And yes the user account is in smbpasswd and /etc/passwd with the > same passwords. If encrypt password = yes then it gives me and "Procedure > number is out of range". If anyone can tell me why its giving me this > problem please let me know. I've attached my smb.conf file below. > > Thanks > > Stephen Atkins > From jeremy at valinux.com Fri Mar 23 16:35:30 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:57 2003 Subject: SAMBA 2_2 NOW ... INTERNAL ERROR: References: <3ABB7286.1DC5102D@microdisplay.com> Message-ID: <3ABB7B52.E0643E6@valinux.com> Bruce Ferrell wrote: > > Jeremy, > > I can cause this at will by killall -HUP smbd and it also seems to > happen when smbd re-read smb.conf > > Has this been "solved"? I had the same problem today on a RedHat 6.2 > system with a cvs pull from 3/20/2001 I can't reproduce this with the latest CVS on RedHat 6.2. Did you do a 'make clean' before doing a make ? Recent CVS changes have changed many internal structures and need a clean build. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jeremy at valinux.com Fri Mar 23 16:36:34 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:57 2003 Subject: FW: Procedure number out of range References: Message-ID: <3ABB7B92.F50A8B71@valinux.com> Stephen Atkins wrote: > > Hello all. I'm running the CVS 2.2 on Mandrake 7.2. I'm running into a > problem when I try to connect to my Linux box from win2k. It's giving me an > error of "Procedure number is out of range". If I try with encrypt password > = no it tells me "The account is not authorized to log in from this > station". And yes the user account is in smbpasswd and /etc/passwd with the > same passwords. If encrypt password = yes then it gives me and "Procedure > number is out of range". If anyone can tell me why its giving me this > problem please let me know. I've attached my smb.conf file below. Can you post a debug level 10 (with NO TIMESTAMPS please :-). That should make it clear what rpc proc number is not being supported. Thanks, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From bferrell at microdisplay.com Fri Mar 23 19:04:34 2001 From: bferrell at microdisplay.com (Bruce Ferrell) Date: Tue Dec 2 02:33:57 2003 Subject: SAMBA 2_2 NOW ... INTERNAL ERROR: References: <3ABB7286.1DC5102D@microdisplay.com> <3ABB7B52.E0643E6@valinux.com> Message-ID: <3ABB9E42.732EC50B@microdisplay.com> Actually, no I didn't. It was a fresh CVS load, so it didn't occur to me to do that. I just updated my tree, did a make clean and I'm in the process of re-building now. ... Survey says! No more dying. Thanks Bruce Jeremy Allison wrote: > Bruce Ferrell wrote: > > > > Jeremy, > > > > I can cause this at will by killall -HUP smbd and it also seems to > > happen when smbd re-read smb.conf > > > > Has this been "solved"? I had the same problem today on a RedHat 6.2 > > system with a cvs pull from 3/20/2001 > > I can't reproduce this with the latest CVS on RedHat 6.2. > > Did you do a 'make clean' before doing a make ? Recent > CVS changes have changed many internal structures and > need a clean build. > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- From pcheco at BEAR-HUNTER.COM Fri Mar 23 20:25:49 2001 From: pcheco at BEAR-HUNTER.COM (Pedro Checo) Date: Tue Dec 2 02:33:57 2003 Subject: Help: The Account is not authorized to login from this station (e rror when logging to samba) Message-ID: Hi, when I try to login thru samba from my NT workstation (4.0 pack 6), I get this error: "The Account is not authorized to login from this station" I am running smbd and nmbd in a Solaris 2.6 box. Passwords are set up and here is the lib/smb.conf: [global] workgroup = WORKGROUP hosts allow = 64.241.153. 127. log level = 3 [checo] comment = For editing/viewing files in checo:~pedro/. path = ~pedro/ read only = no guest ok = yes encrypt passwords = yes maxconnections = 30 I am trying to login from 64.241.153.4 which is configured to belong to the WORKSTATION group. Here is part of the log for smb.log: [2001/03/23 15:12:10, 2] samba-2.0.7/source/lib/access.c:check_access(258) Allowed connection from pedro (64.241.153.14) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 0 of length 72 [2001/03/23 15:12:10, 2] samba-2.0.7/source/smbd/reply.c:reply_special(97) netbios connect: name1=*SMBSERVER name2=PEDRO [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/server.c:exit_server(435) Server exit (normal exit) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 1 of length 174 [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:switch_message(448 ) Forgive me if I am asking a question that has been asked before, but I was not able to search the archives. Thanks for your help. From greg at kwikfind.com Fri Mar 23 20:43:27 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:57 2003 Subject: Which Samba & How with Win2k References: <003301c0b04b$6cd0c170$6f00a8c0@logeng.net> <3ABBAEB1.F4DCCCC1@microdisplay.com> Message-ID: <004301c0b3d9$ea45ec20$6f00a8c0@logeng.net> Bruce, Sure. Here is my smb.conf file in it's entirety. I don't think there's anything in these things that are significant security risks, especially when one is behind a firewall. Greg ----- Original Message ----- From: "Bruce Ferrell" To: "Greg J. Zartman" Sent: Friday, March 23, 2001 12:14 PM Subject: Re: Which Samba & How with Win2k > Hi Greg, > > I'm attempting this right now and getting nowhere fast. COult I get a look at > a sanitized copy of your smb.conf? > > Thanks, > > Bruce Ferrell > > "Greg J. Zartman" wrote: > > > I am currently using Samba 2.2 alpha3 in a low volume production environment > > and it works wonderfully. Much better, in fact, that the Win2k server that > > it replaced. If you are into all of the admin bells and whistles, you may > > be a little disappointed, but the performance is great. > > > > Regards, > > > > Greg J. Zartman > > > > ----- Original Message ----- > > From: "Simo Sorce" > > To: "Ken Cole" > > Cc: > > Sent: Monday, March 19, 2001 4:40 AM > > Subject: Re: Which Samba & How with Win2k > > > > > On Mon, 19 Mar 2001, Ken Cole wrote: > > > > > > > Simo, > > > > > > > > Simo Sorce wrote: > > > > > > > > > > On Mon, 19 Mar 2001, Ken Cole wrote: > > > > > > > > > > > Hi all. > > > > > > > > > > > > I am a newbie on the list and a newbie to Samba but have a > > > > > > fair bit (16 years) Unix and Linux (3 years) experience. > > > > > > > > > > > > I have a site with a Win2k PDC and a Redhat Linux 6.2 server > > > > > > with Samba 2.0.6. I need the Linux server to be a BDC for > > > > > > the domain. Can this be done? > > > > > > > > > > No, It can't be done at this point. > > > > > Samba 2.2 can be a PDC also for win2k and samba 2.0.7 (not 2.0.6) is > > able > > > > > to share files to win2k. > > > > > > > > > > > > > Is 2.2 stable for a production server? > > > The branch is still marked as alpha software, but someone just use it in > > > production. You may give it a try. > > > > > > > What do you mean by 2.0.7 can share to win2k? > > > Samba versions previous than 2.0.7 may have problems serving files to w2k. > > > > > > > Can I smbmount win2k shares to 2.06, 2.0.7 or 2.2 Samba? > > > > > > > > > > If so with which version and what are the primary smb.conf > > > > > > variables I need to set? > > > > > > > > > > > > I have tried a number of settings but none even allow for > > > > > > the > > > > > > linux server to be "seen" when doing a Find-Computer on a > > > > > > Win98 > > > > > > workstation. > > > > > > > > > > To have the best resoults, use a wins server and make all machines > > > > > register with it. > > > > > > > > Do you mean make the Samba server a wins server or wins > > > > client? > > > > > > If you have a wins server make the samba server register himself > > > see wins directives in smb.conf(5) > > > > > > > > > > > Thanks > > > > > > > > Ken > > > > > > > > > > -- > > > Simo Sorce - Linux Systems Consultant > > > E-mail: simo.sorce@polimi.it > > > Tel: +39 0348 7149179 - Fax: +39 02 700442399 > > > ----------------------------------------------------------------- > > > Be happy, use Linux! > > > > > > > > > > > > > > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 2937 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010323/152164a3/smb.obj From stephan at gwinners.de Fri Mar 23 21:29:12 2001 From: stephan at gwinners.de (Stephan Gwinner) Date: Tue Dec 2 02:33:58 2003 Subject: Accessing Samba 2.2.alpha1 with Windows 2000 German In-Reply-To: <20010323200121.4DACE7FCD@lists.samba.org> Message-ID: Hello, please help. I want to join my Domain (Samba 2.2.alpha1) with Windows 2000 German SP1 I have a machine account an one admin group. I know that the machine account works. But windows says that there is no machine account available and it want to install a new one. And then it says it conflicts with existing rights. Thanks for the help From kim at complexia.com.au Fri Mar 23 22:55:10 2001 From: kim at complexia.com.au (Kim Malafant) Date: Tue Dec 2 02:33:58 2003 Subject: NT Domain subnetting problems Message-ID: <3.0.5.32.20010324095510.00800b50@pop.actweb.net> To all, We are not sure if this is the correct place to send this but we are also unsure whether it is a bug or some other strange behaviour. Our apologies in advance if this should be sent elsewhere. We have just implemented a SAMBA server base on a SUN 420R with dual CPUs, 1 Gbyte RAM connected to an FCAL disk array of 1 Tbyte with dual Qlogic fibre connects. We are having inconsistent failures and/or performance issues with a subnet of NT/Win 2K machines connected to the server. There are five subnets with machines of differing performance on each - all subnets are 100Mbit. The PDC/WINS server is an NT box on the same subnet as the SAMBA server. The browsing is all setup OK and the machines can all be seen in the network neighbourhood and can access the SAMBA shares from the network. Pings etc work fine. However, the response and/or access from machines on different subnets is inconsistent. For example: 1) A machine on one subnet can copy from SAMBA share to SAMBA share with reasonable performance and consistently. A copy of about 80Mbytes takes approx 2 minutes. 2) A machine on another subnet does the same copy and it works fine and in about the same time. Try it a second time and all of a sudden the time blows out to 30 minutes and the copy fails and the connection is lost. A look at the log (machine specific) shows (sometimes!) oplock problems which from the FAQ indicates a "broken" network card/poor cabling doesn't it? However, on other occasions the log indicates a different set of errors (see below): roger (172.16.12.18) connect to service testarea as user kim (uid=0, gid=300) (pid 16808) [2001/03/23 11:04:34, 0, pid=16808, effective(0, 0), real(0, 0)] smbd/service.c:(336) kim logged in as admin user (root privileges) [2001/03/23 11:04:34, 1, pid=16808, effective(0, 300), real(0, 0)] smbd/service.c:(550) roger (172.16.12.18) connect to service test4kim as user kim (uid=0, gid=300) (pid 16808) [2001/03/23 11:05:42, 0, pid=16808, effective(0, 300), real(0, 0)] smbd/oplock.c:(1204) request_oplock_break: no response received to oplock break request to pid 16749 on port 33722 for dev = 2680062, inode = 486401 for dev = 2680062, inode = 486401, tv_sec = 3aba92cc, tv_usec = 22e4a [2001/03/23 11:06:14, 0, pid=16808, effective(0, 300), real(0, 0)] smbd/oplock.c:(1204) request_oplock_break: no response received to oplock break request to pid 16749 on port 33722 for dev = 2680062, inode = 486401 for dev = 2680062, inode = 486401, tv_sec = 3aba92cc, tv_usec = 22e4a [2001/03/23 11:06:43, 0, pid=16825, effective(0, 0), real(0, 0)] smbd/service.c:(336) . . . [2001/03/23 11:15:13, 2, pid=16749, effective(0, 0), real(0, 0)] smbd/close.c:(159) kim closed file Kims Foilder/dec/avhrrpf.ch1.1nmfgl.8712.gz (numopen=1) [2001/03/23 11:15:13, 1, pid=16749, effective(0, 0), real(0, 0)] smbd/service.c:(583) roger (172.16.12.18) closed connection to service testarea [2001/03/23 11:15:14, 0, pid=16808, effective(0, 300), real(0, 0)] lib/util_sock.c:(540) write_socket_data: write failure. Error = Broken pipe [2001/03/23 11:15:14, 0, pid=16808, effective(0, 300), real(0, 0)] lib/util_sock.c:(566) write_socket: Error writing 102 bytes to socket 8: ERRNO = Broken pipe [2001/03/23 11:15:14, 0, pid=16808, effective(0, 300), real(0, 0)] lib/util_sock.c:(754) Error writing 102 bytes to client. -1. Exiting [2001/03/23 11:19:03, 2, pid=16837, effective(0, 300), real(0, 0)] smbd/dosmode.c:(61) 3) Machines on the same subnet as the SAMBA server generally have no problems and are much quicker copying. But not always! Routing seems fine as the machines can communicate with each other - ping, ftp and telnet between the subnets works fine to the machines and server etc etc. Routing tables are fine and we have traced the routes between subnets and all is OK. When something goes wrong the client machine freezes, the SAMBA connection "appears" to be lost and the copy fails. However, checking the SAMBA status shows that the session for the machine is still connected, as are the shares. After multiple failures there can be a number of sessions connected to the SAMBA machine which causes additional problems to appear. A section of the smb.conf file is included with the global definitions and the definitions for two test shares: # Samba config file created using SWAT # from montezuma (172.16.16.11) # Date: 2001/03/23 10:45:47 # Global parameters [global] workgroup = AGRECON server string = Caesar Samba Server security = SERVER password server = 172.16.16.11 debug level = 2 log file = /var/opt/samba/log.%m max log size = 10000 debug pid = Yes debug uid = Yes name resolve order = wins host lmhosts bcast dns proxy = No wins server = 172.16.16.11 invalid users = root bin daemon adm sync shutdown halt mail news uucp operator gopher admin users = kim level2 oplocks = Yes . . . [test4kim] path = /users/kim valid users = kim writeable = Yes create mask = 0755 inherit permissions = Yes [testarea] path = /tmp/testarea valid users = kim writeable = Yes create mask = 0755 inherit permissions = Yes Any suggestion on possible problem areas and/or solutions would be gratefully received. Thank you in advance. Kim Malafant Director, compleXia PO Box 3011, Belconnen ACT, Australia, 2617 Phone: (02) 6253 8342 Fax: (02) 6253 8346 From josh at saratoga.lib.ny.us Fri Mar 23 22:42:12 2001 From: josh at saratoga.lib.ny.us (Josh Kuperman) Date: Tue Dec 2 02:33:58 2003 Subject: I think 2.0.7 is enough but I'm not sure Message-ID: <20010323174212.A28004@saratoga.lib.ny.us> If these problems can be solved with 2.0.7 I'll stick with 2.0.7. If they require 2.2 I can go that way. If its impossible I'll stick with 2.0.7. Three questions: 1. How do I sync passwords with Linux for mail access mostly, and a few people who might actually have shell accounts as well. 2. How do I mount enough of a Windows 2000 server's partitions so I can run smbtar on them for backup. 3. How do I do automated installs. I just want to have a SAMBA server for a small group of machines mostly for both public (walk in of the street) use and staff use here. I am finding that I have a few problems I can't seem to resolve. I want a few staff people to be able to read e-mail with outlook or eudora or anything else they desire. So how do I configure the e-mail? I am already running an IMAP and SMTP server on the same machine as the SAMBA server. So far I haven't been able to get the 'unix password sync' feature to work. Is there something special about that feature I need to know. I don't know if I want to do this anyhow, since I don't really want to give them access to the machine except through SAMBA. Is there a way to offer access to the IMAP server without this. What do I have to do to get it to work. I need to make a Windows 2000 server available enough so I can back it up with Amanda. The Amanda people say it needs the file systems need to be accessible with smbtar which means they have to be accessible from my 2.0.7 SAMBA server. Is that possible? Is there a HOW-To on doing automatic network based installs of NT 40 Workstation and software with SAMBA. My alternative is using Ghost, ImageCast, or DriveImage which is a nuisance with NT. I've been looking at _WINDOWS NT Automated Deployment and Customization_ by Richard Puckett and it would be nice if I could manage all the NT machines so they had identical software etc. I think the techniques would work - but I'd like to find out if someone else, who took notes, has already succeeded. I'm using Redhat 6.2 on Sparc with Samba 2.0.7. -- Josh Kuperman josh@saratoga.lib.ny.us From jeremy at valinux.com Fri Mar 23 21:10:21 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released Message-ID: <3ABBBBBD.C8C0D5E0@valinux.com> Hi all, I have just released the fourth alpha snapshot of what will become Samba 2.2.0. It's available from the usual ftp sites, in the alpha directory as : :/pub/samba/alpha/samba-2.2.0-alpha3.tar.gz If people could test this snapshot out and provide feedback about what is broken and let the lists know that would help. The problem acting as a PDC for Win2k clients has been fixed, it should work fine now (it does in my tests). The Team will be monitoring the feedback and this will help for the next alpha. The POSIX ACL mapping feature has been rewritten and now supports Linux (using the patch at http://acl.bestbits.at/), Solaris and UnixWare. IRIX is being worked on for the next release. Implementations for other platforms (AIX, HPUX, True64 etc.) are welcome - look at the code in lib/sysacls.c for the interface needed. The documentation has been converted from yodl to DocBook (thanks Gerald and the documentation authors) but there are still a few missing parameters. This code has been running under memory overrun/leak detectors for weeks now without problems. Having said that - *please* don't use this on a production system. The release notes follow : Regards, Jeremy Allison, Samba Team. ===================================================================== WHATS NEW IN Samba 2.2.0alpha3 ============================== This is the fourth alpha release of the new 2.2.0 codebase for Samba. This version must not be run in production. This code will almost certainly have some bugs and is intended to help the Samba Team prepare an official 2.2.0 release. The documentation in this alpha snapshot has been updated and converted from Yodl to DocBook 4.1. There are many new parameters since 2.0.7 and some defaults have changed. Most of the changes are now documented. This version of Samba will act as a PDC for Win2k clients as well as for NT4.x clients. Several significant bugs have been fixed between alpha3 and alpha2, these include : ./configure now supports a --with-acl-support that attempts to select the correct ACL implementation. ./confugure now supports a --with-fhs option for the Linux file system standard. The ACL mapping code has been completely re-written and now supports Solaris ACLs and UnixWare ACLs in addition to Linux ACLS. IRIX ACL support is currently under development. smbmount fixes for Linux only. Byte ordering issues with AS/U on HPUX and PC-Netlink on Solaris have been fixed. PC-Netlink can now join and authenticate against a Samba 2.2 PDC (thanks to the CIFS/9000 Team at HP and Herb Lewis at SGI for getting this working). Restructuring of all the RPC interface code to allow TALLOC management of memory. Preparing for auto-generated RPC code in a future Samba release. Addition of OS/2 auto printer driver download support from IBM. Many scalability improvements in the RPC printing code. Merge of the new SAMR code from a TNG snapshot. Many fixes and updates since then from Jean-Francois. Re-written rpcclient to allow UNIX client upload/download of printer drivers. Modification to debug system - start to allow "classes" of debug. Code from John Reilly @ HP. Removed all uses of snprintf (security reasons) - replaced with slprintf. Password caching code fixed - no more null derefs. Prepare to split wildcard handling out for old DOS/Win3.x clients, not done yet. Changed length of fstring to 256 from 128. Longer filenames handled. CUPS integration with new printing backend (patches from Michael Sweet). Added ADMIN$ IPC share for AS/U integration. Policy handle allocation made per pipename specific. ------------------------------------------------------------- Previous release notes. ------------------------------------------------------------- Several significant bugs have been fixed between alpha2 and alpha1, these include : Inclusion of mapping of NT ACLs to Linux ACLs, using the patch found at http://acl.bestbits.at. This is being done via an abstract interface that needs porting to the following UNIXes - IRIX, Solaris, HPUX, AIX - as many as can be done will be supported at 2.2.0 release. Please look at the code in lib/sysacls.c for the needed work. Addition of tdb spinlock code for tdb speed. Addition of user list lookup from Win2k (thanks to the Samba TNG branch code for this). Addition of generic to specific mapping of security descriptors in printer code. Addition of code page 857 (Turkish). Addition of "%D" substitution for incoming Domain of user. getpwnam/getpwuid cache. Many codepage fixes when dealing with printers with extended characters (thanks to HP for this fix). Inherited security descriptors for printing. Creation of internal NT "token" for smbd access checks. Addition of NT trans code for client. Fix for inheritance of blocked signals (thanks to HP). Addition of "total print jobs" parameter. Fix for NT not being able to save properties changes on PCL drivers. Fixes to speed up enumeration of print jobs. Cleanup printer spool files on client disconnect. Byteswap fixes for printing code (thanks JF). New parameter "dos filemode" to allow a user who can write to a file to change permissions on it. Subtle statcache bugfix. Fix for Office2000 print to file bug. Fix for MS Access multi-user open problem. Valid users now in linked list rather than array. SMB lookup now table driven rather than linear search (doh!). TDB locking fixes for multiple openers. Several significant bugs have been fixed between alpha0 and alpha1, these include : Fix for level II oplock bug. Support for detecting version 2/3 printer drivers (from HP). Samba profiling support (from SGI). Winbind integration fixes. Preliminary Win2K PDC support in compatibility mode for Win2K clients (from JF). VFS interface updates. Failover finding of BDC's now works again. lpq race condition fixes. utmp fixes. SWAT username detection fix. Bugfix for WinNT and Win2K point and print feature. The upcoming 2.2.0 Samba release will include the following new features: Integration with the winbind daemon that provides a single sign on facility for UNIX servers in Windows NT4/2000 networks driven by a Windows NT4/2000 PDC. Support for native Windows NT4/2000 printing RPCs. This includes support for automatic printer driver download. It is currently believed this functionality is working in alpha2. Rewritten internal locking semantics for more robustness. This alpha supports full 64 bit locking semantics on all (even 32 bit) platforms. SMB locks are mapped onto POSIX locks (32 bit or 64 bit) as the underlying system allows. Conversion of various internal flat data structures to use database records for increased performance and flexibility. Support for acting as a MS-DFS server Compile time option for enabling a VFS layer Support for server supported Access Control Lists (ACLs). This support will require a specific pluggable backend to be written for each filesystem ACL implementation to be supported. The stable 2.2.0 release should contain support for the following filesystems: Solaris 2.6+ HPUX SGI Irix Linux Kernel 2.2 with German ACL patch Currently in this alpha snapshot (alpha1) this feature is not enabled - the VFS layer has been modified to allow it, but the code is still under development and should be in a later alpha snapshot. Other platforms will be supported as resources are available to test and implement the encessary modules. If you are interested in writing the support for a particular ACL filesystem, please join the samba-technical mailing list and coordinate your efforts. Support for collection of profile information. A shared memory area has been created which contains counters for the number of calls to and the amount of time spent in various system calls and smb transactions. See the file profile.h for a complete listing of the information collected. Sample code for a samba pmda (collection agent for Performance Co-Pilot) has been included in the pcp directory. To enable the profile data collection code in samba, you must compile samba with profile support (run configure with the --with-profile option). On startup, collection of data is disabled. To begin collecting data use the smbcontrol program to turn on profiling (see the smbcontrol man page). Profile information collection can be enabled for all smbd processes or one or more selected processes. The profiling data collected is the aggragate for all processes that have profiling enabled. With samba compiled for profile data collection, you may see a very slight degradation in performance even with profiling collection turned off. On initial tests with NetBench on an SGI Origin 200 server, this degradation was not measureable with profile collection off compared to no profile collection compiled into samba. With count profile collection enabled on all clients, the degradation was less than 2%. With full profile collection enabled on all clients, the degradation was about 8.5%. ===================================================================== If you think you have found a bug please email a report to : samba@samba.org As always, all bugs are our responsibility. Regards, The Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From don_mccall at hp.com Fri Mar 23 23:54:58 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:58 2003 Subject: Help: The Account is not authorized to login from this statio n (e rror when logging to samba) Message-ID: <079FD72E42C9D311B854009027650E6F040508F7@xatl02.atl.hp.com> Hi Pedro, log level 3 doesn't give me enough to go on, but I SUSPECT it is because you have encrypt passwords = yes NOT in the global section but in the share section... Assuming that you have actually set up your username in /etc/passwd and added the user to smbpasswd file with the smbpasswd program, as you imply you have. The default is NO, which would give you this error from an NT workstation with SP6, because it would fail to negotiate a session with the server because it would want encrypted passwords and the samba server (without encrypt passwords=yes in the global section of smb.conf) would reply that it was not capable of it. Hope this helps, Don -----Original Message----- From: Pedro Checo [mailto:pcheco@BEAR-HUNTER.COM] Sent: Friday, March 23, 2001 3:26 PM To: samba-ntdom@lists.samba.org Subject: Help: The Account is not authorized to login from this station (e rror when logging to samba) Hi, when I try to login thru samba from my NT workstation (4.0 pack 6), I get this error: "The Account is not authorized to login from this station" I am running smbd and nmbd in a Solaris 2.6 box. Passwords are set up and here is the lib/smb.conf: [global] workgroup = WORKGROUP hosts allow = 64.241.153. 127. log level = 3 [checo] comment = For editing/viewing files in checo:~pedro/. path = ~pedro/ read only = no guest ok = yes encrypt passwords = yes maxconnections = 30 I am trying to login from 64.241.153.4 which is configured to belong to the WORKSTATION group. Here is part of the log for smb.log: [2001/03/23 15:12:10, 2] samba-2.0.7/source/lib/access.c:check_access(258) Allowed connection from pedro (64.241.153.14) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 0 of length 72 [2001/03/23 15:12:10, 2] samba-2.0.7/source/smbd/reply.c:reply_special(97) netbios connect: name1=*SMBSERVER name2=PEDRO [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/server.c:exit_server(435) Server exit (normal exit) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 1 of length 174 [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:switch_message(448 ) Forgive me if I am asking a question that has been asked before, but I was not able to search the archives. Thanks for your help. From leisner at rochester.rr.com Sat Mar 24 02:08:09 2001 From: leisner at rochester.rr.com (Marty Leisner) Date: Tue Dec 2 02:33:58 2003 Subject: Disappearing machine..... In-Reply-To: Message from "Stan Sander" of "Thu, 22 Mar 2001 13:29:52 MST." <3ABA60C0.583B12D8@sandia.gov> Message-ID: <200103240208.VAA02547@soyata.home> The discovery is incredibly bizarre...I don't understand how to make it reliable... If a samba machine is the browsemaster, I think it works as expected. Otherwise, the shortcut to the samba machine is a reasonable idea. Or you can always access it by doing net view \\server in a dos window... marty From sharpe at ns.aus.com Sat Mar 24 14:02:30 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:33:58 2003 Subject: % options dont work In-Reply-To: Message-ID: <3.0.6.32.20010325000230.00f59d30@10.0.2.1> At 11:06 AM 3/23/01 +0100, Nick De Decker wrote: >Hello again, > >As i was adviced i tried a simple test with the % options (preexec in >global sections which did /usr/local/samba/bin/preecho %M %I, with preecho >containing echo $1 $2 >> /tmp/echo.txt) >This works perfectly, but then i tried to use %M and %I in some other >things in my smb.conf and it doesnt work there :( This is all covered very well in Special Edition, Using Samba :-) >whats wrong with : > > server string = server %L %M %m %I %v > logon path = \\%L\Profiles\%M\%U > > >server string gives me : server beluga UNKNOWN nmb 0.0.0.0 TNG-alpha ^^^ This should give you the hint. The server string is constructed by nmbd when it sends out an announcement for your server. There is no client (%m and %I) when the string is constructed ... Elementary, my dear Watson. >Same for logon path :( > >How comes it worked in the preexec thing but not here ? > >Nick > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From barth at cck.uni-kl.de Sat Mar 24 13:57:30 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <3ABBBBBD.C8C0D5E0@valinux.com> Message-ID: <3ABCB5DA.6554.2588B3@localhost> > Prepare to split wildcard handling out for old DOS/Win3.x clients, not > done yet. Does this mean that future releases of samba will not fully suport these old clients? This would be a drawback as we have a net that needs not only new w2k-machines but also these old clients (never change running labatory equipment). Sorry if this is a silly question. Thanks, Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From gcarter at valinux.com Sat Mar 24 15:56:56 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <3ABCB5DA.6554.2588B3@localhost> Message-ID: On Sat, 24 Mar 2001, Christian Barth wrote: > > Prepare to split wildcard handling out for old DOS/Win3.x clients, > > not done yet. > > Does this mean that future releases of samba will not > fully suport these old clients? This would be a drawback as we have a > net that needs not only new w2k-machines but also these old clients > (never change running labatory equipment). Sorry if this is a silly > question. No. it means that wilcard matching is different in DOS and NT clients. Different mattern matching algorithms are needed to correctly handle this. Cheers, jerry From slu at firerun.net Sat Mar 24 17:26:18 2001 From: slu at firerun.net (Patrick) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released Message-ID: <3ABCD8BA.C7AAB3DF@firerun.net> As far as I know smb/dir.c has already had the patch applied that handles the directory listing correctly for old DOS/Win3.x clients. Patrick Christian Barth wrote: > > Prepare to split wildcard handling out for old DOS/Win3.x clients, not > > done yet. > Does this mean that future releases of samba will not fully suport > these old clients? This would be a drawback as we have a net that > needs not only new w2k-machines but also these old clients (never > change running labatory equipment). Sorry if this is a silly question. > > Thanks, > > Christian > > _______________________________________________________________________ > In a world without walls and fences, who needs windows and gates? (SUN) From jeremy at valinux.com Sat Mar 24 18:26:18 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <3ABCB5DA.6554.2588B3@localhost>; from barth@cck.uni-kl.de on Sat, Mar 24, 2001 at 02:57:30PM +0100 References: <3ABBBBBD.C8C0D5E0@valinux.com> <3ABCB5DA.6554.2588B3@localhost> Message-ID: <20010324102618.A16470@valinux.com> On Sat, Mar 24, 2001 at 02:57:30PM +0100, Christian Barth wrote: > > Prepare to split wildcard handling out for old DOS/Win3.x clients, not > > done yet. > Does this mean that future releases of samba will not fully suport > these old clients? This would be a drawback as we have a net that > needs not only new w2k-machines but also these old clients (never > change running labatory equipment). Sorry if this is a silly question. There are no silly questions. No, it doesn't mean that the new Samba won't support old clients - we still fully support and test (using vmware) back to clients that use "PC NETWORK PROGRAM 1.0" protocol. We've recently discovered that older clients use a different wildcard matching algorithm than Windows NT and newer versions of Windows, and the comment refers to the fact that we're intending to have two wildcard matching algorithms, selected by incoming client protocol type. The switch code is in place, but I'm still waiting on Andrew, who has promised to do the (tedious) work needed to work out the exact older wildcard algorithm (he also did the tedious work to determine the new wildcard algorithm) - I'm expecting to have this done before official ship, but needed to tell people it wasn't done yet in this alpha. Hope that helps clarify things, Jeremy Allison, Samba Team. PS. Check out the "demotivational posters - my favourite is : "CLUELESSNESS. There Are No Stupid Questions, But There Are A Lot Of Inquisitive Idiots." http://www.thinkgeek.com/stuff/things/370b.html :-) :-) :-). : -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jeremy at valinux.com Sat Mar 24 18:28:57 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <3ABCD8BA.C7AAB3DF@firerun.net>; from slu@firerun.net on Sat, Mar 24, 2001 at 10:26:18AM -0700 References: <3ABCD8BA.C7AAB3DF@firerun.net> Message-ID: <20010324102857.B16470@valinux.com> On Sat, Mar 24, 2001 at 10:26:18AM -0700, Patrick wrote: > > As far as I know smb/dir.c has already had the patch applied that > handles > the directory listing correctly for old DOS/Win3.x clients. No, this was removed as it wasn't the right place to do it. The wildcard algorithm needs to be changed for old DOS/Win3.x clients and selected by client type - so it'll still appear wrong in this release (that's why it's still alpha :-). We're committed to getting it fixed for the next alpha, or final release, whichever comes next (depends on people's feedback :-). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From 1erichughes1 at home.com Sat Mar 24 21:56:15 2001 From: 1erichughes1 at home.com (Eric Hughes) Date: Tue Dec 2 02:33:58 2003 Subject: 220a3 is working - feedback and an issue with sockets Message-ID: <000201c0b4ad$3fe6b500$0200a8c0@Max733> I'm a Linux newbee and have been playing with samba in an attempt to not buy M$ NT server. After several weeks of fiddling around I have a functional PDC! I upgraded from 2.0.7 to 220a2 then to 220a3. I had to fool around with the smbpasswd file several times as smbd was saying it was corrupt. I managed to fix smbpasswd using the smbd.log file (good stuff in there). I have the following setup: Box 1 - Win98se: 'Max733' All shares grant permission only to Domain Users (not everyone) Box 2 - WinNTsp6: 'NT1' All shares grant permission only to Domain Users (not everyone) Box 3 - Linux RH7: 'LINUX1' FEEDBACK: 1) User level shares are working for the two groups you defined to work (Domain Admins and Domain Users): Win98se: I can setup Win98 for User Level shares by pointing it to (Obtain list from) PROTO_DOAMIN. I can see Domain admins and Domain users from the Linux PDC and can share using either of these. (YAHOO!) I cannot see individual users on the domain. I can access all shares on the NT and Linux boxes. WinNTsp6: I can join the domain by manually setting passwords and computer accounts on the PDC. Doing this from the network properties when joining the domain (create an account...) still has issues (will not create the account). I can see all domain users- only Domain Admins and Domain Users work for sharing- others get the infamous Unknown Account error. I can see and access all Win98/Linux shares. Linux1: I can see and access all Win98 and NT shares when logged on as a domain user (not root). SOCKET ISSUE: Here's the only issue and it's probably related to my smbd.conf. Only the default socket option (TCP_NODELAY) is entered in SWAT. Note that I left the Domain Master and Perfered master in thier 'Auto' selections. log.smbd: [2001/03/24 12:59:11, 0] lib/util_sock.c:set_socket_options(165) Failed to set socket option SO_KEEPALIVE (Error Bad file descriptor) [2001/03/24 12:59:11, 0] lib/util_sock.c:set_socket_options(165) Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) log.nmbd: [2001/03/24 13:54:54, 0] nmbd/asyncdns.c:start_async_dns(150) started asyncdns process 2137 [2001/03/24 13:54:54, 0] nmbd/nmbd_logonnames.c:add_logon_names(158) add_domain_logon_names: Attempting to become logon server for workgroup PROTO_DOMAIN on subnet 192.168.0.61 [2001/03/24 13:54:54, 0] nmbd/nmbd_logonnames.c:add_logon_names(158) add_domain_logon_names: Attempting to become logon server for workgroup PROTO_DOMAIN on subnet UNICAST_SUBNET [2001/03/24 13:54:54, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(341) become_domain_master_browser_wins: Attempting to become domain master browser on workgroup PROTO_DOMAIN, subnet UNICAST_SUBNET. [2001/03/24 13:54:54, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(356) become_domain_master_browser_wins: querying WINS server at IP 192.168.0.61 for domain master browser name PROTO_DOMAIN<1b> on workgroup PROTO_DOMAIN [2001/03/24 13:54:54, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(117) become_logon_server_success: Samba is now a logon server for workgroup PROTO_DOMAIN on subnet UNICAST_SUBNET [2001/03/24 13:54:54, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(117) ***** Samba server LINUX1 is now a domain master browser for workgroup PROTO_DOMAIN on subnet UNICAST_SUBNET ***** [2001/03/24 13:54:54, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(293) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup PROTO_DOMAIN on subnet 192.168.0.61 [2001/03/24 13:54:54, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(307) become_domain_master_browser_bcast: querying subnet 192.168.0.61 for domain master browser on workgroup PROTO_DOMAIN [2001/03/24 13:54:59, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(117) become_logon_server_success: Samba is now a logon server for workgroup PROTO_DOMAIN on subnet 192.168.0.61 [2001/03/24 13:55:03, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(117) ***** Samba server LINUX1 is now a domain master browser for workgroup PROTO_DOMAIN on subnet 192.168.0.61 ***** [2001/03/24 13:55:17, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(405) ***** Samba name server LINUX1 is now a local master browser for workgroup PROTO_DOMAIN on subnet 192.168.0.61 ***** Here's the smbd.conf: [global] workgroup = PROTO_DOMAIN netbios name = LINUX1 encrypt passwords = Yes domain groups = @PROTO domain admin group = @PROTO domain logons = Yes wins support = Yes [samba_alpha] path = /samba_alpha read only = No inherit permissions = Yes [homes] path = /home/%u/ force group = @PROTO read only = No inherit permissions = Yes [profiles] path = /PROFILE_SERVER/%u read only = No [samba] path = /usr/local/samba/ force group = @PROTO read only = yes [netlogon] path = /home/netlogon/ If you could provide guidance on squashing this last issue I would be very grateful. Thanks for the hard work in getting samba up and running as a NT PDC! From jchan at broadcast.com Sat Mar 24 22:17:59 2001 From: jchan at broadcast.com (Jonathan Chan) Date: Tue Dec 2 02:33:58 2003 Subject: help w/ samba+win2k Message-ID: <5.1.0.12.2.20010324155619.02a47ff8@mailhost.broadcast.com> i've searched the archives, and couldnt find a solution for my scenerio. i'm running bsd and samba 2.0.7, and i want my two win2k boxes to see/use my samba shares. i do not have (nor want) to setup a pdc since it is just two computers i'm working with and i'm the only user on both computers. my user account and password is the same across all three boxes. when i try to hit the home directory win2k keeps prompting for a username and password. i did notice that the prompt is including the netbios/hostname of the samba server. what i would like is for the share to authenticate using my bsd account. i went through encryption.txt but i'm still stumped. any help/pointers would be appreciated. ... here's my conf file. [global] workgroup = WORKGROUP server string = Samba Server log file = /var/log/log.%m max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. ; security = user security = share # Use password server option only with security = server ; password server = encrypt passwords = yes socket options = TCP_NODELAY domain master = no domain logons = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writeable = yes ; public = yes jon From dwcjr at inethouston.net Sat Mar 24 23:19:09 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> Message-ID: <00f801c0b4b8$d4381040$931576d8@inethouston.net> One thing I noticed going from 2.0.7 to alpha 2.2.0a2 and a3 is that quicken 2000 will no longer back up to a samba share. How can I troubleshoot this? It creates a .tst file, and then tells me it cannot access the drive. ----- Original Message ----- From: "Jeremy Allison" To: Cc: Sent: Saturday, March 24, 2001 12:28 PM Subject: Re: Samba 2.2 alpha3 released > On Sat, Mar 24, 2001 at 10:26:18AM -0700, Patrick wrote: > > > > As far as I know smb/dir.c has already had the patch applied that > > handles > > the directory listing correctly for old DOS/Win3.x clients. > > No, this was removed as it wasn't the right place to do it. > The wildcard algorithm needs to be changed for old DOS/Win3.x > clients and selected by client type - so it'll still appear > wrong in this release (that's why it's still alpha :-). We're > committed to getting it fixed for the next alpha, or final > release, whichever comes next (depends on people's feedback :-). > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > > From info at nikoh.de Sun Mar 25 15:41:24 2001 From: info at nikoh.de (Niko Hartung) Date: Tue Dec 2 02:33:58 2003 Subject: username resolve Message-ID: <000501c0b542$0d21c5c0$1000a8c0@nhglan> im running a samba 2.07 as PDC. i can login with NT and Win98 users. it works all fine. when i set the security-rights on a file on a NT maschine i get all the users form smbpasswd. this also works fine, but now when i go back and want to check again, the username disappeart, and "\\DOMAIN\user unkonown" appeart. i think tis are both the same funktions, but what can i do that the username are alway resolved. thx Niko Hartung From mgeddes at xavier.sa.edu.au Sun Mar 25 22:43:26 2001 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> Message-ID: <3ABE748E.5AFDD88E@xavier.sa.edu.au> "David W. Chapman Jr." wrote: > > One thing I noticed going from 2.0.7 to alpha 2.2.0a2 and a3 is that quicken > 2000 will no longer back up to a samba share. How can I troubleshoot this? > It creates a .tst file, and then tells me it cannot access the drive. But other files can be saved to the exact same location? If not, check your unix and Samba permissions. You could also look at turning debugging up, try saving in quicken and look in your log.smb file for clues. Hope it helps, Matt From s354199 at student.uq.edu.au Sun Mar 25 22:53:58 2001 From: s354199 at student.uq.edu.au (Elliot Mackenzie) Date: Tue Dec 2 02:33:58 2003 Subject: WIN2K/SAMBA PDC In-Reply-To: <004c01c0ab12$118fed60$2800a8c0@leinet> Message-ID: I finally identified the problem. I was keeping up to date with the CVS distributions, but was consistently getting the same error. The error seemed characteristic of the error that some users reported when using an old CVS snapshot with Win2k service pack 1 machines - and indeed this was the case. Somehow my CVS snapshot got corrupted and some files were not being updated (I presume at least those related to Win2k logons). I got a very new CVS snapshot (from scratch) and the problem disappeared - without any changes to my smb.conf at all. However as per the recommendation below I chucked half of my smb.conf out anyway :) Thanks Greg. M. ======================END MSG I can't stress enough the need to thin down your smb.conf file. You have alot of the "bells and whistles" type parameters specified in you configuration file. Unless you are a samba guru, you are going to have a very difficult time troubleshooting. Get things going with just the essential items and then start adding the more complex parameters. When I first started with Samba, I had about four lines in my smb.conf file and only one share. I highly recommend the Using Samba book that comes with the your Samba source tree. You can find it in the docs directory (I read the entire thing). It does a very good job at walking you through a simple, barebones, setup and then on to more complex configurations. Good luck. Greg J. Zartman. ----- Original Message ----- From: "Elliot Mackenzie" To: "SAMBA - NTDOM" Sent: Monday, March 12, 2001 3:38 AM Subject: WIN2K/SAMBA PDC > At this point I pray I have landed the right newsgroup. > > I (ultimately) want to run Samba as the PDC for my domain ADIXEIN. > > Samba system: > - PII-300 > - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled) > - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001). > > Connecting system: > - PIII-1G > - Windows 2000 Professional SP1 > > Domain information: > - Domain: ADIXEIN > - Server name: SERVER > - Machine name: MACKA > > smb.conf as follows (located in /usr/local/samba/lib/) > [root@gw lib]# tail -n 100 smb.conf > # Global parameters > [global] > workgroup = ADIXEIN > netbios name = SERVER > server string = File server > interfaces = 192.168.1.1/255.255.255.0 > add user script = /usr/sbin/adduser -n -g machines -c Machine -d > /dev/null -s /bin/false %m$ > security = User > domain logons = Yes > domain master = Yes > domain admin group = @adm > domain admin users = root > preferred master = Yes > local master = Yes > os level = 65 > wins support = Yes > encrypt passwords = Yes > passwd program = /usr/bin/passwd > passwd chat debug = Yes > unix password sync = Yes > restrict anonymous = Yes > log file = /var/log/samba/log.%m > max log size = 50 > time server = Yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > strip dot = Yes > dns proxy = No > hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0 > hosts deny = 0.0.0.0/0.0.0.0 > > > ########################END SMB.CONF > > Plus all the file shares (no Windows profiles etc are listed/used). > root is a member of @adm. > > I can connect to the domain when I change the settings on MACKA such that it > joins a domain. As per the FAQ I connect as root with the root passwd. It > says "Welcome to ADIXEIN domain." or something to that effect. > > I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as > root, as administrator and as macka. All attempts fail with the same error: > > "The system cannot log you on to this domain because the system's computer > account in its primary domain is missing or the password on that account is > incorrect." > > The adduser appears to work, I have macka$ listed in my smbpasswd (root is > also listed in smbpasswd). The following is an extract of the logs (log > level 20). > ============================= LOG.MACKA > [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655) > macka (192.168.1.4) closed connection to service IPC$ > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > Yielding connection to IPC$ > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > unbecome_user now uid=(0,0) gid=(0,0) > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292) > size=35 > smb_com=0x71 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=1 > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298) > smb_tid=1 > smb_pid=65279 > smb_uid=100 > smb_mid=832 > smt_wct=0 > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308) > smb_bcc=0 > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560) > write_socket(12,39) > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563) > write_socket(12,39) wrote 39 > [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473) > read_socket_data: recv of 4 returned 0. Error = Success > [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654) > receive_smb: length < 0! > [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055) > end of file from client > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > unbecome_user now uid=(0,0) gid=(0,0) > [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440) > Closing connections > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > Yielding connection to > [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473) > Server exit (normal exit) > ==================================================== > =====================================LOG.NMBD > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > ADIXEIN(1) current master browser = SERVER > SERVER 400c9b2b (File server) > MACKA 40011003 () > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > ADIXEIN(1) current master browser = UNKNOWN > SERVER 40099b2b (File server) > [2001/03/12 21:30:13, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:13, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > 192.168.1.1: > found. > [2001/03/12 21:30:23, 10] > nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas > ter_browser(406) > announce_myself_to_domain_master_browser: t (984396613) - last(984396029) > < 90 > 0 > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > ADIXEIN(1) current master browser = SERVER > SERVER 400c9b2b (File server) > MACKA 40011003 () > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > dump_workgroups() > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > ADIXEIN(1) current master browser = UNKNOWN > SERVER 40099b2b (File server) > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > [2001/03/12 21:30:23, 4] > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > UNICAST_SUBNE > T: found. > ===============================================LOG.SMBD > file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last > mod_ > time: Mon Mar 12 20:15:16 2001 > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-32 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-32-546 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-1 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-1-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-3 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-3-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-0-0 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-11 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-2 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-7 ok > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628 > ok > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198) > open_oplock_ipc: opening loopback UDP socket. > [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870) > bind succeeded on port 0 > [2001/03/12 20:46:20, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(293) > Linux kernel oplocks enabled > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229) > open_oplock ipc: pid = 5042, global_oplock_port = 1614 > [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110) > Serverzone is -36000 > [2001/03/12 20:46:20, 10] > lib/util_sock.c:read_smb_length_return_keepalive(602) > got smb length of 68 > [2001/03/12 20:46:20, 2] lib/access.c:check_access(258) > Allowed connection from macka.adixein.lnet (192.168.1.4) > [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830) > got message type 0x81 of len 0x44 > [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831) > Transaction 0 of length 72 > [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94) > netbios connect: name1=SERVER name2=MACKA > ======================================================= > Apologies for the really huge email guys. I suppose it saves me sending > another one as soon as someone asks for the logs :) > > Any assistance will be much appreciated. > > Elliot. > > > > From dwcjr at inethouston.net Sun Mar 25 22:55:15 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> Message-ID: <03e901c0b57e$a82249a0$931576d8@inethouston.net> Yes, everything else worked as did this function before the upgrade to samba 2.2.0. I know its alpha so I'm not complaining, just pointing out a possible bug. Apparently quicken creates a tst file before it actually makes the backup. Here's an output of my log file with debug set to level 3 [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 16:53:08, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(143) error string = Function not implemented [2001/03/25 16:53:08, 3] smbd/process.c:process_smb(831) Transaction 71 of length 83 [2001/03/25 16:53:08, 3] smbd/process.c:switch_message(650) switch message SMBopenX (pid 8892) [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/~test~bk.tst] [2001/03/25 16:53:08, 3] smbd/dosmode.c:unix_mode(113) unix_mode(~test~bk.tst) returning 0640 [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 16:53:08, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(143) error string = Function not implemented [2001/03/25 16:53:08, 3] smbd/process.c:process_smb(831) Transaction 72 of length 83 [2001/03/25 16:53:08, 3] smbd/process.c:switch_message(650) switch message SMBopenX (pid 8892) [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/~test~bk.tst] [2001/03/25 16:53:08, 3] smbd/dosmode.c:unix_mode(113) unix_mode(~test~bk.tst) returning 0640 [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 16:53:08, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(143) error string = Function not implemented ----- Original Message ----- From: "Matthew Geddes" To: Sent: Sunday, March 25, 2001 4:43 PM Subject: Re: Samba 2.2 alpha3 released > "David W. Chapman Jr." wrote: > > > > One thing I noticed going from 2.0.7 to alpha 2.2.0a2 and a3 is that quicken > > 2000 will no longer back up to a samba share. How can I troubleshoot this? > > It creates a .tst file, and then tells me it cannot access the drive. > > But other files can be saved to the exact same location? If not, check > your unix and Samba permissions. You could also look at turning > debugging up, try saving in quicken and look in your log.smb file for > clues. > > Hope it helps, > Matt > > From jeremy at valinux.com Sun Mar 25 23:08:56 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <03e901c0b57e$a82249a0$931576d8@inethouston.net>; from dwcjr@inethouston.net on Sun, Mar 25, 2001 at 04:55:15PM -0600 References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> Message-ID: <20010325150856.A16336@valinux.com> On Sun, Mar 25, 2001 at 04:55:15PM -0600, David W. Chapman Jr. wrote: > Yes, everything else worked as did this function before the upgrade to samba > 2.2.0. I know its alpha so I'm not complaining, just pointing out a > possible bug. Apparently quicken creates a tst file before it actually > makes the backup. > > Here's an output of my log file with debug set to level 3 > > [2001/03/25 16:53:08, 3] lib/util.c:unix_clean_name(384) > unix_clean_name [~test~bk.tst] > [2001/03/25 16:53:08, 2] smbd/open.c:open_file(191) > POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) > [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(138) > error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 > [2001/03/25 16:53:08, 3] smbd/error.c:error_packet(143) > error string = Function not implemented ecode 5 is access denied. "Function not implmented" is probably ENOSYS - I added ENOSYS returns if any of the stub ACL calls got made when the underlying system doesn't support ACLS. A debug level 10 log would be more helpful here (with NO TIMSTAMPS please :-). When you build 2.2.0alpha3 did you specify --with-acl-support ? What platform are you running on ? Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From dwcjr at inethouston.net Sun Mar 25 23:17:15 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:58 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> <20010325150856.A16336@valinux.com> Message-ID: <042101c0b581$bb39a620$931576d8@inethouston.net> > When you build 2.2.0alpha3 did you specify --with-acl-support ? > What platform are you running on ? Freebsd 4.3 Did not specify --with-acl-support I am the maintainer of the samba-2.2.0alpha versions port for freebsd so and currently the port only passes args to make it the directory structure more friendly with the directory structure of freebsd. If there are any configure args we're not passing would you mind telling me what should be passed to configure, it would help out a lot of people potentially. Also I have attached a patch that we use for freebsd to make samba put its pid file where all other programs put theirs in freebsd, I was wondering if something similar could be added to samba before release. It has some extra changes in it for the location of the passwd program too, but you can ignore the rest. begin 644 patch-aa.patch M+2TM($UA:V5F:6QE+FEN+F]R:6<)36]N($IA;B`R.2`Q.3HT,CHU,R`R,#`Q M"BLK*R!-86ME9FEL92YI;@E& Hi,I have samba snapshot 2.2 aplha3 but have the following problem I get this error for a windows 2K machine The user account used is a computer account. Use your global user account or local user account to access this server But I can get a linux machine to join the domain. Anyone got any ideas ? Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From jeremy at valinux.com Sun Mar 25 23:59:37 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <042101c0b581$bb39a620$931576d8@inethouston.net>; from dwcjr@inethouston.net on Sun, Mar 25, 2001 at 05:17:15PM -0600 References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> <20010325150856.A16336@valinux.com> <042101c0b581$bb39a620$931576d8@inethouston.net> Message-ID: <20010325155937.B16336@valinux.com> On Sun, Mar 25, 2001 at 05:17:15PM -0600, David W. Chapman Jr. wrote: > > When you build 2.2.0alpha3 did you specify --with-acl-support ? > > What platform are you running on ? > Freebsd 4.3 > > Did not specify --with-acl-support Ok - the debug level 10 log will help here. I noticed that on open Samba 2.2.0alpha3 is still doing the fchmod_acl() call even if acls are not specified (it'll set the errno to ENOSYS) - but no other call depends on this succeeding. Can you get me the debug level 10 log of this problem ? I'll take a look at the other FreeBSD patch when I'm back in work tomorrow. Jeremy. From dwcjr at inethouston.net Mon Mar 26 00:08:34 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> <20010325150856.A16336@valinux.com> <042101c0b581$bb39a620$931576d8@inethouston.net> <20010325155937.B16336@valinux.com> Message-ID: <048d01c0b588$e62a85a0$931576d8@inethouston.net> I'm not sure if I got it in the log, but the first time I attempted it worked, it does that even now and then, then I tried it a few times with no luck. allocated file structure 494, fnum = 4590 (1 used) [2001/03/25 18:06:24, 10] smbd/open.c:open_file_shared(559) open_file_shared: fname = ~test~bk.tst, share_mode = c0, ofun = 12, mode = 640, oplock request = 3 [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1182) is_in_path: ~test~bk.tst [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1187) is_in_path: no name list. [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 18:06:24, 4] smbd/open.c:open_file_shared(682) calling open_file with flags=0x0 flags2=0x600 mode=0640 [2001/03/25 18:06:24, 10] smbd/open.c:fd_open(52) fd_open: name ~test~bk.tst, mode = 416, fd = 18. [2001/03/25 18:06:24, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 18:06:24, 5] smbd/files.c:file_free(305) freed files structure 4590 (0 used) [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(143) error string = Function not implemented [2001/03/25 18:06:24, 5] lib/util.c:show_msg(292) size=35 smb_com=0x2d smb_rcls=1 smb_reh=0 smb_err=5 smb_flg=128 smb_flg2=1 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=8731 smb_uid=100 smb_mid=17796 smt_wct=0 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(308) smb_bcc=0 [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(563) write_socket(11,39) [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(566) write_socket(11,39) wrote 39 [2001/03/25 18:06:24, 10] lib/util_sock.c:read_smb_length_return_keepalive(605) got smb length of 79 [2001/03/25 18:06:24, 6] smbd/process.c:process_smb(830) got message type 0x0 of len 0x4f [2001/03/25 18:06:24, 3] smbd/process.c:process_smb(831) Transaction 57 of length 83 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(292) size=79 smb_com=0x2d smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=8731 smb_uid=100 smb_mid=17924 smt_wct=15 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[0]=255 (0xFF) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[1]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[2]=7 (0x7) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[3]=192 (0xC0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[4]=22 (0x16) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[5]=32 (0x20) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[6]=13216 (0x33A0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[7]=15038 (0x3ABE) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[8]=18 (0x12) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[9]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[10]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[11]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[12]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[13]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[14]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(308) smb_bcc=14 [2001/03/25 18:06:24, 10] lib/util.c:dump_data(1511) [000] 5C 7E 74 65 73 74 7E 62 6B 2E 74 73 74 00 \~test~b k.tst. [2001/03/25 18:06:24, 3] smbd/process.c:switch_message(650) switch message SMBopenX (pid 9938) [2001/03/25 18:06:24, 4] smbd/uid.c:become_user(112) Skipping become_user - already user [2001/03/25 18:06:24, 5] smbd/filename.c:unix_convert(146) unix_convert called on file "\~test~bk.tst" [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/~test~bk.tst] [2001/03/25 18:06:24, 5] smbd/mangle.c:is_8_3(338) Checking ~test~bk.tst for 8.3 [2001/03/25 18:06:24, 3] smbd/dosmode.c:unix_mode(113) unix_mode(~test~bk.tst) returning 0640 [2001/03/25 18:06:24, 5] smbd/files.c:file_new(106) allocated file structure 495, fnum = 4591 (1 used) [2001/03/25 18:06:24, 10] smbd/open.c:open_file_shared(559) open_file_shared: fname = ~test~bk.tst, share_mode = c0, ofun = 12, mode = 640, oplock request = 3 [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1182) is_in_path: ~test~bk.tst [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1187) is_in_path: no name list. [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 18:06:24, 4] smbd/open.c:open_file_shared(682) calling open_file with flags=0x0 flags2=0x600 mode=0640 [2001/03/25 18:06:24, 10] smbd/open.c:fd_open(52) fd_open: name ~test~bk.tst, mode = 416, fd = 18. [2001/03/25 18:06:24, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 18:06:24, 5] smbd/files.c:file_free(305) freed files structure 4591 (0 used) [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(143) error string = Function not implemented [2001/03/25 18:06:24, 5] lib/util.c:show_msg(292) size=35 smb_com=0x2d smb_rcls=1 smb_reh=0 smb_err=5 smb_flg=128 smb_flg2=1 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=8731 smb_uid=100 smb_mid=17924 smt_wct=0 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(308) smb_bcc=0 [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(563) write_socket(11,39) [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(566) write_socket(11,39) wrote 39 [2001/03/25 18:06:24, 10] lib/util_sock.c:read_smb_length_return_keepalive(605) got smb length of 79 [2001/03/25 18:06:24, 6] smbd/process.c:process_smb(830) got message type 0x0 of len 0x4f [2001/03/25 18:06:24, 3] smbd/process.c:process_smb(831) Transaction 58 of length 83 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(292) size=79 smb_com=0x2d smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=8731 smb_uid=100 smb_mid=18052 smt_wct=15 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[0]=255 (0xFF) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[1]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[2]=7 (0x7) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[3]=192 (0xC0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[4]=22 (0x16) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[5]=32 (0x20) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[6]=13216 (0x33A0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[7]=15038 (0x3ABE) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[8]=18 (0x12) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[9]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[10]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[11]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[12]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[13]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(303) smb_vwv[14]=0 (0x0) [2001/03/25 18:06:24, 5] lib/util.c:show_msg(308) smb_bcc=14 [2001/03/25 18:06:24, 10] lib/util.c:dump_data(1511) [000] 5C 7E 74 65 73 74 7E 62 6B 2E 74 73 74 00 \~test~b k.tst. [2001/03/25 18:06:24, 3] smbd/process.c:switch_message(650) switch message SMBopenX (pid 9938) [2001/03/25 18:06:24, 4] smbd/uid.c:become_user(112) Skipping become_user - already user [2001/03/25 18:06:24, 5] smbd/filename.c:unix_convert(146) unix_convert called on file "\~test~bk.tst" [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) unix_clean_name [/~test~bk.tst] [2001/03/25 18:06:24, 5] smbd/mangle.c:is_8_3(338) Checking ~test~bk.tst for 8.3 [2001/03/25 18:06:24, 3] smbd/dosmode.c:unix_mode(113) unix_mode(~test~bk.tst) returning 0640 [2001/03/25 18:06:24, 5] smbd/files.c:file_new(106) allocated file structure 496, fnum = 4592 (1 used) [2001/03/25 18:06:24, 10] smbd/open.c:open_file_shared(559) open_file_shared: fname = ~test~bk.tst, share_mode = c0, ofun = 12, mode = 640, oplock request = 3 [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1182) is_in_path: ~test~bk.tst [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1187) is_in_path: no name list. [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) unix_clean_name [~test~bk.tst] [2001/03/25 18:06:24, 4] smbd/open.c:open_file_shared(682) calling open_file with flags=0x0 flags2=0x600 mode=0640 [2001/03/25 18:06:24, 10] smbd/open.c:fd_open(52) fd_open: name ~test~bk.tst, mode = 416, fd = 18. [2001/03/25 18:06:24, 2] smbd/open.c:open_file(191) POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) [2001/03/25 18:06:24, 5] smbd/files.c:file_free(305) freed files structure 4592 (0 used) [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(138) error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(143) error string = Function not implemented [2001/03/25 18:06:24, 5] lib/util.c:show_msg(292) size=35 smb_com=0x2d smb_rcls=1 smb_reh=0 smb_err=5 smb_flg=128 smb_flg2=1 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(298) smb_tid=1 smb_pid=8731 smb_uid=100 smb_mid=18052 smt_wct=0 [2001/03/25 18:06:24, 5] lib/util.c:show_msg(308) smb_bcc=0 [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(563) write_socket(11,39) [2001/03/25 18:06:24, 6] lib/util_sock.c:write_socket(566) write_socket(11,39) wrote 39 leviathan# > Can you get me the debug level 10 log of this problem ? > > I'll take a look at the other FreeBSD patch when I'm > back in work tomorrow. > > Jeremy. > > > From dwcjr at inethouston.net Mon Mar 26 00:12:58 2001 From: dwcjr at inethouston.net (David W. Chapman Jr.) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 alpha3 released References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> <20010325150856.A16336@valinux.com> <042101c0b581$bb39a620$931576d8@inethouston.net> <20010325155937.B16336@valinux.com> <048d01c0b588$e62a85a0$931576d8@inethouston.net> Message-ID: <049d01c0b589$838125c0$931576d8@inethouston.net> Just curious, should I enable the acl's? From peter.milburn at sofcom.com.au Mon Mar 26 05:12:34 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:59 2003 Subject: samba 2.2alpha3 Message-ID: has per my last email with getting a windows 2000 machine to doing a samba domain, I have tried it with a brand new machine, when I look in the smbpasswd file before I get the machine to join I have it something like this. machinename$:passwd:[W ]:LCT-xxxxxxx after I try and get a machine to join , I have this in the smbpasswd file machinename$:passwd:[DW ]:LCT-xxxxxxx Any ideas ? Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From jeremy at valinux.com Mon Mar 26 05:27:37 2001 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 alpha3 released In-Reply-To: <048d01c0b588$e62a85a0$931576d8@inethouston.net>; from dwcjr@inethouston.net on Sun, Mar 25, 2001 at 06:08:34PM -0600 References: <3ABCD8BA.C7AAB3DF@firerun.net> <20010324102857.B16470@valinux.com> <00f801c0b4b8$d4381040$931576d8@inethouston.net> <3ABE748E.5AFDD88E@xavier.sa.edu.au> <03e901c0b57e$a82249a0$931576d8@inethouston.net> <20010325150856.A16336@valinux.com> <042101c0b581$bb39a620$931576d8@inethouston.net> <20010325155937.B16336@valinux.com> <048d01c0b588$e62a85a0$931576d8@inethouston.net> Message-ID: <20010325212737.D16336@valinux.com> On Sun, Mar 25, 2001 at 06:08:34PM -0600, David W. Chapman Jr. wrote: > I'm not sure if I got it in the log, but the first time I attempted it > worked, it does that even now and then, then I tried it a few times with no > luck. > > allocated file structure 494, fnum = 4590 (1 used) > [2001/03/25 18:06:24, 10] smbd/open.c:open_file_shared(559) > open_file_shared: fname = ~test~bk.tst, share_mode = c0, ofun = 12, mode = > 640, oplock request = 3 > [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1182) > is_in_path: ~test~bk.tst > [2001/03/25 18:06:24, 8] lib/util.c:is_in_path(1187) > is_in_path: no name list. > [2001/03/25 18:06:24, 3] lib/util.c:unix_clean_name(384) > unix_clean_name [~test~bk.tst] > [2001/03/25 18:06:24, 4] smbd/open.c:open_file_shared(682) > calling open_file with flags=0x0 flags2=0x600 mode=0640 > [2001/03/25 18:06:24, 10] smbd/open.c:fd_open(52) > fd_open: name ~test~bk.tst, mode = 416, fd = 18. > [2001/03/25 18:06:24, 2] smbd/open.c:open_file(191) > POSEIDEN opened file ~test~bk.tst read=Yes write=No (numopen=1) > [2001/03/25 18:06:24, 5] smbd/files.c:file_free(305) > freed files structure 4590 (0 used) > [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(138) > error packet at line 1671 cmd=45 (SMBopenX) eclass=1 ecode=5 > [2001/03/25 18:06:24, 3] smbd/error.c:error_packet(143) > error string = Function not implemented Ok - I'm not getting enough information here. From the log (which still has bloody timestamps btw. :-), I see the open succeed, then smbd return an error (access denied). Looking at the logic in smbd/open.c I can't see what can make this happen (once the open_file has succeeded and returned True then fsp_open should be true and everything should continue). The ENOSYS error should be irrelevent, I need to see in greater detail what is happening here. Can you send me the app that reproduces this and give me information on how to reproduce it ? If not, can you hack in some extra debug statements in smbd/open.c around line 684 (the call to "open_file") print out what is returned and where it exits the "open_file_shared" function ? If you don't know how to do this let me know and I'll send a quick patch to add these (not for general consumption). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From peter.milburn at sofcom.com.au Mon Mar 26 05:36:40 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:33:59 2003 Subject: samab2.2.alpha3 Message-ID: Hi, still with my problem, this is what is happening when I try to get a computer to join the domain darren( 203.7.146.232) connect to service IPC$ as user root (uid=0, gid=0) (pid 24339) getsmbfilepwent: returning passwd entry for user darren$, uid 531 get_md4pw: Workstation darren$: no account in domain darren (203.7.146.232) closed connection to service IPC$ Any help would be greatly appreciated Thanks, -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From Errol.Fouquet at mms.gov Mon Mar 26 14:16:40 2001 From: Errol.Fouquet at mms.gov (Fouquet, Errol) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 alpha3 released Message-ID: <379313C94B76D2119AB60008C7A402E401E1FC69@imsnolaa.nola.omm.mms.gov> Jeremy, First off, I haven't tested alpha3 yet ... but I am using alpha2. It appears that setuid binaries are not honored with 2.2a2. Perhaps this is intentional. What I noticed was all print requests sent to Samba never got spooled up with LPRng. I set the debug level to 3 for smbd and the logs reported that my "lpr" command "gave a 1". In order to catch output from the lpr command itself, I created a wrapper script and redirected the output to a file. After attempting another print request, the lpr output was complaining that the "-U" option can only be run by root (my print commands in smb.conf all use the "-U" option). The odd thing is that the lpr command is setuid root and the previous version of Samba functions fine with this option. Errol Fouquet - UNIX SysAdmin Minerals Management Service, DOI 1201 Elmwood Park Blvd. New Orleans, LA 70123 Phone: (504) 736-3255 Fax: (504) 736-2464 email: errol.fouquet@mms.gov http://www.gomr.mms.gov -----Original Message----- From: Jeremy Allison [mailto:jeremy@valinux.com] Sent: Friday, March 23, 2001 3:10 PM To: samba@samba.org; samba-ntdom@samba.org; jeremy@valinux.com; Samba technical Subject: Samba 2.2 alpha3 released Hi all, I have just released the fourth alpha snapshot of what will become Samba 2.2.0. It's available from the usual ftp sites, in the alpha directory as : :/pub/samba/alpha/samba-2.2.0-alpha3.tar.gz If people could test this snapshot out and provide feedback about what is broken and let the lists know that would help. The problem acting as a PDC for Win2k clients has been fixed, it should work fine now (it does in my tests). The Team will be monitoring the feedback and this will help for the next alpha. The POSIX ACL mapping feature has been rewritten and now supports Linux (using the patch at http://acl.bestbits.at/), Solaris and UnixWare. IRIX is being worked on for the next release. Implementations for other platforms (AIX, HPUX, True64 etc.) are welcome - look at the code in lib/sysacls.c for the interface needed. The documentation has been converted from yodl to DocBook (thanks Gerald and the documentation authors) but there are still a few missing parameters. This code has been running under memory overrun/leak detectors for weeks now without problems. Having said that - *please* don't use this on a production system. The release notes follow : Regards, Jeremy Allison, Samba Team. ===================================================================== WHATS NEW IN Samba 2.2.0alpha3 ============================== This is the fourth alpha release of the new 2.2.0 codebase for Samba. This version must not be run in production. This code will almost certainly have some bugs and is intended to help the Samba Team prepare an official 2.2.0 release. The documentation in this alpha snapshot has been updated and converted from Yodl to DocBook 4.1. There are many new parameters since 2.0.7 and some defaults have changed. Most of the changes are now documented. This version of Samba will act as a PDC for Win2k clients as well as for NT4.x clients. Several significant bugs have been fixed between alpha3 and alpha2, these include : ./configure now supports a --with-acl-support that attempts to select the correct ACL implementation. ./confugure now supports a --with-fhs option for the Linux file system standard. The ACL mapping code has been completely re-written and now supports Solaris ACLs and UnixWare ACLs in addition to Linux ACLS. IRIX ACL support is currently under development. smbmount fixes for Linux only. Byte ordering issues with AS/U on HPUX and PC-Netlink on Solaris have been fixed. PC-Netlink can now join and authenticate against a Samba 2.2 PDC (thanks to the CIFS/9000 Team at HP and Herb Lewis at SGI for getting this working). Restructuring of all the RPC interface code to allow TALLOC management of memory. Preparing for auto-generated RPC code in a future Samba release. Addition of OS/2 auto printer driver download support from IBM. Many scalability improvements in the RPC printing code. Merge of the new SAMR code from a TNG snapshot. Many fixes and updates since then from Jean-Francois. Re-written rpcclient to allow UNIX client upload/download of printer drivers. Modification to debug system - start to allow "classes" of debug. Code from John Reilly @ HP. Removed all uses of snprintf (security reasons) - replaced with slprintf. Password caching code fixed - no more null derefs. Prepare to split wildcard handling out for old DOS/Win3.x clients, not done yet. Changed length of fstring to 256 from 128. Longer filenames handled. CUPS integration with new printing backend (patches from Michael Sweet). Added ADMIN$ IPC share for AS/U integration. Policy handle allocation made per pipename specific. ------------------------------------------------------------- Previous release notes. ------------------------------------------------------------- Several significant bugs have been fixed between alpha2 and alpha1, these include : Inclusion of mapping of NT ACLs to Linux ACLs, using the patch found at http://acl.bestbits.at. This is being done via an abstract interface that needs porting to the following UNIXes - IRIX, Solaris, HPUX, AIX - as many as can be done will be supported at 2.2.0 release. Please look at the code in lib/sysacls.c for the needed work. Addition of tdb spinlock code for tdb speed. Addition of user list lookup from Win2k (thanks to the Samba TNG branch code for this). Addition of generic to specific mapping of security descriptors in printer code. Addition of code page 857 (Turkish). Addition of "%D" substitution for incoming Domain of user. getpwnam/getpwuid cache. Many codepage fixes when dealing with printers with extended characters (thanks to HP for this fix). Inherited security descriptors for printing. Creation of internal NT "token" for smbd access checks. Addition of NT trans code for client. Fix for inheritance of blocked signals (thanks to HP). Addition of "total print jobs" parameter. Fix for NT not being able to save properties changes on PCL drivers. Fixes to speed up enumeration of print jobs. Cleanup printer spool files on client disconnect. Byteswap fixes for printing code (thanks JF). New parameter "dos filemode" to allow a user who can write to a file to change permissions on it. Subtle statcache bugfix. Fix for Office2000 print to file bug. Fix for MS Access multi-user open problem. Valid users now in linked list rather than array. SMB lookup now table driven rather than linear search (doh!). TDB locking fixes for multiple openers. Several significant bugs have been fixed between alpha0 and alpha1, these include : Fix for level II oplock bug. Support for detecting version 2/3 printer drivers (from HP). Samba profiling support (from SGI). Winbind integration fixes. Preliminary Win2K PDC support in compatibility mode for Win2K clients (from JF). VFS interface updates. Failover finding of BDC's now works again. lpq race condition fixes. utmp fixes. SWAT username detection fix. Bugfix for WinNT and Win2K point and print feature. The upcoming 2.2.0 Samba release will include the following new features: Integration with the winbind daemon that provides a single sign on facility for UNIX servers in Windows NT4/2000 networks driven by a Windows NT4/2000 PDC. Support for native Windows NT4/2000 printing RPCs. This includes support for automatic printer driver download. It is currently believed this functionality is working in alpha2. Rewritten internal locking semantics for more robustness. This alpha supports full 64 bit locking semantics on all (even 32 bit) platforms. SMB locks are mapped onto POSIX locks (32 bit or 64 bit) as the underlying system allows. Conversion of various internal flat data structures to use database records for increased performance and flexibility. Support for acting as a MS-DFS server Compile time option for enabling a VFS layer Support for server supported Access Control Lists (ACLs). This support will require a specific pluggable backend to be written for each filesystem ACL implementation to be supported. The stable 2.2.0 release should contain support for the following filesystems: Solaris 2.6+ HPUX SGI Irix Linux Kernel 2.2 with German ACL patch Currently in this alpha snapshot (alpha1) this feature is not enabled - the VFS layer has been modified to allow it, but the code is still under development and should be in a later alpha snapshot. Other platforms will be supported as resources are available to test and implement the encessary modules. If you are interested in writing the support for a particular ACL filesystem, please join the samba-technical mailing list and coordinate your efforts. Support for collection of profile information. A shared memory area has been created which contains counters for the number of calls to and the amount of time spent in various system calls and smb transactions. See the file profile.h for a complete listing of the information collected. Sample code for a samba pmda (collection agent for Performance Co-Pilot) has been included in the pcp directory. To enable the profile data collection code in samba, you must compile samba with profile support (run configure with the --with-profile option). On startup, collection of data is disabled. To begin collecting data use the smbcontrol program to turn on profiling (see the smbcontrol man page). Profile information collection can be enabled for all smbd processes or one or more selected processes. The profiling data collected is the aggragate for all processes that have profiling enabled. With samba compiled for profile data collection, you may see a very slight degradation in performance even with profiling collection turned off. On initial tests with NetBench on an SGI Origin 200 server, this degradation was not measureable with profile collection off compared to no profile collection compiled into samba. With count profile collection enabled on all clients, the degradation was less than 2%. With full profile collection enabled on all clients, the degradation was about 8.5%. ===================================================================== If you think you have found a bug please email a report to : samba@samba.org As always, all bugs are our responsibility. Regards, The Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From don_mccall at hp.com Mon Mar 26 15:02:23 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:33:59 2003 Subject: help w/ samba+win2k Message-ID: <079FD72E42C9D311B854009027650E6F040508F8@xatl02.atl.hp.com> Hello Johnathan, I would highly recommend that you use security=user instead of security=share. Samba does a LOT of things in the background to try to authenticate with security=share, and in addition, with security=share, you are basically skipping the whole user authentication thing, and going straight to a treeconnect&X, where it is expecting you to give it a password for the SHARE, not the user. Since you only have 2 machines and the samba server, it should not require a lot of admin; simply: workgroup= [not required, but nice] security=user encrypt passwords = yes Then you will need to add the user that you login to the three machines into the encrypted smbpasswd file via the command (run from root): smbpasswd -a username when it asks for the password, give it the same password as you use on your user when you log into bsd. The reason you have to do this is because the 1 way encryption that Microsoft does is different than the 1 way encryption that Unix uses, and you can't translate back and forth. When you attach to your home dir from the win2k clients, the smbpasswd will be parsed; when you attach via telnet, etc directly to the bsd box, the /etc/passwd file will be parsed. Hope this helps, Don -----Original Message----- From: Jonathan Chan [mailto:jchan@broadcast.com] Sent: Saturday, March 24, 2001 5:18 PM To: samba-ntdom@us5.samba.org Subject: help w/ samba+win2k i've searched the archives, and couldnt find a solution for my scenerio. i'm running bsd and samba 2.0.7, and i want my two win2k boxes to see/use my samba shares. i do not have (nor want) to setup a pdc since it is just two computers i'm working with and i'm the only user on both computers. my user account and password is the same across all three boxes. when i try to hit the home directory win2k keeps prompting for a username and password. i did notice that the prompt is including the netbios/hostname of the samba server. what i would like is for the share to authenticate using my bsd account. i went through encryption.txt but i'm still stumped. any help/pointers would be appreciated. ... here's my conf file. [global] workgroup = WORKGROUP server string = Samba Server log file = /var/log/log.%m max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. ; security = user security = share # Use password server option only with security = server ; password server = encrypt passwords = yes socket options = TCP_NODELAY domain master = no domain logons = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writeable = yes ; public = yes jon From pcheco at BEAR-HUNTER.COM Mon Mar 26 15:06:09 2001 From: pcheco at BEAR-HUNTER.COM (Pedro Checo) Date: Tue Dec 2 02:33:59 2003 Subject: Help: The Account is not authorized to login from this statio n (e rror when logging to samba) Message-ID: Thanks to Don and all those who replied! It's now working. You were right about the encrypted passwords = yes being the problem. Moving this line to the General section solved my problem. I also wanted to share this with the group: Using the notation ~pedro/ to denote the home dir for uid pedro in /etc/passwd did not work for me. I had to hand code the path name (ie not use the ~pedro notation). This may be due to the fact that ~pedro is an nfs mounted dir, but this is just a wild guess. Not using the ~ notation is perfectly fine for me. It's working just fine, thanks again! -----Original Message----- From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall@hp.com] Sent: Friday, March 23, 2001 6:55 PM To: 'Pedro Checo'; samba-ntdom@us5.samba.org Subject: RE: Help: The Account is not authorized to login from this statio n (e rror when logging to samba) Hi Pedro, log level 3 doesn't give me enough to go on, but I SUSPECT it is because you have encrypt passwords = yes NOT in the global section but in the share section... Assuming that you have actually set up your username in /etc/passwd and added the user to smbpasswd file with the smbpasswd program, as you imply you have. The default is NO, which would give you this error from an NT workstation with SP6, because it would fail to negotiate a session with the server because it would want encrypted passwords and the samba server (without encrypt passwords=yes in the global section of smb.conf) would reply that it was not capable of it. Hope this helps, Don -----Original Message----- From: Pedro Checo [mailto:pcheco@BEAR-HUNTER.COM] Sent: Friday, March 23, 2001 3:26 PM To: samba-ntdom@lists.samba.org Subject: Help: The Account is not authorized to login from this station (e rror when logging to samba) Hi, when I try to login thru samba from my NT workstation (4.0 pack 6), I get this error: "The Account is not authorized to login from this station" I am running smbd and nmbd in a Solaris 2.6 box. Passwords are set up and here is the lib/smb.conf: [global] workgroup = WORKGROUP hosts allow = 64.241.153. 127. log level = 3 [checo] comment = For editing/viewing files in checo:~pedro/. path = ~pedro/ read only = no guest ok = yes encrypt passwords = yes maxconnections = 30 I am trying to login from 64.241.153.4 which is configured to belong to the WORKSTATION group. Here is part of the log for smb.log: [2001/03/23 15:12:10, 2] samba-2.0.7/source/lib/access.c:check_access(258) Allowed connection from pedro (64.241.153.14) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 0 of length 72 [2001/03/23 15:12:10, 2] samba-2.0.7/source/smbd/reply.c:reply_special(97) netbios connect: name1=*SMBSERVER name2=PEDRO [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/server.c:exit_server(435) Server exit (normal exit) [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:process_smb(618) Transaction 1 of length 174 [2001/03/23 15:12:10, 3] samba-2.0.7/source/smbd/process.c:switch_message(448 ) Forgive me if I am asking a question that has been asked before, but I was not able to search the archives. Thanks for your help. From R.J.Mckeating at lboro.ac.uk Mon Mar 26 15:40:55 2001 From: R.J.Mckeating at lboro.ac.uk (R.J.Mckeating@lboro.ac.uk) Date: Tue Dec 2 02:33:59 2003 Subject: credentials Message-ID: <985621255.3abf6307a5b3b@staff-webmail.lboro.ac.uk> I have just downloaded the latest version of samba, I installed it on redhat 7 and more or less exactly copied the smb.conf. When I try to connect from a w2k machine to the domain I get "The credentials supplied conflict with and existing set of credentials" I am very confused about what user id's I should create manually and which ones are created automaticaly when the win2k machine connects. Any help/advice would be appreciated. Ron Ron McKeating Computing Services Loughborough University 01509 222329 From greg at kwikfind.com Mon Mar 26 15:54:39 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:33:59 2003 Subject: WIN2K/SAMBA PDC References: Message-ID: <008b01c0b60d$1172a510$6f00a8c0@logeng.net> Elliot, Very good. I'd be interested to hear how Win2k-Samba is working for you. I'm currently setup with Samba as a PDC for a small-mid sized network of WIn2k machines. For the most part, things work pretty good. The only thing I can't seem to do yet is modify security stuff on the Samba PDC remotely using the Win NT 4.0 domain admin tools. Greg ----- Original Message ----- From: "Elliot Mackenzie" To: "SAMBA - NTDOM" Sent: Sunday, March 25, 2001 2:53 PM Subject: RE: WIN2K/SAMBA PDC > I finally identified the problem. I was keeping up to date with the CVS > distributions, but was consistently getting the same error. The error > seemed characteristic of the error that some users reported when using an > old CVS snapshot with Win2k service pack 1 machines - and indeed this was > the case. Somehow my CVS snapshot got corrupted and some files were not > being updated (I presume at least those related to Win2k logons). I got a > very new CVS snapshot (from scratch) and the problem disappeared - without > any changes to my smb.conf at all. > > However as per the recommendation below I chucked half of my smb.conf out > anyway :) > > Thanks Greg. > > M. > > ======================END MSG > > I can't stress enough the need to thin down your smb.conf file. You have > alot of the "bells and whistles" type parameters specified in you > configuration file. Unless you are a samba guru, you are going to have a > very difficult time troubleshooting. Get things going with just the > essential items and then start adding the more complex parameters. When I > first started with Samba, I had about four lines in my smb.conf file and > only one share. I highly recommend the Using Samba book that comes with the > your Samba source tree. You can find it in the docs directory (I read the > entire thing). It does a very good job at walking you through a simple, > barebones, setup and then on to more complex configurations. > > > Good luck. > > Greg J. Zartman. > > > > ----- Original Message ----- > From: "Elliot Mackenzie" > To: "SAMBA - NTDOM" > Sent: Monday, March 12, 2001 3:38 AM > Subject: WIN2K/SAMBA PDC > > > > At this point I pray I have landed the right newsgroup. > > > > I (ultimately) want to run Samba as the PDC for my domain ADIXEIN. > > > > Samba system: > > - PII-300 > > - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled) > > - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001). > > > > Connecting system: > > - PIII-1G > > - Windows 2000 Professional SP1 > > > > Domain information: > > - Domain: ADIXEIN > > - Server name: SERVER > > - Machine name: MACKA > > > > smb.conf as follows (located in /usr/local/samba/lib/) > > [root@gw lib]# tail -n 100 smb.conf > > # Global parameters > > [global] > > workgroup = ADIXEIN > > netbios name = SERVER > > server string = File server > > interfaces = 192.168.1.1/255.255.255.0 > > add user script = /usr/sbin/adduser -n -g machines -c Machine -d > > /dev/null -s /bin/false %m$ > > security = User > > domain logons = Yes > > domain master = Yes > > domain admin group = @adm > > domain admin users = root > > preferred master = Yes > > local master = Yes > > os level = 65 > > wins support = Yes > > encrypt passwords = Yes > > passwd program = /usr/bin/passwd > > passwd chat debug = Yes > > unix password sync = Yes > > restrict anonymous = Yes > > log file = /var/log/samba/log.%m > > max log size = 50 > > time server = Yes > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > strip dot = Yes > > dns proxy = No > > hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0 > > hosts deny = 0.0.0.0/0.0.0.0 > > > > > > ########################END SMB.CONF > > > > Plus all the file shares (no Windows profiles etc are listed/used). > > root is a member of @adm. > > > > I can connect to the domain when I change the settings on MACKA such that > it > > joins a domain. As per the FAQ I connect as root with the root passwd. > It > > says "Welcome to ADIXEIN domain." or something to that effect. > > > > I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as > > root, as administrator and as macka. All attempts fail with the same > error: > > > > "The system cannot log you on to this domain because the system's computer > > account in its primary domain is missing or the password on that account > is > > incorrect." > > > > The adduser appears to work, I have macka$ listed in my smbpasswd (root is > > also listed in smbpasswd). The following is an extract of the logs (log > > level 20). > > ============================= LOG.MACKA > > [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655) > > macka (192.168.1.4) closed connection to service IPC$ > > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > > Yielding connection to IPC$ > > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > > unbecome_user now uid=(0,0) gid=(0,0) > > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292) > > size=35 > > smb_com=0x71 > > smb_rcls=0 > > smb_reh=0 > > smb_err=0 > > smb_flg=136 > > smb_flg2=1 > > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298) > > smb_tid=1 > > smb_pid=65279 > > smb_uid=100 > > smb_mid=832 > > smt_wct=0 > > [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308) > > smb_bcc=0 > > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560) > > write_socket(12,39) > > [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563) > > write_socket(12,39) wrote 39 > > [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473) > > read_socket_data: recv of 4 returned 0. Error = Success > > [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654) > > receive_smb: length < 0! > > [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055) > > end of file from client > > [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310) > > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > > [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210) > > unbecome_user now uid=(0,0) gid=(0,0) > > [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440) > > Closing connections > > [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54) > > Yielding connection to > > [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473) > > Server exit (normal exit) > > ==================================================== > > =====================================LOG.NMBD > > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > > dump_workgroups() > > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > > ADIXEIN(1) current master browser = SERVER > > SERVER 400c9b2b (File server) > > MACKA 40011003 () > > [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > > dump_workgroups() > > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > > ADIXEIN(1) current master browser = UNKNOWN > > SERVER 40099b2b (File server) > > [2001/03/12 21:30:13, 4] > > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > > UNICAST_SUBNE > > T: found. > > [2001/03/12 21:30:13, 4] > > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > > UNICAST_SUBNE > > T: found. > > [2001/03/12 21:30:23, 4] > > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > > 192.168.1.1: > > found. > > [2001/03/12 21:30:23, 10] > > nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas > > ter_browser(406) > > announce_myself_to_domain_master_browser: t (984396613) - > last(984396029) > > < 90 > > 0 > > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > > dump_workgroups() > > dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0: > > ADIXEIN(1) current master browser = SERVER > > SERVER 400c9b2b (File server) > > MACKA 40011003 () > > [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292) > > dump_workgroups() > > dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1: > > ADIXEIN(1) current master browser = UNKNOWN > > SERVER 40099b2b (File server) > > [2001/03/12 21:30:23, 4] > > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > > UNICAST_SUBNE > > T: found. > > [2001/03/12 21:30:23, 4] > > nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164) > > find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet > > UNICAST_SUBNE > > T: found. > > ===============================================LOG.SMBD > > file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf > last > > mod_ > > time: Mon Mar 12 20:15:16 2001 > > > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-32 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-32-546 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-1 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-1-0 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-3 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-3-0 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-0-0 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-11 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-2 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-7 ok > > [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352) > > string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628 > > ok > > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198) > > open_oplock_ipc: opening loopback UDP socket. > > [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870) > > bind succeeded on port 0 > > [2001/03/12 20:46:20, 3] > smbd/oplock_linux.c:linux_init_kernel_oplocks(293) > > Linux kernel oplocks enabled > > [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229) > > open_oplock ipc: pid = 5042, global_oplock_port = 1614 > > [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110) > > Serverzone is -36000 > > [2001/03/12 20:46:20, 10] > > lib/util_sock.c:read_smb_length_return_keepalive(602) > > got smb length of 68 > > [2001/03/12 20:46:20, 2] lib/access.c:check_access(258) > > Allowed connection from macka.adixein.lnet (192.168.1.4) > > [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830) > > got message type 0x81 of len 0x44 > > [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831) > > Transaction 0 of length 72 > > [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94) > > netbios connect: name1=SERVER name2=MACKA > > ======================================================= > > Apologies for the really huge email guys. I suppose it saves me sending > > another one as soon as someone asks for the logs :) > > > > Any assistance will be much appreciated. > > > > Elliot. > > > > > > > > > > > > > From linux at fenix.uam.mx Sun Mar 25 21:44:51 2001 From: linux at fenix.uam.mx (Lista linux) Date: Tue Dec 2 02:33:59 2003 Subject: Accessing Samba 2.2.alpha1 with Windows 2000 German In-Reply-To: Message-ID: try: add root to smbpasswd, and log as root. romy From barth at cck.uni-kl.de Mon Mar 26 17:45:05 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:33:59 2003 Subject: credentials Message-ID: <200103261745.TAA32422@fbk.mv.uni-kl.de> > "The credentials supplied conflict with and existing set of credentials" This seams to be a common but solved problem: The pc added to the domain must NOT have any shares conected during the joining to the domain. Christian From kathee at mindiq.com Mon Mar 26 21:07:06 2001 From: kathee at mindiq.com (kat) Date: Tue Dec 2 02:33:59 2003 Subject: tools for user logon tracking? Message-ID: <5.0.2.1.2.20010326160532.00c37048@mail.mindiq.com> Hi, Anyone know of a simple tool to take the smbd/nmbd logs and create some sort of connection/usage chart/info? I want to be able to see when my users are logging on and logging out... I know the info of course is in the logs, and could be gotten with grep/sed, but was wondering if someone has already done something like this. thanks Kat From martin at zamenhof.demon.co.uk Mon Mar 26 20:35:38 2001 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:33:59 2003 Subject: I think 2.0.7 is enough but I'm not sure In-Reply-To: <20010323174212.A28004@saratoga.lib.ny.us> from "Josh Kuperman" at Mar 23, 2001 05:42:12 PM Message-ID: <200103262035.VAA15572@zamenhof.demon.co.uk> > > Is there a HOW-To on doing automatic network based installs of NT 40 > Workstation and software with SAMBA. My alternative is using Ghost, > ImageCast, or DriveImage which is a nuisance with NT. I've been > looking at _WINDOWS NT Automated Deployment and Customization_ by > Richard Puckett and it would be nice if I could manage all the NT > machines so they had identical software etc. I think the techniques > would work - but I'd like to find out if someone else, who took notes, > has already succeeded. I don't think it matters in practice what OS hosts the files for unattended installations of NT as long as they're accessible over the network. Take a look at http://www.bris.ac.uk/is/services/computers/operatingsystems/winnt/deploy.htm for (some rather terse) information on how we've done this where I work. This is off-topic for this list, so replies to me off the list, please. Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From akopps at CSUA.Berkeley.EDU Mon Mar 26 21:48:05 2001 From: akopps at CSUA.Berkeley.EDU (Akop Pogosian) Date: Tue Dec 2 02:33:59 2003 Subject: tools for user logon tracking? In-Reply-To: <5.0.2.1.2.20010326160532.00c37048@mail.mindiq.com> Message-ID: On Mon, 26 Mar 2001, kat wrote: > Hi, > > Anyone know of a simple tool to take the smbd/nmbd logs and create some > sort of connection/usage chart/info? I want to be able to see when my > users are logging on and logging out... I know the info of course is in the > logs, and could be gotten with grep/sed, but was wondering if someone has > already done something like this. > > thanks > Kat Compile samba with --with-utmp option. Then utmp and wtmp will be updated when users connect and you will be able to use the regular unix "who" and "last" commands to inspect who is using the system right now. Seems to work well with Samba 2.0.7 -akop From MarkRoedel at letu.edu Mon Mar 26 21:53:21 2001 From: MarkRoedel at letu.edu (Mark Roedel) Date: Tue Dec 2 02:33:59 2003 Subject: apache mod_auth_ntdom/samba 2.0.7/domain groups? Message-ID: Has anybody been successful with getting the Apache module mod_auth_ntdom (available from http://www.asaban.com/index_pl.html) to validate group memberships against a domain controller? It claims to be able to do this in conjunction with Samba 2.0.7, but I haven't gotten it to work yet. --- Mark Roedel | "A wise man once told me that everything in Systems Programmer | life is either a lesson or a joke. Our task LeTourneau University | is to figure out which is which..." Longview, Texas, USA | -- Chris Savage From berland at stud.math.ntnu.no Tue Mar 27 09:09:53 2001 From: berland at stud.math.ntnu.no (=?ISO-8859-1?Q?H=E5vard_Berland?=) Date: Tue Dec 2 02:33:59 2003 Subject: computer account it its primary domain is missing Message-ID: Hello, I still haven't found a solution to our problem with W2k and samba-cvs. I have succesfully joined the domain, but no users can log on to the domain, immediately after pressing Ok in the logon dialog, I get the message: "The system cannot log you on to this domain because the systems computer account in its primary domain is missing or the password on that account is incorrect." And the user I try to log on with does indeed exist in smbpasswd. From log level 6 I have found these error messages: [2001/03/27 10:55:24, 5] lib/username.c:Get_Pwnam(193) Trying _Get_Pwnam(), username as lowercase is nobody [2001/03/27 10:55:24, 5] lib/username.c:Get_Pwnam(221) Get_Pwnam did find a valid username! What's the deal with this 'nobody' user? I tried to login as 'berland' although the connection may be fine anyway: [2001/03/27 10:55:24, 3] smbd/service.c:make_connection(606) gravemaskin (129.241.211.208) connect to service IPC$ as user nobody (uid=65534, gid=65534) (pid 5336) Later in the log, the name 'berland' appears: [2001/03/27 10:55:24, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(441) getsmbfilepwent: returning passwd entry for user berland, uid 1775 [2001/03/27 10:55:24, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(441) getsmbfilepwent: returning passwd entry for user gravemaskin$, uid 828 A couple of hundred lines later: [2001/03/27 10:55:25, 5] libsmb/credentials.c:cred_assert(138) credentials check wrong Could any of these be a source to my problem? I can send the full log to anyone interested, but posting hundreds of K to this list is a bit overkill. My smb.conf is as follows: [global] security = user status = yes workgroup = MATH-MONA wins server = 129.241.18.16 encrypt passwords = yes domain logons =yes log level = 6 logon script = scripts\%U.bat domain admin group = @wheel ;add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/n ull -s /bin/false %m$ os level=65 [homes] guest ok = no read only = no create mask = 0700 directory mask = 0700 oplocks = false locking = no [netlogon] comment = Domain logon service path = /local/samba/netlogon writeable = no guest ok = no -- H?vard Berland www.stud.math.ntnu.no/~berland Systems Administrator and Student of Numerics at Department of Mathematical Sciences, Norwegian University of Science and Technology From kathee at mindiq.com Tue Mar 27 12:44:43 2001 From: kathee at mindiq.com (kat) Date: Tue Dec 2 02:33:59 2003 Subject: utmp usage Message-ID: <5.0.2.1.2.20010327074158.00c07878@mail.mindiq.com> Ok, as afollowup -- went from alpha 1 to alpha3 and built with utmp (as shown below) Also added utmp = yes and utmp directory = /var/run/ to my global section. Then, to make extra sure, after re-installing, I rebooted my system. (alpha 1 to 3 - just wanted to make sure) Anyway, nothing in utmp. Tried restarting and look at docs more. It does not say I need any other support for this to work, so I am stumped. Anyone test this on 2.2.0alpha3?? (Linux - modified RH7 with reiserFS on all drives) thanks Kathee checking whether to support utmp accounting... yes From R.J.Mckeating at lboro.ac.uk Tue Mar 27 13:25:00 2001 From: R.J.Mckeating at lboro.ac.uk (R.J.Mckeating@lboro.ac.uk) Date: Tue Dec 2 02:33:59 2003 Subject: credentials In-Reply-To: <200103261745.TAA32422@fbk.mv.uni-kl.de> References: <200103261745.TAA32422@fbk.mv.uni-kl.de> Message-ID: <985699500.3ac094ac7382b@staff-webmail.lboro.ac.uk> Quoting Christian Barth : > > "The credentials supplied conflict with and existing set of > credentials" > This seams to be a common but solved problem: > The pc added to the domain must NOT have any shares conected during the > joining to the domain. > > Christian > > OK thanks for that, almost seems to be working now but when I try to log in I get "The procedure number is out of range". I don't want to bore you all with a log file so if you do want to see the log file produced by one instance of trying to log in then go to http://sprocket.lut.ac.uk/log.pc00-rjm I do notice that in that file are the lines startsmbfilepwent_internal: unable to open file /usr/local/samba/private/smbpasswd. Error was Permission denied Cannot open file /usr/local/samba/private/smbpasswd. Error was Permission denied The file smbpasswd is indeed there, not sure why it cannot open it. Feels like I am so close now, any help appreciated. Cheers all Ron Ron McKeating Computing Services Loughborough University 01509 222329 From mthomas at rhrk.uni-kl.de Tue Mar 27 14:08:55 2001 From: mthomas at rhrk.uni-kl.de (Martin Thomas) Date: Tue Dec 2 02:33:59 2003 Subject: credentials References: <200103261745.TAA32422@fbk.mv.uni-kl.de> <985699500.3ac094ac7382b@staff-webmail.lboro.ac.uk> Message-ID: <000d01c0b6c7$75771720$16b9f683@fuchur> Hi, Some hints: - do you have a samba-user 'root' in your smbpasswd database? - did you join the machine to the domain as user root?? I think in the current version still only root can join a Windowsbox to the domain. - is the smbpasswd in /usr/local/samba/private owned by root and writeable (mode 600,-rw------) ? - does the add user script work? Try useradd --help or adduser --help and find out the right parameters. (my line is: add user script = /usr/sbin/useradd -g machines -c Windowsbox -d /dev/null -s /bin/false %m$, I have a unix group 'machines') Greetings, Martin ----- Original Message ----- From: To: "Christian Barth" Cc: ; Sent: Tuesday, March 27, 2001 3:25 PM Subject: Re: credentials > Quoting Christian Barth : > > > > "The credentials supplied conflict with and existing set of > > credentials" > > This seams to be a common but solved problem: > > The pc added to the domain must NOT have any shares conected during the > > joining to the domain. > > > > Christian > > > > > > > OK thanks for that, almost seems to be working now but when I try to log in I > get > > "The procedure number is out of range". > > I don't want to bore you all with a log file so if you do want to see the log > file produced by one instance of trying to log in then go to > > http://sprocket.lut.ac.uk/log.pc00-rjm > > > I do notice that in that file are the lines > > startsmbfilepwent_internal: unable to open file > /usr/local/samba/private/smbpasswd. Error was Permission denied > Cannot open file /usr/local/samba/private/smbpasswd. Error was Permission > denied > > > The file smbpasswd is indeed there, not sure why it cannot open it. > > Feels like I am so close now, any help appreciated. > > Cheers all > > > Ron > > > Ron McKeating > Computing Services > Loughborough University > 01509 222329 > > From vorlon at netexpress.net Tue Mar 27 05:15:18 2001 From: vorlon at netexpress.net (Steve Langasek) Date: Tue Dec 2 02:33:59 2003 Subject: pam_smbpass 0.7.5 released Message-ID: I'm happy to announce version 0.7.5 of pam_smbpass is now available for download. The source can be found at . This is primarily a housekeeping release; no major runtime features have been added, and no fatal bugs have been squashed. If you already have pam_smbpass installed and running, there are no compelling reasons for upgrading. This version should be significantly easier to get working. Highlights include: * Enhanced build system that automates module configuration and compilation (see the INSTALL file for details) * Integrated support for Solaris (many thanks to Joshua Rigler for his help); should now compile on Solaris with gcc * Compatibility with Samba 2.2.0-alpha3, including support for new TDB password databases * Sample PAM config files which demonstrate the use of pam_smbpass in a variety of common configurations pam_smbpass is a stackable PAM module for Linux and Solaris that allows a system administrator to migrate to using encrypted passwords for Samba and to keep smb passwords in sync with unix passwords. Unlike other solutions, it does this without requiring users to change their existing passwords or login to Samba using cleartext passwords. Questions, concerns, comments, and bug reports are always welcome at . Regards, Steve Langasek postmodern programmer From mafoe at munich.sgi.com Tue Mar 27 14:16:23 2001 From: mafoe at munich.sgi.com (Martin Foerster) Date: Tue Dec 2 02:33:59 2003 Subject: codepage & character set Message-ID: <000201c0b6c8$80a930a0$0100000a@munich.sgi.com> Hi, I migrated files from an existing NT fileserver to a new samba server. Unfortunately I did not make my homework properly and forget to set "codepage" and "character set" in the global section. Bit this was necessary for the f#*?$? German 'Umlaute' like ? ,? ,?. Now my dilemma is the following: -Files that I moved are shown in Unix correctly with ?,? etc. -In NT explorer there is an ASCII symbol instead. Example: In Unix >Vertr?ge ; in NT >Vert?ge. -Newly created files are shown correctly in NT but with ASCII codes in Unix. If I would add the codepage = 850 and character set = ISO8859-1 in smb.conf, I would see the older files correctly in Unix & NT, with Umlaut ?,? or ?, but all files that are in NT already renamed or newly created and contain an 'Umlaut' disappear in Explorer. Does Anybody have an Idea how I get out of this? I can't redo the whole job, we are talking about 100GB. Thank you Martin From Errol.Fouquet at mms.gov Tue Mar 27 14:43:11 2001 From: Errol.Fouquet at mms.gov (Fouquet, Errol) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 print driver setup Message-ID: <379313C94B76D2119AB60008C7A402E401E1FC6B@imsnolaa.nola.omm.mms.gov> Jeremy, Will there be any methodology available in 2.2 for installing print drivers without browsing to the PRINT$ share from a W2K/NT box? I've got about 180 printers (at least 30 different models) shared and I'm encountering some difficulties in installing drivers. I'm using 2.2a2 in an environment with both W2K and W98 clients. One very annoying inconsistency with W2K is making my life miserable. We've got some newer HP models which are not bundled with W2K. I downloaded the drivers from HP for both W2K and 95/98 platforms. I browse to my PRINT$ share from a W2K server. I'm able to install the W2K driver just fine, but when I go the "sharing" tab and try to install "Additional Drivers" for 95/98; W2K just errors out complaining the driver is not available. It does not give you the ability to browse for the driver! It just bombs out. It works fine for HP models which are native to W2K. All of my older HP printers are ready to use for both client platforms. Does 2.2 store driver info in the "/var/locks/ntdriver.tdb" file? Is there any way to edit this file? Is there any way to get the proper drivers installed from the command line on the Samba box? I'm excited about the flexibility of the way 2.2 supports multiple platforms for printing ... but already I'm missing the automated setup of 2.0. Errol Fouquet - UNIX SysAdmin Minerals Management Service, DOI 1201 Elmwood Park Blvd. New Orleans, LA 70123 Phone: (504) 736-3255 Fax: (504) 736-2464 email: errol.fouquet@mms.gov http://www.gomr.mms.gov From gcarter at valinux.com Tue Mar 27 15:07:44 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:33:59 2003 Subject: Samba 2.2 print driver setup In-Reply-To: <379313C94B76D2119AB60008C7A402E401E1FC6B@imsnolaa.nola.omm.mms.gov> Message-ID: On Tue, 27 Mar 2001, Fouquet, Errol wrote: > Will there be any methodology available in 2.2 for installing print > drivers without browsing to the PRINT$ share from a W2K/NT box? I've > got about 180 printers (at least 30 different models) shared and I'm > encountering some difficulties in installing drivers. You can automate print driver installs using smbclient and rpcclient. See http://imprints.sourceforge.net for examples. The installation client here is simply a perl script wrapper for [smb|rpc]client. I'm also planning on working on a setdriver command for rpcclient to set the printer driver for an existing printer (using a previously installed driver). However, as of yet I have not designed an automated way of migrating printers.def into the new setup for 2.2. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From mthomas at rhrk.uni-kl.de Tue Mar 27 13:52:03 2001 From: mthomas at rhrk.uni-kl.de (Martin Thomas) Date: Tue Dec 2 02:33:59 2003 Subject: computer account it its primary domain is missing References: Message-ID: <000701c0b6c5$1a5ed910$16b9f683@fuchur> Hi, try to add a unix user 'nobody' to your system (in passwd). On my debian box its user nobody, userid 65534, groupid 65534, home dir /tmp, login shell /bin/false. You might want to add the line 'guest account = nobody' in the global section of your smb.conf (but seems to be the default) I think the guest account is needed for the initial browsing of the pdc (hidden share IPC$). Just a little comment on your smb.conf: you have deactivated the add user script line. Try: add user script = /usr/sbin/useradd -g machines -c CompAccount -d /dev/null -s /bin/false %m$ This should work on Debian and SuSE linux. So you don't have to add the machine-accounts by hand to join a Windows-Box to the domain. (Can someone add this to the pdc-faq? addusers takes different parameters at least on the linux systems I use here) Greetings, Martin ----- Original Message ----- From: "H?vard Berland" To: Sent: Tuesday, March 27, 2001 11:09 AM Subject: computer account it its primary domain is missing Hello, I still haven't found a solution to our problem with W2k and samba-cvs. I have succesfully joined the domain, but no users can log on to the domain, immediately after pressing Ok in the logon dialog, I get the message: "The system cannot log you on to this domain because the systems computer account in its primary domain is missing or the password on that account is incorrect." And the user I try to log on with does indeed exist in smbpasswd. From basher at schultz-design.com Tue Mar 27 16:22:33 2001 From: basher at schultz-design.com (Bill Asher) Date: Tue Dec 2 02:34:00 2003 Subject: Samba/NT smb.conf example Message-ID: <54C0998F640AD411B75C009027765EF716D656@NTSERVER> I am looking for an example smb.conf config file that will show the correct setup for authenticating NT/W98 clients thru a NT server for the Samba shares. I'm not sure on other [Global] settings that need to be made, as well as each share settings. My config is not doing the job, I have successfully added my Samba server to the NT domain with the command: smbpasswd -j DOM -r NTSERVER Any help would be greatly appreciated. Thanks, Bill B . A s h e r Schultz Design, LLC. (636) 936-2900 IT Manager -------------- next part -------------- HTML attachment scrubbed and removed From Jonathan.W.Miner at lmco.com Tue Mar 27 16:39:23 2001 From: Jonathan.W.Miner at lmco.com (Jonathan W Miner) Date: Tue Dec 2 02:34:00 2003 Subject: Samba/NT smb.conf example References: <54C0998F640AD411B75C009027765EF716D656@NTSERVER> Message-ID: <3AC0C23B.9BE44A0E@lmco.com> > Bill Asher wrote: > > I am looking for an example smb.conf config file that will show the > correct setup for authenticating NT/W98 clients thru a NT server for > the Samba shares. I'm not sure on other [Global] settings that need > to be made, as well as each share settings. Bill - Here is my configuration (samba-2.0.7): [global] workgroup = {Domain Name} security = SERVER password server = {Name of PDC} os level = 0 wins server = {IP address of WINS server} # Access to UNIX home directories [homes] read only = No browseable = No # Public Scratch area [public] path = /{pathname}/public read only = No guest ok = Yes # Restricted Project Work Area [{project name}] path = /{pathname} valid users = @{UNIX group name} force group = {UNIX group name} -- | Jonathan Miner _o) | LM-Xpress: jonathan.w.miner@lmco.com /\\ _o) _o) | Phone: 603 885 UNIX - Fax: 603 885 3850 _\_V _(\) _(\) | USmail: PO Box 868, NCA01-3719, Nashua, NH 03061-0868 From christophe_mailhe at yahoo.co.uk Tue Mar 27 17:07:47 2001 From: christophe_mailhe at yahoo.co.uk (=?iso-8859-1?q?Christophe=20MAILHE?=) Date: Tue Dec 2 02:34:00 2003 Subject: Impossible to obtain the NETBIOS name of a Win95 box using samba 2.0.5.0 Message-ID: <20010327170748.19812.qmail@web5201.mail.yahoo.com> Dear all, I loose hope to be able to obtain the NETBIOS name of a Win95 box using the following command : nmblookup -A ipaddress Some of my user are using laptops and are connecting the network by a remote lan access. The IP address is attributed by the RLA supplier. I included in the login process (telnet) of our Administrative AIX server a NETBIOS name check of the calling machine. If the NETBIOS name if not in the list of allowed boxes the server does not grant the access. If a Winnt box try to login, I don't have any issue. But for Win95 !!!! The version of Samba we use is 2.0.5.0. Below a part of the smb.conf. Thank for your reply, Christophe. -------------------smb.conf---------------------- workgroup = OR-UK-LON netbios name = SRV10000C local master = No wins proxy = Yes wins server = www.xxx.yyy.zzz ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie From pwinkeler at iname.com Tue Mar 27 17:40:24 2001 From: pwinkeler at iname.com (Paul Winkeler) Date: Tue Dec 2 02:34:00 2003 Subject: Win9x vs WinME Message-ID: <000601c0b6e5$00a2a900$0f0010ac@freewinkeler.com> Running alpha3 from CVS, my Linux RedHat 6.2 box happily becomes a PDC and both my WIndows 98SE and WIndows ME machines can see its shares just fine. That is where the similarity ends however :-( Windows 98SE: - Stores and pulls down the User profile from the server just fine - Has user level acces configured but, when I try to make its printer sharable I get the message: "Cannot retrieve user list; please try again later" Windows ME: - Seems to ignore the User profile - Is perfectly happy to grant user level access to its drive shares Any suggestions? If it is helpful to have some logging data, I have several MBs lying around :-) Paul Winkeler From bboudevi at canal-plus.fr Tue Mar 27 17:58:10 2001 From: bboudevi at canal-plus.fr (bboudevi@canal-plus.fr) Date: Tue Dec 2 02:34:00 2003 Subject: Win9x vs WinME References: <000601c0b6e5$00a2a900$0f0010ac@freewinkeler.com> Message-ID: <3AC0D4B2.FDD7FEFB@canal-plus.fr> It looks like your both OSes are configured differently. Both problems come from the same source : How user access is managed in your clients. In the network panel, go to the third tab (err can't remember the exact name, should be something like "Access level" or something) In your Win98SE you have checked "Users & groups listed from the following domain" (follows: domain name) and in WinMe you didn't (security at share level) If you set this properties to the same way in both Win98 & WinMe, you'll reproduce exactly the same error on both OSes. The heck is that your primary domain controller doesn't allow anonymous access to the SAM database, and Win9x clients need this to list domain users & groups. About your profile management, I think the problem is issued from this (mis-)configuration. So, ideal is to downgrade security (allowing anonymous access to your SAM database is unafe, but you have Win9x clients, yikes) and reconfigure your WinMe clients. Have fun, Ben. pwinkeler@iname.com a ?crit : > > Running alpha3 from CVS, my Linux RedHat 6.2 box happily becomes a PDC and > both my WIndows 98SE and WIndows ME machines can see its shares just fine. > That is where the similarity ends however :-( > > Windows 98SE: > - Stores and pulls down the User profile from the server just fine > - Has user level acces configured but, when I try to make its printer > sharable I get the message: "Cannot retrieve user list; please try again > later" > > Windows ME: > - Seems to ignore the User profile > - Is perfectly happy to grant user level access to its drive shares > > Any suggestions? If it is helpful to have some logging data, I have several > MBs lying around :-) > > Paul Winkeler -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =- Benoit Boudeville | CANAL+ Technologies -= -= Computer System Engineer | 34, place Raoul Dautry =- =- mailto:bb@canal-plus.fr | 75516 Paris Cedex 15 -= -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From Errol.Fouquet at mms.gov Tue Mar 27 20:14:03 2001 From: Errol.Fouquet at mms.gov (Fouquet, Errol) Date: Tue Dec 2 02:34:01 2003 Subject: IMPRINTS: mkprintpkg.pl unable to expand microsoft cab file Message-ID: <379313C94B76D2119AB60008C7A402E401E1FC6D@imsnolaa.nola.omm.mms.gov> Jerry, Perhaps you could help me with a problem building a Samba print package. I've downloaded the drivers files I need from HP. I run the appropriate mkprintpkg.pl command, but it dies with the following output: [root@tux designjet]# /usr/local/imprints/bin/mkprintpkg.pl --name="hp1050c" --version=1.00 --display-name="HP DesignJet 1050c" -d "HP DesignJet 1050C by HP" pl132en.exe Package: hp1050c-1.00.tar.gz Display Name: HP DesignJet 1050c Using archive pl132en.exe for files. Using file OEMSETUP.INF for INF information. Architecture: Windows NT X86 (detected from INF) Manufacturer: HP (detected from INF) Model: HP DesignJet 1050C by HP magic1 = 4643534d /tmp/file4TJ9Cj/hpltcol1.ex_: not a MS-compressed file ERROR: Unable to expand `/tmp/file4TJ9Cj/hpltcol1.ex_' to package. The "magic1 = 4643534d" was some debugging output I added. If I expand pl132.exe to a directory and do a "file hpltcol1.ex_" it appears to be a "Microsoft CAB file". Errol Fouquet - UNIX SysAdmin Minerals Management Service, DOI 1201 Elmwood Park Blvd. New Orleans, LA 70123 Phone: (504) 736-3255 Fax: (504) 736-2464 email: errol.fouquet@mms.gov http://www.gomr.mms.gov -----Original Message----- From: Gerald Carter [mailto:gcarter@valinux.com] Sent: Tuesday, March 27, 2001 9:08 AM To: Fouquet, Errol Cc: 'Jeremy Allison'; 'samba-ntdom'; 'samba' Subject: Re: Samba 2.2 print driver setup On Tue, 27 Mar 2001, Fouquet, Errol wrote: > Will there be any methodology available in 2.2 for installing print > drivers without browsing to the PRINT$ share from a W2K/NT box? I've > got about 180 printers (at least 30 different models) shared and I'm > encountering some difficulties in installing drivers. You can automate print driver installs using smbclient and rpcclient. See http://imprints.sourceforge.net for examples. The installation client here is simply a perl script wrapper for [smb|rpc]client. I'm also planning on working on a setdriver command for rpcclient to set the printer driver for an existing printer (using a previously installed driver). However, as of yet I have not designed an automated way of migrating printers.def into the new setup for 2.2. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From dougm at cambridge.com Tue Mar 27 23:25:00 2001 From: dougm at cambridge.com (Doug Marcey) Date: Tue Dec 2 02:34:01 2003 Subject: A question about Auth Backends Message-ID: I have a question or two (six?) here. First let me describe my situation. I work at a company that has been developing software for Irix for quite some time. As a result our entire company infrastructure is built around Unix machines. Right now we have linux for almost all of our network serving needs. Our web, mail, firewall, file, cvs and everything are served off of either linux, or openbsd. The only exception is a novell 3.20 server that the administrative side of the company uses (and has been using for 6 or 7 years now). Recently (last two years) we have been developing a cross platform version of our software that uses a java gui and c++ backend to provide the same look and feel across irix, solaris, linux, hp/ux, windows 9x/ME/NT/2000, and vxworks. Windows has become a very popular platform for the software and as such we have been purchasing more and more windows nt/2000 systems for developers. Currently I have a single NT 4.0 server on the network operating as a PDC. It handles logons and auth requests from the windows nt/2000 systems and authenticates the samba shares for the unix systems, that is all it does. It does not provide any file serving (users profiles and home directories are served off of Linux w/ samba 2.0.7), or anything else. I am trying to convince The-Powers-That-Be (read: old novell admin) that we could ditch the NT server completely on the development side and just use a samba PDC. Since we have to have both NT 4.0 and 2000 pro a 2.2 version of samba would be necessary. Even though I see many advantages to this in manageability the major question I have to answer is: will this in some way allow us to get rid of our "dual account" setup? Right now, the users have an NT account and a separate Unix account with the same username but with different passwords (could be the same but they are not synced). I have seen a few suggestions for this but none of them are very satisfactory for me. I don't want to use pam_smb or winbind as my infrastructure is unix and I would hate to have to manage everything through the windows end of things. Besides, IRIX (still our main development platform) does not support PAM. I see LDAP as an ideal solution for this, but that would mean I would completely have to redo my password system and things would slow down since all the account information would be on the network instead of the local machine. I am also not so crazy about the single point of failure that an ldap server would introduce. The ideal solution for me would be to have samba just use pam directly itself and check against the local password file on whatever system it is on. I see that there seem to be PAM hooks in samba (at least there are config options) but I can't seem to find any info on them in any documentation. Is this all in track with what people on this list have experienced? Is there *any* way to do this besides using pam_smb or something like it? How have others solved this problem? And finally, is the LDAP support in 2.2 close to being ready for prime time? The nicest solution would allow people to change password both on unix and windows and have it propagate to the other side. However, f I need to set up some kind of a password change system, such as a password change web page, with a special script at the backend, then I can. Any answers to the above questions would be greatly appreciated, Thank you for your time, --Doug -- Doug Marcey Systems Administrator Cambridge Research Associates From pkunst at csksoftware.de Tue Mar 27 23:43:21 2001 From: pkunst at csksoftware.de (Peter Kunst) Date: Tue Dec 2 02:34:01 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] References: Message-ID: <3AC12599.2DF74019@csksoftware.de> Hi, i would like to append this question to NIS+ support. I still do not find useful hints about solutions when a NIS+ server is the main auth-server. In my situation there have to be hosts supported that even doesn?t have any knowledge about PAM or the like (e.g. SunOS 4.x or HP-UX 9.x) and authenticate against standard NIS. Anyone having solutions on this topic or working on it ? Cheers, Peter From damason at davenet.mine.nu Wed Mar 28 00:45:21 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:34:01 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] In-Reply-To: <3AC12599.2DF74019@csksoftware.de> Message-ID: As I understand it, it is possible to authenticate to anything that Linux uses for user authentication, such as LDAP or Kerberos or NIS+, provided encrypted passwords is turned off. Am I right? -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Peter Kunst Sent: Tuesday, March 27, 2001 15:43 To: samba-ntdom@us5.samba.org Subject: NIS+ solutions ? [was: A question about Auth Backends] Hi, i would like to append this question to NIS+ support. I still do not find useful hints about solutions when a NIS+ server is the main auth-server. In my situation there have to be hosts supported that even doesn?t have any knowledge about PAM or the like (e.g. SunOS 4.x or HP-UX 9.x) and authenticate against standard NIS. Anyone having solutions on this topic or working on it ? Cheers, Peter From pkunst at csksoftware.de Wed Mar 28 01:07:46 2001 From: pkunst at csksoftware.de (Peter Kunst) Date: Tue Dec 2 02:34:01 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] References: Message-ID: <3AC13962.AE30026B@csksoftware.de> "David A. Mason" wrote: > As I understand it, it is possible to authenticate to anything that Linux > uses for user authentication, such as LDAP or Kerberos or NIS+, provided > encrypted passwords is turned off. So, how do i authenticate Win-Shares AND unix users on a SunOS4 box against LDAP ? Anyways, our NIS+ server is running Solaris 2.5, which does not set the expiry field correctly, so it is not possible to setup Linux boxes against NIS+... sure, upgrading the old NIS+-server would be the first step here, but... At the current time, we use LDAP for Win domain logins, and NIS+/NIS-replica?s/NIS for unix logins. I still cannot see a migration plan for this setup. Any hints ? Cheers, Peter From dougm at cambridge.com Wed Mar 28 01:39:05 2001 From: dougm at cambridge.com (Doug Marcey) Date: Tue Dec 2 02:34:01 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] In-Reply-To: <3AC13962.AE30026B@csksoftware.de> Message-ID: How do you use LDAP for your win domain logons? Do you use samba? Or are you using Win 2000? I am just curious because I have found no good way to point WinNT 4.0 to an LDAP server for auth. --Doug > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Peter Kunst > Sent: Tuesday, March 27, 2001 8:08 PM > To: samba-ntdom@us5.samba.org > Subject: Re: NIS+ solutions ? [was: A question about Auth Backends] > > > "David A. Mason" wrote: > > > As I understand it, it is possible to authenticate to anything > that Linux > > uses for user authentication, such as LDAP or Kerberos or NIS+, provided > > encrypted passwords is turned off. > > So, how do i authenticate Win-Shares AND unix users on a SunOS4 box > against LDAP ? > Anyways, our NIS+ server is running Solaris 2.5, which does not set > the expiry field correctly, so it is not possible to setup Linux > boxes against NIS+... sure, upgrading the old NIS+-server would be the > first step here, but... > > At the current time, we use LDAP for Win domain logins, > and NIS+/NIS-replica?s/NIS for unix logins. I still cannot > see a migration plan for this setup. Any hints ? > > Cheers, Peter > > From eirvine at tpgi.com.au Wed Mar 28 04:54:48 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:34:01 2003 Subject: A question about Auth Backends References: Message-ID: <3AC16E98.2B37B0D1@tpgi.com.au> Hi Doug, Doug Marcey wrote: > > I have a question or two (six?) here. First let me describe my situation. > > I work at a company that has been developing software for Irix for quite > some time. As a result our entire company infrastructure is built around > Unix machines. Right now we have linux for almost all of our network serving > needs. Our web, mail, firewall, file, cvs and everything are served off of > either linux, or openbsd. The only exception is a novell 3.20 server that > the administrative side of the company uses (and has been using for 6 or 7 > years now). > > Recently (last two years) we have been developing a cross platform version > of our software that uses a java gui and c++ backend to provide the same > look and feel across irix, solaris, linux, hp/ux, windows 9x/ME/NT/2000, and > vxworks. Windows has become a very popular platform for the software and as > such we have been purchasing more and more windows nt/2000 systems for > developers. > > Currently I have a single NT 4.0 server on the network operating as a PDC. > It handles logons and auth requests from the windows nt/2000 systems and > authenticates the samba shares for the unix systems, that is all it does. It > does not provide any file serving (users profiles and home directories are > served off of Linux w/ samba 2.0.7), or anything else. I am trying to > convince The-Powers-That-Be (read: old novell admin) that we could ditch the > NT server completely on the development side and just use a samba PDC. Since > we have to have both NT 4.0 and 2000 pro a 2.2 version of samba would be > necessary. Even though I see many advantages to this in manageability the > major question I have to answer is: will this in some way allow us to get > rid of our "dual account" setup? Right now, the users have an NT account and > a separate Unix account with the same username but with different passwords > (could be the same but they are not synced). > > I have seen a few suggestions for this but none of them are very > satisfactory for me. I don't want to use pam_smb or winbind as my > infrastructure is unix and I would hate to have to manage everything through > the windows end of things. Besides, IRIX (still our main development > platform) does not support PAM. I see LDAP as an ideal solution for this, > but that would mean I would completely have to redo my password system and > things would slow down since all the account information would be on the > network instead of the local machine. I am also not so crazy about the > single point of failure that an ldap server would introduce. The ideal > solution for me would be to have samba just use pam directly itself and > check against the local password file on whatever system it is on. I see > that there seem to be PAM hooks in samba (at least there are config options) > but I can't seem to find any info on them in any documentation. > > Is this all in track with what people on this list have experienced? Is > there *any* way to do this besides using pam_smb or something like it? How > have others solved this problem? And finally, is the LDAP support in 2.2 > close to being ready for prime time? The nicest solution would allow people > to change password both on unix and windows and have it propagate to the > other side. However, f I need to set up some kind of a password change > system, such as a password change web page, with a special script at the > backend, then I can. > > Any answers to the above questions would be greatly appreciated, > > Thank you for your time, > Having a unix PDC is fine. However, remember that PDC capability for NT is still considered beta, and for w2k it is still very much alpha. However, do you actually need network logons? The problem of having a smbpasswd file AND a unix password file is much less of an issue in practice than you think it will be before you go do it. Eddie. From dougm at cambridge.com Wed Mar 28 05:20:39 2001 From: dougm at cambridge.com (Doug Marcey) Date: Tue Dec 2 02:34:01 2003 Subject: A question about Auth Backends In-Reply-To: <3AC16E98.2B37B0D1@tpgi.com.au> Message-ID: See comments throughout. > -----Original Message----- > From: eirvine [mailto:eirvine@tpgi.com.au] > Sent: Tuesday, March 27, 2001 11:55 PM > To: Doug Marcey > Cc: samba-ntdom@us5.samba.org > Subject: Re: A question about Auth Backends > > > Hi Doug, Hey, > > Doug Marcey wrote: > > > > I have a question or two (six?) here. First let me describe my > situation. > > > > I work at a company that has been developing software for Irix for quite > > some time. As a result our entire company infrastructure is built around > > Unix machines. Right now we have linux for almost all of our > network serving > > needs. Our web, mail, firewall, file, cvs and everything are > served off of > > either linux, or openbsd. The only exception is a novell 3.20 > server that > > the administrative side of the company uses (and has been using > for 6 or 7 > > years now). > > > > Recently (last two years) we have been developing a cross > platform version > > of our software that uses a java gui and c++ backend to provide the same > > look and feel across irix, solaris, linux, hp/ux, windows > 9x/ME/NT/2000, and > > vxworks. Windows has become a very popular platform for the > software and as > > such we have been purchasing more and more windows nt/2000 systems for > > developers. > > > > Currently I have a single NT 4.0 server on the network > operating as a PDC. > > It handles logons and auth requests from the windows nt/2000 systems and > > authenticates the samba shares for the unix systems, that is > all it does. It > > does not provide any file serving (users profiles and home > directories are > > served off of Linux w/ samba 2.0.7), or anything else. I am trying to > > convince The-Powers-That-Be (read: old novell admin) that we > could ditch the > > NT server completely on the development side and just use a > samba PDC. Since > > we have to have both NT 4.0 and 2000 pro a 2.2 version of samba would be > > necessary. Even though I see many advantages to this in > manageability the > > major question I have to answer is: will this in some way allow > us to get > > rid of our "dual account" setup? Right now, the users have an > NT account and > > a separate Unix account with the same username but with > different passwords > > (could be the same but they are not synced). > > > > I have seen a few suggestions for this but none of them are very > > satisfactory for me. I don't want to use pam_smb or winbind as my > > infrastructure is unix and I would hate to have to manage > everything through > > the windows end of things. Besides, IRIX (still our main development > > platform) does not support PAM. I see LDAP as an ideal solution > for this, > > but that would mean I would completely have to redo my password > system and > > things would slow down since all the account information would be on the > > network instead of the local machine. I am also not so crazy about the > > single point of failure that an ldap server would introduce. The ideal > > solution for me would be to have samba just use pam directly itself and > > check against the local password file on whatever system it is on. I see > > that there seem to be PAM hooks in samba (at least there are > config options) > > but I can't seem to find any info on them in any documentation. > > > > Is this all in track with what people on this list have experienced? Is > > there *any* way to do this besides using pam_smb or something > like it? How > > have others solved this problem? And finally, is the LDAP support in 2.2 > > close to being ready for prime time? The nicest solution would > allow people > > to change password both on unix and windows and have it propagate to the > > other side. However, f I need to set up some kind of a password change > > system, such as a password change web page, with a special script at the > > backend, then I can. > > > > Any answers to the above questions would be greatly appreciated, > > > > Thank you for your time, > > > > Having a unix PDC is fine. However, remember that PDC capability for NT is > still considered beta, and for w2k it is still very much alpha. I would very much like to get rid of the NT Server for this purpose (PDC). Is samba at all prime time ready for this purpose? Is anyone using it in a small-mid sized environment (30-40 NT/2000 Clients, 20-30 Win98 Clients, 40-50 Samba Clients)? How does it work? Our NT server is not a paragon of responsivness in this environment, but I don't want an unstable system preventing people from logging on. > However, do > you actually need network logons? Unfortunatly yes. Since not all of our systems are for just one user. Quite often a developer will need to log into someone else's machine to test a different graphics card, and we also have several lab NT/2000 workstations for people to run test programs and compiles on. I need the ability to have a user login to any machine on the domain and have the same profile, as well as logon scripts for mounting drives and policies to controll the caching of profiles and other such registry settings. If there is a way to accomplish all this without network logons, please let me know!!! > The problem of having a smbpasswd file AND a unix > password file is much less of an issue in practice than you think it will > be before you go do it. There is no issue keeping the unix side synced if they change it from samba. However the other direction with a person changing their password from unix, which happens more often than people changing from NT since most of the people here are primarily unix people. I suppose I can write a script that basically does the same thing samba does where is runs smbpasswd for the person and fills in the password, but this is a less than ideal solution. I will play with this and let people know what I can come up with. Is anyone else doing this? One other question I had was: if NT and Unix send the encrypted passwords differently then how can samba use and LDAP backend for storing that information? Doesn't LDAP use the standard crypt(3) to store passwords? How does samba use that to validate and NT logon? Just curious. --Doug From barth at cck.uni-kl.de Wed Mar 28 05:49:07 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:34:01 2003 Subject: A question about Auth Backends In-Reply-To: References: <3AC16E98.2B37B0D1@tpgi.com.au> Message-ID: <3AC19773.6771.22E528@localhost> > There is no issue keeping the unix side synced if they change it from samba. > However the other direction with a person changing their password from unix, > which happens more often than people changing from NT since most of the > people here are primarily unix people. I suppose I can write a script that > basically does the same thing samba does where is runs smbpasswd for the > person and fills in the password, but this is a less than ideal solution. I > will play with this and let people know what I can come up with. Is anyone > else doing this? Wy using a skript? On my Linux box I did it this way: unix passwd sync = yes Unix passwd renamed to passwd.unix setup an sutiable password chat link passwd to smbpasswd Only problem: The user can not do there first passwd change: This has to be done once as root to set the encrypted password. But after this all problems are away. If the samba PCD is the NIS server, you can use cron or an advanced passwd chat to update the NIS database. On the NIS clients, simply point yppasswd and passwd to a skript, telling to use passwd on the NIS server. (Or install samba on them and link yppasswd to smbpasswd: Should work, haven't done it my self.) If the samba Box is not the NIS server, my solution doesn't work. But why not installing Samba on the NIS server with only the things to do you mentioned for your NT PCD? Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From pothi_k at yahoo.com Wed Mar 28 07:07:22 2001 From: pothi_k at yahoo.com (POTHI) Date: Tue Dec 2 02:34:01 2003 Subject: Win 98 Vs Samba Server: HELP Message-ID: <20010328070722.14489.qmail@web4107.mail.yahoo.com> Hai Everybody, I am having redhat 7.0 server and two win98 clients. When I tried to share my directories through samba, sofar I never finished with happy moments. I have tried this for atleast 15 days. Please anyone help me to configure the samba, with step by step procedure. Thanks, Yours, Pothi K. __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/?.refer=text From simo.sorce at polimi.it Wed Mar 28 07:56:47 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:34:02 2003 Subject: A question about Auth Backends In-Reply-To: Message-ID: On Wed, 28 Mar 2001, Doug Marcey wrote: > See comments throughout. > > > -----Original Message----- > > From: eirvine [mailto:eirvine@tpgi.com.au] > > Sent: Tuesday, March 27, 2001 11:55 PM > > To: Doug Marcey > > Cc: samba-ntdom@us5.samba.org > > Subject: Re: A question about Auth Backends > > > > > > Hi Doug, > > Hey, > > > > > Doug Marcey wrote: > > > > > > I have a question or two (six?) here. First let me describe my > > situation. > > > > > > I work at a company that has been developing software for Irix for quite > > > some time. As a result our entire company infrastructure is built around > > > Unix machines. Right now we have linux for almost all of our > > network serving > > > needs. Our web, mail, firewall, file, cvs and everything are > > served off of > > > either linux, or openbsd. The only exception is a novell 3.20 > > server that > > > the administrative side of the company uses (and has been using > > for 6 or 7 > > > years now). > > > > > > Recently (last two years) we have been developing a cross > > platform version > > > of our software that uses a java gui and c++ backend to provide the same > > > look and feel across irix, solaris, linux, hp/ux, windows > > 9x/ME/NT/2000, and > > > vxworks. Windows has become a very popular platform for the > > software and as > > > such we have been purchasing more and more windows nt/2000 systems for > > > developers. > > > > > > Currently I have a single NT 4.0 server on the network > > operating as a PDC. > > > It handles logons and auth requests from the windows nt/2000 systems and > > > authenticates the samba shares for the unix systems, that is > > all it does. It > > > does not provide any file serving (users profiles and home > > directories are > > > served off of Linux w/ samba 2.0.7), or anything else. I am trying to > > > convince The-Powers-That-Be (read: old novell admin) that we > > could ditch the > > > NT server completely on the development side and just use a > > samba PDC. Since > > > we have to have both NT 4.0 and 2000 pro a 2.2 version of samba would be > > > necessary. Even though I see many advantages to this in > > manageability the > > > major question I have to answer is: will this in some way allow > > us to get > > > rid of our "dual account" setup? Right now, the users have an > > NT account and > > > a separate Unix account with the same username but with > > different passwords > > > (could be the same but they are not synced). > > > > > > I have seen a few suggestions for this but none of them are very > > > satisfactory for me. I don't want to use pam_smb or winbind as my > > > infrastructure is unix and I would hate to have to manage > > everything through > > > the windows end of things. Besides, IRIX (still our main development > > > platform) does not support PAM. I see LDAP as an ideal solution > > for this, > > > but that would mean I would completely have to redo my password > > system and > > > things would slow down since all the account information would be on the > > > network instead of the local machine. I am also not so crazy about the > > > single point of failure that an ldap server would introduce. The ideal > > > solution for me would be to have samba just use pam directly itself and > > > check against the local password file on whatever system it is on. I see > > > that there seem to be PAM hooks in samba (at least there are > > config options) > > > but I can't seem to find any info on them in any documentation. > > > > > > Is this all in track with what people on this list have experienced? Is > > > there *any* way to do this besides using pam_smb or something > > like it? How > > > have others solved this problem? And finally, is the LDAP support in 2.2 > > > close to being ready for prime time? The nicest solution would > > allow people > > > to change password both on unix and windows and have it propagate to the > > > other side. However, f I need to set up some kind of a password change > > > system, such as a password change web page, with a special script at the > > > backend, then I can. > > > > > > Any answers to the above questions would be greatly appreciated, > > > > > > Thank you for your time, > > > > > > > Having a unix PDC is fine. However, remember that PDC capability for NT is > > still considered beta, and for w2k it is still very much alpha. > > I would very much like to get rid of the NT Server for this purpose (PDC). > Is samba at all prime time ready for this purpose? Is anyone using it in a > small-mid sized environment (30-40 NT/2000 Clients, 20-30 Win98 Clients, > 40-50 Samba Clients)? How does it work? Our NT server is not a paragon of > responsivness in this environment, but I don't want an unstable system > preventing people from logging on. > Samba 2.2 is coming up well, but it is considered alpha software, maybe you may have a test for a relly small laboratory and switch the entire network when you consider it stable enough or wait theofficial release of the 2.2.0 version > > However, do > > you actually need network logons? > > Unfortunatly yes. Since not all of our systems are for just one user. Quite > often a developer will need to log into someone else's machine to test a > different graphics card, and we also have several lab NT/2000 workstations > for people to run test programs and compiles on. I need the ability to have > a user login to any machine on the domain and have the same profile, as well > as logon scripts for mounting drives and policies to controll the caching of > profiles and other such registry settings. If there is a way to accomplish > all this without network logons, please let me know!!! > > > The problem of having a smbpasswd file AND a unix > > password file is much less of an issue in practice than you think it will > > be before you go do it. > > There is no issue keeping the unix side synced if they change it from samba. > However the other direction with a person changing their password from unix, > which happens more often than people changing from NT since most of the > people here are primarily unix people. I suppose I can write a script that > basically does the same thing samba does where is runs smbpasswd for the > person and fills in the password, but this is a less than ideal solution. I > will play with this and let people know what I can come up with. Is anyone > else doing this? smbpasswd may be used to change both the system and samba password, just look for "unix password sync" "passwd program" and "passwd chat" options in smb.conf(5) Anyway, if you do not have security problems (sniffers around), you may also turn password encryption off on win clients and samba servers. This will let samba have the passwords in clear making it able to perform password changes also on unix systems (but this may not function with domain logons). > One other question I had was: if NT and Unix send the encrypted passwords > differently then how can samba use and LDAP backend for storing that > information? Doesn't LDAP use the standard crypt(3) to store passwords? How > does samba use that to validate and NT logon? Just curious. -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From petersv at psv.nu Wed Mar 28 08:20:10 2001 From: petersv at psv.nu (Peter Svensson) Date: Tue Dec 2 02:34:02 2003 Subject: A question about Auth Backends In-Reply-To: Message-ID: > On Wed, 28 Mar 2001, Doug Marcey wrote: > > Samba 2.2 is coming up well, but it is considered alpha software, maybe > you may have a test for a relly small laboratory and switch the entire > network when you consider it stable enough or wait theofficial release of > the 2.2.0 version We have been running samba-tng for quite a while. It seems to work as expected. We haven't compared samba against samba-tng as we have been using tns since it was the only game in town. You may want to try both and see which fits the best. Peter -- Peter Svensson ! Pgp key available by finger, fingerprint: ! 8A E9 20 98 C1 FF 43 E3 07 FD B9 0A 80 72 70 AF ! ------------------------------------------------------------------------ Remember, Luke, your source will be with you... always... From grobe at gmx.net Wed Mar 28 08:29:30 2001 From: grobe at gmx.net (Lars Grobe) Date: Tue Dec 2 02:34:02 2003 Subject: new samba from cvs success (27 march) Message-ID: <6555.985768170@www16.gmx.net> Hi! While I couldn't use the latest alpha3, I am successfully using samba from cvs as on 27 march 2001 now. The latest snapshots gave problems with wrong permissions on profiles in combination with our win2kpro-clients (german version). This was the same bug as in earlier alphas. The cvs compiled (--with-netatalk --with-quotas) fine. Samba is file server and domain controller here, the domain holding about 25 windows2kpro-clients. Besides, about 50 macs are using netatalk which uses the authentication of samba via pam_smb. The system has about 400 user accounts, 330 GB raid5 storage on a netfinity, SuSE-Linux 7.0. Everything on quite high load (files usually up to 200MB, we are working in graphics here ;-) CU, thanks to the samba-developpers, Lars O. Grobe. www.rechnerpool.com -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From R.J.Mckeating at lboro.ac.uk Wed Mar 28 10:08:37 2001 From: R.J.Mckeating at lboro.ac.uk (R.J.Mckeating@lboro.ac.uk) Date: Tue Dec 2 02:34:02 2003 Subject: Required Samba user id's Message-ID: <985774117.3ac1b8258b3bc@staff-webmail.lboro.ac.uk> This is driving me daft, I cannot get a w2k machine to connect to a rhu box running the latest samba as a pdc. I think I am going to cry or maybe just go down the pub. OK is it true you have to be root to "join the domain", what do "join the domain" actually mean. I have a machine entry in the /etc/passwd file of pc00-rjm$::31465:31465::/dev/null:/bin/false obviously there is a root password in /etc/passwd There is an entry for the machine in the smbpasswd file of pc00-rjm$:31465:2287DD5C8BA901D21486235A2333E4D2:EFEF3A0E219AA2CDB599C25FAF6E1C87:[DW ]:LCT-3AC1B671: If I do /usr/local/samba/bin/smbpasswd -a root I get ERROR: Badly formed boolean in configuration file: "ues". INFO: Debug class all level = 3 (pid 3270 from pid 3270) New SMB password: I put in the password for root and then in /private/smbpasswd I have the entry root:0:FA1961430A96F9BEAAD3B435B51404EE:53F0FAE7D53BBE6C90F843ECEB71DCA0:[U ]:LCT-3AC1B5D1: Now on my w2k machine I tell it to join the domain, I put in the user as root and the password for root and I get the error The account used is a computer account. Use your global or local user account to access this server. So does anybody know what I am doing wrong, can anybody clearly enumerate the steps for getting w2k machine to connect to a samba running as a pdc, what accounts have to be created with what command in what file. And also what accounts have to exist on the w2k machine. Realy could use some help here as I feel I am going round in cirles, maybe I am just dim. Cheers all Ron Ron McKeating Computing Services Loughborough University 01509 222329 From pkunst at csksoftware.de Wed Mar 28 10:29:51 2001 From: pkunst at csksoftware.de (Peter Kunst) Date: Tue Dec 2 02:34:02 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] References: Message-ID: <3AC1BD1F.2E960BD@csksoftware.de> Doug Marcey wrote: > How do you use LDAP for your win domain logons? Do you use samba? > Or are you using Win 2000? We share the internal network between two offices, the "other" side is mainly NT boxes using iPlanet-LDAP and an NT PDC. Don't know how this is integrated, but i may take a deeper look. "my" side of the internal net is real mixed: SunOS, HPUX, AIX, Linux, NT, W2K and auths against NIS+ (but not the NTs/W2Ks). What about integrating NIS+/samba tables into LDAP (both) ? Cheers, Peter From benedict at chemie.de Wed Mar 28 10:47:06 2001 From: benedict at chemie.de (Hans Benedict) Date: Tue Dec 2 02:34:02 2003 Subject: profiles updated on server but not on client Message-ID: Hi, I am using samba 2.2.0-alpha3 on linux. Samba is configured to serve roaming profiles to several NT 4.0 workstations. In principle this seems to work BUT the profiles are only updated on the server, not on the workstations. E.g.: 1) user logs on to workstation, creates file hello.txt on his desktop and logs off again => file is also present on server as well 2) user changes file on server (by editing it for example) 3) user logs on to workstation again => file on workstation is unchanged 4) user changes file on workstation and logs off => changes on server are overwritten by changes on workstation This behavior of course also kills any changes made on another workstation. To me this looks like a time sync problem, but client and server are both running ntp-clients and when I look at the modification times of the files on workstation and server while logged in, they are the same (or different in the right way). Any hints? Thanks in advance, Hans Benedict -- Hans Benedict Chemie.DE Information Service GmbH mailto:benedict@chemie.de Fon: +49-(0)30-204568-40 Seydelstr. 28, 10117 Berlin, Deutschland Fax: +49-(0)30-204568-70 http://www.chemie.de/ From ntl-linux at ntlworld.com Wed Mar 28 10:57:25 2001 From: ntl-linux at ntlworld.com (Jim Jarvie) Date: Tue Dec 2 02:34:02 2003 Subject: tools for user logon tracking? Message-ID: <20010328.10572510@jim.jarvie.org.uk> Kat, I use the "root preexec" & "root postexec" options to run a small script which copies the information I am interested in to a log file. The %M etc macros are expanded to form the command parameters and the scripts just use these to fill the log files. If you wanted to be really fancy, you could make a small program which places the information into a database (say PostgreSQL or MySQL to name but two). These options can even be used on a per share basis; I use the profiles share as my "logon" & "logoff" detection, but you can log each share this way, so if you have a sensitive share, you could log access to record when it is used [you would protect it with user, group or machine (or a combination of them all) permissions, of course !]. I do this to prove to my paranoid users their share is actually protected ! Regards Jim Hi, Anyone know of a simple tool to take the smbd/nmbd logs and create some sort of connection/usage chart/info? I want to be able to see when my users are logging on and logging out... I know the info of course is in the logs, and could be gotten with grep/sed, but was wondering if someone has already done something like this. thanks Kat From theodore at eexi.gr Wed Mar 28 10:47:59 2001 From: theodore at eexi.gr (Theodore J. Soldatos) Date: Tue Dec 2 02:34:02 2003 Subject: A question about Auth Backends References: Message-ID: <3AC1C15F.5080706@eexi.gr> Doug Marcey wrote: > > > One other question I had was: if NT and Unix send the encrypted passwords > differently then how can samba use and LDAP backend for storing that > information? Doesn't LDAP use the standard crypt(3) to store passwords? How > does samba use that to validate and NT logon? Just curious. > > --Doug > OpenLDAP 2.0.7 can use SSHA, SHA, MD5, SMD5 and crypt, whith SSHA as the default. Samba must store the password in 2 ways (Lanman hash and NT hash). If somebody could write an LDAP 2.0.7 patch for NT hash support, then a PAM module (or direct LDAP support) could be written that would store the NT hash in the userPassword attribute (which LDAP uses for authentication) and Lanman hash in another special attribute. That way, PAM aware software (like for example Cyrus IMAP) could authenticate using pam_ldap and samba could authenticate using LDAP either via a special PAM module or directly. Oh, and BTW, changing password in OpenLDAP 2.0.7 using ldappasswd does not replicates to slave LDAPs - write your own scripts :-) I'm currently testing the following setup: I don't have users directly logging in Linux machines. I have a Cyrus IMAP authenticating from LDAP using pam_ldap. I have a Perl web interface for changing passwords in LDAP. I have a Samba 2.2.0alpha3 PDC. I'm using "unix sync" to call a Perl script which, given only the uid of the user, finds the full DN and changes the password (which of course assumes that uids are unique. If not, it fails). If a user changes the password from NT or W2K, the script also changes the password in LDAP, so (for the user) domain logon password is always the same with the mail server password. The web interface code will be modified also: Instead of directly changing the LDAP pasword (in which case the samba password will not change, bye-bye sync), it will remotely (smbpasswd -r MACHINE) change the samba password. Samba will call the script, which will change the LDAP password, and we are in sync. One problem with this setup is that, if one of the password databases (LDAP or Samba) is been destroyed in some way, you cannot recreate it from the other. I'm thinking about writing a script to keep a backup of smbpasword file in LDAP... *ugly*.... Also, adding users is another nightmare, because i need LDAP users to be added in the /etc/passwd files of IMAP and Samba servers. I came up with another ugly solution, involving perl scripts, encryption, ftp, samba machine accounts and animal sacrifices, which i don't want to discuss here. As for why not using pam_smb to authenticate IMAP from Samba, it's because i explicitly want to use LDAP as my central password database. T. -- Theodore=J.=Soldatos=_\_="There=is=always=a=bug=somewhere",=said==HAL=to=the== = theodore@eexi.gr =_/_==Ultimate=Programmer,=and=turned=off=the=air=supply.= = bafh@hellug.gr =_\_="Everybody=knows=the=war=is=over,==================== = tsol@space.gr =_/_==everybody=knows=the=good=guys=lost"===Leonard=Cohen= =====================_\_============ http://w4u.eexi.gr/~theodore ============ === Space Hellas ====_/_=========== Finger: theodore@aurora.eexi.gr ========== From sdunham at Ringling.EDU Wed Mar 28 14:02:08 2001 From: sdunham at Ringling.EDU (sdunham) Date: Tue Dec 2 02:34:02 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] References: <3AC1BD1F.2E960BD@csksoftware.de> Message-ID: <009501c0b78f$ade13dc0$653905d0@rsad.edu> This summer, we will be implementing a solution that sounds exactly the same as yours (Solaris with iPlanet LDAP and Windows clients). I have been trying to research the methods to do this and have yet to find much info. If you do take a deeper look into this, please send me any info. I would REALLY appreciate it! We have a real mix of OS' also, SGI Irix, Win NT 4, Win 2000, Mac OS, Solaris, Linux. For the Unix side of things we use NIS+, but want to integrate everything using iPlanet LDAP. Thanks Sean Dunham Network/Systems Administrator RSAD-Institutional Technology sdunham@rsad.edu ----- Original Message ----- From: "Peter Kunst" To: "Doug Marcey" Cc: Sent: Wednesday, March 28, 2001 5:29 AM Subject: Re: NIS+ solutions ? [was: A question about Auth Backends] > Doug Marcey wrote: > > > How do you use LDAP for your win domain logons? Do you use samba? > > Or are you using Win 2000? > > We share the internal network between two offices, the "other" > side is mainly NT boxes using iPlanet-LDAP and an NT PDC. Don't > know how this is integrated, but i may take a deeper look. > "my" side of the internal net is real mixed: SunOS, HPUX, AIX, > Linux, NT, W2K and auths against NIS+ (but not the NTs/W2Ks). > > What about integrating NIS+/samba tables into LDAP (both) ? > > Cheers, Peter > > > From R.J.Mckeating at lboro.ac.uk Wed Mar 28 15:58:51 2001 From: R.J.Mckeating at lboro.ac.uk (R.J.Mckeating@lboro.ac.uk) Date: Tue Dec 2 02:34:02 2003 Subject: Tadaaa! Message-ID: <985795131.3ac20a3ba429f@staff-webmail.lboro.ac.uk> OK done it, there was an entry in the debug info that said the smbpasswd file was corrupt so deleted it and recreated it. Now all is sweetness and light. Thanks for all the help, BSK to the samba team, if you're ever in this shoulder of the forest drop in for pint of real ale at our local watering hole. Ron Ron McKeating Computing Services Loughborough University 01509 222329 From gcarter at valinux.com Wed Mar 28 16:05:31 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:02 2003 Subject: Tadaaa! In-Reply-To: <985795131.3ac20a3ba429f@staff-webmail.lboro.ac.uk> Message-ID: On Wed, 28 Mar 2001 R.J.Mckeating@lboro.ac.uk wrote: > OK done it, there was an entry in the debug info that said the smbpasswd file > was corrupt so deleted it and recreated it. Now all is sweetness and light. > > Thanks for all the help, BSK to the samba team, if you're ever in this shoulder > of the forest drop in for pint of real ale at our local watering hole. > What version of Samba are you running? I fixed a bug where the smbpasswd search would bail out if any smbpasswd user did not exists in /etc/passwd. From David.Bear at asu.edu Wed Mar 28 18:10:20 2001 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:34:02 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] In-Reply-To: <009501c0b78f$ade13dc0$653905d0@rsad.edu> Message-ID: On Wed, 28 Mar 2001, sdunham wrote: > This summer, we will be implementing a solution that sounds exactly the same > as yours (Solaris with iPlanet LDAP and Windows clients). I have been this is intriguing for active directory. isnt ad suppost to be an ldap server as well -- could an ldap link to ad be use to store lmhash and nthash? seem mickeysoft would make the schema compatible. > trying to research the methods to do this and have yet to find much info. > If you do take a deeper look into this, please send me any info. I would > REALLY appreciate it! > We have a real mix of OS' also, SGI Irix, Win NT 4, Win 2000, Mac OS, > Solaris, Linux. For the Unix side of things we use NIS+, but want to > integrate everything using iPlanet LDAP. > > Thanks > > Sean Dunham > Network/Systems Administrator > RSAD-Institutional Technology > sdunham@rsad.edu > > > ----- Original Message ----- > From: "Peter Kunst" > To: "Doug Marcey" > Cc: > Sent: Wednesday, March 28, 2001 5:29 AM > Subject: Re: NIS+ solutions ? [was: A question about Auth Backends] > > > > Doug Marcey wrote: > > > > > How do you use LDAP for your win domain logons? Do you use samba? > > > Or are you using Win 2000? > > > > We share the internal network between two offices, the "other" > > side is mainly NT boxes using iPlanet-LDAP and an NT PDC. Don't > > know how this is integrated, but i may take a deeper look. > > "my" side of the internal net is real mixed: SunOS, HPUX, AIX, > > Linux, NT, W2K and auths against NIS+ (but not the NTs/W2Ks). > > > > What about integrating NIS+/samba tables into LDAP (both) ? > > > > Cheers, Peter > > > > > > > > > David Bear College of Public Programs/ASU From sdunham at Ringling.EDU Wed Mar 28 18:24:41 2001 From: sdunham at Ringling.EDU (sdunham) Date: Tue Dec 2 02:34:02 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] References: Message-ID: <015401c0b7b4$5b588ca0$653905d0@rsad.edu> Active Directory is, but as with all Microsoft things (MS-DNS, etc.), it is apparently not very compatible with iPlanet (as Microsoft didn't stick to specs...again). I have heard that OpenLDAP might work, but we already have iPlanet and it seemed a waste. Thanks for any and all input. Thanks Sean Dunham Network/Systems Administrator RSAD-Institutional Technology sdunham@rsad.edu ----- Original Message ----- From: "iddwb" To: "sdunham" Cc: Sent: Wednesday, March 28, 2001 1:10 PM Subject: Re: NIS+ solutions ? [was: A question about Auth Backends] > On Wed, 28 Mar 2001, sdunham wrote: > > > This summer, we will be implementing a solution that sounds exactly the same > > as yours (Solaris with iPlanet LDAP and Windows clients). I have been > > this is intriguing for active directory. isnt ad suppost to be an ldap > server as well -- could an ldap link to ad be use to store lmhash and > nthash? seem mickeysoft would make the schema compatible. > > > trying to research the methods to do this and have yet to find much info. > > If you do take a deeper look into this, please send me any info. I would > > REALLY appreciate it! > > We have a real mix of OS' also, SGI Irix, Win NT 4, Win 2000, Mac OS, > > Solaris, Linux. For the Unix side of things we use NIS+, but want to > > integrate everything using iPlanet LDAP. > > > > Thanks > > > > Sean Dunham > > Network/Systems Administrator > > RSAD-Institutional Technology > > sdunham@rsad.edu > > > > > > ----- Original Message ----- > > From: "Peter Kunst" > > To: "Doug Marcey" > > Cc: > > Sent: Wednesday, March 28, 2001 5:29 AM > > Subject: Re: NIS+ solutions ? [was: A question about Auth Backends] > > > > > > > Doug Marcey wrote: > > > > > > > How do you use LDAP for your win domain logons? Do you use samba? > > > > Or are you using Win 2000? > > > > > > We share the internal network between two offices, the "other" > > > side is mainly NT boxes using iPlanet-LDAP and an NT PDC. Don't > > > know how this is integrated, but i may take a deeper look. > > > "my" side of the internal net is real mixed: SunOS, HPUX, AIX, > > > Linux, NT, W2K and auths against NIS+ (but not the NTs/W2Ks). > > > > > > What about integrating NIS+/samba tables into LDAP (both) ? > > > > > > Cheers, Peter > > > > > > > > > > > > > > > > > David Bear > College of Public Programs/ASU > > > From gcarter at valinux.com Wed Mar 28 20:05:13 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:02 2003 Subject: NIS+ solutions ? [was: A question about Auth Backends] In-Reply-To: <015401c0b7b4$5b588ca0$653905d0@rsad.edu> Message-ID: On Wed, 28 Mar 2001, sdunham wrote: > Active Directory is, but as with all Microsoft things (MS-DNS, etc.), > it is apparently not very compatible with iPlanet (as Microsoft didn't > stick to specs...again). I have heard that OpenLDAP might work, but > we already have iPlanet and it seemed a waste. Thanks for any and all > input. > So I see this type of comment a lot. Not that I am defending MS by any means, but what specs in LDAP did MS not confirm to? Note that extended operations and controls are optional for implementations and LDAPv3 server is required to publish these in the rootDSE. What LDAP v3 core ops are missing or have been extended in a non-standard way? Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pilger at kahana.higp.hawaii.edu Wed Mar 28 20:05:44 2001 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:34:02 2003 Subject: Halelujah! It works! Message-ID: <3AC24418.7AB8E7C0@higp.hawaii.edu> At long last, after >7 months of effort, the tree bears fruit. I suspect I may have been shooting myself in the foot for some time. Very early on in the game I had tried to enable my current server to support domains, but could never join it. I then started practicing on another server so that I wouldn't keep distrubing things. Yesterday, I once again downloaded a full, clean CVS and recompiled. I then discovered accidentally that the current server was still configured to support domains. Hmm...If it's been working all this time, no harm in trying the latest stuff. I disabled the test server, did a clean install of the new stuff on the current server and restarted.Voila! She works! I must have had some wierd dueling server thing. Of course now the hard issues start. - Unless people are in the Power User group, the CD burner doesn't work and Netscape complains it can't change the registry. How do I put people in this group? - It's no fun initializing everybodys profile in their home directory - The User manager for Domains for NT shows only a portion of the users, and some show up as groups. This is that "No distinction between groups and users thing" isn't it? Ah well, the fun continues. -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From jallen at entrodyne.com Wed Mar 28 21:22:43 2001 From: jallen at entrodyne.com (jallen@entrodyne.com) Date: Tue Dec 2 02:34:02 2003 Subject: New Samba Install / Replicating UNIX Passwords Over to smbpasswd File Message-ID: I have recently installed and begun configuring Samba for the first time. The Samba server (smbd) is configured and running on my UNIX box. However, I am in the process of replicating my UNIX /etc/passwd file over to my Samba smbpasswd file. I have attempted to use the addtosmbpass script, but to no avail. The syntax that I am using to follow: addtosmbpass /etc/passwd /opt/samba/lib/smbpasswd I have also tried the smbpasswd program and enter the individual passwords. This is not working either. Does anyone have a trick or pointers on the quickest way to get my UNIX /etc/passwd passwords into my samba smbpasswd file? ? I have been following the online documentation as well as the documentation found in the "Using Samba" book. I am also having a few problems getting the NT server to authenticate itself with the UNIX/Samba server and visa versa. It would be wonderful if someone could give me a call. Especially if they have gone through the same ordeal that I am going through. Sincerely, James C. Allen Jr. Systems Network Administrator Entrodyne Corporation 225 South Magnolia Avenue Buena Vista, VA 24416 Tel: (540) 261-5595 xt: 365 Fax: (540) 261-1000 Email: jallen@entrodyne.com From bob at meeker.urban.csuohio.edu Wed Mar 28 22:40:57 2001 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:34:02 2003 Subject: Samba 2.2 print driver setup Message-ID: <200103282240.RAA00782@meeker.urban.csuohio.edu> ... > I'm using 2.2a2 in an environment with both W2K and W98 clients. One very > annoying inconsistency with W2K is making my life miserable. We've got some > newer HP models which are not bundled with W2K. I downloaded the drivers > from HP for both W2K and 95/98 platforms. I browse to my PRINT$ share from a > W2K server. I'm able to install the W2K driver just fine, but when I go the > "sharing" tab and try to install "Additional Drivers" for 95/98; W2K just > errors out complaining the driver is not available. This sounds similiar to the problem I have had with 2.0.7 with trying to automate installs of printer drivers for printers NOT in the windows 98 "built in" driver list (like 4000 or 4500 printers - worked fine for old LJ 4 or LJ 5SI.) I asked in the news group and never received any response on this issue. Old printers work great, new ones don't work. Made us very sad. I wondered if it was windows wierdness, or Samba weirdness. -Bob Martel ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From Errol.Fouquet at mms.gov Wed Mar 28 22:53:03 2001 From: Errol.Fouquet at mms.gov (Fouquet, Errol) Date: Tue Dec 2 02:34:02 2003 Subject: Samba 2.2 print driver setup Message-ID: <379313C94B76D2119AB60008C7A402E401E1FC76@imsnolaa.nola.omm.mms.gov> Robert, I've managed to come up with a work-around. I install a dummy local printer on the W2K box first. I use the downloaded W2K drivers from HP ... the "Have disk" option. After doing this, I go back to my PRINT$ share on the Samba box. Now when I right click on the printer, and install "Additional Drivers" it will let me browse for the drivers ... rather than just crapping out. Errol Fouquet - UNIX SysAdmin Minerals Management Service, DOI 1201 Elmwood Park Blvd. New Orleans, LA 70123 Phone: (504) 736-3255 Fax: (504) 736-2464 email: errol.fouquet@mms.gov http://www.gomr.mms.gov -----Original Message----- From: Robert M. Martel [mailto:bob@meeker.urban.csuohio.edu] Sent: Wednesday, March 28, 2001 4:41 PM To: samba-ntdom@us5.samba.org Subject: Re: Samba 2.2 print driver setup ... > I'm using 2.2a2 in an environment with both W2K and W98 clients. One very > annoying inconsistency with W2K is making my life miserable. We've got some > newer HP models which are not bundled with W2K. I downloaded the drivers > from HP for both W2K and 95/98 platforms. I browse to my PRINT$ share from a > W2K server. I'm able to install the W2K driver just fine, but when I go the > "sharing" tab and try to install "Additional Drivers" for 95/98; W2K just > errors out complaining the driver is not available. This sounds similiar to the problem I have had with 2.0.7 with trying to automate installs of printer drivers for printers NOT in the windows 98 "built in" driver list (like 4000 or 4500 printers - worked fine for old LJ 4 or LJ 5SI.) I asked in the news group and never received any response on this issue. Old printers work great, new ones don't work. Made us very sad. I wondered if it was windows wierdness, or Samba weirdness. -Bob Martel **************************************************************************** ** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne **************************************************************************** ** From rchitso5 at us.ibm.com Wed Mar 28 23:12:59 2001 From: rchitso5 at us.ibm.com (RCHITSO5 Rochester) Date: Tue Dec 2 02:34:02 2003 Subject: Printing Message-ID: Do I have to use LPD/LPR and Samba shares to print on printers that are attached to clients in an NT shop? From pwinkeler at iname.com Thu Mar 29 02:00:53 2001 From: pwinkeler at iname.com (Paul Winkeler) Date: Tue Dec 2 02:34:02 2003 Subject: Win9x vs WinME In-Reply-To: <3AC0D4B2.FDD7FEFB@canal-plus.fr> Message-ID: <007e01c0b7f4$1601e4e0$0f0010ac@freewinkeler.com> Benoit Sorry to report that my WindowsME box *is* set to user level access. And it truly brings up properly populated dialog with users and groups when I try to create a share. And truly, the Windows98SE machine does not. Could it simply be that the SMB dialect of WindowsME is closer to Windows2K? -----Original Message----- From: bboudevi@canal-plus.fr [mailto:bboudevi@canal-plus.fr] Sent: Tuesday, March 27, 2001 12:58 PM To: pwinkeler@iname.com Cc: samba-ntdom@us5.samba.org Subject: Re: Win9x vs WinME It looks like your both OSes are configured differently. Both problems come from the same source : How user access is managed in your clients. In the network panel, go to the third tab (err can't remember the exact name, should be something like "Access level" or something) In your Win98SE you have checked "Users & groups listed from the following domain" (follows: domain name) and in WinMe you didn't (security at share level) If you set this properties to the same way in both Win98 & WinMe, you'll reproduce exactly the same error on both OSes. The heck is that your primary domain controller doesn't allow anonymous access to the SAM database, and Win9x clients need this to list domain users & groups. About your profile management, I think the problem is issued from this (mis-)configuration. So, ideal is to downgrade security (allowing anonymous access to your SAM database is unafe, but you have Win9x clients, yikes) and reconfigure your WinMe clients. Have fun, Ben. pwinkeler@iname.com a ?crit : > > Running alpha3 from CVS, my Linux RedHat 6.2 box happily becomes a PDC and > both my WIndows 98SE and WIndows ME machines can see its shares just fine. > That is where the similarity ends however :-( > > Windows 98SE: > - Stores and pulls down the User profile from the server just fine > - Has user level acces configured but, when I try to make its printer > sharable I get the message: "Cannot retrieve user list; please try again > later" > > Windows ME: > - Seems to ignore the User profile > - Is perfectly happy to grant user level access to its drive shares > > Any suggestions? If it is helpful to have some logging data, I have several > MBs lying around :-) > > Paul Winkeler -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =- Benoit Boudeville | CANAL+ Technologies -= -= Computer System Engineer | 34, place Raoul Dautry =- =- mailto:bb@canal-plus.fr | 75516 Paris Cedex 15 -= -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From linux at fenix.uam.mx Thu Mar 29 04:14:35 2001 From: linux at fenix.uam.mx (Lista linux) Date: Tue Dec 2 02:34:02 2003 Subject: Required Samba user id's In-Reply-To: <985774117.3ac1b8258b3bc@staff-webmail.lboro.ac.uk> Message-ID: hi, remove the machine entry from smbpasswd and try again, it worked for me. cu. romy On Wed, 28 Mar 2001 R.J.Mckeating@lboro.ac.uk wrote: > This is driving me daft, > > I cannot get a w2k machine to connect to a rhu box running the latest samba as a > pdc. I think I am going to cry or maybe just go down the pub. > > OK is it true you have to be root to "join the domain", what do "join the > domain" actually mean. I have a machine entry in the /etc/passwd file of > > pc00-rjm$::31465:31465::/dev/null:/bin/false > obviously there is a root password in /etc/passwd > > There is an entry for the machine in the smbpasswd file of > > pc00-rjm$:31465:2287DD5C8BA901D21486235A2333E4D2:EFEF3A0E219AA2CDB599C25FAF6E1C87:[DW > ]:LCT-3AC1B671: > > If I do /usr/local/samba/bin/smbpasswd -a root I get > > ERROR: Badly formed boolean in configuration file: "ues". > INFO: Debug class all level = 3 (pid 3270 from pid 3270) > New SMB password: > > I put in the password for root and then in /private/smbpasswd I have the entry > > > root:0:FA1961430A96F9BEAAD3B435B51404EE:53F0FAE7D53BBE6C90F843ECEB71DCA0:[U > ]:LCT-3AC1B5D1: > > > Now on my w2k machine I tell it to join the domain, I put in the user as root > and the password for root and I get the error > > The account used is a computer account. Use your global or local user account > to access this server. > > > So does anybody know what I am doing wrong, can anybody clearly enumerate the > steps for getting w2k machine to connect to a samba running as a pdc, what > accounts have to be created with what command in what file. And also what > accounts have to exist on the w2k machine. > > > Realy could use some help here as I feel I am going round in cirles, maybe I am > just dim. > > Cheers all > > Ron > > Ron McKeating > Computing Services > Loughborough University > 01509 222329 > -- Ing. Romy Perez Moreno e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx http://fenix.uam.mx/romy tel: 5318 9067 / 5382-7157 From peter.milburn at sofcom.com.au Thu Mar 29 06:27:12 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:34:02 2003 Subject: samab Lastest CVS Message-ID: Hi, I am having big problems. I can get a linux machine to join the domain no problems at all. But for the life of me I can not get a windows 2000 machine to join the domain. I have noticed when the windows machine has not succeeded it also disables the account in the smba passwd file. I would really like to get this all done and working :) Thanks everyone. Pete -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From peter.milburn at sofcom.com.au Thu Mar 29 06:34:22 2001 From: peter.milburn at sofcom.com.au (peter.milburn@sofcom.com.au) Date: Tue Dec 2 02:34:02 2003 Subject: (no subject) Message-ID: Hi, I am having big problems. I can get a linux machine to join the domain no problems at all. But for the life of me I can not get a windows 2000 machine to join the domain. I have noticed when the windows machine has not succeeded it also disables the account in the smba passwd file. Sorry I forgot part of the log here it is goobs (203.7.146.16) connect to service IPC$ as user root (uid=0, gid=0) (pid 26861) getsmbfilepwent: returning passwd entry for user goobs$, uid 533 get_md4pw: Workstation goobs$: no account in domain goobs (203.7.146.16) closed connection to service IPC$ getsmbfilepwent: returning passwd entry for user goobs$, uid 533 I would really like to get this all done and working :) Thanks everyone. Pete -- Peter Milburn Systems Manager Software Communication Group Ltd peter.milburn@sofcom.com.au Ph: +613 9826 8300 Fax: +613 9826 8336 Level 16, 644 Chapel St South Yarra, Vic 3141 www.sofcom.com.au ******************************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please notify Software Communication Group immediately. Any views expressed in this message are those of the individual sender except where the sender specifically states them to be the views of Software Communication Group. ******************************************** From sharpe at ns.aus.com Thu Mar 29 06:48:26 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:34:02 2003 Subject: samab Lastest CVS In-Reply-To: Message-ID: <3.0.6.32.20010329154826.00ed5540@10.0.2.1> At 04:27 PM 3/29/01 +1000, peter.milburn@sofcom.com.au wrote: >Hi, > >I am having big problems. I can get a linux machine to join the domain >no problems at all. But for the life of me I can not get a windows 2000 >machine to join the domain. > >I have noticed when the windows machine has not succeeded it also >disables the account in the smba passwd file. > >I would really like to get this all done and working :) Peter, I think the problem is that Samba does not like you misspelling its name :-) One quick check. Do you have a machine account in the /etc/passwd file for the machine GOOB? What is the error message you are getting again? >Thanks everyone. > >Pete > >-- >Peter Milburn >Systems Manager >Software Communication Group Ltd >peter.milburn@sofcom.com.au >Ph: +613 9826 8300 Fax: +613 9826 8336 >Level 16, 644 Chapel St >South Yarra, Vic 3141 >www.sofcom.com.au >******************************************** >This message contains privileged and confidential information intended >only >for the use of the addressee named above. If you are not the intended >recipient of this message you must not disseminate, copy or take any >action >in reliance on it. If you have received this message in error, please >notify Software Communication Group immediately. >Any views expressed in this message are those of the individual sender >except where the sender specifically states them to be the views of >Software >Communication Group. >******************************************** > > > > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From jorgen at naxos.se Thu Mar 29 08:20:43 2001 From: jorgen at naxos.se (Jorgen Overgaard) Date: Tue Dec 2 02:34:03 2003 Subject: SV: Procedure number out of range Message-ID: <01C0B839.EA4968A0.jorgen@naxos.se> I too have the same problem, any ideas anyone? > -----Ursprungligt meddelande----- > Från: Stephen Atkins [SMTP:stephen.atkins@home.com] > Skickat: den 23 mars 2001 15:26 > Till: samba-ntdom@us5.samba.org > Ämne: FW: Procedure number out of range > > Hello all. I'm running the CVS 2.2 on Mandrake 7.2. I'm running into a > problem when I try to connect to my Linux box from win2k. It's giving me an > error of "Procedure number is out of range". If I try with encrypt password > = no it tells me "The account is not authorized to log in from this > station". And yes the user account is in smbpasswd and /etc/passwd with the > same passwords. If encrypt password = yes then it gives me and "Procedure > number is out of range". If anyone can tell me why its giving me this > problem please let me know. I've attached my smb.conf file below. > > Thanks > > Stephen Atkins > <> From eirvine at tpgi.com.au Thu Mar 29 10:10:50 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:34:03 2003 Subject: (no subject) References: Message-ID: <3AC30A2A.81AC239@tpgi.com.au> Hi Peter, peter.milburn@sofcom.com.au wrote: > > Hi, > > I am having big problems. I can get a linux machine to join the domain > no problems at all. But for the life of me I can not get a windows 2000 > machine to join the domain. Peter, you are using Samba as a PDC server, right? What version of Samba are you using? Do you know that 2.07 won't work as a PDC for W2k at all, and that 2.2 is still in alpha? > I have noticed when the windows machine has not succeeded it also > disables the account in the smba passwd file. > Eddie. From virgo at azcher.kharkov.ua Thu Mar 29 10:45:02 2001 From: virgo at azcher.kharkov.ua (Virgo) Date: Tue Dec 2 02:34:03 2003 Subject: Windows 95 with SMB Update Message-ID: <3AC3122D.F57A1F9D@azcher.kharkov.ua> Hi! In the book Using samba is written "Windows 95 - Non-encrypted password Windows 95 with SMB Update - Encrypted password" Suggest please where to take this SMB Update. Beforehand is grateful, Sergey. -- Registered Linux User #186627 ICQ UIN 50715669 From trobison at mail.meadows.net Thu Mar 29 11:05:12 2001 From: trobison at mail.meadows.net (Tim Robison) Date: Tue Dec 2 02:34:03 2003 Subject: Printing Message-ID: <005a01c0b840$2be1a600$5795500a@armada3500.meadows.net> What do I need to make a printer share work? I have a share set up, I can spool to the samba box, but it will not leave the samba box to the remote shared printer. -------------- next part -------------- HTML attachment scrubbed and removed From barth at cck.uni-kl.de Thu Mar 29 12:51:23 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:34:03 2003 Subject: Printing In-Reply-To: <005a01c0b840$2be1a600$5795500a@armada3500.meadows.net> Message-ID: <3AC34BEB.10376.19F5089@localhost> > What do I need to make a printer share work? I have a share set up, I can spool to the samba box, but it will not leave the samba box to the remote shared printer. > It seems that you have to configure the "printing = " and the "print command =" parameter. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From greg at kwikfind.com Thu Mar 29 15:57:13 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:34:03 2003 Subject: Required Samba user id's References: Message-ID: <002801c0b868$ecc532b0$6f00a8c0@logeng.net> Lista, A couple things: 1. You don't need to have an account on your windows machines for root, even though the Samba PDC FAQs state that you do. Simply log into the Win2k machine on a user account with Power User access or greater the then join the domain. When Win2k asks for authentication to join the domain, then use the root username and password. 2. I configure the add user script parameter in my smb.conf file to add the machine account to the unix and samba password files (add user script = /user/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ 3. I'm not a veteran unix user, so this comment my be obvious to the veterain. I find that if I edit my smbpasswd file with anything but the command line editors (e.g., joe & vi), it makes it unreadable to Samba. Good luck. Greg ----- Original Message ----- From: "Lista linux" To: Cc: "'samba-ntdom'" Sent: Wednesday, March 28, 2001 8:14 PM Subject: Re: Required Samba user id's > hi, > > remove the machine entry from smbpasswd and try again, it worked for me. > > cu. > > romy > > On Wed, 28 Mar 2001 R.J.Mckeating@lboro.ac.uk wrote: > > > This is driving me daft, > > > > I cannot get a w2k machine to connect to a rhu box running the latest samba as a > > pdc. I think I am going to cry or maybe just go down the pub. > > > > OK is it true you have to be root to "join the domain", what do "join the > > domain" actually mean. I have a machine entry in the /etc/passwd file of > > > > pc00-rjm$::31465:31465::/dev/null:/bin/false > > obviously there is a root password in /etc/passwd > > > > There is an entry for the machine in the smbpasswd file of > > > > pc00-rjm$:31465:2287DD5C8BA901D21486235A2333E4D2:EFEF3A0E219AA2CDB599C25FAF6 E1C87:[DW > > ]:LCT-3AC1B671: > > > > If I do /usr/local/samba/bin/smbpasswd -a root I get > > > > ERROR: Badly formed boolean in configuration file: "ues". > > INFO: Debug class all level = 3 (pid 3270 from pid 3270) > > New SMB password: > > > > I put in the password for root and then in /private/smbpasswd I have the entry > > > > > > root:0:FA1961430A96F9BEAAD3B435B51404EE:53F0FAE7D53BBE6C90F843ECEB71DCA0:[U > > ]:LCT-3AC1B5D1: > > > > > > Now on my w2k machine I tell it to join the domain, I put in the user as root > > and the password for root and I get the error > > > > The account used is a computer account. Use your global or local user account > > to access this server. > > > > > > So does anybody know what I am doing wrong, can anybody clearly enumerate the > > steps for getting w2k machine to connect to a samba running as a pdc, what > > accounts have to be created with what command in what file. And also what > > accounts have to exist on the w2k machine. > > > > > > Realy could use some help here as I feel I am going round in cirles, maybe I am > > just dim. > > > > Cheers all > > > > Ron > > > > Ron McKeating > > Computing Services > > Loughborough University > > 01509 222329 > > > > -- > Ing. Romy Perez Moreno > e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx > http://fenix.uam.mx/romy > tel: 5318 9067 / 5382-7157 > > > > > From greg at kwikfind.com Thu Mar 29 16:19:53 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:34:03 2003 Subject: (no subject) References: Message-ID: <006101c0b86c$17599720$6f00a8c0@logeng.net> Peter, I agree with Richard. I think you've bruised Samba's feelings. Seriously: I'm currently running Samba 2.2 as a PDC for a mainly Win2k network. Once I worked out the "kinks" using my test machine, I added the entire network to the domain in about an hour, so the process does work. 90% of the time, if I had a problem, it was obvious by reading the samba log file using log level 2. Also, make play around with the smbclient and smbstatus utilities that come with Samba. They are very good at telling you if Samba is working. If Samba is running good and you are still having problems, chances are it's with name resolution. I use WINS support on my Win clients with the Samba PDC as the WINS server. I also use the BIND DNS server as my main name resolver on our network. I am very diligent about making sure BIND is working properly and resolving both external names and internal machine names (I'm not sure how important this is to Samba) One thing you might verify on your client machines is that you don't have the Disable Netbios over TCP/IP option selected on your Win2k clients. This will goof up WINS lookups. Following is the smb.conf file that I use. It may not be perfect, but works for me. Good luck. Greg #==================================================================== # SAMBA CONFIGURATION FILE #==================================================================== # # Date: Feb. 16, 2001 # Created By: Greg Zartman (greg@leiinc.com) # #--------------------------------------------------------------------- #--------------------------------------------------------------------- # GLOBAL PARAMETERS #--------------------------------------------------------------------- [global] config file = /etc/smb.conf #Server Parameters netbios name = SERVER server string = Samba %v on (%L) #Domain Parameters workgroup = LOGENG.NET encrypt passwords = Yes domain logons = Yes os level = 65 preferred master = True domain master = True guest ok = Yes domain admin group = @domain_admins add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ smb passwd file = /etc/private/smbpasswd time server = Yes # Set to use local profiles and logon.bat logon script logon script = logon.bat logon home = logon drive = logon path = #Name Server Support -- Translate WINS requests to DNS Server wins support = Yes name resolve order = wins hosts lmhosts bcast dnsproxy = yes #Security Options security = user bind interfaces only = Yes interfaces = 192.168.0.10/255.255.255.0 \ 127.0.0.1 hosts allow = 192.168.0. #Debugging Information log level = 1 log file = /var/log/samba.log max log size = 50 debug timestamp = yes #Performance Tweaks getwd cache = yes lpq cache = 30 #---------------------------------------------------------------- # DISK SHARES #---------------------------------------------------------------- [homes] comment = Home Directories browseable = No writeable = Yes read only = No #create mode = 0777 [netlogon] comment = Win Domain Login Services path = /export/samba/logon #valid users = @partners read only = Yes #create mode = 0755 browsable = Yes [projects] comment = LEI Main Project Drive path = /export/samba/projects writeable = Yes read only = No valid users = @domain_users guest ok = Yes #public = yes create mask = 0775 directory mask = 775 inherit permissions = yes #force group = domain_users [company] comment = General Use Storage path = /export/samba/company/general writeable = Yes read only = No valid users = @domain_users #force group = domain_users create mode = 0775 directory mode = 775 inherit permissions = yes [management] comment = Admin Drive path = /export/samba/company/management writeable = Yes read only = No public = yes #force group = partners create mode = 0775 directory mode = 775 inherit permissions = yes #---------------------------------------------------------------- # PRINTERS #---------------------------------------------------------------- ----- Original Message ----- From: To: Sent: Wednesday, March 28, 2001 10:34 PM Subject: (no subject) > Hi, > > I am having big problems. I can get a linux machine to join the domain > no problems at all. But for the life of me I can not get a windows 2000 > machine to join the domain. > > I have noticed when the windows machine has not succeeded it also > disables the account in the smba passwd file. > > Sorry I forgot part of the log here it is > > goobs (203.7.146.16) connect to service IPC$ as user root (uid=0, gid=0) > (pid 26861) > getsmbfilepwent: returning passwd entry for user goobs$, uid 533 > get_md4pw: Workstation goobs$: no account in domain > goobs (203.7.146.16) closed connection to service IPC$ > getsmbfilepwent: returning passwd entry for user goobs$, uid 533 > > > I would really like to get this all done and working :) > > Thanks everyone. > > Pete > > -- > Peter Milburn > Systems Manager > Software Communication Group Ltd > peter.milburn@sofcom.com.au > Ph: +613 9826 8300 Fax: +613 9826 8336 > Level 16, 644 Chapel St > South Yarra, Vic 3141 > www.sofcom.com.au > ******************************************** > This message contains privileged and confidential information intended > only > for the use of the addressee named above. If you are not the intended > recipient of this message you must not disseminate, copy or take any > action > in reliance on it. If you have received this message in error, please > notify Software Communication Group immediately. > Any views expressed in this message are those of the individual sender > except where the sender specifically states them to be the views of > Software > Communication Group. > ******************************************** > > > > > > > > > From greg at kwikfind.com Thu Mar 29 16:21:56 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:34:03 2003 Subject: Procedure number out of range References: <01C0B839.EA4968A0.jorgen@naxos.se> Message-ID: <007501c0b86c$6028cfc0$6f00a8c0@logeng.net> Jorgen, Yes, see the reply that I made to Stephans message. Greg ----- Original Message ----- From: "Jorgen Overgaard" To: "'Stephen Atkins'" ; Sent: Thursday, March 29, 2001 12:20 AM Subject: SV: Procedure number out of range > I too have the same problem, any ideas anyone? > > > -----Ursprungligt meddelande----- > > Fr?n: Stephen Atkins [SMTP:stephen.atkins@home.com] > > Skickat: den 23 mars 2001 15:26 > > Till: samba-ntdom@us5.samba.org > > ?mne: FW: Procedure number out of range > > > > Hello all. I'm running the CVS 2.2 on Mandrake 7.2. I'm running into a > > problem when I try to connect to my Linux box from win2k. It's giving me an > > error of "Procedure number is out of range". If I try with encrypt password > > = no it tells me "The account is not authorized to log in from this > > station". And yes the user account is in smbpasswd and /etc/passwd with the > > same passwords. If encrypt password = yes then it gives me and "Procedure > > number is out of range". If anyone can tell me why its giving me this > > problem please let me know. I've attached my smb.conf file below. > > > > Thanks > > > > Stephen Atkins > > <> > > > > > From ameneses at iapex.com Thu Mar 29 17:47:04 2001 From: ameneses at iapex.com (Alden Meneses) Date: Tue Dec 2 02:34:03 2003 Subject: samba-ntdom -- confirmation of subscription -- request 598266 Message-ID: From ely at txc.com Thu Mar 29 18:32:51 2001 From: ely at txc.com (Ely Zavin) Date: Tue Dec 2 02:34:03 2003 Subject: NT printing. Message-ID: <3AC37FD3.CE66D77C@txc.com> Hello All, I am running Samba-2.2.0alpha3. Thank you for great work to Samba team - everything works great, except the printer driver installation for WinNT as well as for W2K. After choosing Network Printer Server in Add Printer Wizard window, Connect to Printer window displays all printers from my Samba Server prefixed with extra hostname like this: \\\ where - is a real Samba Server hostname and - is a real printer name on the Samba Server. Next to printer's name there is a string NO DRIVER AVAILABLE FOR THE PRINTER. When I continue the installation instead of getting WinNT Add Printer Wizard with all available printers I'm getting a window with message "File Needed: Printer INF for NO DRIVER AVAILABLE FOR THIS PRINTER" and dialog box to specify path to *.INF file. Even after specifying exact path to .inf file in this window I'm getting an error message: Printer driver setup error: The printer driver is unknown. Following are the printer settings from smb.conf file: load printers = yes printcap name = /etc/printcap printing = bsd print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j [printers] comment = All printers path = /var/spool/lpd browseable = No print ok = Yes Thank you, Ely Zavin -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2470 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010329/e4b4a1fb/smime.bin From gcarter at valinux.com Thu Mar 29 19:28:14 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:03 2003 Subject: NT printing. In-Reply-To: <3AC37FD3.CE66D77C@txc.com> Message-ID: On Thu, 29 Mar 2001, Ely Zavin wrote: > Hello All, > > I am running Samba-2.2.0alpha3. > Thank you for great work to Samba team - everything works > great, except the printer driver installation for WinNT as well > as for W2K. > Have you read the Printing chapter in the Samba-HOWTO-Collection.pdf? You didn't say you had a [print$] share defined and didn't mention an 'add printer command' (if you are using the APW). Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From kpierre at fit.edu Thu Mar 29 19:54:14 2001 From: kpierre at fit.edu (Kervin Pierre) Date: Tue Dec 2 02:34:03 2003 Subject: Samba and getpwnam() quest. - Was: Re: NIS+ solutions ? [was: A question about Auth Backends] References: <3AC1BD1F.2E960BD@csksoftware.de> Message-ID: <3AC392E6.B6BF277B@fit.edu> First, I have a question. Why does samba seem insist on having a /etc/passwd file to check uid<->username mapping, instead of using something like getpwnam() and friends? I am definately not an expert UNIX programmer, but that's what seems to happen as far as I can tell. We use LDAP for authentication on our samba server, and samba is set to do authenication=domain. Samba would NOT need to know about LDAP, just as other programs don't, if it used the getpwnam() functions and friends. Am I missing a something or is this correct. I say this because the only way to get samba to work is to have a copy of the /etc/passwd file on the server. To do this we have a cron job run every 10 minutes to dump the entire LDAP database in a /etc/passwd file format and scp this to the samba server. Needless to say, this will not scale. Someone, please give me some insight on this problem. Now, about the ldap setup. I was tasked to do this last summer. We use iPlanet LDAP server which comes with a nt-synch program for Windows NT. Note that the nt-synch program will NOT be in iPlanet LDAP server 5.0 which is in beta right now, or so I've been told. Iplanet is instead pushing their meta directory product for this. A free 20,000 user licence for iplanet DS comes with Solaris 8. Check the iplanet newsgroups for more info http://developer.iplanet.com/support/newsgroups/index.html . I've heard OpenLDAP will work, but I haven't used it. An important link is http://www.padl.com/tools.html Earlier I was looking for people interested in developing an open source version of nt-synch. The iplanet program is buggy and only works with iplanetDS. Worse yet, it's scheduled to go away. An ldap-nt-synch program does not look very difficult ( famous last words : ) On the MS side we have password filters http://msdn.microsoft.com/library/psdk/logauth/pswd_portal_9tph.htm , on the ldap server side we'd need a 'plugin'. I'm not sure if OpenLDAP supports these, but iPlanet does. The plugin would catch changes to the userpassword attribute and convey this to a service on the NT server, etc. A problem we run into was that different OSes use different LDAP schemas. Some, like irix are very configurable, some like Solaris aren't. IRIX does not like the way iplanet encodes their userpassword attribute (they put the crypt type in curly braces at the beginning of the attribute value), and we have a ugly hack to handle this (a cron job that syncs the userpassword value, san prefix to a new attribute that irix uses, every 10 minutes) If you have any questions feel free to drop me a line. I have a bunch of scripts written to make user administration on the ldap database easier from the command line. I also have a php website to do the user administration by running queries on the ldap server, though I'm in the process of rewriting it right now. -Kervin Peter Kunst wrote: > > Doug Marcey wrote: > > > How do you use LDAP for your win domain logons? Do you use samba? > > Or are you using Win 2000? > > We share the internal network between two offices, the "other" > side is mainly NT boxes using iPlanet-LDAP and an NT PDC. Don't > know how this is integrated, but i may take a deeper look. > "my" side of the internal net is real mixed: SunOS, HPUX, AIX, > Linux, NT, W2K and auths against NIS+ (but not the NTs/W2Ks). > > What about integrating NIS+/samba tables into LDAP (both) ? > > Cheers, Peter From seun at nettel.sjsu.edu Thu Mar 29 19:53:19 2001 From: seun at nettel.sjsu.edu (Seun Abiodun-Wright) Date: Tue Dec 2 02:34:03 2003 Subject: SSL References: Message-ID: <3AC392AF.A1F3524@nettel.sjsu.edu> Question!!! How can I set up samba to use SSL over my Network - Linux box with winnt machines? From kpierre at fit.edu Thu Mar 29 20:17:16 2001 From: kpierre at fit.edu (Kervin Pierre) Date: Tue Dec 2 02:34:03 2003 Subject: A question about Auth Backends References: <3AC1C15F.5080706@eexi.gr> Message-ID: <3AC3984C.C4BCB34E@fit.edu> "Theodore J. Soldatos" wrote: [...] > One problem with this setup is that, if one of the password databases > (LDAP or Samba) is been destroyed in some way, you cannot recreate it > from the other. I'm thinking about writing a script to keep a backup of > smbpasword file in LDAP... *ugly*.... > [..] Would something like this work? This scripts backs-up and ldap database to a file in /etc/passwd format (It's only been tested on Solaris8 with iPlanet DS though) -Kervin -------------- next part -------------- #!/bin/sh #Kervin Pierre 19AUG00 #Dump a valid passwd file from ldap SCRIPT_DIR=/opt/scripts AWK=/usr/bin/awk LDAP_FILE=$SCRIPT_DIR/ldap.dat LDAP_BASE="ou=people,dc=eng,dc=fit,dc=edu" #The following 2 lines read the credentials from a file #I should have used the '.' instead #ie. '. $LDAP_FILE' #optionally you can use. #OP_CRED='cn=Directory Manager' #OP_PASS='secret' OP_CRED=`$AWK -F'=' '$1=="OP_CRED" { print substr($0, length($1)+2) }' $LDAP_FILE` OP_PASS=`$AWK -F'=' '$1=="OP_PASS" { print substr($0, length($1)+2) }' $LDAP_FILE` ldapsearch -L -D "$OP_CRED" -w "$OP_PASS" -b "$LDAP_BASE" -s sub "(objectclass=posixaccount)" | $AWK ' BEGIN { FS=":"; OFS=":"} {if($1=="uid" && NF<3) uid = $2 if($1=="uidnumber") uidnumber = $2 if($1=="gidnumber") gidnumber = $2 if($1=="gecos") gecos = $2 if($1=="homedirectory") homedirectory = $2 if($1=="loginshell") loginshell = $2 if(NF==0) print uid,"x",uidnumber,gidnumber,gecos,homedirectory,loginshell}' | sed -e 's/: /:/g s/^ //g' -------------- next part -------------- #!/bin/sh #Kervin Pierre 19AUG00 #Dump a valid shadow file from ldap SCRIPT_DIR=/opt/scripts AWK=/usr/local/bin/awk LDAP_FILE=$SCRIPT_DIR/ldap.dat LDAP_BASE="ou=people,dc=eng,dc=fit,dc=edu" OP_CRED=`$AWK -F'=' '$1=="OP_CRED" { print substr($0, length($1)+2) }' $LDAP_FILE` OP_PASS=`$AWK -F'=' '$1=="OP_PASS" { print substr($0, length($1)+2) }' $LDAP_FILE` ldapsearch -L -D "$OP_CRED" -w "$OP_PASS" -b "$LDAP_BASE" -s sub "objectclass=posixaccount" | $AWK ' BEGIN { FS=":"; OFS=":"} {if($1=="uid" && NF<3) uid = $2 if($1=="userpassword") userpassword = substr($2,9) if($1=="shadowlastchange") shadowlastchange = $2 if(NF==0) print uid,userpassword,shadowlastchange,":::::"}' | sed -e 's/: /:/g s/^ //g' From gcarter at valinux.com Thu Mar 29 20:32:08 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:03 2003 Subject: Samba and getpwnam() quest. - Was: Re: NIS+ solutions ? [was: A question about Auth Backends] In-Reply-To: <3AC392E6.B6BF277B@fit.edu> Message-ID: On Thu, 29 Mar 2001, Kervin Pierre wrote: > First, I have a question. > > Why does samba seem insist on having a /etc/passwd file to check > uid<->username mapping, instead of using something like getpwnam() and > friends? Huh? We do use getpwnam() et. al. > I am definately not an expert UNIX programmer, but that's what seems to > happen as far as I can tell. We use LDAP for authentication on our > samba server, and samba is set to do authenication=domain. Samba would > NOT need to know about LDAP, just as other programs don't, if it used > the getpwnam() functions and friends. Am I missing a something or is > this correct. Are you sure you have your /etc/nsswitch.conf file correctly configured? > I say this because the only way to get samba to work is to have a copy > of the /etc/passwd file on the server. To do this we have a cron job > run every 10 minutes to dump the entire LDAP database in a /etc/passwd > file format and scp this to the samba server. Nah....shouldn't be doing this. If it is, then it is a bug, but I'll need confirmation that it is indeed the case. A quick grep of 2.0.7 ensure no opens on /etc/passwd. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From don_mccall at hp.com Thu Mar 29 20:33:15 2001 From: don_mccall at hp.com (MCCALL,DON (HP-USA,ex1)) Date: Tue Dec 2 02:34:04 2003 Subject: New Samba Install / Replicating UNIX Passwords Over to smbpas swd File Message-ID: <079FD72E42C9D311B854009027650E6F0405090F@xatl02.atl.hp.com> Hi James, Try this: #touch /tmp/smbpasswd.in #addtosmbpass `cut -f1 -d: /etc/passwd` /usr/local/samba/private/smbpasswd ^^^^^^all one line^^^^^^ This should pass a list of all the usernames in your /etc/passwd file to addtosmbpass, and create an smbpasswd file of the proper format in /usr/local/samba/private/smbpasswd. Another way to do it, if you pulled the SOURCE as well, or if your distribution includes the 'scripts' directory, is: /opt/samba_src/samba/source/scripts/mksmbpasswd.sh (this will be a different path on your installation, I am sure - the above is from the HP-UX 11.0 installation) This will take all the entries in your /etc/passwd file and create appropriate entries in your smbpasswd file (which you should locate in the /usr/local/samba/private subdirectory, or whereever your specific installation expects it). The syntax is as follows: cat /etc/passwd|mksmbpasswd.sh >/var/opt/samba/private/smbpasswd You will probably want to go in and remove the entries for root, ftp, etc afterwards. And you will still have to use smbpasswd to set your user's pc passwords. But it's quick... ************************** but since there is no way to generate an NTLM encrypted password directly from the Unix encrypted password in the /etc/passwd file, you NEED a way to allow your unix users to change their own smb passwords. The smbpasswd command when run by a NON-root user, requires that they know the current password in order to change it. Below I have documented a method whereby you can set ALL passwords in the smbpasswd file to an 'initial' password that you can give your unix users to allow them to change their own password from unix using the smbpasswd command: 1. Create the smbpasswd file using one of the methods explained above. 2. use the smbpasswd command, as root, to create an initial password for one of the users now in the smbpasswd file: #/opt/samba/bin/smbpasswd username New SMB password: fishlips (not actually echoed, just here for clarity) Retype new SMB password: fishlips (not actually echoed, just here for clarity) Password changed for user username. # 3. edit the /usr/local/samba/private/smbpasswd file with vi, and find the entry for the user whose password you just changed. You will notice that it has the following format: username:5758:A39FDF60A9518E7D02657A8D8EF025E2:65AD8B90AE8636FA1499E091B6B16 E31:[U ]:LCT-00000000:username,location,phone the encrypted password fields (the data will be different, based on what you fed smbpasswd command when you changed the passwd) are the third and fourth fields, in the example above, A39FDF60A9518E7D02657A8D8EF025E2:65AD8B90AE8636FA1499E091B6B16E31 4. Note that all other entries in the smbpasswd file have these fields set to all "X"'s: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 5. what you want to do at this point, is replace the default passwd fields (the "X"'s) with your new initial encrypted passwd fields. To do this in vi, you can use the following command: :1,$ s/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/A39FDF60 A9518E7D02657A8D8EF025E2:65AD8B90AE8636FA1499E091B6B16E31/ (all the above on a single line in vi) obviously, a judicious use of cut and paste would be helpful here... Then save your changes. 6. after this, every user in your smbpasswd file will have the same initial password as what you set for 'username'. And they will be able to log to unix with their unix username and use the smbpasswd command to change this initial password to one of their own choosing. There are probably a million different ways to skin this cat, James; but this is the one I used once... Hope this helps, Don -----Original Message----- From: jallen@entrodyne.com [mailto:jallen@entrodyne.com] Sent: Wednesday, March 28, 2001 4:23 PM To: samba-ntdom@lists.samba.org Subject: New Samba Install / Replicating UNIX Passwords Over to smbpasswd File I have recently installed and begun configuring Samba for the first time. The Samba server (smbd) is configured and running on my UNIX box. However, I am in the process of replicating my UNIX /etc/passwd file over to my Samba smbpasswd file. I have attempted to use the addtosmbpass script, but to no avail. The syntax that I am using to follow: addtosmbpass /etc/passwd /opt/samba/lib/smbpasswd I have also tried the smbpasswd program and enter the individual passwords. This is not working either. Does anyone have a trick or pointers on the quickest way to get my UNIX /etc/passwd passwords into my samba smbpasswd file? ? I have been following the online documentation as well as the documentation found in the "Using Samba" book. I am also having a few problems getting the NT server to authenticate itself with the UNIX/Samba server and visa versa. It would be wonderful if someone could give me a call. Especially if they have gone through the same ordeal that I am going through. Sincerely, James C. Allen Jr. Systems Network Administrator Entrodyne Corporation 225 South Magnolia Avenue Buena Vista, VA 24416 Tel: (540) 261-5595 xt: 365 Fax: (540) 261-1000 Email: jallen@entrodyne.com From kim at complexia.com.au Thu Mar 29 22:12:31 2001 From: kim at complexia.com.au (Kim Malafant) Date: Tue Dec 2 02:34:04 2003 Subject: Oplock Problems Message-ID: <3.0.5.32.20010330081231.008d0100@pop.actweb.net> Dear All, I know that the following error for "oplocks" appears in the FAQ but we need an "authorative" answer to the problem so that we can advise a client what to do. Having a large number of cables/cards etc tested is expensive. The logfile output is: [2001/03/23 11:04:21, 1, pid=16808, effective(0, 300), real(0, 0)] smbd/service.c:(550) roger (172.16.12.18) connect to service testarea as user kim (uid=0, gid=300) (pid 16808) [2001/03/23 11:04:34, 0, pid=16808, effective(0, 0), real(0, 0)] smbd/service.c:(336) kim logged in as admin user (root privileges) [2001/03/23 11:04:34, 1, pid=16808, effective(0, 300), real(0, 0)] smbd/service.c:(550) roger (172.16.12.18) connect to service test4kim as user kim (uid=0, gid=300) (pid 16808) [2001/03/23 11:05:42, 0, pid=16808, effective(0, 300), real(0, 0)] smbd/oplock.c:(1204) request_oplock_break: no response received to oplock break request to pid 16749 on port 33722 for dev = 2680062, inode = 486401 for dev = 2680062, inode = 486401, tv_sec = 3aba92cc, tv_usec = 22e4a [2001/03/23 11:06:14, 0, pid=16808, effective(0, 300), real(0, 0)] smbd/oplock.c:(1204) request_oplock_break: no response received to oplock break request to pid 16749 on port 33722 for dev = 2680062, inode = 486401 for dev = 2680062, inode = 486401, tv_sec = 3aba92cc, tv_usec = 22e4a [2001/03/23 11:06:43, 0, pid=16825, effective(0, 0), real(0, 0)] smbd/service.c:(336) which indicates that there is a bad network cable/card or an MS application that does not understand oplocks correctly. So the questions are: 1) Will a bad network cable - this is a 100Mb network and the client makes their own cables and has no test equipment - cause the problem? Can we identify the machine/connection from the log file? 2) A faulty network card will also cause the same problem we believe. Is this correct and if so how do we isolate that from the logfile? These are the two "simple" fixes but if it is an MS application is there any way of identifying that from the logfile? A clear and somewhat definitive answer would help greatly in convincing the client that the problem is infrastructure related and not due to SAMBA. Thanks in advance. Kim Malafant Director, compleXia PO Box 3011, Belconnen ACT, Australia, 2617 Phone: (02) 6253 8342 Fax: (02) 6253 8346 Mobile: 0410 421 694 From kim at complexia.com.au Thu Mar 29 22:18:03 2001 From: kim at complexia.com.au (Kim Malafant) Date: Tue Dec 2 02:34:04 2003 Subject: Sharing violation error Message-ID: <3.0.5.32.20010330081803.008d0100@pop.actweb.net> Dear All, Have a SAMBA installation where one user is experiencing "sharing violations" on a particular directory on one share. This has only just occurred although they have been running for about two months. The user opens a number of MS Word documents in the sam directory and is cutting and pasting between them. He is saving regularly and every now and then gets an error message saying that the file cannot be saved due to either low memory or the fact that the disk is full. He seems to have plenty of available tmp space on the client and ther is more thatn 40 Gb free space on te disk containing the share. Checking the logs for the machine (client) indicates that there was a "sharing violation". It is always for the "tmp" file created by MS word in the directory. He then cannot save the file etc etc. The files in the directory seem to have the "archive" bit set from the NT side. Any suggestions about the cause and possible solutions please. Thanks in advance. Kim Malafant Director, compleXia PO Box 3011, Belconnen ACT, Australia, 2617 Phone: (02) 6253 8342 Fax: (02) 6253 8346 Mobile: 0410 421 694 From pkunst at csksoftware.de Fri Mar 30 00:12:09 2001 From: pkunst at csksoftware.de (Peter Kunst) Date: Tue Dec 2 02:34:04 2003 Subject: Samba and getpwnam() quest. - Was: Re: NIS+ solutions ? [was: A question about Auth Backends] References: <3AC1BD1F.2E960BD@csksoftware.de> <3AC392E6.B6BF277B@fit.edu> Message-ID: <3AC3CF59.808623AA@csksoftware.de> On Thu, 29 Mar 2001, Kervin Pierre wrote: > Now, about the ldap setup. > > I was tasked to do this last summer. We use iPlanet LDAP server which > comes with a nt-synch program for Windows NT. Note that the nt-synch > program will NOT be in iPlanet LDAP server 5.0 That?s nearly the same as our setup here. Thank you all for hints/tips, i'll try it out. Peter From David.Bear at asu.edu Fri Mar 30 00:54:48 2001 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:34:04 2003 Subject: unix perm bits Message-ID: I'd like to use samba to share files among unix machines. is there some way to preserve all the unix permission bits across systems? I notice the execute bit is getting turned on by default on file creation. Is this becuase of the mapping of the execute bit to the archive bit? Or do I need a create mask entry to preserve these or is there something uniquely unix? David Bear College of Public Programs/ASU From sharpe at ns.aus.com Fri Mar 30 01:07:22 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:34:04 2003 Subject: unix perm bits In-Reply-To: Message-ID: <3.0.6.32.20010330100722.00ea2840@10.0.2.1> At 12:54 AM 3/30/01 +0000, iddwb wrote: > >I'd like to use samba to share files among unix machines. is there some >way to preserve all the unix permission bits across systems? I notice the >execute bit is getting turned on by default on file creation. Is this >becuase of the mapping of the execute bit to the archive bit? Or do I >need a create mask entry to preserve these or is there something uniquely >unix? Hmmm, I don't think that this is what Samba is for. Have you looked at GFS or any one of the other UNIX like shared file systems ... like coda and so forth. >David Bear >College of Public Programs/ASU > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From pilger at kahana.higp.hawaii.edu Fri Mar 30 02:54:31 2001 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:34:04 2003 Subject: unix perm bits References: Message-ID: <3AC3F567.6EE8CAA6@higp.hawaii.edu> For UNIX to UNIX file sharing you should be using NFS. iddwb wrote: > I'd like to use samba to share files among unix machines. is there some > way to preserve all the unix permission bits across systems? I notice the > execute bit is getting turned on by default on file creation. Is this > becuase of the mapping of the execute bit to the archive bit? Or do I > need a create mask entry to preserve these or is there something uniquely > unix? > > David Bear > College of Public Programs/ASU -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From eirvine at tpgi.com.au Fri Mar 30 08:49:37 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:34:04 2003 Subject: Windows 95 with SMB Update References: <3AC3122D.F57A1F9D@azcher.kharkov.ua> Message-ID: <3AC448A1.EDD2FC7F@tpgi.com.au> Virgo wrote: > > Hi! > In the book Using samba is written > "Windows 95 - Non-encrypted password > Windows 95 with SMB Update - Encrypted password" There was a second edition of Windows 95. It defaulted to encrypted passwords. If you have the first edition, I think you just add a registry entry to get encrypted passwords. Eddie. From lgroslegiat{locally} at swan.fr Fri Mar 30 09:14:02 2001 From: lgroslegiat{locally} at swan.fr (Laurent Groslegiat) Date: Tue Dec 2 02:34:04 2003 Subject: smbmount or similar Message-ID: <31E92AD67A68D411B21645000000020016FEBE@AS400NT> Good moorning, I'm looking for the command smbmount or similar (compiled files, not just sources) for Sun Solaris 2.5.1 on Sparc, compatible with version 2.0.3 of Samba. I'd like to mount a NT share on Solaris without using a NFS server daemon running on my NT server, because we found that NT doesn't act very well as NFS server. We found a smbmount for Linux, that allow us to mount a NT share directly from /etc/fstab table. Does it exist anything like this for Solaris ? Thank you very much to all the people who can help me. Best regards From whyberg at omgtu.omskelecom.ru Fri Mar 30 11:47:18 2001 From: whyberg at omgtu.omskelecom.ru (Andrew Artemyev) Date: Tue Dec 2 02:34:04 2003 Subject: driver upload problem with samba 2.2.0_alpha3 Message-ID: <04bf01c0b90f$2cb6cf40$1700a8c0@whyberg.omgtunet> Hello all! Samba works fine. GREATE WORK OF SAMBA TEAM!!! But when i try to upload more than one driver for printers samba writes to log: [2001/03/30 13:30:18, 0] printing/nt_printing.c:move_driver_to_download_area(1178) move_driver_to_download_area: Unable to rename [WIN40/hpblgbe.drv] to [WIN40/0/hpblgbe.drv] and then if i try to download driver to workstation, samba says that driver is not instaled Samba cvs version, last night update. Imprints ver 0.0.9 printer drivers: HP 5000 PCL6 HP 1100 HP 4l PCL5e From chabrol at webonomics.de Fri Mar 30 12:22:32 2001 From: chabrol at webonomics.de (Daniel Chabrol) Date: Tue Dec 2 02:34:04 2003 Subject: samba 2.2.0alpha3 locking/profile problem with win2k Message-ID: <00d701c0b914$18a7aba0$b86de2c3@webonomics.de> Hello, I'm using Samba 2.2.0-alpha3 (because I need the domain functionality together with win 2000). Win 2k seems sometimes to lock the userprofile if you shut down the computer without logging out before it. This causes problems if you shut down a workstation and try to log on from another one. Then this workstation is unable to read the profile information on the server, until I restart samba (therefeore deleting the lock). I tried to circumnavigate this effect by disabling the locking in the profile-share. But with smbstatus there are sometimes still filelocks on the profiles-share! Any idea how I can prevent the locking? Here my smb.conf for reference: # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 workgroup = KONAPHARMA # server string is the equivalent of the NT Description field server string = Phoenix Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page hosts allow = 192.168.168. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this ; load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /usr/local/samba/var/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = domain # Use password server option only with security = server ; password server = # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /usr/local/samba/lib/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat logon script = logon.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below logon path = \\%L\profiles\%U # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no #============================ Share Definitions ============================== [homes] comment = Heimatverzeichnis browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = yes writable = no share modes = no locking = no [gemeinsam] comment = Gemeinsame Dateien path = /home/samba writable = yes directory mask = 0775 # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [profiles] path = /usr/local/samba/profiles comment = Benutzerprofile browseable = no writable = yes locking = no fake oplocks = yes guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer ;[printers] ; comment = All Printers ; path = /usr/spool/samba ; browseable = no # Set public = yes to allow user 'guest account' to print ; guest ok = no ; writable = no ; printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %U option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 Best regards, Daniel Chabrol From sivert.carlsson at smi.mas.lu.se Fri Mar 30 14:16:47 2001 From: sivert.carlsson at smi.mas.lu.se (Sivert Carlsson) Date: Tue Dec 2 02:34:04 2003 Subject: 2 versions av samba at the same time Message-ID: <4.3.2.7.2.20010330160435.00cd55d0@gustaf.smi.mas.lu.se> Hi, I have been using samba (for the moment version 2.0.7) for some years now on Sun's Solaris, with good results and want to try out version 2.2.0. Is it possible to have two versions of samba running on the same time and if that is possible what do I have to consider setting up a test for version 2.2.0? I don't want to close version 2.0.7. I have been trying to run both but got the following message in the log-file log.smbd: bind failed on port 139 socket_addr=0.0.0.0 (Address already in use) What does this mean? Regards, Sivert -------------- next part -------------- HTML attachment scrubbed and removed From theodore at eexi.gr Fri Mar 30 14:28:15 2001 From: theodore at eexi.gr (Theodore J. Soldatos) Date: Tue Dec 2 02:34:04 2003 Subject: Member Samba server of Samba domain not working correctly. Message-ID: <3AC497FF.1090404@eexi.gr> Hello, I'm using Samba 2.2.0alpha3, running on 2.2.18 kernel with Linux ACLs enabled. The problem appears in both WinNT 4.0 and Win2000 clients. I have 2 servers: The first (Yeb, 10.0.170.7) is the PDC. Clients can login as expected, change file permissions etc. The second (Yog, 10.0.170.8) is the file server. Home directories and profiles reside in this server. I have created the Yog machine account in Yeb and joined the domain (from Yog) using "smbpasswd -j TEST_DOMAIN". No errors, the record in smbpasswd of Yeb updated. In the Samba 2.2 PDC FAQ there was a mention of a SID file which is created when a Samba server joins a Samba domain, which in my case it should be TEST_DOMAIN.YOG.SID. The FAQ is not very clear about that file. In the private directory of both servers i can find a MACHINE.SID file only, i am not sure if this is correct. When i open the TEST_DOMAIN domain from a client (Network Neighborhood), both servers appear under TEST_DOMAIN. If i check the properties of the machines, the "Domain:" field of Yeb displays (correctly) "TEST_DOMAIN", but the same field on Yog displays "YOG". The result of all that is that when i try to change file permissions of files residing on the file server (Yog), the client looks for the domain controller of the YOG domain, which is wrong (and not found, of course), so the TEST_DOMAIN user list is not available.. If i try to do the same on files either on the PDC or on the local disk, i'm getting the correct user list from TEST_DOMAIN. In short, the member server appears to be partially member of TEST_DOMAIN and partially (and mostly) member of a non-existent domain which has the same name with itself. Here are some files: The Yeb (PDC, 10.0.170.7) smb.conf: --- Cut here --- [global] local master = yes preferred master = yes domain master = yes security = user status = yes workgroup = TEST_DOMAIN wins support = yes encrypt passwords = yes domain logons =yes logon script = scripts\%U.bat domain admin group = @adm add user script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %m$ delete user script = /usr/sbin/userdel %m$ guest account = ftp share modes=no os level=65 username map = /usr/local/samba/lib/users.map log file = /usr/local/samba/var/log.%m logon home = "\\YOG\%U" logon path = "\\YOG\%U\profile" [homes] writeable = yes guest ok = no read only = no create mask = 0744 directory mask = 0744 force create mode = 0744 force directory mode = 0744 inherit permissions = yes oplocks = false locking = no [netlogon] path = /usr/local/samba/netlogon writeable = no guest ok = no --- cut here --- The Yog (file server, 10.0.170.8) smb.conf: --- Cut here --- [global] workgroup = TEST_DOMAIN security = DOMAIN status = yes wins support = no wins server = 10.0.170.7 encrypt passwords = yes domain logons = no password server = 10.0.170.7 logon script = scripts\%U.bat domain admin group = @adm add user script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %m$ delete user script = /usr/sbin/userdel %m$ guest account = ftp share modes=no os level=65 username map = /usr/local/samba/lib/users.map netbios name = YOG log file = /usr/local/samba/var/log.%m [homes] writeable = yes guest ok = no read only = no create mask = 0744 directory mask = 0744 force create mode = 0744 force directory mode = 0744 inherit permissions = yes oplocks = false locking = no [netlogon] path = /usr/local/samba/netlogon writeable = no guest ok = no --- cut here --- The PDC wins.dat file (TSOL is a user account, VM2000 is a Win2000 client): --- Cut here --- VERSION 1 226698 "TEST_DOMAIN#00" 986220484 255.255.255.255 c4R "TEST_DOMAIN#1b" 986219928 10.0.170.7 44R "TEST_DOMAIN#1c" 986219928 10.0.170.7 c4R "TEST_DOMAIN#1e" 986220484 255.255.255.255 c4R "TSOL#03" 986259094 10.0.161.227 64R "VM2000#00" 986253433 10.0.161.227 64R "VM2000#03" 986253437 10.0.161.227 64R "VM2000#20" 986253438 10.0.161.227 64R "YEB#00" 986219928 10.0.170.7 46R "YEB#03" 986219928 10.0.170.7 46R "YEB#20" 986219928 10.0.170.7 46R "YOG#00" 986220484 10.0.170.8 44R "YOG#03" 986220484 10.0.170.8 44R "YOG#20" 986220484 10.0.170.8 44R --- cut here --- Thanks in advance, T. -- Theodore=J.=Soldatos=_\_="There=is=always=a=bug=somewhere",=said==HAL=to=the== = theodore@eexi.gr =_/_==Ultimate=Programmer,=and=turned=off=the=air=supply.= = bafh@hellug.gr =_\_="Everybody=knows=the=war=is=over,==================== = tsol@space.gr =_/_==everybody=knows=the=good=guys=lost"===Leonard=Cohen= =====================_\_============ http://w4u.eexi.gr/~theodore ============ === Space Hellas ====_/_=========== Finger: theodore@aurora.eexi.gr ========== From M.hoeneveld at hes-rdam.nl Fri Mar 30 14:30:08 2001 From: M.hoeneveld at hes-rdam.nl (Maurice Hoeneveld) Date: Tue Dec 2 02:34:04 2003 Subject: FTP-server and NT user authentication Message-ID: <5.0.2.1.2.20010330162600.00a66150@mntm.hes-rdam.nl> Hello all I have a question and hope someone can give me a hint. After some experimenting with Samba it worked to create a Solaris machine which holds the 6000 shares for our users. Each users is automaticaly connected to his own share when logging on to the NT domain. The next step is that we want to give access to the machine from outsite using FTP. Does anyone know a FTP server which can be configured to use the NT user authentication to log in to this Solaris machine? Or can I make a configuration of samba so it joines our NT domain as a fileserver and is also accasible for the users via ftp with their own username/password. Any help is appreciated. Thanks for your time Maurice Hoeneveld Technical System Engineer E-mail : m.hoeneveld@hes-rdam.nl Hogeschool voor Economische Studies Kralingse Zoom 91 Postbus 4030 3006 AA Rotterdam The Netherlands From Magnus.Sundberg at dican.se Fri Mar 30 15:07:18 2001 From: Magnus.Sundberg at dican.se (Magnus Sundberg) Date: Tue Dec 2 02:34:04 2003 Subject: F-secure and Samba as PDC Message-ID: <3AC4A126.12C4649F@dican.se> Dear sirs, I am running samba version 2.0.6 with NT4 clients. I have no global account with admin privileges. When I run F-secure Policy manager, I get the reply from all the clients unable to access registry. Is this possible in later reviews of samba. Anybody that has implemented F-secure successfully with samba as PDC? regards, Magnus Sundberg From gcarter at valinux.com Fri Mar 30 15:07:41 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:04 2003 Subject: Windows 95 with SMB Update In-Reply-To: <3AC448A1.EDD2FC7F@tpgi.com.au>; from eirvine@tpgi.com.au on Fri, Mar 30, 2001 at 02:49:37 -0600 References: <3AC3122D.F57A1F9D@azcher.kharkov.ua> <3AC448A1.EDD2FC7F@tpgi.com.au> Message-ID: <20010330090741.E2697@pogo.plainjoe.org> On Fri, 30 Mar 2001 02:49:37 eirvine wrote: > > There was a second edition of Windows 95. It > defaulted to encrypted passwords. > If you have the first edition, I think you just > add a registry entry to get encrypted passwords. Nope. All MS operating systems support password encryption. The redirector update made the default behavior to not send the clear text of the password if the server did not support password encryption. And theredirector update existed for with Win95 upgrade, retail, and OSR2.x. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From simo.sorce at polimi.it Fri Mar 30 15:13:01 2001 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:34:04 2003 Subject: FTP-server and NT user authentication In-Reply-To: <5.0.2.1.2.20010330162600.00a66150@mntm.hes-rdam.nl> Message-ID: I think you can try pam_smb or winbind to have samba authenticate the logon to your machine and also to the ftp server. On Fri, 30 Mar 2001, Maurice Hoeneveld wrote: > Hello all > > I have a question and hope someone can give me a hint. > > After some experimenting with Samba it worked to create a Solaris machine > which holds the 6000 shares for our users. Each users is automaticaly > connected to his own share when logging on to the NT domain. > The next step is that we want to give access to the machine from outsite > using FTP. > Does anyone know a FTP server which can be configured to use the NT user > authentication to log in to this Solaris machine? > Or can I make a configuration of samba so it joines our NT domain as a > fileserver and is also accasible for the users via ftp with their own > username/password. > > Any help is appreciated. > Thanks for your time > > > Maurice Hoeneveld > Technical System Engineer > E-mail : m.hoeneveld@hes-rdam.nl > > Hogeschool voor Economische Studies > Kralingse Zoom 91 > Postbus 4030 > 3006 AA Rotterdam > The Netherlands > > > -- Simo Sorce - Linux Systems Consultant E-mail: simo.sorce@polimi.it Tel: +39 0348 7149179 - Fax: +39 02 700442399 ----------------------------------------------------------------- Be happy, use Linux! From gcarter at valinux.com Fri Mar 30 15:47:16 2001 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:34:04 2003 Subject: 2 versions av samba at the same time In-Reply-To: <4.3.2.7.2.20010330160435.00cd55d0@gustaf.smi.mas.lu.se>; from sivert.carlsson@smi.mas.lu.se on Fri, Mar 30, 2001 at 08:16:47 -0600 References: <4.3.2.7.2.20010330160435.00cd55d0@gustaf.smi.mas.lu.se> Message-ID: <20010330094716.I3325@pogo.plainjoe.org> On Fri, 30 Mar 2001 08:16:47 Sivert Carlsson wrote: > > Is it possible to have two versions of samba running on > the same time and if that is possible what do I have to > consider setting up a test for version 2.2.0? I don't want > to close version 2.0.7. Make a virtual interface on the Sun box. And check out interfaces bind interfaces only socket address (may not be neccessary anymore) in smb.conf(5) Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From bferrell at microdisplay.com Fri Mar 30 17:41:34 2001 From: bferrell at microdisplay.com (Bruce Ferrell) Date: Tue Dec 2 02:34:04 2003 Subject: problem rejoining domain Message-ID: <3AC4C54E.795CA311@microdisplay.com> Oh do I have a good one! I have a user who like to test things. I got his Win2K workstation into a 2.2alpha3 controlled domain by carefully following instructions. i.e. setting up so that the samba server auto adds the machine account to the linux password file and to smbpasswd. No traces of the workstation in /etc/passwd or smbpasswd. root used to add the machine account to the domein. Too cool and smooth. He wanted to see how it worked, so he removed himself from the domain. Now I can't get him back in to save my soul! I keep getting the following message: "The account used is a computer account. Use your Global user account or local user account to access this server." Thanks in advance, Bruce Ferrell From bferrell at microdisplay.com Fri Mar 30 18:26:11 2001 From: bferrell at microdisplay.com (Bruce Ferrell) Date: Tue Dec 2 02:34:04 2003 Subject: problem rejoining domain References: <3AC4C54E.795CA311@microdisplay.com> <20010330114352.E24287@smccomas> Message-ID: <3AC4CFC3.29A47BFE@microdisplay.com> Thanks Stacey, It turned out to be something corrupt in my /usr/local/samba/private/smbpasswd file. I reverted to the version from before I had mass added my users and the workstation went right in. Guess I get to re-add everybody without using mksmbpasswd.sh :( Oh well, I tried. Just as a by the by, I've observer an NT4SP6 workstation making continous connect to IPC$ as nobody. Any ideas? Bruce Ferrell Stacey McComas wrote: > Hello Bruce - > > Delete the computer account from smbpasswd, then re-add the machine to the > domain. > > Hope this helps, > > Stacey > > On 03.30.2001 11:41 Bruce Ferrell wrote: > > Oh do I have a good one! > > > > I have a user who like to test things. I got his Win2K workstation into > > a 2.2alpha3 controlled domain by carefully following instructions. i.e. > > setting up so that the samba server auto adds the machine account to the > > linux password file and to smbpasswd. No traces of the workstation in > > /etc/passwd or smbpasswd. root used to add the machine account to the > > domein. Too cool and smooth. He wanted to see how it worked, so he > > removed himself from the domain. Now I can't get him back in to save my > > soul! I keep getting the following message: "The account used is a > > computer account. Use your Global user account or local user account to > > access this server." > > > > Thanks in advance, > > > > Bruce Ferrell > > > > > > > > From sharpe at ns.aus.com Fri Mar 30 22:22:33 2001 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:34:04 2003 Subject: problem rejoining domain In-Reply-To: <3AC4C54E.795CA311@microdisplay.com> Message-ID: <3.0.6.32.20010331072233.00e73b10@10.0.2.1> At 09:41 AM 3/30/01 -0800, Bruce Ferrell wrote: >Oh do I have a good one! > >I have a user who like to test things. I got his Win2K workstation into >a 2.2alpha3 controlled domain by carefully following instructions. i.e. >setting up so that the samba server auto adds the machine account to the >linux password file and to smbpasswd. No traces of the workstation in >/etc/passwd or smbpasswd. root used to add the machine account to the >domein. Too cool and smooth. He wanted to see how it worked, so he >removed himself from the domain. Now I can't get him back in to save my >soul! I keep getting the following message: "The account used is a >computer account. Use your Global user account or local user account to >access this server." Remove the entry from /etc/smbpasswd ... >Thanks in advance, > >Bruce Ferrell Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.ethereal.com) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From klo at broadbase.com Sat Mar 31 06:30:35 2001 From: klo at broadbase.com (Kinkoi Lo) Date: Tue Dec 2 02:34:04 2003 Subject: The account is not authorized to log in from this station Message-ID: <11E7B6589344D411A315009027CC798215F1D7@hermes.broadbase.com> Hi, I come across the following mail from the web. [global] # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes By the setting the encrypt passwords to yes should do the trick. > = > I am running Samba on a Sun Solaris 2.6. Since I so far = > haven't had any > problems with Samba, I am still running v.1.9.17p3. > = > Now my company has installed a Win 2000 Server running Citrix = > Metaframe. We > want to connect \home and \tmp as network disks in the Metaframe > environment, but when we try to connect to our Sun Server, = > the message "The > account is not authorized to log in from this station" appears. I have > enabled PlainTextPassword, but that doesn't help, I have = > tried to connect > using: net use h: \\"ip-adress"'home and net use h: = > \\"servername"\home, but > none of them works. > = > Does anyone know if there is any solution to our problem ? > = > Regards, > = > Christian Iversen > = From datk at albury.net.au Sat Mar 24 14:37:43 2001 From: datk at albury.net.au (David Atkinson) Date: Tue Dec 2 02:34:05 2003 Subject: Samba Development Status Query Message-ID: Hi, Where excatly are the various Samba projects at. I know that both TNG & Samba 2.2 are both Alpha, but how alpha are they. Is there any documentation outlining what the diferent samba projects can and can't do and how reliably they can do the implemented stuff. Regards, David Atkinson