From kris.ozzy at lineone.net Thu Sep 13 15:30:05 2001 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:35:30 2003 Subject: Files in /tmp Message-ID: Hi, After upgrading from 2.2.0a to 2.2.1a I have noticed that there are hundreds of files being created in the /tmp directory on the samba server box acting as a PDC. I have win2k professional workstations connecting to the server. The files are out_api_wkssvc_rpc_* SMBWrite* SMBtrans* can anyone offer any suggestions?? Cheers Kris ------ Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From npande at bajajauto.co.in Thu Sep 13 20:23:04 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:35:31 2003 Subject: Files in /tmp References: Message-ID: <3BA17B3F.29851D9A@bajajauto.co.in> Kris, They are same as those "tmp" files created by windoze. I had deleted those files off my Samba server, and luckily everything was ok. However, I would suggest that you first move those files to another place and see if something goes wrong. Ciao, Nitin :) Mail Administrator Kristyan Osborne wrote: > Hi, > > After upgrading from 2.2.0a to 2.2.1a I have noticed that there are hundreds > of files being created in the /tmp directory on the samba server box acting > as a PDC. > I have win2k professional workstations connecting to the server. > > The files are > > out_api_wkssvc_rpc_* > SMBWrite* > SMBtrans* > > can anyone offer any suggestions?? > > Cheers > > Kris > > ------ > Computers are like airconditioners: They stop working properly if you open > windows. > Win95: A 32-bit patch for a 16-bit GUI shell running on top of an > 8-bit operating system written for a 4-bit processor by a > 2-bit company who cannot stand 1 bit of competition. From coolcpu at globetrotter.net Thu Sep 13 21:38:02 2001 From: coolcpu at globetrotter.net (Robert Poirier) Date: Tue Dec 2 02:35:31 2003 Subject: Prob joining W2k Domain after trying with XP Message-ID: <000a01c13cd7$77ad0ef0$2801a8c0@w2k.srv> Hi all, First, my Samba PDC is accepting well Domain logon from W2K machines. The problem is that I tryed to log to my domain with a Windows XP machine (called "Athlon") that was supposed to be replacing a W2K machine (for testing purposes an that is having teh same machine name "Athlon"). As others already mentionned in this mailling list there is a problem with XP. Up to there NP. The problem came up when I wanted rejoin the W2K machine ( As mentionned earlier it as the same machine name as the XP box), I have an error message that I will try to translate the best I can ( since it's in french originally ): An error occured while trying to join domain service # (witch service is my domain name) The given Identification Informations are conflicting with an existent reference set Any hints? -------------- next part -------------- HTML attachment scrubbed and removed From coolcpu at globetrotter.net Thu Sep 13 21:41:05 2001 From: coolcpu at globetrotter.net (Robert Poirier) Date: Tue Dec 2 02:35:31 2003 Subject: Fw: Prob joining W2k Domain after trying with XP Message-ID: <000c01c13cd7$dc816fb0$2801a8c0@w2k.srv> Hi all, First, my Samba PDC is accepting well Domain logon from W2K machines. The problem is that I tryed to log to my domain with a Windows XP machine (called "Athlon") that was supposed to be replacing a W2K machine (for testing purposes an that is having teh same machine name "Athlon"). As others already mentionned in this mailling list there is a problem with XP. Up to there NP. The problem came up when I wanted rejoin the W2K machine ( As mentionned earlier it as the same machine name as the XP box), I have an error message that I will try to translate the best I can ( since it's in french originally ): An error occured while trying to join domain service # (witch service is my domain name) The given Identification Informations are conflicting with an existent reference set Any hints? sorry for the first message it looks like it was a little screed ... -------------- next part -------------- HTML attachment scrubbed and removed From webmaster at viitindia.org Thu Sep 13 23:01:04 2001 From: webmaster at viitindia.org (Shekhar) Date: Tue Dec 2 02:35:31 2003 Subject: Samba 2.2.1a eating CPU Message-ID: <007e01c13ce0$ca843f50$010010ac@iis> I had Samba 2.2.0-alpha3 working fine. Now I upgraded it to 2.2.1a. Now file serving is considerably slow. And smbd processes are eating CPU. TIA Shekhar System Administrator, VIIT Telefax: +91-2112-43476 to 79 Ext: 216 Email: webmaster@viitindia.org Web: www.viitindia.org ----------------------------------------- Check out baramatiinitiatives.com for World Bank Workshop info held in Baramati From webmaster at viitindia.org Thu Sep 13 23:12:02 2001 From: webmaster at viitindia.org (Shekhar) Date: Tue Dec 2 02:35:31 2003 Subject: Samba and PDCs References: <004b01c13c69$87604330$f90010ac@lilmike> Message-ID: <002401c13cde$dce33a90$010010ac@iis> U should upgrade to Latest Samba. Shekhar System Administrator, VIIT Telefax: +91-2112-43476 to 79 Ext: 216 Email: webmaster@viitindia.org Web: www.viitindia.org ----------------------------------------- Check out baramatiinitiatives.com for World Bank Workshop info held in Baramati ----- Original Message ----- From: "Michael Roantree" To: Sent: Thursday, September 13, 2001 8:34 AM Subject: Samba and PDCs > I have build the latest version of samba as of 13 September 2000, it is > running on RH7.1 and everything is fine regarding the sharing of files etc. > > When I try to run it as a PDC and try to log onto the domain using a 2kpro > client I get the following error when trying to use root to log in. > > 'The account is a user account, Use your global user account or local user > account to access this server' > > Any help would be appreciated. > > Thanks > > Mike > > > ______________________________________________________________________ > > First Option's outgoing email policy is at > http://www.firstoption.com/emailpolicy.html, but a short summary is :- > > - all email/attachments are confidential; do not use, circulate or release > without our consent > > - email is not authorised unless it is on First Option business > > - email is not binding unless it is from an authorised person > and is signed with a digital certificate > > First Option Ltd. - Switchboard +44 (0) 1962 738200 > Signal House, Jacklyns Lane, Alresford, Hants, SO24 9JJ, United Kingdom > _______________________________________________________________________ From magnus at hig.se Thu Sep 13 23:28:03 2001 From: magnus at hig.se (Magnus Larsson) Date: Tue Dec 2 02:35:31 2003 Subject: Samba 2.2.1a eating CPU In-Reply-To: <007e01c13ce0$ca843f50$010010ac@iis> Message-ID: Hi! I had the same problem. But when we disabled oplocks it have worked fine. Even if it's just a couple of days ago but before we disabled it we had to restart the deamon a couple of time a day. //Mvh Magnus Larsson N?tverksansvarig / IT-enheten E-Mail: Magnus.Larsson@hig.se H?gskolan i G?vle Tel. 026 - 64 86 01 Kungsb?cksv?gen 47 801 76 G?vle On Thu, 13 Sep 2001, Shekhar wrote: > I had Samba 2.2.0-alpha3 working fine. Now I upgraded it to 2.2.1a. Now file > serving is considerably slow. And smbd processes are eating CPU. > > TIA > > Shekhar > System Administrator, VIIT > Telefax: +91-2112-43476 to 79 Ext: 216 > Email: webmaster@viitindia.org > Web: www.viitindia.org > ----------------------------------------- > Check out baramatiinitiatives.com for > World Bank Workshop > info held in Baramati > > > > From philippe.besson at philips.com Fri Sep 14 02:38:01 2001 From: philippe.besson at philips.com (philippe.besson@philips.com) Date: Tue Dec 2 02:35:31 2003 Subject: User account with Win2k as client on Samba domain Message-ID: Hello, I have install Samba 2.2.1a on a SuSe 7.0 dual processor server. After create an account machine in Linux user and add it on smbpasswd, I have log on the Samba domain with my client Win2K (in French version)and that OK I have log on Local domain on my W2K worstation and copy my profil to the share directory on samba server. When I log to samba domain the login works, the profil is loaded and I get Dr. Watson activated. Only thing possible now is Ctrl-Alt-Del and logoff session. I have deleted the server profil, it is ok to login but many applications do not work or can not be install. To be able to work on domain with my w2k wks, I have added the domain user in the local administrator group. In that situation everithing works wellbut the problem is that all users are local administrator. I have try to add the domain user on other groups (like User or Power user) without success. When on w2k I do a "net domaingroup /DOMAIN", I get a list of groups with group names "like" windows goups, In English. Is it Language problem ? On server samba it self, I do not find any groups with these names in Linux groups or other config files of samba. Must I found it in source files, modified and recompil ??? I have looking on different site about samba and linux but unsuccessfull and I hope that one of you have a solution to help me. Regards and sorry for my poor english. From pascal.duquenoy at yucom.be Fri Sep 14 05:11:17 2001 From: pascal.duquenoy at yucom.be (Pascal Duquenoy) Date: Tue Dec 2 02:35:31 2003 Subject: profile share Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello from belgium well, well. My problem is, when i logoff (W2K PRO) my profile doesn't be saved on the PDC. Here is my smb.conf. Any could help me please Thanks ps: i use samba-2.2.1a (./configure;make;make install) # Samba config file created using SWAT # from UNKNOWN (10.0.0.10) # Date: 2001/09/08 01:58:26 # Global parameters [global] code page directory = /usr/lib/samba/codepages workgroup = NETFORCE netbios name = SAMBA netbios aliases = time file server string = Samba %v on (%L) interfaces = 10.0.0.1/24 127.0.0.1/8 encrypt passwords = Yes null passwords = Yes smb passwd file = /usr/lib/samba/private/smbpasswd passwd program = /usr/bin/passwd %u unix password sync = Yes log file = /var/adm/smb.log time server = Yes deadtime = 30 socket options = TCP_NODELAY SO_KEEPALIVE domain admin group = @adm logon script = %U.bat logon path = \\samba\profile\%U logon drive = P: domain logons = Yes os level = 40 preferred master = True domain master = True template homedir = /home/%U guest account = printer valid users = @adm, @usernetforce, @root, @users admin users = root, pascal read list = @adm, @usernetforce, @root, @users write list = @adm, @usernetforce, @root, @users printer admin = pascal create mask = 0600 directory mask = 0700 hosts allow = 10.0.0. localhost hosts deny = ALL EXCEPT 10.0.0. localhost printer driver file = /home/printer/drivers/printer.def include = /etc/smb.UNKNOWN.conf [netlogon] comment = Service de connection au domaine NETFORCE read only path = /attic/samba/netlogon/ write list = root, pascal [logonadmin] comment = Service de connection au domaine NETFORCE writable path = /attic/samba/netlogon/ valid users = root, duquenoy read only = No [FILE] comment = Root's files path = /attic/file/ valid users = root, duquenoy, @users read only = No create mask = 0660 directory mask = 0770 [BACKUP] comment = Backup Directory path = /attic/file/linux/backup/ valid users = root, duquenoy read only = No create mask = 0660 directory mask = 0770 [homes] comment = Dossier Home de %U invalid users = bin deamon adm lp sync shutdown halt mail news uucp operator ftp games gdm nobody valid users = @users read only = No browseable = No exec = echo "`date` : L'utilisateur \"%u\" s'est connect? au serveur \"%L\" ? partir du client(%a) \"%m\"(%I)">>/var/log/samba.users.log postexec = echo "`date` : L'utilisateur \"%u\" s'est d?connect? au serveur \"%L\" ? partir du client(%a) \"%m\"(%I)">>/var/log/samba.users.log [Pubique2] comment = Pubic's files path = /floor1/file1/ valid users = @users read only = No create mask = 0660 directory mask = 0770 [CDROM] comment = CD-ROM de office 2000 path = /cdrom/ invalid users = bin deamon adm lp sync shutdown halt mail news uucp operator ftp games gdm nobody valid users = @users [tmp] comment = temporary files path = /tmp valid users = @users [PRINTER$] path = /home/printer/drivers/ guest ok = Yes [hp500] comment = Imprimante hp 500 sur Samba path = /var/spool/samba/cledoris/ valid users = @root, @users printable = Yes print command = /usr/bin/lpr -r -P lp %s lpq command = lpq -P lp lprm command = lprm -P lp %j printer name = lp printer driver = HP DeskJet 500 printer driver location = \\samba\lp [profile] comment = User Profiles path = /attic/samba/profiles read only = No security mask = 0700 guest ok = yes create mask = 0600 directory mask = 0700 browseable = yes force create mode = 0600 force directory mode = 0700 writeable = yes -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use iQA/AwUBO6H16STeFgeT1M2OEQI8owCfb9N4lwMqegUReFh1obxF9hRFRaIAnRW/ +eC9r/e56KWobznZEP3gvez6 =P9DA -----END PGP SIGNATURE----- From greg at leiinc.com Fri Sep 14 09:00:10 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:35:31 2003 Subject: Win 98 machines can't access shares with 2.2.1pre CVS download from today Message-ID: I downloaded and installed Samba 2.2.2pre from CVS this morning and my win98 machines can?t access any shares except those on the samba machine itself. Everything works fine if I go back to a CVS pull from about Aug. 5 (my most recent download next to this morning). Has something changed? Thank you. Greg J. Zartman, P.E. Vice-President Logging Engineering International, Inc. 1243 West 7th Avenue Eugene, Oregon 97402 541-683-8383 Fax 541-683-8144 Web: www.leiinc.com -------------- next part -------------- HTML attachment scrubbed and removed From ddouglass at denverdata.com Fri Sep 14 11:59:03 2001 From: ddouglass at denverdata.com (Doug Douglass) Date: Tue Dec 2 02:35:31 2003 Subject: Samba and PDCs In-Reply-To: <002401c13cde$dce33a90$010010ac@iis> Message-ID: I got this message the other day when adding a W2K machine to my Samba 2.2.1a + LDAP patch PDC. My problem was the Samba account I was using to add the machine to the domain (effectively the root account) did not have permission to modify the LDAP entry for the machine account. Added ldap root and ldap root passwd to smb.conf and all was fine. hope that helps, Doug > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Shekhar > Sent: Thursday, September 13, 2001 11:34 PM > To: Michael Roantree > Cc: samba-ntdom@lists.samba.org > Subject: Re: Samba and PDCs > > > U should upgrade to Latest Samba. > > Shekhar > System Administrator, VIIT > Telefax: +91-2112-43476 to 79 Ext: 216 > Email: webmaster@viitindia.org > Web: www.viitindia.org > ----------------------------------------- > Check out baramatiinitiatives.com for > World Bank Workshop > info held in Baramati > > ----- Original Message ----- > From: "Michael Roantree" > To: > Sent: Thursday, September 13, 2001 8:34 AM > Subject: Samba and PDCs > > > > I have build the latest version of samba as of 13 September 2000, it is > > running on RH7.1 and everything is fine regarding the sharing of files > etc. > > > > When I try to run it as a PDC and try to log onto the domain > using a 2kpro > > client I get the following error when trying to use root to log in. > > > > 'The account is a user account, Use your global user account or > local user > > account to access this server' > > > > Any help would be appreciated. > > > > Thanks > > > > Mike > > > > > > ______________________________________________________________________ > > > > First Option's outgoing email policy is at > > http://www.firstoption.com/emailpolicy.html, but a short summary is :- > > > > - all email/attachments are confidential; do not use, circulate > or release > > without our consent > > > > - email is not authorised unless it is on First Option business > > > > - email is not binding unless it is from an authorised person > > and is signed with a digital certificate > > > > First Option Ltd. - Switchboard +44 (0) 1962 738200 > > Signal House, Jacklyns Lane, Alresford, Hants, SO24 9JJ, United Kingdom > > _______________________________________________________________________ > > From jra at samba.org Fri Sep 14 13:47:12 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:31 2003 Subject: Samba 2.2.1a eating CPU In-Reply-To: ; from magnus@hig.se on Fri, Sep 14, 2001 at 08:30:54AM +0200 References: <007e01c13ce0$ca843f50$010010ac@iis> Message-ID: <20010914134627.D9639@va.samba.org> On Fri, Sep 14, 2001 at 08:30:54AM +0200, Magnus Larsson wrote: > Hi! > > I had the same problem. But when we disabled oplocks it have worked fine. > Even if it's just a couple of days ago but before we disabled it we had to > restart the deamon a couple of time a day. > > //Mvh Magnus Larsson > > N?tverksansvarig / IT-enheten E-Mail: Magnus.Larsson@hig.se > H?gskolan i G?vle Tel. 026 - 64 86 01 > Kungsb?cksv?gen 47 > 801 76 G?vle > > On Thu, 13 Sep 2001, Shekhar wrote: > > > I had Samba 2.2.0-alpha3 working fine. Now I upgraded it to 2.2.1a. Now file > > serving is considerably slow. And smbd processes are eating CPU. This is a bug in 2.2.1a we fixed recently (a few days ago). We're working on getting 2.2.2 out asap, so in the meantime here is a patch against 2.2.1a which should fix the problem. Cheers, Jeremy Allison, Samba Team. -------------- next part -------------- --- smbd/process.c Thu Jul 5 19:02:02 2001 +++ /export/home/jeremy/src/samba2.2/samba/source/smbd/process.c Fri Sep 14 13:18:19 2001 @@ -207,6 +207,11 @@ signals */ if (selrtn == -1 && errno == EINTR) { async_processing(&fds, buffer, buffer_len); + /* + * After async processing we must go and do the select again, as + * the state of the flag in fds for the server file descriptor is + * indeterminate - we may have done I/O on it in the oplock processing. JRA. + */ goto again; } @@ -223,9 +228,21 @@ return False; } - if (!FD_ISSET(smbd_server_fd(),&fds) || selrtn > 1) { + /* + * Ensure we process oplock break messages by preference. + * This is IMPORTANT ! Otherwise we can starve other processes + * sending us an oplock break message. JRA. + */ + + if (oplock_message_waiting(&fds)) { + DEBUG(10,("receive_message_or_smb: oplock_message is waiting.\n")); async_processing(&fds, buffer, buffer_len); - if (!FD_ISSET(smbd_server_fd(),&fds)) goto again; + /* + * After async processing we must go and do the select again, as + * the state of the flag in fds for the server file descriptor is + * indeterminate - we may have done I/O on it in the oplock processing. JRA. + */ + goto again; } return receive_smb(smbd_server_fd(), buffer, 0); --- smbd/oplock.c Thu Jul 5 19:02:01 2001 +++ /export/home/jeremy/src/samba2.2/samba/source/smbd/oplock.c Thu Sep 6 08:32:25 2001 @@ -48,6 +48,20 @@ return exclusive_oplocks_open; } +/**************************************************************************** + Return True if an oplock message is pending. +****************************************************************************/ + +BOOL oplock_message_waiting(fd_set *fds) +{ + if (koplocks && koplocks->msg_waiting(fds)) + return True; + + if (FD_ISSET(oplock_sock, fds)) + return True; + + return False; +} /**************************************************************************** Read an oplock break message from either the oplock UDP fd or the --- include/proto.h Sun Jul 8 13:29:43 2001 +++ /export/home/jeremy/src/samba2.2/samba/source/include/proto.h Wed Sep 12 12:10:58 2001 @@ -4086,6 +4165,7 @@ /*The following definitions come from smbd/oplock.c */ int32 get_number_of_exclusive_open_oplocks(void); +BOOL oplock_message_waiting(fd_set *fds); BOOL receive_local_message(fd_set *fds, char *buffer, int buffer_len, int timeout); BOOL set_file_oplock(files_struct *fsp, int oplock_type); void release_file_oplock(files_struct *fsp); From josephk at std.teradyne.com Fri Sep 14 15:31:16 2001 From: josephk at std.teradyne.com (Karyn Joseph) Date: Tue Dec 2 02:35:31 2003 Subject: same configuration file References: <3BA10663.EF932270@std.teradyne.com> Message-ID: <3BA285D6.3F24DFF9@std.teradyne.com> Hi -- Does anyone besides us use the same configuration file for two smb servers? We run two servers so that if one is down we can direct our customers to use the other server. So as to not have to edit two configuration files we have one file for both servers. The problem is it's using the same netbios name. Does anyone have a suggestion to help deal with this? I tried to use an include file for the shares but that didn't seem to update properly. Thanks in advance for anyhelp you can offer. -- ________________________________________________ Karyn Joseph EIT - Agoura, CA UNIX Administrator 818/874-6116 ________________________________________________ From john at basicfusion.com Fri Sep 14 15:59:01 2001 From: john at basicfusion.com (John Marsteen) Date: Tue Dec 2 02:35:31 2003 Subject: Yes...Another "newbie" Message-ID: <001b01c13d71$32c080c0$0500a8c0@SWORD> I'm sure this thread has been re-hashed hundreds of times, but I, too, have been stumped by Samba. I'm new to Linux, Samba, and this list, but am trying to utilize our Red Hat Linux box as a file server (only) for now on our Win2K network. It doesn't need to be our PDC. I've been all through the samba.conf file with no luck. Those of us in the workgroup can see the Linux server in the Network Neighborhood, but when trying to access it, we consistently get "\\servername is not accessible." We're running DHCP if that makes any difference. I can ping the Linux server, I can see the shared folders when I run the smbclient -L command, but no matter what we do, we can't access that folder. I've tried enabling encrypted passwords and have set up encrypted passwords, but still with no luck. We've gone through the "Diagnosing Your Samba Server" document, and everything looks great until TEST #8 (net view \\LINUXSERVER ). We get the same "Network Path Not Found" error. Can anyone offer a suggestion? My apologies if this thread has appeared yet again. I've read through many similar threads - but if there is one similar to my own problem that I have missed, a simple link to that thread would be fine. Many thanks. -John -------------- next part -------------- HTML attachment scrubbed and removed From josephk at std.teradyne.com Fri Sep 14 16:05:11 2001 From: josephk at std.teradyne.com (Karyn Joseph) Date: Tue Dec 2 02:35:31 2003 Subject: Guest account???? References: <3BA10663.EF932270@std.teradyne.com> Message-ID: <3BA28DC9.B6E0BB7C@std.teradyne.com> What it looks like it is doing is only recognizing the first "nobody" and no-one else. (That maybe a fluke though, and it is actually not recognizing "nobody" at all.) Any more thoughts??? Thanks so much for your suggestions so far. Karyn Karyn Joseph wrote: > > Hi -- > > 1. Before I upgraded to version 2.2.1 my users were > able to access the server without entering a > password. They only had to enter their password > whenever they tried to access the share. Just > like connecting to any other NT server. Now > when someone connects to \\servername they are > immediately prompted for a password. Any ideas? > > 2. Another closely related issue (I think) is > that my customers also used to be able to access > a certain share that has "guest allow = Yes" > without passing. Now it asks for a password. > > Here are my [Global] and guest share entries: > > [global] > workgroup = DOMAIN > netbios name = NAME > server string = Samba %v on (%L) > min passwd length = 6 > log level = 1 > log file = /net/adm/samba/samba.log.%L > local master = No > wins server = 131.101.208.195 > homedir map = u_auto > NIS homedir = Yes > hosts allow = ###.###. > > [wirelist] > comment = Xwire directory > path = /net/wirelist > read only = No > writeable = Yes > create mask = 0664 > guest ok = Yes > guest only = Yes > > -- > ________________________________________________ > Karyn Joseph EIT - Agoura, CA > UNIX Administrator 818/874-6116 > ________________________________________________ -- ________________________________________________ Karyn Joseph EIT - Agoura, CA UNIX Administrator 818/874-6116 ________________________________________________ From jbeauchamp7 at mindspring.com Fri Sep 14 18:52:02 2001 From: jbeauchamp7 at mindspring.com (James W. Beauchamp) Date: Tue Dec 2 02:35:31 2003 Subject: Yes...Another "newbie" References: <001b01c13d71$32c080c0$0500a8c0@SWORD> Message-ID: <001301c13d8b$54724d10$1501a8c0@kitchen> John: did you create accounts for each of your users on the Linux box? did you create machine accounts for each of the machines? This is how authentication takes place in the absence of either Samba as a PDC or another machine acting as a PDC. You must have encrypted passwords as well (which you said you do). "net view" isn't going to work because you are not authenticated yet and as a result are not authorized to view the box contents. James ----- Original Message ----- From: John Marsteen To: samba-ntdom@lists.samba.org Sent: Friday, September 14, 2001 7:01 PM Subject: Yes...Another "newbie" I'm sure this thread has been re-hashed hundreds of times, but I, too, have been stumped by Samba. I'm new to Linux, Samba, and this list, but am trying to utilize our Red Hat Linux box as a file server (only) for now on our Win2K network. It doesn't need to be our PDC. I've been all through the samba.conf file with no luck. Those of us in the workgroup can see the Linux server in the Network Neighborhood, but when trying to access it, we consistently get "\\servername is not accessible." We're running DHCP if that makes any difference. I can ping the Linux server, I can see the shared folders when I run the smbclient -L command, but no matter what we do, we can't access that folder. I've tried enabling encrypted passwords and have set up encrypted passwords, but still with no luck. We've gone through the "Diagnosing Your Samba Server" document, and everything looks great until TEST #8 (net view \\LINUXSERVER). We get the same "Network Path Not Found" error. Can anyone offer a suggestion? My apologies if this thread has appeared yet again. I've read through many similar threads - but if there is one similar to my own problem that I have missed, a simple link to that thread would be fine. Many thanks. -John From kwillett at ignisys.com Fri Sep 14 19:10:02 2001 From: kwillett at ignisys.com (Ken Willett) Date: Tue Dec 2 02:35:31 2003 Subject: Subject: Samba and PDCs Message-ID: <043b01c13d8b$779c6050$6401a8c0@Titan> There may be multiple solutions to this, but one of these should work: 1. Create an account named "root" with your root password, as a samba account. Then, when asked for the administrator username and password, use root. 2. Create an account named "administrator" with your Windows 2000 administrator password, as a Samba account, and use administrator as the login when joining the domain. > I have build the latest version of samba as of 13 September 2000, it is > running on RH7.1 and everything is fine regarding the sharing of files etc. > > When I try to run it as a PDC and try to log onto the domain using a 2kpro > client I get the following error when trying to use root to log in. > > 'The account is a user account, Use your global user account or local user > account to access this server' > > Any help would be appreciated. > > Thanks > > Mike From dataiv at cgocable.net Sat Sep 15 07:19:02 2001 From: dataiv at cgocable.net (David van Geyn) Date: Tue Dec 2 02:35:32 2003 Subject: Trying Samba 2.2-pre from CVS this morning, cannot connect to NT workstations Message-ID: <000901c13df1$b7c18410$6e02a8c0@dtlan.peon.net> If I try to browse or connect directly (to shares) on any of my NT 4 Workstations from either smbclient, Windows 9x or another Windows NT 4 box, it doesn't work. It's been this way for about 3 weeks, and i've been compiling a new CVS every few days or so. SMBclient gives teh following when trying to connect to one of the NT 4 workstations. If I put the wrong password in, it says what it should, 'Access Denied' radium# smbclient -L david INFO: Debug class all level = 1 (pid 42513 from pid 42513) added interface ip=192.168.2.1 bcast=192.168.2.255 nmask=255.255.255.0 added interface ip=192.168.3.1 bcast=192.168.3.255 nmask=255.255.255.0 Got a positive name query response from 127.0.0.1 ( 192.168.2.110 ) Password: Domain=[ENGINEERING] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] tree connect failed: ERRSRV - ERRbaduid (The UID is not known as a valid ID on this session.) In the log for the system 'david', this shows up: [2001/09/15 10:15:08, 0] rpc_server/srv_netlog.c:api_net_sam_logon(208) api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. [2001/09/15 10:15:08, 0] rpc_server/srv_pipe.c:api_rpcTNP(1204) api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. Any ideas? Is it a bug in the code that hasn't been fixed yet? Thanks, David van Geyn From barth at cck.uni-kl.de Sat Sep 15 10:16:03 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:35:32 2003 Subject: Yes...Another "newbie" In-Reply-To: <001301c13d8b$54724d10$1501a8c0@kitchen> Message-ID: <3BA3A98F.6128.8933FB@localhost> John: an other hint: are you using RH 7.1. It now ships with a software fire wall. The default configuration is "medium security" and blocks the ports 137- 139 that are nessesary for samba. look for ipchains. Christian > John: > did you create accounts for each of your users on the Linux box? did you > create machine accounts for each of the machines? This is how > authentication takes place in the absence of either Samba as a PDC or > another machine acting as a PDC. You must have encrypted passwords as well > (which you said you do). > > "net view" isn't going to work because you are not authenticated yet and as > a result are not authorized to view the box contents. > > James > > ----- Original Message ----- > From: John Marsteen > To: samba-ntdom@lists.samba.org > Sent: Friday, September 14, 2001 7:01 PM > Subject: Yes...Another "newbie" > > > I'm sure this thread has been re-hashed hundreds of times, but I, too, have > been stumped by Samba. I'm new to Linux, Samba, and this list, but am > trying to utilize our Red Hat Linux box as a file server (only) for now on > our Win2K network. It doesn't need to be our PDC. I've been all through > the samba.conf file with no luck. Those of us in the workgroup can see the > Linux server in the Network Neighborhood, but when trying to access it, we > consistently get "\\servername is not accessible." We're running DHCP if > that makes any difference. > > I can ping the Linux server, I can see the shared folders when I run the > smbclient -L command, but no matter what we do, we can't access that folder. > I've tried enabling encrypted passwords and have set up encrypted passwords, > but still with no luck. We've gone through the "Diagnosing Your Samba > Server" document, and everything looks great until TEST #8 (net view > \\LINUXSERVER). We get the same "Network Path Not Found" error. > > Can anyone offer a suggestion? My apologies if this thread has appeared yet > again. I've read through many similar threads - but if there is one similar > to my own problem that I have missed, a simple link to that thread would be > fine. > > Many thanks. > > -John > > > > > > > _(_)_ wWWWw _ @@@@ (_)@(_) vVVVv _ @@@@ (___) _(_)_ @@()@@ wWWWw (_)\ (___) _(_)_ @@()@@ Y (_)@(_) @@@@ (___) `|/ Y (_)@(_) @@@@ \|/ (_)\ / Y \| \|/ /(_) \| |/ | \ | \ |/ | / \ | / \|/ |/ \| \|/ jgs|// \\|/// \\\|//\\\|/// \|/// \\\|// \\|// \\\|// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ From zolki at math.ut.ee Sat Sep 15 13:07:02 2001 From: zolki at math.ut.ee (Indrek Zolk) Date: Tue Dec 2 02:35:32 2003 Subject: Smb->NT: ERRDOS -ERRnoaccess (Access denied.) Message-ID: Hello! I would like to transfer files from a NT machine to FreeBSD machine via Samba, have created a local user on the NT 'backup', and shared out the necessary directories to that user full access. Using smbclient //arb/arvutid -Ubackup%liblikas I get Domain=[RHL] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] smb: \> and now typing ls ERRDOS - ERRnoaccess (Access denied.) listing \* 46186 blocks of size 65536. 4177 blocks available Is there anything else I should share out or configure? Thankfully yours, Indrek Zolk Tartu University, Estonia From larocheg at ntl.sympatico.ca Sun Sep 16 08:29:02 2001 From: larocheg at ntl.sympatico.ca (Gaston & Shelley Larochelle) Date: Tue Dec 2 02:35:32 2003 Subject: Can't seem to get my W2K professional WS to join Samba domain Message-ID: <000801c13ec4$df94af20$0400a8c0@Gaston> Hy everyone, I am having problems getting my W2K WS to join my Samba domain.I am using version 2.2.1a of Samba and SP2 on my WS.It seems every time I try & join the domain I get either "invalid username or bad password." or "something about a set of credentials"I have read and tried all hints in the PDC2.2.0 How-To and FAQ but to no avail.Is there a sample smb.conf file I could base myself on or is my problem DNS related?!Any help would be greatly appreciated.I had things working with Windows ME without a problem. Thanking You In Advance, Gaston Larochelle -------------- next part -------------- HTML attachment scrubbed and removed From kwillett at ignisys.com Sun Sep 16 12:53:02 2001 From: kwillett at ignisys.com (Ken Willett) Date: Tue Dec 2 02:35:32 2003 Subject: Can't seem to get my W2K professional WS to join Samba domain Message-ID: <04a601c13ee9$0d57e250$6401a8c0@Titan> The message about "a conflicting set of credentials" generally means there is an active network connection under one identity, such as a mapped network drive, and you are trying to use a conflicting identity when joining the domain. Make sure to unmap all your drives and close any windows open on network shares before trying to join the domain. Also you may need to log out and log back in, if you have used other network services during the current login session. From BeeckmansO at Abasaf.be Sun Sep 16 15:04:01 2001 From: BeeckmansO at Abasaf.be (Olivier Beeckmans) Date: Tue Dec 2 02:35:32 2003 Subject: Help ! Samba as PDC under E-Smith 4.1.2. Message-ID: <857A02ACF3077D4EAF1F5ADF09C128248295@abasafsrv001.abasaf.cjb.net> Hello samba user, I use samba on an E-Smith version 4.1.2. I've upgraded it with Samba 2.2.1a (I've followed this http://www.familybrown.org/howtos/samba-upgrade-howto-2.html) without trouble. When I try to write a Win2K SP2 workstation or a WinNT4 workstation in the domain with the root or another account, I receive always the same message. The account supplied is a computer account, use a global account I've no connection to the server and the name of the workgroup is not the same of the Domain. What must I do ? Somebody can send me a good smb.conf and smbpasswd or other necessary file to try Thanks a Lot -------------- next part -------------- HTML attachment scrubbed and removed From BeeckmansO at Abasaf.be Sun Sep 16 15:09:02 2001 From: BeeckmansO at Abasaf.be (Olivier Beeckmans) Date: Tue Dec 2 02:35:33 2003 Subject: Help ! Samba as PDC under E-Smith 4.1.2. Message-ID: <857A02ACF3077D4EAF1F5ADF09C128245850@abasafsrv001.abasaf.cjb.net> Sorry I've send first this mail in HTML Format, Here is a Text Version. Hello samba user, I use samba on an E-Smith version 4.1.2. I've upgraded it with Samba 2.2.1a (I've followed this http://www.familybrown.org/howtos/samba-upgrade-howto-2.html) without trouble. When I try to write a Win2K SP2 workstation or a WinNT4 workstation in the domain with the root or another account, I receive always the same message. The account supplied is a computer account, use a global account I've no connection to the server and the name of the workgroup is not the same of the Domain. What must I do ? Somebody can send me a good smb.conf and smbpasswd or other necessary file to try Thanks a Lot From adrian at adrian.nu Sun Sep 16 16:06:02 2001 From: adrian at adrian.nu (Adrian Wallenholm) Date: Tue Dec 2 02:35:33 2003 Subject: Can't seem to get my W2K professional WS to join Samba domain References: <000801c13ec4$df94af20$0400a8c0@Gaston> Message-ID: <000201c13f04$b90adb00$0100a8c0@adrian> I have had the sambe problem for the last three weeks and haven't been able to find a solution. The same server accepts domain logons from a non SP2 W2K, but not from a computer where SP2 is applied. YES! I finally solved the problem during the composition of this letter. When trying to log on to my domain ROOMSERVICE as user "testuser" the log.smbd told me this: [2001/09/17 00:19:49, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(672) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2001/09/17 00:19:49, 0] passdb/smbpass.c:startsmbfilepwent_internal(87) startsmbfilepwent_internal: unable to open file /usr/local/samba/private/smbpasswd. Error was Permission denied [2001/09/17 00:19:49, 0] passdb/smbpass.c:iterate_getsmbpwuid(1240) unable to open smb password database. I then added root as a samba user with 'smbadduser root:root' and then tried to login again, now the server accepted me as a member of the domain. I've tried to work around this error message a few times before, but the idea of logging on as root never struck me. From Holger.Pandel at vrbank-moers.de Mon Sep 17 03:38:01 2001 From: Holger.Pandel at vrbank-moers.de (Holger.Pandel@vrbank-moers.de) Date: Tue Dec 2 02:35:33 2003 Subject: =?iso-8859-1?Q?Windows_XP_and_Samba_2.2.1a:_perhaps_found_a_solution?= Message-ID: <4225.10.92.152.53.1000723250.squirrel@www.vrbank-intern.de> Hi all, it seems, that the messages about "marshalling" in the samba log files when trying to authenticate winxp against samba pdc could be avoided, if you turn OFF the following option: In Computer Managament: Local Security Policy -> Local Policies ---> Security Options -----> There must be an entry(I only have the german test version), which sounds like "Domain Member: Digitally encrypt secure channel data(always)." In the german version it is called "Dom?nenmitglied: Daten des sicheren Kanals digital verschl?sseln (immer)". I switched it to "Disabled" and my domain logon possibility was back again. Hope that helps. Bye Holger From Holger.Pandel at vrbank-moers.de Mon Sep 17 03:51:04 2001 From: Holger.Pandel at vrbank-moers.de (Holger.Pandel@vrbank-moers.de) Date: Tue Dec 2 02:35:37 2003 Subject: =?iso-8859-1?Q?Addition:_Windows_XP_and_Samba_2.2.1a:_perhaps_found_a_solution?= Message-ID: <4479.10.92.152.53.1000724014.squirrel@www.vrbank-intern.de> I poorly have to say, that my test version stopped working, so I can't test any further. I'll have to wait, until the official upgrade version will be available. Greetings Holger > Hi all, > > it seems, that the messages about "marshalling" in the samba log files > when trying to authenticate winxp against samba pdc could be avoided, > if you turn OFF the following option: > > In Computer Managament: > Local Security Policy > -> Local Policies > ---> Security Options > -----> There must be an entry(I only have the german test version), > which sounds like "Domain Member: Digitally encrypt secure channel > data(always)." In the german version it is called "Dom?nenmitglied: > Daten des sicheren Kanals digital verschl?sseln (immer)". > I switched it to "Disabled" and my domain logon possibility was back > again. > > Hope that helps. > > Bye > Holger From ross at a-q.co.uk Mon Sep 17 04:01:01 2001 From: ross at a-q.co.uk (Ross McKillop) Date: Tue Dec 2 02:35:37 2003 Subject: Windows XP and Samba 2.2.1a: perhaps found a solution In-Reply-To: <4225.10.92.152.53.1000723250.squirrel@www.vrbank-intern.de> Message-ID: I have the final edition (english) and the appropriate options are Domain member: Digitally encrypt or sign secure channel data (always) Domain member: Digitally encrypt secure channel data (when possible) Domain member: Digitally sign secure channel data (when possible) The default for all of those is ENABLED, i have disabled all of them (there's no real need for any form of encryption on my INTERNAL network) and it works fine :) Yours, Ross McKillop -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Holger.Pandel@vrbank-moers.de Sent: 17 September 2001 11:41 To: samba-ntdom@lists.samba.org Subject: Windows XP and Samba 2.2.1a: perhaps found a solution Hi all, it seems, that the messages about "marshalling" in the samba log files when trying to authenticate winxp against samba pdc could be avoided, if you turn OFF the following option: In Computer Managament: Local Security Policy -> Local Policies ---> Security Options -----> There must be an entry(I only have the german test version), which sounds like "Domain Member: Digitally encrypt secure channel data(always)." In the german version it is called "Dom?nenmitglied: Daten des sicheren Kanals digital verschl?sseln (immer)". I switched it to "Disabled" and my domain logon possibility was back again. Hope that helps. Bye Holger From everling at comnitel.com Mon Sep 17 04:34:02 2001 From: everling at comnitel.com (Eoin Verling) Date: Tue Dec 2 02:35:37 2003 Subject: kernel panic ... In-Reply-To: <3B8E0497.F523F1C3@shom.fr> Message-ID: Hi, I'm running 2.2.1a on linux kernel 2.4.6 ... I've just recently seen the kernel panic, that sends the machine into an unusable state. It only seems to happen soon after I start samba, bellow is a snip from my messages file ... I'm gonna bring the kernel up to 2.4.7 and see if the problems persists. Any other suggestions? cheers E Sep 14 11:17:00 kerry kernel: scsi0: ERROR on channel 0, id 0, lun 0, CDB: Read (10) 00 01 9e 1e 06 00 0 Sep 14 11:17:00 kerry kernel: Info fld=0x19e1e07, Current sd08:0a: sense key Medium Error Sep 14 11:17:00 kerry kernel: Additional sense indicates Unrecovered read error Sep 14 11:17:00 kerry kernel: I/O error: dev 08:0a, sector 423432 Sep 14 11:20:38 kerry kernel: Unable to handle kernel NULL pointer dereference at virtual address 000000 Sep 14 11:20:38 kerry kernel: printing eip: Sep 14 11:20:38 kerry kernel: c01935f5 Sep 14 11:20:38 kerry kernel: *pde = 00000000 Sep 14 11:20:38 kerry kernel: Oops: 0000 Sep 14 11:20:38 kerry kernel: CPU: 0 Sep 14 11:20:38 kerry kernel: EIP: 0010:[] Sep 14 11:20:38 kerry kernel: EFLAGS: 00010202 Sep 14 11:20:38 kerry kernel: eax: e084e000 ebx: dfa79400 ecx: 00000001 edx: 00000000 Sep 14 11:20:38 kerry kernel: esi: 0000000b edi: 0000000f ebp: e084e108 esp: c18b3edc Sep 14 11:20:38 kerry kernel: ds: 0018 es: 0018 ss: 0018 Sep 14 11:20:38 kerry kernel: Process kupdated (pid: 6, stackpage=c18b3000) Sep 14 11:20:38 kerry kernel: Stack: 00000003 00000108 00000108 c0193b62 dfa79400 0000000f 0000000b 0000 Sep 14 11:20:38 kerry kernel: 00000108 00000108 00000108 e084e148 00000000 00000008 00000000 c019 Sep 14 11:20:38 kerry kernel: dfa79400 e084e108 00000001 c18b3f98 c18b2332 c028af56 dfa79400 0000 Sep 14 11:20:38 kerry kernel: Call Trace: [] [] [] [] [] Sep 14 11:20:38 kerry kernel: Sep 14 11:20:38 kerry kernel: Code: f6 42 18 04 74 2d 8b 42 18 a8 04 74 09 52 e8 58 d1 f9 ff 83 Sep 14 11:46:08 kerry -- MARK -- Sep 14 12:06:08 kerry -- MARK -- Sep 14 12:26:08 kerry -- MARK -- From Holger.Pandel at vrbank-moers.de Mon Sep 17 04:54:02 2001 From: Holger.Pandel at vrbank-moers.de (Holger.Pandel@vrbank-moers.de) Date: Tue Dec 2 02:35:37 2003 Subject: =?iso-8859-1?Q?RE:_Windows_XP_and_Samba_2.2.1a:_perhaps_found_a_solution?= In-Reply-To: References: Message-ID: <4906.10.92.152.53.1000727824.squirrel@www.vrbank-intern.de> Ok. I only disabled Domain member: Digitally encrypt or sign secure channel data (always) and it worked, so I didn't figure out the rest. But, at last, it would be an interesting feature if it worked. But no need for now, that's right. Bye, Holger > I have the final edition (english) and the appropriate options are > Domain member: Digitally encrypt or sign secure channel data (always) > Domain member: Digitally encrypt secure channel data (when possible) > Domain member: Digitally sign secure channel data (when possible) > > The default for all of those is ENABLED, i have disabled all of them > (there's no real need for any form of encryption on my INTERNAL > network) and it works fine :) > > Yours, > Ross McKillop > > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of > Holger.Pandel@vrbank-moers.de > Sent: 17 September 2001 11:41 > To: samba-ntdom@lists.samba.org > Subject: Windows XP and Samba 2.2.1a: perhaps found a solution > > > Hi all, > > it seems, that the messages about "marshalling" in the samba log files > when trying to authenticate winxp against samba pdc could be avoided, > if you turn OFF the following option: > > In Computer Managament: > Local Security Policy > -> Local Policies > ---> Security Options > -----> There must be an entry(I only have the german test version), > which sounds like "Domain Member: Digitally encrypt secure channel > data(always)." In the german version it is called "Dom?nenmitglied: > Daten des sicheren Kanals digital verschl?sseln (immer)". > I switched it to "Disabled" and my domain logon possibility was back > again. > > Hope that helps. > > Bye > Holger Mit freundlichen Gr??en VR Volks- und Raiffeisenbank eG Holger Pandel ---------------------------------------------- VR Volks- und Raiffeisenbank eG EDV/Organisation M?hlenstr. 20 - 30 47441 Moers email: Holger.Pandel@vrbank-moers.de Internet: http://www.vrbank-moers.de Tel.: 02841/143278 Fax : 02841/143325 ++++++++ WICHTIGER HINWEIS ++++++++++++++++++++++++ Beachten Sie bitte, dass sich unsere eMail-Adressen teilweise ge?ndert haben. "Bitte aktualisieren Sie ggf. Ihr Adressbuch!" "Vielen Dank!" Unser Web-Angebot: http://www.vrbank-moers.de/ From greg at leiinc.com Mon Sep 17 07:56:03 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:35:37 2003 Subject: Status on this In-Reply-To: <000901c13eec$6316d810$6e02a8c0@dtlan.peon.net> Message-ID: David, No, I haven't. In fact, I'm staying with a CVS from August until the problem is fixed. I haven't spent a great deal of time messing with this to see if I could fix it on my end. Maybe it's just a matter of rejoining the Win9x machine to the domain, thus recreating the machine account on the PDC??? In any event, it would be nice to hear from the developers on this one. Something was definitely "broken" in the past month. Regards, Greg J. Zartman, P.E. -----Original Message----- From: David van Geyn [mailto:dataiv@noc.peon.net] Sent: Sunday, 16 September 2001 1:16 PM To: greg@leiinc.com Subject: Status on this Hi, I posted what I believe is that exact same problem here: http://marc.theaimsgroup.com/?l=samba-ntdom&m=100056376514732&w=2 Maybe that URL will span 2 lines, i'm not sure. Anyway, have you found what causes this? What I find, is that from Win9x to NT4 does not work, from NT4 to NT4 does not work, but Win9x to Win9x does work. I posted in that message the errors that show up in the log files. Have you found a way to fix this, or is it just a bug in the CVS code for the last few weeks? David. ----------------------------------------------------------- List: samba-ntdom Subject: Win 98 machines can't access shares with 2.2.1pre CVS download from today From: "Greg J. Zartman, P.E." Date: 2001-09-14 16:02:39 I downloaded and installed Samba 2.2.2pre from CVS this morning and my win98 machines can't access any shares except those on the samba machine itself. Everything works fine if I go back to a CVS pull from about Aug. 5 (my most recent download next to this morning). Has something changed? From gdelbianco at deis.unibo.it Mon Sep 17 09:20:45 2001 From: gdelbianco at deis.unibo.it (Guido Del Bianco - DEIS-nettlc (93094)) Date: Tue Dec 2 02:35:37 2003 Subject: Samba 2.2.1a in a W2K domain Message-ID: <200109171618.SAA23287@promet1.deis.unibo.it> I'm trying to join a linux box with samba 2.2.1a to a W2K domain only for file sharing, Samba server is not the domain PDC. I'm not an expert so I followed the documentation that came with Samba. I successfully add the samba server to the domain, it appeared on the network four days later, is it normal? Now I can see the linux box from Windows clients but, when I try to access it by double clickI recive the error "\\Comp1 is not accessible. The network path was not found". Can someone help me? Thanx Guido Del Bianco From BMarkley at Datalux.com Mon Sep 17 09:48:02 2001 From: BMarkley at Datalux.com (Bill Markley) Date: Tue Dec 2 02:35:37 2003 Subject: Samba 2.2.1a in WinNT domain Message-ID: I'm trying to add a RH 7.1 Linux/Samba PC into a WinNT domain. The PDC is WinNT and I would like for all users to be validated on that PC or two other BDC's. The Samba box is a member of the Domain but it is inaccessible by any of the NT/98 servers or workstations. I have tried using the "net use" command to map a drive to the Linux share but that doesn't work either. It returns an error. The Samba box can be seen through MS explorer but cannot access it. A "ping" to the box returns no errors. Can someone point me in the direction of where the problem may lie. Thanks, Bill Markley Network Admin. Datalux Corp. From gustavo.michels at emersonenergy.com Mon Sep 17 10:18:07 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:37 2003 Subject: Samba 2.2.1a in WinNT domain Message-ID: <7F0147C496F3D411813C0002B32BF1CC012ED455@eesekkex001.kkekant.ericsson.se> Hi, You have two directions, either use winbind or smbpasswd file. Using the first one, you pass all the authentication process directly to the NT DCs using linux PAM. The other way you still authenticate the users with the NT DCs but you must create a local account for each user that will be connected to the samba server. Look the FAQs and HOW-Tos for more info. Also searching the mail list archives (marc.theaimsgroup.com) is a good starting point. Then you come back with problems you may encounter. Cheers Gustavo -----Original Message----- From: Bill Markley [mailto:BMarkley@Datalux.com] Sent: segunda-feira, 17 de setembro de 2001 13:53 To: Samba NT Subject: Samba 2.2.1a in WinNT domain I'm trying to add a RH 7.1 Linux/Samba PC into a WinNT domain. The PDC is WinNT and I would like for all users to be validated on that PC or two other BDC's. The Samba box is a member of the Domain but it is inaccessible by any of the NT/98 servers or workstations. I have tried using the "net use" command to map a drive to the Linux share but that doesn't work either. It returns an error. The Samba box can be seen through MS explorer but cannot access it. A "ping" to the box returns no errors. Can someone point me in the direction of where the problem may lie. Thanks, Bill Markley Network Admin. Datalux Corp. From nick at digitalpipe.net Mon Sep 17 10:28:02 2001 From: nick at digitalpipe.net (Nick Austin) Date: Tue Dec 2 02:35:37 2003 Subject: kernel panic ... In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This looks like a SCSI drive failure, you should consider running badblocks on the drive after booting from the 7.1 cd. Make sure your backups are in order, if you have a good backup do not overwrite it with your system as it is now, you may want to try and back your current data up to a new tape/cd/hardrive before you proceed.. On Mon, 17 Sep 2001, Eoin Verling wrote: > Hi, > > I'm running 2.2.1a on linux kernel 2.4.6 ... > > I've just recently seen the kernel panic, that sends the machine into an unusable state. It only seems to happen soon after I start samba, bellow is a snip from my messages file ... I'm gonna bring the kernel up to 2.4.7 and see if the problems persists. Any other suggestions? > > cheers > E > > Sep 14 11:17:00 kerry kernel: scsi0: ERROR on channel 0, id 0, lun 0, CDB: Read (10) 00 01 9e 1e 06 00 0 > Sep 14 11:17:00 kerry kernel: Info fld=0x19e1e07, Current sd08:0a: sense key Medium Error > Sep 14 11:17:00 kerry kernel: Additional sense indicates Unrecovered read error > Sep 14 11:17:00 kerry kernel: I/O error: dev 08:0a, sector 423432 > Sep 14 11:20:38 kerry kernel: Unable to handle kernel NULL pointer dereference at virtual address 000000 > Sep 14 11:20:38 kerry kernel: printing eip: > Sep 14 11:20:38 kerry kernel: c01935f5 > Sep 14 11:20:38 kerry kernel: *pde = 00000000 > Sep 14 11:20:38 kerry kernel: Oops: 0000 > Sep 14 11:20:38 kerry kernel: CPU: 0 > Sep 14 11:20:38 kerry kernel: EIP: 0010:[] > Sep 14 11:20:38 kerry kernel: EFLAGS: 00010202 > Sep 14 11:20:38 kerry kernel: eax: e084e000 ebx: dfa79400 ecx: 00000001 edx: 00000000 > Sep 14 11:20:38 kerry kernel: esi: 0000000b edi: 0000000f ebp: e084e108 esp: c18b3edc > Sep 14 11:20:38 kerry kernel: ds: 0018 es: 0018 ss: 0018 > Sep 14 11:20:38 kerry kernel: Process kupdated (pid: 6, stackpage=c18b3000) > Sep 14 11:20:38 kerry kernel: Stack: 00000003 00000108 00000108 c0193b62 dfa79400 0000000f 0000000b 0000 > Sep 14 11:20:38 kerry kernel: 00000108 00000108 00000108 e084e148 00000000 00000008 00000000 c019 > Sep 14 11:20:38 kerry kernel: dfa79400 e084e108 00000001 c18b3f98 c18b2332 c028af56 dfa79400 0000 > Sep 14 11:20:38 kerry kernel: Call Trace: [] [] [] [] [ Sep 14 11:20:38 kerry kernel: [] > Sep 14 11:20:38 kerry kernel: > Sep 14 11:20:38 kerry kernel: Code: f6 42 18 04 74 2d 8b 42 18 a8 04 74 09 52 e8 58 d1 f9 ff 83 > Sep 14 11:46:08 kerry -- MARK -- > Sep 14 12:06:08 kerry -- MARK -- > Sep 14 12:26:08 kerry -- MARK -- > > > - -- Nick Austin Systems Administrator Digital Pipe Communications, Inc. Phone: 650-627-5100x5224 Fax: 650-212-2301 "I send you this file in order for your advice" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQE7pjMoB8XEVhdAcZ8RAoqLAJ9/vFiW3M8o5ASPMsDnRwJUYE7fTQCfdWXj kEO+x8rAhs0zMrnqsbzyjDI= =Eg4l -----END PGP SIGNATURE----- From tarjei at nu.no Mon Sep 17 11:12:02 2001 From: tarjei at nu.no (Tarjei Huse) Date: Tue Dec 2 02:35:37 2003 Subject: File->save failing. Message-ID: <3BA63D2C.90006@nu.no> Hi, Today and yesterday I had problems with my fileserver that files that were saved by the user were not written to the disk. After a while the nt-client freezes up. Killing the prog works sometimes. But then users often cannot access the sambaserver, thus it must be restarted to. During the time today, I restarted my PDC a few times, does the fileserver need to be restarted as well then? The system is: Fileserver: samba 2.2.0 PDC: Samba-tng 2.6.1-alpha w/ldap Has anyone else had simmilar problems? Tarjei From jpuckett at ticom.com Mon Sep 17 13:07:03 2001 From: jpuckett at ticom.com (James Puckett) Date: Tue Dec 2 02:35:37 2003 Subject: Email formats - please read Message-ID: <01091716050601.11030@blackwell> All, When sending messages to this list, please do not send them in rtf/html/xml format. Not only are such emails not supported by many non-Micros~t email clients, such emails come out with all the formatting as text in the batched list, making it a PITA to read the batched list. -james From myca at cia-g.com Mon Sep 17 15:39:02 2001 From: myca at cia-g.com (Dave-O) Date: Tue Dec 2 02:35:37 2003 Subject: win2k joining a samba 2.2.1a PDC domain Message-ID: <20010917164120.C21341@cygnus.wks.Gallup.cia-g.com> Hi all, I've been on this for weeks. I have the machine accounts made, smb.conf fleshed out with everything the docs, howto's and emails on this list have to offer. However, even with a user in the domain admin group, I still get incorrect username or password from the win2k client and smbd logging that it couldn't open the smbpasswd file because of permission denied. so, some suggest to create a smbpasswd root account and use that just to join the domain. When I do that (and remove root from the invalid users list in smb.conf) I get an improper network password complaint from win2k and smbd logs that it couldn't be come the requested user! I know I'm just about there, but I'm missing one tiny detail. any suggestions are welcome. just how did *you* finally get it to work? thanks guys, Dave From greg at leiinc.com Mon Sep 17 16:22:03 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:35:37 2003 Subject: File Size on Disk Message-ID: I'm noticing that some directories on my Samba PDC take huge amount of room on disk compared to actual size. For example, I have one directory that is 232mb in size, but takes up 1Gb on disk? Is this a problem with the Linux file system or Samba? Thank you. Greg From pglemos at ufp.pt Tue Sep 18 02:23:01 2001 From: pglemos at ufp.pt (Paulo Miguel Gens Lemos) Date: Tue Dec 2 02:35:37 2003 Subject: smbpasswd In-Reply-To: Message-ID: Hi, I have the same problem. But is it possible to convert users and passwords from passwd to smbpasswd automaticaly? Thanks -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Craig Kelley Sent: quinta-feira, 5 de Julho de 2001 18:35 To: Kristyan Osborne Cc: samba Subject: Re: smbpasswd On Thu, 5 Jul 2001, Kristyan Osborne wrote: > Hi, > > In my company we are currently converting 95 machines to 2000. We are using > encrypted passwords and I wish to add my current users to the smbpasswd file > without changing their passwords. > > All users have a local Unix account with password. Is there any way or is > there a utility to add the user and the password from the password in the > /etc/passwd file to the /private/smbpasswd file. > > Any help would be appreciated. You can migrate user over with the 'unix password sync' Samba configuration directive: unix password sync (G) This boolean parameter controlls whether Samba attempts to synchronise the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed. If this is set to true the 'passwd program' pro- gram is called *AS ROOT* - to allow the new UNIX password to be set without access to the old UNIX password (as the SMB password has change code has no access to the old password cleartext, only the new). By default this is set to false. See also 'passwd program', 'passwd chat' Default: unix password sync = False Example: unix password sync = True After everyone has migrated, you can turn it off and use smbpasswd only from then on out. -- It won't be long before the CPU is a card in a slot on your ATX videoboard Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From gdu at office.uraltelecom.ru Tue Sep 18 02:43:01 2001 From: gdu at office.uraltelecom.ru (Gilev Dmitry) Date: Tue Dec 2 02:35:37 2003 Subject: smbmount+NT Gateway servise for Netware Message-ID: <005701c14051$7a14d9c0$4c01010a@net.emts.ru> Hi, Prompt on my problem: On NT I create resurs Netware through Gateway Service, execute on Linux: "mount -t smb -o username..... /mnt/smb" (It is faster, than ncpmount) In /mnt/smb I see 497 files, but on Netware and on NT Gateway Service - 509 file. And so always. Kernel 2.4.9 on Linux Help than can. Thank From awilliam at whitemice.org Tue Sep 18 03:32:02 2001 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:35:37 2003 Subject: smbpasswd In-Reply-To: References: Message-ID: <1000809305.30511.21.camel@estate1.whitemice.org> >I have the same problem. >But is it possible to convert users and passwords from passwd to smbpasswd >automaticaly? Users yes, passwords no, absolutely not. But the "updated encrypted" option in smb.conf might help you. From gdelbianco at deis.unibo.it Tue Sep 18 03:42:03 2001 From: gdelbianco at deis.unibo.it (Guido Del Bianco - DEIS-nettlc (93094)) Date: Tue Dec 2 02:35:38 2003 Subject: (no subject) Message-ID: <200109181041.MAA21102@promet1.deis.unibo.it> Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP3 Imap webMail Program 2.0.11 Subject: Re: Samba 2.2.1a in a W2K domain Reply-To: p30721@deis.unibo.it References: <200109171618.SAA23287@promet1.deis.unibo.it> <20010918101641.E2499@nuddelaug.intern.austria.eu.net> In-Reply-To: <20010918101641.E2499@nuddelaug.intern.austria.eu.net> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP3 Imap webMail Program 2.0.11 Sender: p30721@deis.unibo.it X-Originating-IP: 137.204.59.45 Subject: Re: Samba 2.2.1a in a W2K domain Quota Michael Lang : > On Mon, Sep 17, 2001 at 06:18:42PM +0200, Guido Del Bianco - DEIS-nettlc > wrote: > > I'm trying to join a linux box with samba 2.2.1a to a > > W2K domain only for file sharing, Samba server is not > > the domain PDC. I'm not an expert so I followed the > > documentation that came with Samba. I successfully add > > the samba server to the domain, it appeared on the > > network four days later, is it normal? Now I can see > ^^^^^^^^^^^^^^^^^^^^^^^ > taht depends on your Master Broswer policy ... > > > the linux box from Windows clients but, when I try to > > access it by double clickI recive the error "\\Comp1 is > > not accessible. The network path was not found". > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > Did you enable Wins Support or is your Linux/Samba Box pingable by > just the name ? if you dont want to change the Wins or DNS Settings > apply the change in your samba conf: > netbios aliases = comp.bla.bla > ^^^^^^^^^^^^ > what ever ... so the Host is pingable by the Name > you typed .. > > > > Can someone help me? > > Thanx > > > hope so ... > > Greetz MIke > > Thank you Mike for your answer. Yes, I enabled WINS support. My organization has a common WINS server; I can ping the linux box by neme and by IP address from Windows box, so I'm sure that NetBIOS name resolution is ok. Any other idea? Thank you again Guido From gustavo.michels at emersonenergy.com Tue Sep 18 05:07:03 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:38 2003 Subject: File Size on Disk Message-ID: <7F0147C496F3D411813C0002B32BF1CC012ED63F@eesekkex001.kkekant.ericsson.se> I had the same issue but it was just a display problem, actually the size on disk is reported wrongly by samba. Yes, it is a little problem, but you can live with that... :-) cheers Gustavo > -----Original Message----- > From: Greg J. Zartman, P.E. [mailto:greg@leiinc.com] > Sent: segunda-feira, 17 de setembro de 2001 20:27 > To: Samba News > Subject: File Size on Disk > > > I'm noticing that some directories on my Samba PDC take huge > amount of room > on disk compared to actual size. For example, I have one > directory that is > 232mb in size, but takes up 1Gb on disk? Is this a problem > with the Linux > file system or Samba? > > Thank you. > > Greg > > From ink at inconnu.isu.edu Tue Sep 18 07:32:07 2001 From: ink at inconnu.isu.edu (Craig Kelley) Date: Tue Dec 2 02:35:38 2003 Subject: smbpasswd In-Reply-To: Message-ID: On Tue, 18 Sep 2001, Paulo Miguel Gens Lemos wrote: > Hi, > I have the same problem. > But is it possible to convert users and passwords from passwd to smbpasswd > automaticaly? All at once? No. A bit at a time? Yes, using the 'update encrypted' configuration parameter in smb.conf -- It won't be long before the CPU is a card in a slot on your ATX videoboard Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From idra at samba.org Tue Sep 18 07:48:02 2001 From: idra at samba.org (Simo Sorce) Date: Tue Dec 2 02:35:38 2003 Subject: File Size on Disk In-Reply-To: ; from greg@leiinc.com on Mon, Sep 17, 2001 at 04:27:28PM -0700 References: Message-ID: <20010918074721.B7049@va.samba.org> samba has nothing to do with file dimension. remeber that by default yu have 4K blocks on ext2, so if you have many little files, you may loose much space (at least 4k everyone). On Mon, Sep 17, 2001 at 04:27:28PM -0700, Greg J. Zartman, P.E. wrote: > I'm noticing that some directories on my Samba PDC take huge amount of room > on disk compared to actual size. For example, I have one directory that is > 232mb in size, but takes up 1Gb on disk? Is this a problem with the Linux > file system or Samba? > > Thank you. > > Greg > > -- Simo Sorce idra@samba.org ------------------------------- Samba Team http://www.samba.org From cbarry at infiniconsys.com Tue Sep 18 09:11:03 2001 From: cbarry at infiniconsys.com (Barry, Christopher) Date: Tue Dec 2 02:35:40 2003 Subject: smbpasswd Message-ID: <08628CA53C6CBA4ABAFB9E808A5214CB1D4388@mercury.infiniconsys.com> I think you can use the mksmbpasswd.sh (exact filename?) file located in the distribution of samba > -----Original Message----- > From: Craig Kelley [mailto:ink@inconnu.isu.edu] > Sent: Tuesday, September 18, 2001 10:35 AM > To: Paulo Miguel Gens Lemos > Cc: Kristyan Osborne; samba > Subject: RE: smbpasswd > > > On Tue, 18 Sep 2001, Paulo Miguel Gens Lemos wrote: > > > Hi, > > I have the same problem. > > But is it possible to convert users and passwords from > passwd to smbpasswd > > automaticaly? > > All at once? No. > > A bit at a time? Yes, using the 'update encrypted' configuration > parameter in smb.conf > > -- > It won't be long before the CPU is a card in a slot on your > ATX videoboard > Craig Kelley -- kellcrai@isu.edu > http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block > > > > > From ink at inconnu.isu.edu Tue Sep 18 09:13:03 2001 From: ink at inconnu.isu.edu (Craig Kelley) Date: Tue Dec 2 02:35:40 2003 Subject: smbpasswd In-Reply-To: <08628CA53C6CBA4ABAFB9E808A5214CB1D4388@mercury.infiniconsys.com> Message-ID: On Tue, 18 Sep 2001, Barry, Christopher wrote: > I think you can use the mksmbpasswd.sh (exact filename?) file located in > the distribution of samba That only transfers the accounts; not the passwords. -- It won't be long before the CPU is a card in a slot on your ATX videoboard Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From jra at samba.org Tue Sep 18 09:52:03 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:41 2003 Subject: File Size on Disk In-Reply-To: <7F0147C496F3D411813C0002B32BF1CC012ED63F@eesekkex001.kkekant.ericsson.se>; from gustavo.michels@emersonenergy.com on Tue, Sep 18, 2001 at 01:09:24PM +0100 References: <7F0147C496F3D411813C0002B32BF1CC012ED63F@eesekkex001.kkekant.ericsson.se> Message-ID: <20010918095152.Y333@va.samba.org> On Tue, Sep 18, 2001 at 01:09:24PM +0100, Michels, Gustavo [EES/BR] wrote: > I had the same issue but it was just a display problem, actually the size on > disk is reported wrongly by samba. Yes, it is a little problem, but you can > live with that... :-) I can't (live with that, that is :-). Can you give me instructions on exactly how to reproduce this (compile options for Samba, platform, client etc.). I want to nail bugs like this. Cheers, Jeremy. From greg at kwikfind.com Tue Sep 18 10:10:05 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:35:41 2003 Subject: File Size on Disk In-Reply-To: <20010918095152.Y333@va.samba.org> Message-ID: Jeremy, I'm currently setup with a Samba 2.2.1a PDC on Mandrake Linux. The hard drive in question is 20 GB in size, divided (not partitioned) into three shares. The main share, projects, contains the bulk of our project data. This data ranges from MS Word documents, to AutoCAD drawings, to ARC/INFO coverages. Our client machines are Win2000 SP1 workstations. From my Win2k workstation, if I right click on one of my project directories, in the projects share, Win2k reports that the Size is 233MB and the Size on disk is 949MB (big difference isn't it). Following is the compile options that I used to compile my version of Samba from a CVS download: ./configure --with-configdir=/etc --bindir=/usr/bin --sbindir=/usr/sbin --wi th-smbmount --with-privatedir=/etc/private --libdir=/etc --localstatedir=/va r/log --with-lockdir=/var/lock/samba By the way, do you have any insight on the issue with current CVS "pulls" of Samba 2.2.x and Win98? Specifically, Win98 can access shares on the Samba machine but nothing else. I've made a couple posts to the news group about this, but no one seems to know what the issue is. I can provide more info if needed. Thank you. Regards, Greg Zartman -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Jeremy Allison Sent: Tuesday, 18 September 2001 9:52 AM To: Michels, Gustavo [EES/BR] Cc: Greg J. Zartman, P.E.; Samba News Subject: Re: File Size on Disk On Tue, Sep 18, 2001 at 01:09:24PM +0100, Michels, Gustavo [EES/BR] wrote: > I had the same issue but it was just a display problem, actually the size on > disk is reported wrongly by samba. Yes, it is a little problem, but you can > live with that... :-) I can't (live with that, that is :-). Can you give me instructions on exactly how to reproduce this (compile options for Samba, platform, client etc.). I want to nail bugs like this. Cheers, Jeremy. From gustavo.michels at emersonenergy.com Tue Sep 18 10:18:14 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:41 2003 Subject: File Size on Disk Message-ID: <7F0147C496F3D411813C0002B32BF1CC012ED7CD@eesekkex001.kkekant.ericsson.se> Jeremy, Ok, here is my setup: - Red Hat Linux 7.1, kernel 2.4.3-12 - samba cvs source, SAMBA_2_2 tag - compiled: --with-pam --with-quotas --with-winbind - client: only tested with w2k sp1 clients - ext2 filesystem. Here goes general info on this partition: [root@splus001 source]# dumpe2fs -h /dev/sda6 dumpe2fs 1.19, 13-Jul-2000 for EXT2 FS 0.5b, 95/08/09 Filesystem volume name: /emerson Last mounted on: Filesystem UUID: 4e524d52-ac23-11d5-9389-e597129b11fd Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: filetype sparse_super Filesystem state: not clean Errors behavior: Continue Filesystem OS type: Linux Inode count: 6078464 Block count: 12145132 Reserved block count: 607256 Free blocks: 11939852 Free inodes: 6076413 First block: 0 Block size: 4096 Fragment size: 4096 Blocks per group: 32768 Fragments per group: 32768 Inodes per group: 16384 Inode blocks per group: 512 Last mount time: Tue Sep 18 13:39:08 2001 Last write time: Tue Sep 18 13:56:27 2001 Mount count: 5 Maximum mount count: 20 Last checked: Tue Sep 18 07:52:51 2001 Check interval: 15552000 (6 months) Next check after: Sun Mar 17 07:52:51 2002 Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 128 Some time ago I posted a question (thread 'disk space in use by files') in the main samba mail list with some examples of the problem. Here goes 2 of them: Several files: Size: 48,3 MB (50.684.825 bytes) Size on Disk: 152 MB (159.383.552 bytes) Contains: 111 Files, 16 Folders One small file: Size: 378 bytes (378 bytes) Size on Disk: 1,00 MB (1.048.576 bytes) Anything else, just ask! cheers Gustavo > -----Original Message----- > From: jra@samba.org [mailto:jra@samba.org] > Sent: ter?a-feira, 18 de setembro de 2001 13:52 > To: Michels, Gustavo [EES/BR] > Cc: Greg J. Zartman, P.E.; Samba News > Subject: Re: File Size on Disk > > > On Tue, Sep 18, 2001 at 01:09:24PM +0100, Michels, Gustavo > [EES/BR] wrote: > > I had the same issue but it was just a display problem, > actually the size on > > disk is reported wrongly by samba. Yes, it is a little > problem, but you can > > live with that... :-) > > I can't (live with that, that is :-). Can you give me instructions on > exactly how to reproduce this (compile options for Samba, > platform, client etc.). > > I want to nail bugs like this. > > Cheers, > > Jeremy. > From jra at samba.org Tue Sep 18 10:40:36 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:41 2003 Subject: File Size on Disk In-Reply-To: ; from greg@kwikfind.com on Tue, Sep 18, 2001 at 10:16:29AM -0700 References: <20010918095152.Y333@va.samba.org> Message-ID: <20010918104000.A333@va.samba.org> On Tue, Sep 18, 2001 at 10:16:29AM -0700, Greg J. Zartman wrote: > Our client machines are Win2000 SP1 workstations. From my Win2k > workstation, if I right click on one of my project directories, in the > projects share, Win2k reports that the Size is 233MB and the Size on disk is > 949MB (big difference isn't it). Ok I'll take a look. It may be quota problems (these have been reported before). > By the way, do you have any insight on the issue with current CVS "pulls" of > Samba 2.2.x and Win98? Specifically, Win98 can access shares on the Samba > machine but nothing else. I've made a couple posts to the news group about > this, but no one seems to know what the issue is. I can provide more info > if needed. Yes please. I cannot reproduce this. My Win98 vmware session works fine with 2.2.2 CVS. Jeremy. From john at basicfusion.com Tue Sep 18 10:41:04 2001 From: john at basicfusion.com (John Marsteen) Date: Tue Dec 2 02:35:41 2003 Subject: Semaphore Timeout Expired Message-ID: <000101c14069$790c7d90$0500a8c0@SWORD> Greetings all, Many thanks to everyone for their suggestions on getting our Win2k boxes to share with our Linux box. My new question: While everything was working great yesterday (was!), we came in this morning and could not re-establish a connection to the Linux shared drive(s). Nothing changed between last night and this morning. However, we now get a message stating: 'The semaphore timeout period has expired.' I understand this is something more related to Win2k or Samba, but it is unclear as to which. I've read a couple of other messages here that have expressed the same issue, but no responses followed. Just as the other reader tried the ifup eth1 command, it does not seem to work in our case. Has ANYONE had any experience with or luck getting around this issue. Is there a fix?? Many thanks in advance. -JPM -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 3608 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010918/a35cf13a/winmail.bin From john at basicfusion.com Tue Sep 18 10:59:02 2001 From: john at basicfusion.com (John Marsteen) Date: Tue Dec 2 02:35:42 2003 Subject: Apologies For the Garbage Message-ID: <000e01c1406b$ed369460$0500a8c0@SWORD> My apologies to everyone for the garbage in my previous messages. We're working on it! From jra at samba.org Tue Sep 18 12:06:03 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:42 2003 Subject: File Size on Disk In-Reply-To: ; from greg@kwikfind.com on Tue, Sep 18, 2001 at 11:50:30AM -0700 References: <20010918104000.A333@va.samba.org> Message-ID: <20010918120556.C22487@va.samba.org> On Tue, Sep 18, 2001 at 11:50:30AM -0700, Greg J. Zartman wrote: > Jeremy, > > With regards to the Win98 issue that I mentioned earlier, I downloaded and > installed a fresh tag from the Samba 2.2.2 CVS tree about 30 min ago. Same > problem as before: Win98 machines can only access shares on the Samba > server. Attached is a level10 log file. For reference, I've also attached > my smb.conf file Unfortunately you only sent the nmbd log, I need to see the smbd log for that client (at debug level 10). Jeremy. From greg at kwikfind.com Tue Sep 18 12:46:02 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:35:42 2003 Subject: File Size on Disk In-Reply-To: <20010918120556.C22487@va.samba.org> Message-ID: Jeremy, Please forgive my ignorance with these log files, but I believed I had sent you the main samba log file (i.e., the one create with the parameter log file = /var/samba.log. Attached is my log.smbd, but I think this contains only those log statement generate when I start the daemons. If there is anything else I can do, please let me know. Regards, Greg -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Jeremy Allison Sent: Tuesday, 18 September 2001 12:06 PM To: Greg J. Zartman Cc: Jeremy Allison; Samba News Subject: Re: File Size on Disk On Tue, Sep 18, 2001 at 11:50:30AM -0700, Greg J. Zartman wrote: > Jeremy, > > With regards to the Win98 issue that I mentioned earlier, I downloaded and > installed a fresh tag from the Samba 2.2.2 CVS tree about 30 min ago. Same > problem as before: Win98 machines can only access shares on the Samba > server. Attached is a level10 log file. For reference, I've also attached > my smb.conf file Unfortunately you only sent the nmbd log, I need to see the smbd log for that client (at debug level 10). Jeremy. -------------- next part -------------- A non-text attachment was scrubbed... Name: log.smbd Type: application/octet-stream Size: 2946 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010918/99559d35/log.obj From greg at kwikfind.com Tue Sep 18 17:57:05 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:35:45 2003 Subject: File Size on Disk In-Reply-To: <20010918104000.A333@va.samba.org> Message-ID: Jeremy, With regards to the Win98 issue that I mentioned earlier, I downloaded and installed a fresh tag from the Samba 2.2.2 CVS tree about 30 min ago. Same problem as before: Win98 machines can only access shares on the Samba server. Attached is a level10 log file. For reference, I've also attached my smb.conf file Thank you. Regards, Greg J. Zartman. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Jeremy Allison Sent: Tuesday, 18 September 2001 10:40 AM To: Greg J. Zartman Cc: Jeremy Allison; Michels, Gustavo [EES/BR]; Samba News Subject: Re: File Size on Disk On Tue, Sep 18, 2001 at 10:16:29AM -0700, Greg J. Zartman wrote: > Our client machines are Win2000 SP1 workstations. From my Win2k > workstation, if I right click on one of my project directories, in the > projects share, Win2k reports that the Size is 233MB and the Size on disk is > 949MB (big difference isn't it). Ok I'll take a look. It may be quota problems (these have been reported before). > By the way, do you have any insight on the issue with current CVS "pulls" of > Samba 2.2.x and Win98? Specifically, Win98 can access shares on the Samba > machine but nothing else. I've made a couple posts to the news group about > this, but no one seems to know what the issue is. I can provide more info > if needed. Yes please. I cannot reproduce this. My Win98 vmware session works fine with 2.2.2 CVS. Jeremy. -------------- next part -------------- A non-text attachment was scrubbed... Name: samba.log Type: application/octet-stream Size: 50899 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010918/17c59a91/samba.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 3159 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010918/17c59a91/smb.obj From mario.sanguineti at opensystems.com.au Tue Sep 18 19:00:09 2001 From: mario.sanguineti at opensystems.com.au (Mario Sanguineti) Date: Tue Dec 2 02:35:45 2003 Subject: smbclient 2.2.1a Message-ID: <01Sep19.120139est.53765@gateway.opensystems.com.au> Dear All I am using smbclient to validate users on NT Domain(s) as follows. smbclient '\\server\share' -U username%password -W domain Result_file Basically does user 'user' with password 'password' exist on server 'server' in domain 'domain'. I am using the 'share' as if it where a 'group'. I would have liked to pass the group but cannot see how. I have created a share on NT (eg) MyUsers and given those users access to that share. This does the trick. My login screen on Redhat linux will just ask username and password. A setup file will have Server,Share and Domain (eg) /etc/smb.conf Input_file has the two commands "dir" and quit". Result_file has has the output of results. If the string "Access Denied" or "Session setup failed" is found, I assume the user is not authenticated. My Questions are : (a) Is this the best way to do it with the least work ? (b) I will need to change the source code so I can hide the password. The file which will contain the password will have to be unique as simultaneous requests to smbclient (as above) will occur. (as will Input_file & Result_file, using say rand()) Is there a better way ? (c) I also want to install only 'smbclient' on a minimal Redhat installation. Not all the baggage with samba. The only dependencies that seem to be needed are smb.conf and the codepage directory. What is the codepage directory ? Can I avoid it ? (d) I have tried using 'rpcclient' but it was dog trying to understand it and find documentation Is there a another way to do this? without touching Samba source code and spending more than a few hours ? Look forward to you response ? Regards Mario -------------- next part -------------- A non-text attachment was scrubbed... Name: MARIO.vcf Type: text/x-vcard Size: 263 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010918/a1b66d93/MARIO.vcf From trus at cataland.intnet.mu Tue Sep 18 22:49:02 2001 From: trus at cataland.intnet.mu (trus@cataland.intnet.mu) Date: Tue Dec 2 02:35:45 2003 Subject: Joining an NT domain Message-ID: Hi everybody First of all, I am completely new to Linux and to this mailing list. I've just installed Linux Mandrake 7.2 as a 'workstation' within a LAN. Now, I want to be able to view and access the shared volumes found on NT servers and other NT stations within the same network. Can anyone please help me out of this? Thanks a lot Tawsheeq From Vyenkatesh.Khataokar at kvaerner.com Wed Sep 19 04:25:02 2001 From: Vyenkatesh.Khataokar at kvaerner.com (Vyenkatesh.Khataokar@kvaerner.com) Date: Tue Dec 2 02:35:45 2003 Subject: Problem with Samba server Message-ID: Hi, I have Samba Server 2.0.5 installed on IRIX 6.5. All the clients are accessing it properly which are windows NT 4.0 clients. But at the same time it is broadcasting the samba server as a logon server for some Windows NT 4.0 clients. So some of the clients are trying to logon onto that IRIX samba server and in that process they are getting disconnected from windows nt domain controller and I have to do NLTEST reset for those workstations to get connected to windows nt domain controller. I cant start the SMBD and NMBD services as it effects some of the NT clients. What can I do shall I send u the smb.conf file I am usning.? And how do I transfer the UNIX users from normal UNIX passwd file to SMBPASSWD file with all the things intact I mean passwords also. So that for samba useage the sane UNIX user don't have to change the passwd again for samba. Kind Regards, Vyenkatesh Khataokar Sr. Systems Assistant Computer Integrated Engineering Kvaerner Powergas India Ltd Powergas House 177, Vidyanagari Marg Kalina, Santacruz (E) Mumbai - 400 098 India. Tel: 91-22-6915573 Fax: 91-22-6915934 Email: vyenkatesh.khataokar@kvaerner.com From serina at ing.unibs.it Wed Sep 19 05:00:05 2001 From: serina at ing.unibs.it (Ivan Serina) Date: Tue Dec 2 02:35:45 2003 Subject: samba netlogon Message-ID: <3BA888A6.8000808@ing.unibs.it> I'm using a debian (potato) machine with samba 2.2.1a. These are the configuration options: ###### netbios name=lincivte workgroup= dipciv interfaces = 192.168.168.1/255.255.254.0 wins server=192.168.168.29 192.168.169.28 name resolve order= hosts wins bcast encrypt passwords = Yes security = DOMAIN password server = licenze civstud150 domain logons = yes logon path= \\lincivte\netlogon [netlogon] comment = Samba Network Logon Service path = /users/netlogon/%a case sensitive = no guest ok = yes locking = no writable = no public = no browseable = yes ##### The domain servers are Win2k server machines. I have set for the users' netlogon: \\lincivte\netlogon Unfortunately when "user" tries to connet from a win2k client gets the message errors: -"Impossible to copy the file \\lincivte\netlogon\Documnt and Settings\user\Images\1.jpg" -"impossible to load the profile" The user can still connect to the machine using a temporary profile. The file permissions for the file C:\Document and Settings\user\Images\1.jpg are quite strange: -Everyone "no permission" - S322423...... "no permission" - S435324....... "no permission" whereas the NTFS permissions for C:\Document and Settings\user are correct. -Everyone "read" -User "Full Access" -SYSTEM "Full Access" -Administrator "Full Access" In the following lines I have put the error messages in the file /var/log/samba.log ########## [2001/09/19 12:31:38, 0] smbd/nttrans.c:call_nt_transact_ioctl(1798) call_nt_transact_ioctl: Currently not implemented. [2001/09/19 12:31:54, 0] lib/util_sock.c:read_socket_data(478) read_socket_data: recv failure for 4. Error = Connection reset by peer [2001/09/19 12:33:09, 0] rpc_server/srv_spoolss_nt.c:_spoolss_fcpn(4663) _spoolss_fcpn: Invalid handle (OTHER) [2001/09/19 12:33:09, 0] rpc_server/srv_spoolss_nt.c:close_printer_handle(257) close_printer_handle: Invalid handle (OTHER) [2001/09/19 12:33:09, 0] rpc_server/srv_spoolss_nt.c:close_printer_handle(257) close_printer_handle: Invalid handle (OTHER) [2001/09/19 12:36:13, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon_internal(411) cli_net_sam_logon_internal: NT_STATUS_NO_SUCH_USER [2001/09/19 12:36:13, 0] smbd/password.c:domain_client_validate(1614) domain_client_validate: unable to validate password for user SAMBATESTLINSERV in domain to Domain controller licenze. Error was NT_STATUS_NO_SUCH_USER. [2001/09/19 12:36:27, 0] smbd/nttrans.c:call_nt_transact_ioctl(1798) call_nt_transact_ioctl: Currently not implemented. ################# Can someone help me please? Thank you very much Ivan Serina From admin at algs.lv Wed Sep 19 07:47:03 2001 From: admin at algs.lv (Deniss Marchenko) Date: Tue Dec 2 02:35:45 2003 Subject: 1 SAMBA PDC + 10 workstation WIN2000 Message-ID: Hello to All !!! Can anyone explain situation, when SAMBA PDC Server work with 10 Win200 workstations, and after about 1 month of online working, server becomes inaccessible (only sharings) ??? When i look in process tree, i saw about 20 smbd processes !!! Does anyone heard or saw this kind of problem ??? P.S. Waiting for all suggestions about this problem !!! ========================= Denis Marchenko Internet Administrator SIA "ALGS-Riga" Riga, Mastu str. 4 Latvia LV-1005 Phone: 7395545, 7396615 Fax: 7396600 Mobile: 9781519 E-Mail: denmar@algs.lv ICQ: 117088828 From teilo at cdt.luth.se Wed Sep 19 10:09:02 2001 From: teilo at cdt.luth.se (James Nord) Date: Tue Dec 2 02:35:45 2003 Subject: File Size on Disk References: <7F0147C496F3D411813C0002B32BF1CC012ED63F@eesekkex001.kkekant.ericsson.se> <20010918095152.Y333@va.samba.org> Message-ID: <3BA8D231.8090002@cdt.luth.se> Jeremy Allison wrote: >On Tue, Sep 18, 2001 at 01:09:24PM +0100, Michels, Gustavo [EES/BR] wrote: > >>I had the same issue but it was just a display problem, actually the size on >>disk is reported wrongly by samba. Yes, it is a little problem, but you can >>live with that... :-) >> > >I can't (live with that, that is :-). Can you give me instructions on >exactly how to reproduce this (compile options for Samba, platform, client etc.). > Also, Solaris 2.8, Disks are on either Software or hardware raid - same shows on both. a 260 byte file (.emacs-places) take 4MB... du -k reports 1 Can't give you any concrete compile options right now- the guy that compiled it is away ill, but defaults except with-spinlocks I used to see this on my Linux box aswell but I since re-installed and used the debian (unstable) samba package and it works ok. >I want to nail bugs like this. > Happy hunting... /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams From greg at leiinc.com Wed Sep 19 10:57:05 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:35:45 2003 Subject: Quickbooks Pro corrupt files Message-ID: This question was posted on the e-smith linux forum by Gerald Jensen. I have had two separate instances of what appears to be a samba failure of some sort. In each instance the Quickbooks data file, being accessed by three to five users, began to experience corruption when the file size reached about 100mb. In each instance I checked the NICs, upgraded to 10/100mb routers, etc. The problem didn't go away until I moved the database off the 4.1.2 e-smith server to a Windows 2KP workstation and shared the folder. The server has adequate disk space. It was also being used as a print and web server. I really hate to consider going back to NT. Any ideas would be appreciated. Greg From jht at samba.org Wed Sep 19 12:27:02 2001 From: jht at samba.org (John Terpstra) Date: Tue Dec 2 02:35:46 2003 Subject: Quickbooks Pro corrupt files Message-ID: Greg, In reference to the posting reproduced below, suggest you contact e-smith regarding this. You may have a locking problem here, e-smith disables oplock support. If you need further help, please contact me directly . Cheers, John T. Date: Wed, 19 Sep 2001 11:01:52 -0700 This question was posted on the e-smith linux forum by Gerald Jensen. I have had two separate instances of what appears to be a samba failure of some sort. In each instance the Quickbooks data file, being accessed by three to five users, began to experience corruption when the file size reached about 100mb. In each instance I checked the NICs, upgraded to 10/100mb routers, etc. The problem didn't go away until I moved the database off the 4.1.2 e-smith server to a Windows 2KP workstation and shared the folder. The server has adequate disk space. It was also being used as a print and web server. I really hate to consider going back to NT. Any ideas would be appreciated. Greg -- John H Terpstra Email: jht@samba.org An argument of minds: "Please help me to find the intellect in Intellectual Property" "Not me, I can't find the property in it either!" From jra at samba.org Wed Sep 19 13:22:03 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:46 2003 Subject: Quickbooks Pro corrupt files In-Reply-To: ; from greg@leiinc.com on Wed, Sep 19, 2001 at 11:01:52AM -0700 References: Message-ID: <20010919132102.O15603@va.samba.org> On Wed, Sep 19, 2001 at 11:01:52AM -0700, Greg J. Zartman, P.E. wrote: > This question was posted on the e-smith linux forum by Gerald Jensen. > > I have had two separate instances of what appears to be a samba failure of > some sort. In each instance the Quickbooks data file, being accessed by > three to five users, began to experience corruption when the file size > reached about 100mb. In each instance I checked the NICs, upgraded to > 10/100mb routers, etc. The problem didn't go away until I moved the database > off the 4.1.2 e-smith server to a Windows 2KP workstation and shared the > folder. The server has adequate disk space. It was also being used as a > print and web server. I really hate to consider going back to NT. Any ideas > would be appreciated. What version of Samba are you using here ? Thanks, Jeremy. From npande at bajajauto.co.in Wed Sep 19 14:43:02 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:35:46 2003 Subject: Problem with Samba server References: Message-ID: <3B7FA921.643CDCBE@bajajauto.co.in> Vyenkatesh, Did you configure your SGI box as a DC? Another thing, you will have to start smbd and nmbd in order to get the Samba working. Lastly, please do post your smb.conf file so guys here can see what's goin on.. Ciao, Nitin :) Mail Administrator Vyenkatesh.Khataokar@kvaerner.com wrote: > Hi, > > I have Samba Server 2.0.5 installed on IRIX 6.5. All the clients are > accessing it properly which are windows NT 4.0 clients. But at the same time > it is broadcasting the samba server as a logon server for some Windows NT > 4.0 clients. So some of the clients are trying to logon onto that IRIX samba > server and in that process they are getting disconnected from windows nt > domain controller and I have to do NLTEST reset for those workstations to > get connected to windows nt domain controller. > > I cant start the SMBD and NMBD services as it effects some of the NT > clients. > > What can I do shall I send u the smb.conf file I am usning.? > > And how do I transfer the UNIX users from normal UNIX passwd file to > SMBPASSWD file with all the things intact I mean passwords also. So > that for samba useage the sane UNIX user don't have to change the passwd > again for samba. > > Kind Regards, > > Vyenkatesh Khataokar > Sr. Systems Assistant > Computer Integrated Engineering > Kvaerner Powergas India Ltd > Powergas House > 177, Vidyanagari Marg > Kalina, Santacruz (E) > Mumbai - 400 098 > India. > > Tel: 91-22-6915573 > Fax: 91-22-6915934 > Email: vyenkatesh.khataokar@kvaerner.com From lauriancuzma at yahoo.com Wed Sep 19 19:26:02 2001 From: lauriancuzma at yahoo.com (Laurian Cuzma) Date: Tue Dec 2 02:35:46 2003 Subject: Help Message-ID: <4608.010919@yahoo.com> Hello samba-ntdom, I use samba 2.2.1a and I use as PDC. I want to use domain group map = /etc/samba/groups.mapping but I receive this error: Unknown parameter encountered: "domain group map". Please tell me why? -- Best regards, Laurian mailto:lauriancuzma@yahoo.com _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com From Vyenkatesh.Khataokar at kvaerner.com Wed Sep 19 20:06:02 2001 From: Vyenkatesh.Khataokar at kvaerner.com (Vyenkatesh.Khataokar@kvaerner.com) Date: Tue Dec 2 02:35:46 2003 Subject: Problem with Samba server Message-ID: Nitin, No I havnt configured my SGI box as a dc, which I dont want to. I already have one samba instance running of 1.9.18 version on another SGI BOX ( which is running fine without any problems) I want to upgrade to this 2.0.5 samba version so I have configured another SGI box for test. This new SGI box is also working fine there is no problem for SMBD and NMBD as such, SAMBA is working fine. Windows NT clients are getting the server they can access database on SGI box and work with their software which is on Windows NT. The main problem is whenever I start SMBD and NMBD some of the Windows NT clients try to connect to this new SAMBA server as a logon server, and I have to do a NLTEST reset for them for unable them to get Windows NT domain. I have different domains for Windows and Unix. so whenever I start SMBD and NMBD I get lot of calls from Windows NT clients saying that they dont get windows nt domain at all in there domain lists. My resource domain is different and logon domain is different. so users are not able to see the logon domain after this samba services started. I can not start samba because of this problem even if samba is working. I hope I have narrated my problem properly. Please do let me know if I am not clear in narrating my problem. I am attaching herewith the SMB.conf file. Kind Regards, Vyenkatesh Khataokar Sr. Systems Assistant Computer Integrated Engineering Kvaerner Powergas India Ltd Powergas House 177, Vidyanagari Marg Kalina, Santacruz (E) Mumbai - 400 098 India. Tel: 91-22-6915573 Fax: 91-22-6915934 Email: vyenkatesh.khataokar@kvaerner.com -----Original Message----- From: NITIN PANDE [mailto:npande@bajajauto.co.in] Sent: Sunday, August 19, 2001 5:25 PM To: Khataokar, Vyenkatesh KECMUM Cc: samba-ntdom@lists.samba.org Subject: Re: Problem with Samba server Vyenkatesh, Did you configure your SGI box as a DC? Another thing, you will have to start smbd and nmbd in order to get the Samba working. Lastly, please do post your smb.conf file so guys here can see what's goin on.. Ciao, Nitin :) Mail Administrator Vyenkatesh.Khataokar@kvaerner.com wrote: > Hi, > > I have Samba Server 2.0.5 installed on IRIX 6.5. All the clients are > accessing it properly which are windows NT 4.0 clients. But at the same time > it is broadcasting the samba server as a logon server for some Windows NT > 4.0 clients. So some of the clients are trying to logon onto that IRIX samba > server and in that process they are getting disconnected from windows nt > domain controller and I have to do NLTEST reset for those workstations to > get connected to windows nt domain controller. > > I cant start the SMBD and NMBD services as it effects some of the NT > clients. > > What can I do shall I send u the smb.conf file I am usning.? > > And how do I transfer the UNIX users from normal UNIX passwd file to > SMBPASSWD file with all the things intact I mean passwords also. So > that for samba useage the sane UNIX user don't have to change the passwd > again for samba. > > Kind Regards, > > Vyenkatesh Khataokar > Sr. Systems Assistant > Computer Integrated Engineering > Kvaerner Powergas India Ltd > Powergas House > 177, Vidyanagari Marg > Kalina, Santacruz (E) > Mumbai - 400 098 > India. > > Tel: 91-22-6915573 > Fax: 91-22-6915934 > Email: vyenkatesh.khataokar@kvaerner.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 1004 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010919/79bcfcea/smb.obj From trus at cataland.intnet.mu Thu Sep 20 02:55:01 2001 From: trus at cataland.intnet.mu (trus@cataland.intnet.mu) Date: Tue Dec 2 02:35:46 2003 Subject: smbclient :: Access Denied Message-ID: Hi I have Linux Mandrake 7.2 with Samba 2.0.7. I tried to connect to a Win NT station on the same network and got the following: [root@linux1 /root]# smbclient //PC54/C added interface ip=10.0.0.42 bcast=10.255.255.255 nmask=255.0.0.0 Got a positive name query response from 10.0.0.54 ( 10.0.0.54 ) Password: Anonymous login successful Domain=[CATALAND] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] tree connect failed: ERRDOS - ERRnoaccess (Access denied.) However, on NT, when using browsing the Network Neighborhood, it doesn't ask me for any password and I can see what's on the other NT station easily. Any explanation please? Thanks Tawsheeq From trus at cataland.intnet.mu Thu Sep 20 02:58:02 2001 From: trus at cataland.intnet.mu (trus@cataland.intnet.mu) Date: Tue Dec 2 02:35:46 2003 Subject: Linux in NT Domain Message-ID: Hi again Yes, I have Samba 2.0.7 installed. I'm still trying to figure out how to use submount... Has anyone tried Konqueror or Gnomba in the same way as Network Neighborhood in Win NT? Thanks again Tawsheeq > Hi everybody > > First of all, I am completely new to Linux and to this mailing list. > I've just installed Linux Mandrake 7.2 as a 'workstation' within a LAN. > Now, I want to be able to view and access the shared volumes found on NT > servers and other NT stations within the same network. > Can anyone please help me out of this? First you have to make sure you installed samba of some sort. Then check out the manpage of smbmount. This will allow you to mount the NT shares as directories on your linux box. Ian From leif.klepp at starcut.com Thu Sep 20 03:41:02 2001 From: leif.klepp at starcut.com (leif.klepp@starcut.com) Date: Tue Dec 2 02:35:46 2003 Subject: Winbind on Samba 2.2.2-pre Message-ID: Hi, { Not sure whether this is ntdomain only, or part technical, so please excuse cross-posting } As the subject says, I'm trying to run Winbind on Samba 2.2.2-pre, just dl'ed from CVS. Running Win2K on domain servers, one PDC, one BDC. Samba 2.2.2-pre compiled with following options: --with-pam --with-acl-support --with-smbmount --with-winbind --enable-shared=no Linux server running RedHat 7.1, with custom kernel including XFS support, ACLs, and Compaq FibreChannel support (if relevant). I could not find samedit, so I used smbpasswd to join the domain. No errors (Joined domain). "wbinfo -t" claims that the "secret is good" "wbinfo -n " resolves to SID "wbinfo -u" results in "error looking up domain users" "wbinfo -g" results in "error looking up domain groups" "getent passwd" and "getent groups" lists only my Unix-created ones libnss_winbind.so.2 copied to /lib pam_winbind.so copied to /lib/security Tried to fix /etc/pam.d/login .../passwd and .../samba to enable domain logins, but does not work correctly yet.. According to my "messages" log, pam_winbind authorises the user, but the user is not known to the underlying authentication arch. (I presume this may mean that my pam-settings are screwed up) I have a bunch of .tdb's in the .../locks directory, including: winbindd_idmap.tdb => 8192 bytes winbindd_cache.tdb => 696 bytes When I was running winbindd with a higher debug-level, I did see some error messages which claimed access denied (possibly NT_STATUS_ACCESS_DENIED?).. If anybody has any clues or opinion as to what may be the problem(s), and/or the correct pam settings for domain logons to the linux server (both console and samba), I'm more than happy to restart the samba deamons (including winbind) with a higher debug level and provide the log (or extracts to the list).. Thanks in advance, /Leif K. From gustavo.michels at emersonenergy.com Thu Sep 20 05:24:06 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:47 2003 Subject: Winbind on Samba 2.2.2-pre Message-ID: <7F0147C496F3D411813C0002B32BF1CC012EDB87@eesekkex001.kkekant.ericsson.se> Hello! :-) > Tried to fix /etc/pam.d/login .../passwd and .../samba to enable > domain logins, but does not work correctly yet.. > According to my "messages" log, pam_winbind authorises the user, > but the user is not known to the underlying authentication arch. > (I presume this may mean that my pam-settings are screwed up) You don't need to change anything in /etc/pam.d if you won't have domain accounts logging into the samba box. Getent passwd should return the domain users without any changes in the pam files. Have you added the 'winbind' entry in /etc/nsswitch.conf? Should be: passwd: files winbind group: files winbind If you still have problems, change the 'name resolution order' entry in smb.conf to 'bcast' (of course your samba server and nt pdc/bdc must be on the sabe subnet for this to work). cheers Gustavo From gustavo.michels at emersonenergy.com Thu Sep 20 05:37:02 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:47 2003 Subject: Help Message-ID: <7F0147C496F3D411813C0002B32BF1CC012EDBA6@eesekkex001.kkekant.ericsson.se> Hello, AFAIK, the 'domain group map' parameter is only available in Samba-TNG. I am not sure, it's been a while I stopped following TNG's development. cheers Gustavo > -----Original Message----- > From: Laurian Cuzma [mailto:lauriancuzma@yahoo.com] > Sent: quarta-feira, 19 de setembro de 2001 08:36 > To: samba-ntdom@lists.samba.org > Subject: Help > > > Hello samba-ntdom, > > I use samba 2.2.1a and I use as PDC. I want to use > domain group map = /etc/samba/groups.mapping > but I receive this error: > Unknown parameter encountered: "domain group map". > Please tell me why? > > -- > Best regards, > Laurian mailto:lauriancuzma@yahoo.com > > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > > From thaeberlin at gate.ch Thu Sep 20 05:42:04 2001 From: thaeberlin at gate.ch (thaeberlin@gate.ch) Date: Tue Dec 2 02:35:47 2003 Subject: AIX 5L PAM Message-ID: Hi, does anybody has expierince with SAMBA`s winbind daemon und AIX 5L ?? My biggest problem is, that i can`t find the libpam libary, so it`s not possible to configure samba with winbind. I hope that anyone can help. Thanks. Thomas From haebimailingliste at gmx.at Thu Sep 20 06:22:20 2001 From: haebimailingliste at gmx.at (haebimailingliste@gmx.at) Date: Tue Dec 2 02:35:47 2003 Subject: AIX 5L Winbind Message-ID: <8641.1000992308@www14.gmx.net> Sorry, but i get an error message back on my first post. therefore i repost it on a other email address. Hi, does anybody has expierince with SAMBA`s winbind daemon und AIX 5L ?? My biggest problem is, that i can`t find the libpam libary, so it`s not possible to configure samba with winbind. I hope that anyone can help. Thanks. Thomas -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From haebimailingliste at gmx.at Thu Sep 20 06:55:07 2001 From: haebimailingliste at gmx.at (haebimailingliste@gmx.at) Date: Tue Dec 2 02:35:47 2003 Subject: x Message-ID: <28013.1000994261@www14.gmx.net> x -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From leif.klepp at starcut.com Thu Sep 20 07:04:21 2001 From: leif.klepp at starcut.com (leif.klepp@starcut.com) Date: Tue Dec 2 02:35:47 2003 Subject: Winbind on Samba 2.2.2-pre Message-ID: Hi again, > > Tried to fix /etc/pam.d/login .../passwd and .../samba to enable > > domain logins, but does not work correctly yet.. > > According to my "messages" log, pam_winbind authorises the user, > > but the user is not known to the underlying authentication arch. > > (I presume this may mean that my pam-settings are screwed up) > > You don't need to change anything in /etc/pam.d if you won't have domain > accounts logging into the samba box. Getent passwd should return the domain > users without any changes in the pam files. Well, domain account login would be nice as I will have some Win2K users which occasionally have to check out how web pages look using the browsers available of linux, etc., but it is a secondary objective. First I need to get the domain users listed I guess :) > Have you added the 'winbind' entry in /etc/nsswitch.conf? Should be: > > passwd: files winbind > group: files winbind Done, checked, and double-checked. Even ran strace on "getent passwd" as somebody recommended for a similar (same?) problem. Retrieves everything from /etc/passwd, loads the winbind libraries, makes a connection, and (as far as I could decode it, first time looking at strace) received a bunch of zero-data back (and some timeouts..) > > If you still have problems, change the 'name resolution order' entry in > smb.conf to 'bcast' (of course your samba server and nt pdc/bdc must be on > the sabe subnet for this to work). I don't see how the name resolution can be the problem, as it manages to connect to the PDC, retrieve the dc for both the server and the domain, as well as authenticate users. Anyway, did follow your advice, and it didn't help either I'm afraid :( Running winbindd under debuglevel 5, it generates a lot of messages, related to cli_pipe.c and rpc_parse/parse_rps.c. Still baffled.. BR, /Leif From affuso at sipal.it Thu Sep 20 07:34:15 2001 From: affuso at sipal.it (Giovanni Affuso) Date: Tue Dec 2 02:35:47 2003 Subject: I: Samba 2.0.7 and shared resource Message-ID: <000101c141e2$2bd888f0$fa020a0a@portatileedp> -----Messaggio originale----- Da: Giovanni Affuso [mailto:affuso@sipal.it] Inviato: gioved? 20 settembre 2001 16.32 A: 'samba-ntdom-admin@lists.samba.org' Cc: 'samba-ntdom@lists.samba.org' Oggetto: Samba 2.0.7 and shared resource Dear everybody, I want mount with samba a shared resource from a NT server. I use the sintax mount -t smbfs ...... The shared resource is \\server\ci$server (please notice the $ in the name of resource),but I have the error "You specified an invalid share name". Have you idea of the problem? My version od samba is 2.0.7 in the linux Suse 7.2... Thanks in advanced. From gustavo.michels at emersonenergy.com Thu Sep 20 08:01:03 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:47 2003 Subject: Winbind on Samba 2.2.2-pre Message-ID: <7F0147C496F3D411813C0002B32BF1CC012EDC61@eesekkex001.kkekant.ericsson.se> Hi, > > Have you added the 'winbind' entry in /etc/nsswitch.conf? Should be: > > > > passwd: files winbind > > group: files winbind > > Done, checked, and double-checked. Even ran strace on "getent passwd" > as somebody recommended for a similar (same?) problem. > Retrieves everything > from /etc/passwd, loads the winbind libraries, makes a connection, and > (as far as I could decode it, first time looking at strace) received a > bunch of zero-data back (and some timeouts..) > I don't see how the name resolution can be the problem, as it manages > to connect to the PDC, retrieve the dc for both the server and the > domain, as well as authenticate users. > > Anyway, did follow your advice, and it didn't help either I'm > afraid :( Well, winbind won't find the DC here using any other name resolution order than bcast. The wins server is not here, so this may be my problem. Unfortunately, your setups looks quite correct to me. I don't know anything else that could help you... :-( cheers Gustavo From was at dcc.ufmg.br Thu Sep 20 10:35:03 2001 From: was at dcc.ufmg.br (Wellington Alves de Sousa) Date: Tue Dec 2 02:35:47 2003 Subject: logging on unix from windows Message-ID: Dear friends, I want to know if with samba it's possible to log on from a windows NT authenticathing in a UNIX server. Thanks, Abraco, ------- --> Wellington Alves de Sousa --> POP-MG: O melhor caminho de acesso `a Internet. --> was@dcc.ufmg.br --> was@pop-mg.com.br From Corey.Holzer at jwt.com Thu Sep 20 10:48:04 2001 From: Corey.Holzer at jwt.com (Corey.Holzer@jwt.com) Date: Tue Dec 2 02:35:47 2003 Subject: logging on unix from windows Message-ID: If you mean "Is it possible to log into a Unix Server from an NT workstation?" the answer is yes. Using Microsoft Networking you can connect to a directory being shared by samba. Wellington Alves de Sousa @lists.samba.org on 09/20/2001 02:07:09 PM Sent by: samba-ntdom-admin@lists.samba.org To: samba-ntdom@lists.samba.org cc: Subject: logging on unix from windows Dear friends, I want to know if with samba it's possible to log on from a windows NT authenticathing in a UNIX server. Thanks, Abraco, ------- --> Wellington Alves de Sousa --> POP-MG: O melhor caminho de acesso `a Internet. --> was@dcc.ufmg.br --> was@pop-mg.com.br From juan at netverk.com.ar Thu Sep 20 12:42:03 2001 From: juan at netverk.com.ar (Juan) Date: Tue Dec 2 02:35:47 2003 Subject: Disk or network error In-Reply-To: Message-ID: <4.3.2.7.2.20010920163119.00db2660@pop.netverk.com.ar> Hi all I have a Red Hat 7.1 with samba 2.2.1a like a NT PDC. I have the next problem: If I send from a NT workstation a big print job (100 pages) using MS Access, after finish to send the print job (takes 1 minute) I can not use the Access anymore because when I try to open a table, a message occurs: "Disk or network error" And I have to restart the Access Any suggestions? From jpuckett at ticom.com Thu Sep 20 12:56:01 2001 From: jpuckett at ticom.com (James Puckett) Date: Tue Dec 2 02:35:47 2003 Subject: Help (Domain Group Map) Message-ID: <01092015532704.16772@blackwell> I encountered the same problem when I went to 2.2.x. It appears that parameter was dropped sometime after 1.9 when the O'Reilly book was written. It might also be that it never did anything, and only 2.2.x versions actually return an error when you attempt to use it. -james From joe_tseng at hotmail.com Thu Sep 20 13:22:04 2001 From: joe_tseng at hotmail.com (Joe Tseng) Date: Tue Dec 2 02:35:47 2003 Subject: Help: Samba 2.2.1a PDC & WinXP Message-ID: I recently got my RHL71 box configured as a PDC and had been able to register my workstation as a domain member when I was using W2k. I recently received a final copy of XP so I wanted to try it out with my PDC. I registered my domain userid as an administrator on my workstation but when I reopened the user utility all I saw was a long string (I guess that was how the user was actually being registered in the workstation). I also got a message saying I could not use the username I had registered with the PDC when I tried to log on because of "...the absence of a domain trust relationship." I went back into the Samba documentation and noticed that domain trusts have not been implemented in Samba 2.2.x. My questions are these: - Did I configure my system correctly? I did get w2k to run but not XP - is there a new layer of authentication with this new software anyone knows about? - Has anyone tried this combination of systems as well? If so, what were your experiences? Here's a portion of my smb.conf: [global] workgroup = JTSENGORG netbios name = MAIL server string = Windows PDC encrypt passwords = Yes update encrypted = yes passwd program = /usr/bin/passwd %u unix password sync = Yes log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain admin group = jtseng root add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u domain logons = Yes os level = 33 preferred master = True domain master = True dns proxy = No write list = ntadmin Joe Tseng userid: joe_tseng / domain: hotmail.com __________________________________________________ "I think there is a world market for maybe five computers." - Thomas Watson, IBM, 1943 From anc at bu.edu Thu Sep 20 13:37:02 2001 From: anc at bu.edu (Aaron Caine) Date: Tue Dec 2 02:35:47 2003 Subject: W2K 5.00.2195 SP2/Samba 2.2.1a/ntconfig.pol Message-ID: Hello, I am attempting to implement a setup using Windows 2000 5.00.2195 SP2 and Samba 2.2.1a using system policies (not GPOs). I am trying to restrict users from writing data files on the local hard drives, requiring all data to be stored on the network, keeping access times down for login/logout. I am also attempting to make a few security changes, such as the restriction of registry changes, the restriction of desktop change, and the restriction of network settings change. I have had zero luck trying to get samba to even recognize the ntconfig.pol file. I am suspicious that the new version of W2K (rel 2195) no longer supports the ntconfig.pol files. I have also heard this as a rumor. Does samba support the new Group Policies (GPOs)? Can anyone fill me in? I've had quite a lot of trouble locating all the information to complete the picture for this situation. I have read the PDC-FAQ, the PDC-HOWTO, and all other relevant documentation. This post has only come after 5 days of effort on my part. I thank everyone for their time. Aaron Caine ECE Systems Manager Boston University anc@[nospam,please].bu.[nospam,please]edu 617/35[no telemarketing calls, please]3-1244 From cbarry at infiniconsys.com Thu Sep 20 16:33:02 2001 From: cbarry at infiniconsys.com (Barry, Christopher) Date: Tue Dec 2 02:35:47 2003 Subject: Weird Folder Looping Message-ID: <08628CA53C6CBA4ABAFB9E808A5214CB1D43BF@mercury.infiniconsys.com> Hi. Has anyone seen the behavior of having explorer folder traversal loop? By this I mean, directories repeat over and over. As an example, say the samba server has a share on it called documents. I'll navigate to a file 3 or 4 directories beneath documents. Let's say the path looks like: documents\dir1\dir2\dir3\dir4\somefile.txt As I expand the tree, it can drop back to the root of documents, adding ghost directories, like: documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt It's flaky. Has anyone seen this? Not all of our win2k boxes produce this problem, all are at sp2. I'm using msdfs with samba 2.2.1a Thanks, -- Christopher Barry InfiniCon Systems Systems Administrator 700 American Avenue Tel:610.205.0130x25 FAX:0488 King of Prussia, PA 19406 From DavidAtkinson at solectron.com Thu Sep 20 16:50:02 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:48 2003 Subject: Weird Folder Looping Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67C6@wangex.wta.slr.com> Chris, That problem relates to Symbolic References. You can turn off this behaviour with a directive like follow symbolic link = no, but you will have to check the manual. I have this behaviour on my servers too, and I mostly just ignore it, but you can either disable it or you can tel your users not to try going down all these directories. Regards David Atkinson System Administrator Solectron Australia Phone: +61 3 5720-2556 Mobile: +61 4 1957-4112 Fax: +61 3 5720-2412 -----Original Message----- From: Barry, Christopher [mailto:cbarry@infiniconsys.com] Sent: Friday, 21 September 2001 9:35 AM To: Samba-Ntdom (E-mail) Subject: Weird Folder Looping Hi. Has anyone seen the behavior of having explorer folder traversal loop? By this I mean, directories repeat over and over. As an example, say the samba server has a share on it called documents. I'll navigate to a file 3 or 4 directories beneath documents. Let's say the path looks like: documents\dir1\dir2\dir3\dir4\somefile.txt As I expand the tree, it can drop back to the root of documents, adding ghost directories, like: documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt It's flaky. Has anyone seen this? Not all of our win2k boxes produce this problem, all are at sp2. I'm using msdfs with samba 2.2.1a Thanks, -- Christopher Barry InfiniCon Systems Systems Administrator 700 American Avenue Tel:610.205.0130x25 FAX:0488 King of Prussia, PA 19406 From mpc at star.sr.bham.ac.uk Thu Sep 20 17:04:01 2001 From: mpc at star.sr.bham.ac.uk (Mark Cooke) Date: Tue Dec 2 02:35:48 2003 Subject: Weird Folder Looping In-Reply-To: <91C8BF85397AD411B62A0090274FA17F5D67C6@wangex.wta.slr.com> Message-ID: I have seen this behaviour between two installs of samba. We have a Linux based backup server (2.2.1a) using smbtar to do weekly archives of various desktop machines. The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a I have seen this behaviour recently causing backups to fail by crashing the smbtar and have been trying to pin it down. Unfortunately, I need the backups to follow some sym links. Mark On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > That problem relates to Symbolic References. You can turn off this behaviour > with a directive like follow symbolic link = no, but you will have to check > the manual. I have this behaviour on my servers too, and I mostly just > ignore it, but you can either disable it or you can tel your users not to > try going down all these directories.> > > -----Original Message----- > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > Sent: Friday, 21 September 2001 9:35 AM > To: Samba-Ntdom (E-mail) > Subject: Weird Folder Looping > > > Hi. Has anyone seen the behavior of having explorer folder traversal > loop? By this I mean, directories repeat over and over. > > As an example, say the samba server has a share on it called documents. > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > the path looks like: > > documents\dir1\dir2\dir3\dir4\somefile.txt > > As I expand the tree, it can drop back to the root of documents, adding > ghost directories, like: > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a -- +-------------------------------------------------------------------------+ Mark Cooke The views expressed above are mine and are not Systems Programmer necessarily representative of university policy University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ +-------------------------------------------------------------------------+ From DavidAtkinson at solectron.com Thu Sep 20 17:44:02 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:48 2003 Subject: Weird Folder Looping Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67C7@wangex.wta.slr.com> Mark, You could do a few different things to get around that. The first is you can set the do not follow sym links in the smb.conf file, which means the sym links remain on the file system. This only causes a problem if you are attempting to back up remotely using smb as the communication protocol. Perhaps what you might consider doing is setting up a cron job on the machine that is being backed up and get it to write the tar file directly onto the server doing the backups using smbmount. ie mount up a directory on the backup server and then locally run tar and dump the backup onto the mounted directory. Alternatively, if you must run the backup from the backup server, you may have to carefully select options so that it doesn't engage in infinite recursion of sub-directories. You may be able to limit the number of directory levels with smbtar, or, alternatively, you could run find with options to make it aware of the excluded directories (fully qualified, as you want them backed up at least once) and it will produce for you a list of all the files currently on the filesystem which can then be passed to tar / smbtar / cpio / other miscellaneous backup tool Regards David Atkinson System Administrator Solectron Australia Phone: +61 3 5720-2556 Mobile: +61 4 1957-4112 Fax: +61 3 5720-2412 -----Original Message----- From: Mark Cooke [mailto:mpc@star.sr.bham.ac.uk] Sent: Friday, 21 September 2001 10:06 AM To: DavidAtkinson@solectron.com Cc: samba-ntdom@lists.samba.org Subject: RE: Weird Folder Looping I have seen this behaviour between two installs of samba. We have a Linux based backup server (2.2.1a) using smbtar to do weekly archives of various desktop machines. The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a I have seen this behaviour recently causing backups to fail by crashing the smbtar and have been trying to pin it down. Unfortunately, I need the backups to follow some sym links. Mark On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > That problem relates to Symbolic References. You can turn off this behaviour > with a directive like follow symbolic link = no, but you will have to check > the manual. I have this behaviour on my servers too, and I mostly just > ignore it, but you can either disable it or you can tel your users not to > try going down all these directories.> > > -----Original Message----- > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > Sent: Friday, 21 September 2001 9:35 AM > To: Samba-Ntdom (E-mail) > Subject: Weird Folder Looping > > > Hi. Has anyone seen the behavior of having explorer folder traversal > loop? By this I mean, directories repeat over and over. > > As an example, say the samba server has a share on it called documents. > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > the path looks like: > > documents\dir1\dir2\dir3\dir4\somefile.txt > > As I expand the tree, it can drop back to the root of documents, adding > ghost directories, like: > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a -- +-------------------------------------------------------------------------+ Mark Cooke The views expressed above are mine and are not Systems Programmer necessarily representative of university policy University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ +-------------------------------------------------------------------------+ From npande at bajajauto.co.in Thu Sep 20 22:49:02 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:35:48 2003 Subject: Problem with Samba server References: Message-ID: <3BAAD545.C662718@bajajauto.co.in> Vyenkatesh, I think you need to change your security = domain. This will pass users to WinPDC for authentication. Also, did you add your new samba server to the domain? Create a machine account for SGI box and add it. HTH, Ciao, Nitin Mail Administrator Ext. 6960 Vyenkatesh.Khataokar@kvaerner.com wrote: > Nitin, > > No I havnt configured my SGI box as a dc, which I dont want to. I > already have one samba instance running of 1.9.18 version on another SGI BOX > ( which is running fine without any problems) I want to upgrade to this > 2.0.5 samba version so I have configured another SGI box for test. This new > SGI box is also working fine there is no problem for SMBD and NMBD as such, > SAMBA is working fine. Windows NT clients are getting the server they can > access database on SGI box and work with their software which is on Windows > NT. The main problem is whenever I start SMBD and NMBD some of the Windows > NT clients try to connect to this new SAMBA server as a logon server, and I > have to do a NLTEST reset for them for unable them to get Windows NT domain. > I have different domains for Windows and Unix. so whenever I start SMBD and > NMBD I get lot of calls from Windows NT clients saying that they dont get > windows nt domain at all in there domain lists. > > My resource domain is different and logon domain is different. so > users are not able to see the logon domain after this samba services > started. > > I can not start samba because of this problem even if samba is > working. > > I hope I have narrated my problem properly. Please do let me know if > I am not clear in narrating my problem. > > I am attaching herewith the SMB.conf file. > > Kind Regards, > > Vyenkatesh Khataokar > Sr. Systems Assistant > Computer Integrated Engineering > Kvaerner Powergas India Ltd > Powergas House > 177, Vidyanagari Marg > Kalina, Santacruz (E) > Mumbai - 400 098 > India. > > Tel: 91-22-6915573 > Fax: 91-22-6915934 > Email: vyenkatesh.khataokar@kvaerner.com > > -----Original Message----- > From: NITIN PANDE [mailto:npande@bajajauto.co.in] > Sent: Sunday, August 19, 2001 5:25 PM > To: Khataokar, Vyenkatesh KECMUM > Cc: samba-ntdom@lists.samba.org > Subject: Re: Problem with Samba server > > Vyenkatesh, > Did you configure your SGI box as a DC? Another thing, you will have to > start > smbd and nmbd in order to get the Samba working. Lastly, please do post > your > smb.conf file so guys here can see what's goin on.. > Ciao, > Nitin :) > Mail Administrator > > Vyenkatesh.Khataokar@kvaerner.com wrote: > > > Hi, > > > > I have Samba Server 2.0.5 installed on IRIX 6.5. All the clients > are > > accessing it properly which are windows NT 4.0 clients. But at the same > time > > it is broadcasting the samba server as a logon server for some Windows NT > > 4.0 clients. So some of the clients are trying to logon onto that IRIX > samba > > server and in that process they are getting disconnected from windows nt > > domain controller and I have to do NLTEST reset for those workstations to > > get connected to windows nt domain controller. > > > > I cant start the SMBD and NMBD services as it effects some of the > NT > > clients. > > > > What can I do shall I send u the smb.conf file I am usning.? > > > > And how do I transfer the UNIX users from normal UNIX passwd file > to > > SMBPASSWD file with all the things intact I mean passwords also. So > > that for samba useage the sane UNIX user don't have to change the passwd > > again for samba. > > > > Kind Regards, > > > > Vyenkatesh Khataokar > > Sr. Systems Assistant > > Computer Integrated Engineering > > Kvaerner Powergas India Ltd > > Powergas House > > 177, Vidyanagari Marg > > Kalina, Santacruz (E) > > Mumbai - 400 098 > > India. > > > > Tel: 91-22-6915573 > > Fax: 91-22-6915934 > > Email: vyenkatesh.khataokar@kvaerner.com > > ------------------------------------------------------------------------ > Name: smb.conf > smb.conf Type: unspecified type (application/octet-stream) > Encoding: quoted-printable From jaucamp at freemail.absa.co.za Fri Sep 21 01:07:02 2001 From: jaucamp at freemail.absa.co.za (Jacques Aucamp) Date: Tue Dec 2 02:35:48 2003 Subject: (no subject) Message-ID: Can someone please tell me what this is and how to fix it. /var/log/messages on RH7.1 and Samba 2.2.1a [2001/08/28 12:39:11, 0] smbd/nttrans.c:call_nt_transact_ioctl(1798) call_nt_transact_ioctl: Currently not implemented. thnaks Jacques Aucamp --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1960 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010921/85c3788c/winmail.bin From skunk at cg.tuwien.ac.at Fri Sep 21 01:18:01 2001 From: skunk at cg.tuwien.ac.at (Stephan Plepelits) Date: Tue Dec 2 02:35:48 2003 Subject: Problem joining W2K-Workstation Message-ID: <20010921102059.A14883@cg.tuwien.ac.at> Hi! I've changed my Samba-PDC some weeks ago, and now joining domains won't function any more. I've copied the *.SID-files, so login as user works (on already joined machines). (PDC is zwirn, 128.131.166.31, client is koffer, 128.131.166.67). I've now reinstalled a machine, deleted the entry from smbpasswd, (the entries in /etc/passwd are already there), created a new entry with smbpasswd -a -m koffer$ . When I try to join the machine, I get the message: The following error occured joining the domain "DOMAIN": The account is not authorized to login from this station. I did this with the root account, there is an entry for root in the smbpasswd file. The entry for koffer$ looks like this: koffer$:20067:5919C508F8993E9AAAD3B435B51404EE:0BFECF8A1C42FBAD2C6518C551F69EAE:[W ]:LCT-3B8F8FEB: You will find attached the smb.conf file. System: SuSE 7.2 Linux 2.4.4 Samba 2.2.1a Please help me, I've got no idea, what this problem can be ... greetings, Stephan -- ** ** * * ** ** * * * ** ** * * * * ** ** * * ** * Stephan Plepelits Vienna University of Technology Institute of Computergraphics and Algorithms plepelits@cg.tuwien.ac.at http://www.cg.tuwien.ac.at Tel.: +43 1 58801x18634 Fax: +43 1 58801x18698 ** * * * * * * ** ** * * * * * * ** * * ** * * * * -------------- next part -------------- # Samba config file created using SWAT # from zwirn.cg.tuwien.ac.at (128.131.166.31) # Date: 2000/09/15 11:37:00 # Global parameters [global] workgroup = COMPUTERGRAPHIK server string = %h runs Linux as PDC log file = /var/log/samba/log.%m log level = 5 max log size = 50 announce version = 666 keepalive = 30 os level = 2 wins server = 128.131.166.99 message command = /usr/local/bin/LinPopUp comment = Eat more ... security = user encrypt passwords = yes domain logons = yes logon script = %U.bat logon home = \\zwirn\%U\profile logon path = \\zwirn\%U\profile time server = yes preferred master = yes domain master = yes domain admin group = @admin guest ok = yes [homes] comment = Homedirectory read only = No [Temp] comment = Temporary Directory path = /tmp read only = No create mask = 0777 guest ok = Yes [netlogon] path = /usr/samba/netlogon/ writeable = no guest ok = no [sw_archive] path = /software/sw_archive create mask = 0770 [scratch] path = /scratch create mask = 0777 From andreas.kauffmann at tzdan.de Fri Sep 21 01:41:02 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:35:48 2003 Subject: Still the Kernel32.dll and Watson Problem Message-ID: Hy all. I still have this Problems with joining an samba domain with a NT client. When I want to join a samba domain with a NT client, type in the correct password for the workstation trust account, then a DR. Watson Window popups with an kernel32.dll error. So I can?t join the domain! What the heck is the Problem? Thanks! A_VeNoM From Paul.Blackaller at lfs.co.uk Fri Sep 21 02:27:03 2001 From: Paul.Blackaller at lfs.co.uk (Paul Blackaller) Date: Tue Dec 2 02:35:48 2003 Subject: New Samba install Message-ID: Problem: After installing samba2.2.1a onto a Solaris 2.8 box having downloaded the binaries from the net, I can see it seems to be working correctly by running smbclient -U% -L localhost. It comes back with the info I would expect. However, when I try & connect from an NT4 (service pack 6) workstation I get the messages " is not accessible - The account is not authorized to login from this workstation". I have no security restrictions in my smb.conf file in terms of host allow, etc. When I turn on password encryption it won't even accept my password - "invalid user/password" message. Can anyone out there help me? There are 2 network cards in the Solaris box and I think I've enabled both of them in the smb.conf. I've tried pretty much everything I can think of & I'd appreciate any new ideas. Thanks Paul Blackaller Technical Analyst Tel: 01582 845087 e-mail: paul.blackaller@lfs.co.uk From eirvine at tpgi.com.au Fri Sep 21 04:37:02 2001 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:35:48 2003 Subject: New Samba install References: Message-ID: <3BAB26DC.E07BF87F@tpgi.com.au> OK Paul, Paul Blackaller wrote: > > Problem: > > After installing samba2.2.1a onto a Solaris 2.8 box having downloaded the > binaries from the net, I can see it seems to be working correctly by running > smbclient -U% -L localhost. It comes back with the info I would expect. > However, when I try & connect from an NT4 (service pack 6) workstation I get > the messages " is not accessible - The account is not authorized > to login from this workstation". I have no security restrictions in my > smb.conf file in terms of host allow, etc. When I turn on password > encryption it won't even accept my password - "invalid user/password" > message. > > Can anyone out there help me? There are 2 network cards in the Solaris box > and I think I've enabled both of them in the smb.conf. I've tried pretty > much everything I can think of & I'd appreciate any new ideas. Decide if you want to use encrypted or unencrypted passwords. If you are using encrypted passwords (The Windows out of the box default for a while now) then you will need to add the user to the encrypted password file (this is different from shadow and passwd) on the server. man smbpasswd. If you are using unenencrypted passwords, you don't need to have an encrypted password file. However, you will need to change a registry setting on your Windows box and reboot. check out http://www.linuxworld.com/linuxworld/lw-2000-11/lw-11-samba.html Eddie. From Gilles.Vautour at statcan.ca Fri Sep 21 05:35:02 2001 From: Gilles.Vautour at statcan.ca (Gilles.Vautour@statcan.ca) Date: Tue Dec 2 02:35:49 2003 Subject: Problem joining W2K-Workstation Message-ID: <3A66CAF3B5D3D4119AFD00508BC286AD019C1153@msxa4.statcan.ca> Don't know if this will help. We ran in to a similar problem when reverting back (make revert). We had to remove the machine account from the PDC and recreate it before issuing the smbpasswd command to rejoin the domain. Hope this helps! Gilles A. Vautour Senior Systems Administrator / Administrateur Principal de Syst?mes Phone :(613) 951-1951 Main Bldg., Room 3120, Tunney's Pasture Fax : (613) 951-5198 ITSD/DSTI, Statistics Canada Internet : vautgil@statcan.ca Ottawa, Ontario, Canada, K1A 0T6 -----Original Message----- From: Stephan Plepelits [mailto:skunk@cg.tuwien.ac.at] Sent: September 21, 2001 4:21 AM To: samba-ntdom@lists.samba.org Subject: Problem joining W2K-Workstation Hi! I've changed my Samba-PDC some weeks ago, and now joining domains won't function any more. I've copied the *.SID-files, so login as user works (on already joined machines). (PDC is zwirn, 128.131.166.31, client is koffer, 128.131.166.67). I've now reinstalled a machine, deleted the entry from smbpasswd, (the entries in /etc/passwd are already there), created a new entry with smbpasswd -a -m koffer$ . When I try to join the machine, I get the message: The following error occured joining the domain "DOMAIN": The account is not authorized to login from this station. I did this with the root account, there is an entry for root in the smbpasswd file. The entry for koffer$ looks like this: koffer$:20067:5919C508F8993E9AAAD3B435B51404EE:0BFECF8A1C42FBAD2C6518C551F69 EAE:[W ]:LCT-3B8F8FEB: You will find attached the smb.conf file. System: SuSE 7.2 Linux 2.4.4 Samba 2.2.1a Please help me, I've got no idea, what this problem can be ... greetings, Stephan -- ** ** * * ** ** * * * ** ** * * * * ** ** * * ** * Stephan Plepelits Vienna University of Technology Institute of Computergraphics and Algorithms plepelits@cg.tuwien.ac.at http://www.cg.tuwien.ac.at Tel.: +43 1 58801x18634 Fax: +43 1 58801x18698 ** * * * * * * ** ** * * * * * * ** * * ** * * * * From BStoddard at MorrisonProducts.com Fri Sep 21 08:17:02 2001 From: BStoddard at MorrisonProducts.com (Stoddard, Bob) Date: Tue Dec 2 02:35:49 2003 Subject: NT 4.0 Servers not seeing SAMBA share Message-ID: I have an RS6000 running IBM AIX 4.x and SAMBA installed. I have setup a number of shares that can only be seen locally by a NT 4.0 Server and clients. I cannot seem to see these shares from the other three NT4.0 Servers on the WAN. Is there a problem with the way the share has been setup in SAMBA? The only difference I can see in the NT servers is the one that can see and open the share is the PDC and exists on the same LAN as the UNIX box. Help. Bob Stoddard From atsyber at ifrance.com Fri Sep 21 09:27:06 2001 From: atsyber at ifrance.com (Sylvain) Date: Tue Dec 2 02:35:49 2003 Subject: W2K <-> Profiles Message-ID: <3BAB6C5F.6000004@ifrance.com> I use a Windows 2000 SP2 client with Samba 2.2.1a All work, however I've a very strange problem when windows want access and store a profile... I use this on my smb.conf : logon path = \\%L\Profiles\%U [Profiles] path = /var/lib/samba/profiles browseable = no guest ok = yes A the start, I've a warning message (I translate from french) Windows can't build this folder \\Pollux\\Profiles\root.pds (Pollux = server, root= admin) So for try to find a solution on this problem, I've changed few parameters on the smb.conf like this : ?First I've built a directory /Profiles logon path = \\%L\Profiles\ [Profiles] path = /Profiles browseable = no guest ok = yes So now, on the start it work however when I would like reboot Windows say : Windows can't update the itinerant profil - Access denied... Interressting isn't it ? drwxrwxr-x 2 root root 144 sep 21 16:03 Profiles/ into this folder I've : [root@pollux cups]# ll /Profiles/ total 0 -rwxr--r-- 1 root root 0 sep 21 15:44 prf8B.tmp* -rwxr--r-- 1 root root 0 sep 21 15:46 prf8D.tmp* -rwxr--r-- 1 root root 0 sep 21 16:03 prfBE.tmp* Anyone have suggestion please? Other strange think : I use logon script like this : NET TIME \\pollux /SET /YES NET USE T: \\pollux\tmp /YES NET USE U: \\pollux\sbe /YES But when I open the File Explorer I see there network drives: tmp sur 'pollux' (T:) root sur 'pollux' (U:) root sur 'pollux' (Z:) What's this (Z:) network ? Thank you very much for yours answers... Sylvain.B. From greg at leiinc.com Fri Sep 21 14:19:03 2001 From: greg at leiinc.com (Greg J. Zartman, P.E.) Date: Tue Dec 2 02:35:49 2003 Subject: Roaming Profiles -- temporary files Message-ID: Does anyone know how one could setup roaming profiles so that windows (NT/2k) doesn't store temporary files to the profiles directory (i.e. ../profile directory/Local Settings/Temp and ../profile directory/Local Settings/Temporary Internet Files) These seem to make our profiles very large and difficult to utilize as roaming profiles Thank you. Greg J. Zartman, P.E. Vice-President Logging Engineering International, Inc. 1243 West 7th Avenue Eugene, Oregon 97402 541-683-8383 Fax 541-683-8144 Web: www.leiinc.com From ross at a-q.co.uk Fri Sep 21 14:33:03 2001 From: ross at a-q.co.uk (Ross McKillop) Date: Tue Dec 2 02:35:49 2003 Subject: Roaming Profiles -- temporary files In-Reply-To: Message-ID: The registry key "ExcludeProfileDirs" is what you want, but this can be more easily set with the Windows NT Policy Editor (poledit.exe) -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Greg J. Zartman, P.E. Sent: 21 September 2001 22:24 To: Samba News Subject: Roaming Profiles -- temporary files Does anyone know how one could setup roaming profiles so that windows (NT/2k) doesn't store temporary files to the profiles directory (i.e. ../profile directory/Local Settings/Temp and ../profile directory/Local Settings/Temporary Internet Files) These seem to make our profiles very large and difficult to utilize as roaming profiles Thank you. Greg J. Zartman, P.E. Vice-President Logging Engineering International, Inc. 1243 West 7th Avenue Eugene, Oregon 97402 541-683-8383 Fax 541-683-8144 Web: www.leiinc.com From DavidAtkinson at solectron.com Fri Sep 21 16:56:01 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:49 2003 Subject: FW: NT 4.0 Servers not seeing SAMBA share Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67D1@wangex.wta.slr.com> FYI -----Original Message----- From: Atkinson, David Sent: Saturday, 22 September 2001 9:58 AM To: 'Stoddard, Bob' Subject: RE: NT 4.0 Servers not seeing SAMBA share Sounds like a routing problem. Do you have WINS setup? Routers usually will not relay brodcasts, so you must use WINS resolution otherwise the remote machines will not be able to see the Samba box. You can setup WINS using the option wins server = w.x.y.z where w.x.y.z is the IP address of your wins server (for example mine is 10.1.1.254) or you could setup the samba box as a wins server. If you do just make sure that you setup wins in the network properties of all the other windows boxes. -----Original Message----- From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] Sent: Saturday, 22 September 2001 1:18 AM To: 'samba-ntdom@lists.samba.org' Subject: NT 4.0 Servers not seeing SAMBA share I have an RS6000 running IBM AIX 4.x and SAMBA installed. I have setup a number of shares that can only be seen locally by a NT 4.0 Server and clients. I cannot seem to see these shares from the other three NT4.0 Servers on the WAN. Is there a problem with the way the share has been setup in SAMBA? The only difference I can see in the NT servers is the one that can see and open the share is the PDC and exists on the same LAN as the UNIX box. Help. Bob Stoddard From damason at davenet.mine.nu Fri Sep 21 17:09:01 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:35:49 2003 Subject: Weird Folder Looping References: Message-ID: <001d01c142fb$52d611b0$4c0610ac@lapdance> I don't think this one is Samba/symlinks' fault. I've seen it on NT file servers, myself (even with no Linux clients). ----- Original Message ----- From: "Mark Cooke" To: Cc: Sent: Thursday, September 20, 2001 5:06 PM Subject: RE: Weird Folder Looping > I have seen this behaviour between two installs of samba. We have a > Linux based backup server (2.2.1a) using smbtar to do weekly archives > of various desktop machines. > > The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a > > I have seen this behaviour recently causing backups to fail by > crashing the smbtar and have been trying to pin it down. > Unfortunately, I need the backups to follow some sym links. > > Mark > > On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > > > That problem relates to Symbolic References. You can turn off this behaviour > > with a directive like follow symbolic link = no, but you will have to check > > the manual. I have this behaviour on my servers too, and I mostly just > > ignore it, but you can either disable it or you can tel your users not to > > try going down all these directories.> > > > > -----Original Message----- > > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > > Sent: Friday, 21 September 2001 9:35 AM > > To: Samba-Ntdom (E-mail) > > Subject: Weird Folder Looping > > > > > > Hi. Has anyone seen the behavior of having explorer folder traversal > > loop? By this I mean, directories repeat over and over. > > > > As an example, say the samba server has a share on it called documents. > > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > > the path looks like: > > > > documents\dir1\dir2\dir3\dir4\somefile.txt > > > > As I expand the tree, it can drop back to the root of documents, adding > > ghost directories, like: > > > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > -- > +-------------------------------------------------------------------------+ > Mark Cooke The views expressed above are mine and are not > Systems Programmer necessarily representative of university policy > University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ > +-------------------------------------------------------------------------+ > > > > From damason at davenet.mine.nu Fri Sep 21 17:12:02 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:35:49 2003 Subject: Weird Folder Looping References: <08628CA53C6CBA4ABAFB9E808A5214CB1D43BF@mercury.infiniconsys.com> Message-ID: <001301c142fb$1ee197d0$4c0610ac@lapdance> I have seen this problem when using NT file servers, but usually the looping has happened at the root of a share with one folder, cycling the folder name and the share name in a series of nested folders. ----- Original Message ----- From: "Barry, Christopher" To: "Samba-Ntdom (E-mail)" Sent: Thursday, September 20, 2001 4:35 PM Subject: Weird Folder Looping > Hi. Has anyone seen the behavior of having explorer folder traversal > loop? By this I mean, directories repeat over and over. > > As an example, say the samba server has a share on it called documents. > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > the path looks like: > > documents\dir1\dir2\dir3\dir4\somefile.txt > > As I expand the tree, it can drop back to the root of documents, adding > ghost directories, like: > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > Thanks, > > -- > > Christopher Barry > InfiniCon Systems > Systems Administrator 700 American Avenue > Tel:610.205.0130x25 FAX:0488 King of Prussia, PA 19406 > > > > From DavidAtkinson at solectron.com Fri Sep 21 17:21:03 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:49 2003 Subject: Weird Folder Looping Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67D3@wangex.wta.slr.com> David, In that case I have no idea. I have, however, only ever seen this problem with some of my samba servers, and I was able to trace it all back to looping sym links. Could you please send some details of the problem as you have seen it on your NT systems as I want to try and replicate the results. You've got me interested now. I have evedently never actually seen the problem you are refering to. -----Original Message----- From: David A. Mason [mailto:damason@davenet.mine.nu] Sent: Saturday, 22 September 2001 10:13 AM To: Mark Cooke; DavidAtkinson@solectron.com Cc: samba-ntdom@lists.samba.org Subject: Re: Weird Folder Looping I don't think this one is Samba/symlinks' fault. I've seen it on NT file servers, myself (even with no Linux clients). ----- Original Message ----- From: "Mark Cooke" To: Cc: Sent: Thursday, September 20, 2001 5:06 PM Subject: RE: Weird Folder Looping > I have seen this behaviour between two installs of samba. We have a > Linux based backup server (2.2.1a) using smbtar to do weekly archives > of various desktop machines. > > The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a > > I have seen this behaviour recently causing backups to fail by > crashing the smbtar and have been trying to pin it down. > Unfortunately, I need the backups to follow some sym links. > > Mark > > On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > > > That problem relates to Symbolic References. You can turn off this behaviour > > with a directive like follow symbolic link = no, but you will have to check > > the manual. I have this behaviour on my servers too, and I mostly just > > ignore it, but you can either disable it or you can tel your users not to > > try going down all these directories.> > > > > -----Original Message----- > > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > > Sent: Friday, 21 September 2001 9:35 AM > > To: Samba-Ntdom (E-mail) > > Subject: Weird Folder Looping > > > > > > Hi. Has anyone seen the behavior of having explorer folder traversal > > loop? By this I mean, directories repeat over and over. > > > > As an example, say the samba server has a share on it called documents. > > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > > the path looks like: > > > > documents\dir1\dir2\dir3\dir4\somefile.txt > > > > As I expand the tree, it can drop back to the root of documents, adding > > ghost directories, like: > > > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > -- > +-------------------------------------------------------------------------+ > Mark Cooke The views expressed above are mine and are not > Systems Programmer necessarily representative of university policy > University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ > +-------------------------------------------------------------------------+ > > > > From damason at davenet.mine.nu Fri Sep 21 17:35:02 2001 From: damason at davenet.mine.nu (David A. Mason) Date: Tue Dec 2 02:35:50 2003 Subject: Weird Folder Looping References: <91C8BF85397AD411B62A0090274FA17F5D67D3@wangex.wta.slr.com> Message-ID: <002401c142ff$226f55a0$4c0610ac@lapdance> I'm sorry about the whole unsubstantiated rumor thing, but I know it happened on NT4 SP4 with NT4, 2000Pro, Win95, Win98, Mac clients at an office in San Francisco where I used to work, and it also happened at a client running NT4 SP6 with the same spread of clients. I have access to neither office, now, and I didn't document it, because I'd just delete the folders now and then. I think for some reason, at the time, I blamed the Macs, but that might have been plain, old superstition. DAM ----- Original Message ----- From: To: Cc: Sent: Friday, September 21, 2001 5:24 PM Subject: RE: Weird Folder Looping > David, > In that case I have no idea. I have, however, only ever seen this problem > with some of my samba servers, and I was able to trace it all back to > looping sym links. Could you please send some details of the problem as you > have seen it on your NT systems as I want to try and replicate the results. > You've got me interested now. I have evedently never actually seen the > problem you are refering to. > > -----Original Message----- > From: David A. Mason [mailto:damason@davenet.mine.nu] > Sent: Saturday, 22 September 2001 10:13 AM > To: Mark Cooke; DavidAtkinson@solectron.com > Cc: samba-ntdom@lists.samba.org > Subject: Re: Weird Folder Looping > > > I don't think this one is Samba/symlinks' fault. I've seen it on NT file > servers, myself (even with no Linux clients). > ----- Original Message ----- > From: "Mark Cooke" > To: > Cc: > Sent: Thursday, September 20, 2001 5:06 PM > Subject: RE: Weird Folder Looping > > > > I have seen this behaviour between two installs of samba. We have a > > Linux based backup server (2.2.1a) using smbtar to do weekly archives > > of various desktop machines. > > > > The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a > > > > I have seen this behaviour recently causing backups to fail by > > crashing the smbtar and have been trying to pin it down. > > Unfortunately, I need the backups to follow some sym links. > > > > Mark > > > > On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > > > > > That problem relates to Symbolic References. You can turn off this > behaviour > > > with a directive like follow symbolic link = no, but you will have to > check > > > the manual. I have this behaviour on my servers too, and I mostly just > > > ignore it, but you can either disable it or you can tel your users not > to > > > try going down all these directories.> > > > > > > -----Original Message----- > > > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > > > Sent: Friday, 21 September 2001 9:35 AM > > > To: Samba-Ntdom (E-mail) > > > Subject: Weird Folder Looping > > > > > > > > > Hi. Has anyone seen the behavior of having explorer folder traversal > > > loop? By this I mean, directories repeat over and over. > > > > > > As an example, say the samba server has a share on it called documents. > > > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > > > the path looks like: > > > > > > documents\dir1\dir2\dir3\dir4\somefile.txt > > > > > > As I expand the tree, it can drop back to the root of documents, adding > > > ghost directories, like: > > > > > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > > > > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > > > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > > > -- > > > +-------------------------------------------------------------------------+ > > Mark Cooke The views expressed above are mine and are not > > Systems Programmer necessarily representative of university > policy > > University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ > > > +-------------------------------------------------------------------------+ > > > > > > > > > > From DavidAtkinson at solectron.com Fri Sep 21 17:43:01 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:50 2003 Subject: Weird Folder Looping Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67D4@wangex.wta.slr.com> David, It may have been the Services for Macintosh (I usually find my gut instincts are right), but I'll try setting up a test network and see If I can replecate the results. I do, however believe that this problem is completely unrelated to the orriginal problems Mark and Barry brought up. Finding Macs may be hard, though. For anyone who cares Solectron Corp. (www.solectron.com) has a policy of using purely Microsoft Software (poor, misguided souls). -----Original Message----- From: David A. Mason [mailto:damason@davenet.mine.nu] Sent: Saturday, 22 September 2001 10:30 AM To: DavidAtkinson@solectron.com Cc: samba-ntdom@lists.samba.org; aspiteri@eatonassoc.com Subject: Re: Weird Folder Looping I'm sorry about the whole unsubstantiated rumor thing, but I know it happened on NT4 SP4 with NT4, 2000Pro, Win95, Win98, Mac clients at an office in San Francisco where I used to work, and it also happened at a client running NT4 SP6 with the same spread of clients. I have access to neither office, now, and I didn't document it, because I'd just delete the folders now and then. I think for some reason, at the time, I blamed the Macs, but that might have been plain, old superstition. DAM ----- Original Message ----- From: To: Cc: Sent: Friday, September 21, 2001 5:24 PM Subject: RE: Weird Folder Looping > David, > In that case I have no idea. I have, however, only ever seen this problem > with some of my samba servers, and I was able to trace it all back to > looping sym links. Could you please send some details of the problem as you > have seen it on your NT systems as I want to try and replicate the results. > You've got me interested now. I have evedently never actually seen the > problem you are refering to. > > -----Original Message----- > From: David A. Mason [mailto:damason@davenet.mine.nu] > Sent: Saturday, 22 September 2001 10:13 AM > To: Mark Cooke; DavidAtkinson@solectron.com > Cc: samba-ntdom@lists.samba.org > Subject: Re: Weird Folder Looping > > > I don't think this one is Samba/symlinks' fault. I've seen it on NT file > servers, myself (even with no Linux clients). > ----- Original Message ----- > From: "Mark Cooke" > To: > Cc: > Sent: Thursday, September 20, 2001 5:06 PM > Subject: RE: Weird Folder Looping > > > > I have seen this behaviour between two installs of samba. We have a > > Linux based backup server (2.2.1a) using smbtar to do weekly archives > > of various desktop machines. > > > > The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a > > > > I have seen this behaviour recently causing backups to fail by > > crashing the smbtar and have been trying to pin it down. > > Unfortunately, I need the backups to follow some sym links. > > > > Mark > > > > On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > > > > > That problem relates to Symbolic References. You can turn off this > behaviour > > > with a directive like follow symbolic link = no, but you will have to > check > > > the manual. I have this behaviour on my servers too, and I mostly just > > > ignore it, but you can either disable it or you can tel your users not > to > > > try going down all these directories.> > > > > > > -----Original Message----- > > > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > > > Sent: Friday, 21 September 2001 9:35 AM > > > To: Samba-Ntdom (E-mail) > > > Subject: Weird Folder Looping > > > > > > > > > Hi. Has anyone seen the behavior of having explorer folder traversal > > > loop? By this I mean, directories repeat over and over. > > > > > > As an example, say the samba server has a share on it called documents. > > > I'll navigate to a file 3 or 4 directories beneath documents. Let's say > > > the path looks like: > > > > > > documents\dir1\dir2\dir3\dir4\somefile.txt > > > > > > As I expand the tree, it can drop back to the root of documents, adding > > > ghost directories, like: > > > > > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > > > > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > > > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > > > -- > > > +-------------------------------------------------------------------------+ > > Mark Cooke The views expressed above are mine and are not > > Systems Programmer necessarily representative of university > policy > > University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ > > > +-------------------------------------------------------------------------+ > > > > > > > > > > From acci at mmcable.com Fri Sep 21 19:28:02 2001 From: acci at mmcable.com (Charles Moon) Date: Tue Dec 2 02:35:50 2003 Subject: mount -t smbfs ... or equivalent Message-ID: <2F266B61FB25D5118CAA009027949336018D54@server.gigeek.com> I have a Redhat 6.2 server as anode on a Windows NT 4.0 network. I can successfully mount a share on the NT server using # mount -t smbfs -o username=foo,password=bar //ntserver_box/share /redhat_box/directory. However, I fail to successfully mount a share from a Windows 98 node using the same structure (i.e. # mount -t smbfs -o username=foo,password=bar //win98_box/share /redhat_box/other_directory). Can someone give me some insight here? g.i. geek From fdellutri at tiscalinet.it Sat Sep 22 13:44:03 2001 From: fdellutri at tiscalinet.it (Fabio Dellutri) Date: Tue Dec 2 02:35:50 2003 Subject: Try to disable profiles download Message-ID: Hi, i have installed a PDC whit Samba 2.2.1a on RedHat Linux 7.1. My local domain is composed by 3 PCs whit differents OS: Win2k_sp2, Win_nt4_sp6 and Linux 2.4. Can i avoid to download every time the users profiles from server, but use the local copy? I whould to use the Linux PDC only for the users authentication. Thanks for all... PS: Sorry for my poor english!! I'm Italian... :)) From uwe at saul-duf.de Sun Sep 23 11:39:03 2001 From: uwe at saul-duf.de (Uwe Saul) Date: Tue Dec 2 02:35:50 2003 Subject: help Message-ID: -------------- next part -------------- HTML attachment scrubbed and removed From DavidAtkinson at solectron.com Sun Sep 23 17:07:08 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:50 2003 Subject: mount -t smbfs ... or equivalent Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67D6@wangex.wta.slr.com> Charles, Unless you have selected user-based authentication, and have setup that user on the Win98 Share, It is likely that the Win98 machine is being confused by the username. Have you set a password for the share ? If you have, you must use the password you set, not your own, and the username becomes irrelivant. If there is no password, try using mount -t smbfs -o username=me,guest //winbox/share /mnt. The first step though should be to find out how the Win98 box is authenticating, and then make sure you have permission. If the share you are talking about is \\machine\c$ then you must have the remote admin password, or be in the remote admin list (second tab of three in the Passwords control-panel applet) and you must have at least the file sharing service installed. The printer sharing is optional. This is done through the Network Control-Panel. -----Original Message----- From: Charles Moon [mailto:acci@mmcable.com] Sent: Saturday, 22 September 2001 12:31 PM To: samba-ntdom@lists.samba.org Subject: mount -t smbfs ... or equivalent I have a Redhat 6.2 server as anode on a Windows NT 4.0 network. I can successfully mount a share on the NT server using # mount -t smbfs -o username=foo,password=bar //ntserver_box/share /redhat_box/directory. However, I fail to successfully mount a share from a Windows 98 node using the same structure (i.e. # mount -t smbfs -o username=foo,password=bar //win98_box/share /redhat_box/other_directory). Can someone give me some insight here? g.i. geek From DavidAtkinson at solectron.com Sun Sep 23 17:32:02 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:50 2003 Subject: NT 4.0 Servers not seeing SAMBA share Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67D7@wangex.wta.slr.com> Bob, Firstly can the other NT machines see the PDC? If they can, then there is likely already a WINS server present. Check in the PDC (you need to be an administrator to do this) in the Network Control-Panel, Protocols Tab, TCP/IP Protocol. In the TCP/IP dialogue go to the WINS tab and see what server / servers are specified. The top one is probably the primary one, so enter a line into the smb.conf file containing that IP. The format is wins server = w.x.y.z where w.x.y.z is the IP. The only other way I know of that will allow the NT boxes to find each other over a wan (or other routed network) is using an lmhosts file. If this is how it is working, then you should seriously consider going to a WINS based solution as lmhosts file can very easily get out of sync and cause big headaches for the administrator. Even Microsoft does not recommend them in networks much larger that their pier to pier definition (10 machines) -----Original Message----- From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] Sent: Sunday, 23 September 2001 8:16 AM To: 'DavidAtkinson@solectron.com' Subject: RE: NT 4.0 Servers not seeing SAMBA share What is the proper setup of the Samba box as a wins server? Still not having any luck. Bob Stoddard -----Original Message----- From: DavidAtkinson@solectron.com [mailto:DavidAtkinson@solectron.com] Sent: Friday, September 21, 2001 7:58 PM To: BStoddard@MorrisonProducts.com Subject: RE: NT 4.0 Servers not seeing SAMBA share Sounds like a routing problem. Do you have WINS setup? Routers usually will not relay brodcasts, so you must use WINS resolution otherwise the remote machines will not be able to see the Samba box. You can setup WINS using the option wins server = w.x.y.z where w.x.y.z is the IP address of your wins server (for example mine is 10.1.1.254) or you could setup the samba box as a wins server. If you do just make sure that you setup wins in the network properties of all the other windows boxes. -----Original Message----- From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] Sent: Saturday, 22 September 2001 1:18 AM To: 'samba-ntdom@lists.samba.org' Subject: NT 4.0 Servers not seeing SAMBA share I have an RS6000 running IBM AIX 4.x and SAMBA installed. I have setup a number of shares that can only be seen locally by a NT 4.0 Server and clients. I cannot seem to see these shares from the other three NT4.0 Servers on the WAN. Is there a problem with the way the share has been setup in SAMBA? The only difference I can see in the NT servers is the one that can see and open the share is the PDC and exists on the same LAN as the UNIX box. Help. Bob Stoddard From shanu at exocore.com Sun Sep 23 22:16:01 2001 From: shanu at exocore.com (Shanker Balan) Date: Tue Dec 2 02:35:50 2003 Subject: Try to disable profiles download In-Reply-To: ; from fdellutri@tiscalinet.it on Sat, Sep 22, 2001 at 10:48:24PM +0200 References: Message-ID: <20010924104924.B10391@exocore.com> Hello: Fabio Dellutri wrote, > Can i avoid to download every time the users profiles from server, but > use the local copy? I whould to use the Linux PDC only for the users > authentication. Thanks for all... Setting the following smb.conf options to null works for me: logon path = logon home = -- Han Solo: Oh! I thought they smelled bad on the *outside*! From Matt.Lessem at Colorado.EDU Mon Sep 24 00:45:02 2001 From: Matt.Lessem at Colorado.EDU (Matt Lessem) Date: Tue Dec 2 02:35:50 2003 Subject: Symantec Ghost cann't join Samba-PDC domain Message-ID: I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for about 100 machines in teaching labs at a university. In general, the server works well. It is very stable and has no problem supporting 400+ users. As an added bonus, it also serves as a firewall and a dhcp server and provides the students with ssh/scp access to their home directories. The one major problem I'm having involves using Symantec Ghost 7 Enterprise edition to image the Windows 2000 clients in the labs. I won't spend too much time explaining how this works, as only those familiar with Ghost will likely have any suggestions or care to read on. What happens is: when Ghost 7 Console re-images a client machine, it attempts to re-add it to the domain using a name and password given to Ghost when it is installed. This user exist on the Samba-PDC server, and has permission to create domain accounts. When the freshly imaged client machine comes back up, with the correct name and thinking it is in the correct domain, it gives an error of, roughly, "Failed to join domain. Bad parameter". I hit "ok" and the machine reboots. When the client comes up again, it still thinks it is in the domain. If I attempt to login to the domain, it says roughly, "Unable to logon to domain. Computer account is nonexistant or password is wrong". Of course, all of these machines already have accounts on the Samba-PDC server. The solution, up to this point, has been to remove each machine from the domain, reboot, put each machine back into the domain, providing a name and password for the samba-pdc that can do that, and reboot again. You can see how this could get old with 100 clients. I have seen Ghost 7 successfully put machines back into a domian that is run by a Win2K server, so it is not purely a matter of Ghost being broken. Questions you might be able to help me with: 1. How is Ghost attempting to re-add these machines to the domain? If it is attempting to use user manager for domain style commands, I know that Samba-PDC does not support that. If it is doing something else, what is that? 2. Is Samba logging the attempts by Ghost to rejoin these machines to the domain? If so, where? 3. Is anyone doing this successfully? In other words, is it just me/my server? 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a Samba-PDC to play nice -- besides moving to a Win2K Server and just using the Samba machine as a file server? Any help or thoughts are much appreciated. Thanks, Matt Lessem From umaier at gmx.de Mon Sep 24 00:56:03 2001 From: umaier at gmx.de (umaier@gmx.de) Date: Tue Dec 2 02:35:50 2003 Subject: Symantec Ghost cann't join Samba-PDC domain References: Message-ID: <16081.1001318292@www2.gmx.net> [...] > > Questions you might be able to help me with: > [...] Sorry, no solution for the other questions. > 3. Is anyone doing this successfully? In other words, is it just me/my > server? As far as I know NT is frequently changing its ID at the PDC. The PDC accepts the new ID and continues working. But if you step back to an old image containing the old ID you obviously get an error because of the outdated ID. We've seen this also in an NT4 environment. If the time between dumping and restoring the image is short enough the ID wasn't changed in between so everything works right. Maybe that's what you've seen with Win2k. uwe -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From DavidAtkinson at solectron.com Mon Sep 24 01:40:03 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:50 2003 Subject: Symantec Ghost cann't join Samba-PDC domain Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67DA@wangex.wta.slr.com> Matt, As you have already heard from uwe (Sorry uwe, I don't know your name) Ghost copies the machine as is, and it is most likely that the machine account password has expired. In NT the only solution is, as suggested, recreate the accounts for each machine one-by-one, but Win2k has a cloning prep tool that clears out all the network unique stuff from the system prior to cloning using Ghost. Information on that is available from Microsoft. Try looking at http://www.microsoft.com/windows2000/techinfo/planning/default.asp for tips on installing your client machines with Windows 2000 -----Original Message----- From: Matt Lessem [mailto:Matt.Lessem@Colorado.EDU] Sent: Monday, 24 September 2001 5:47 PM To: samba-ntdom@lists.samba.org Subject: Symantec Ghost cann't join Samba-PDC domain I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for about 100 machines in teaching labs at a university. In general, the server works well. It is very stable and has no problem supporting 400+ users. As an added bonus, it also serves as a firewall and a dhcp server and provides the students with ssh/scp access to their home directories. The one major problem I'm having involves using Symantec Ghost 7 Enterprise edition to image the Windows 2000 clients in the labs. I won't spend too much time explaining how this works, as only those familiar with Ghost will likely have any suggestions or care to read on. What happens is: when Ghost 7 Console re-images a client machine, it attempts to re-add it to the domain using a name and password given to Ghost when it is installed. This user exist on the Samba-PDC server, and has permission to create domain accounts. When the freshly imaged client machine comes back up, with the correct name and thinking it is in the correct domain, it gives an error of, roughly, "Failed to join domain. Bad parameter". I hit "ok" and the machine reboots. When the client comes up again, it still thinks it is in the domain. If I attempt to login to the domain, it says roughly, "Unable to logon to domain. Computer account is nonexistant or password is wrong". Of course, all of these machines already have accounts on the Samba-PDC server. The solution, up to this point, has been to remove each machine from the domain, reboot, put each machine back into the domain, providing a name and password for the samba-pdc that can do that, and reboot again. You can see how this could get old with 100 clients. I have seen Ghost 7 successfully put machines back into a domian that is run by a Win2K server, so it is not purely a matter of Ghost being broken. Questions you might be able to help me with: 1. How is Ghost attempting to re-add these machines to the domain? If it is attempting to use user manager for domain style commands, I know that Samba-PDC does not support that. If it is doing something else, what is that? 2. Is Samba logging the attempts by Ghost to rejoin these machines to the domain? If so, where? 3. Is anyone doing this successfully? In other words, is it just me/my server? 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a Samba-PDC to play nice -- besides moving to a Win2K Server and just using the Samba machine as a file server? Any help or thoughts are much appreciated. Thanks, Matt Lessem From idra at samba.org Mon Sep 24 02:17:02 2001 From: idra at samba.org (Simo Sorce) Date: Tue Dec 2 02:35:51 2003 Subject: Symantec Ghost cann't join Samba-PDC domain In-Reply-To: ; from Matt.Lessem@Colorado.EDU on Mon, Sep 24, 2001 at 01:47:13AM -0600 References: Message-ID: <20010924021617.B22446@va.samba.org> On Mon, Sep 24, 2001 at 01:47:13AM -0600, Matt Lessem wrote: > > I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for > about 100 machines in teaching labs at a university. > > In general, the server works well. It is very stable and has no problem > supporting 400+ users. As an added bonus, it also serves as a firewall > and a dhcp server and provides the students with ssh/scp access to their > home directories. > > The one major problem I'm having involves using Symantec Ghost 7 > Enterprise edition to image the Windows 2000 clients in the labs. I > won't spend too much time explaining how this works, as only those > familiar with Ghost will likely have any suggestions or care to read on. > > What happens is: when Ghost 7 Console re-images a client machine, it > attempts to re-add it to the domain using a name and password given to > Ghost when it is installed. This user exist on the Samba-PDC server, and > has permission to create domain accounts. > > When the freshly imaged client machine comes back up, with the correct > name and thinking it is in the correct domain, it gives an error of, > roughly, "Failed to join domain. Bad parameter". I hit "ok" and the > machine reboots. When the client comes up again, it still thinks it is > in the domain. If I attempt to login to the domain, it says roughly, > "Unable to logon to domain. Computer account is nonexistant or password > is wrong". Of course, all of these machines already have accounts on the > Samba-PDC server. > > The solution, up to this point, has been to remove each machine from the > domain, reboot, put each machine back into the domain, providing a name > and password for the samba-pdc that can do that, and reboot again. You > can see how this could get old with 100 clients. > > I have seen Ghost 7 successfully put machines back into a domian that is > run by a Win2K server, so it is not purely a matter of Ghost being > broken. > > Questions you might be able to help me with: > > 1. How is Ghost attempting to re-add these machines to the domain? If it > is attempting to use user manager for domain style commands, I know that > Samba-PDC does not support that. If it is doing something else, what is > that? SAmba PDC 2.2.x support most of them, nut you must have a user root in smbpasswd that maps on the system root to do that (use a different root password than the system one) > > 2. Is Samba logging the attempts by Ghost to rejoin these machines to > the domain? If so, where? Probably, depends on your log level. If you give ghost the root user and passwor it will be probably able to readd your machines. We are working to give capabilities to other users to do these tasks. > > 3. Is anyone doing this successfully? In other words, is it just me/my > server? > > 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a > Samba-PDC to play nice -- besides moving to a Win2K Server and just > using the Samba machine as a file server? > > Any help or thoughts are much appreciated. for details, read the docs and the archives -- Simo Sorce idra@samba.org ------------------------------- Samba Team http://www.samba.org From abo at netlands.de Mon Sep 24 03:50:04 2001 From: abo at netlands.de (Andreas Boeckler) Date: Tue Dec 2 02:35:51 2003 Subject: winbind & WIN2k PDC Message-ID: <20010924125235.A2085@netlands.de> Hi all, i have a tested winbind-installation that works fine against a samba-DC. But when i setup the smb.conf to use the WIN2k-Domain, i become desperate: 1. joining the WIN2k-Domain via smbpasswd -j DOMAIN works 2. wbinfo -t tells me, that the secret is bad 3. wbinfo -n returns valid SID's for existent usernames and non-existent usernames get a S-0-0 8, so it works 4. getent passwd, wbinfo -u, wbinfo -g fail with NT_STATUS_ACCESS_DENIED in the winbindd debug messages 5. wbinfo -a succeeds with _EVERY_ combination of user%password ( wrong users and passwords, too ) i'm using the winbind-binaries and libs from the HEAD-branch Any suggestions? thanx Andy -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #97: Small animal kamikaze attack on power supplies From rodrigo at mercadolibre.com Mon Sep 24 05:09:01 2001 From: rodrigo at mercadolibre.com (Rodrigo Benzaquen) Date: Tue Dec 2 02:35:51 2003 Subject: Unsuscribe In-Reply-To: <91C8BF85397AD411B62A0090274FA17F5D67DA@wangex.wta.slr.com> Message-ID: unsuscribe Hi, how can I do to unsuscribe ? Thanks From andreas.kauffmann at tzdan.de Mon Sep 24 05:11:04 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:35:51 2003 Subject: NT Domain Problem. Message-ID: Hy everybody out there. I?ve got a Problem, joining a a samba domain with a NT4 Client SP6a. I use Samba V2.2.1a. You see the Problem on the Please help! I made Screenshots because my English is toooo bad to explain that in a good way. May a German Samba Profi will mail me. Thanks! <> ///\\ (O O) +-----------------oOO--(_)--------------------+ | Andreas Kauffmann | | Telematikzentrum D?rrwangen GmbH & Co. KG | | andreas.kauffmann@tzdan.de | +---------------------------oOO---------------+ Hauptstra?e 3 |__|__| || || 91622 D?rrwangen ooO Ooo 09856/979 48 - 21 -------------- next part -------------- A non-text attachment was scrubbed... Name: domaeneistda.zip Type: application/x-zip-compressed Size: 26560 bytes Desc: domaeneistda.zip Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010924/ffcea808/domaeneistda.bin From gustavo.michels at emersonenergy.com Mon Sep 24 05:12:02 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:51 2003 Subject: Unsuscribe Message-ID: <7F0147C496F3D411813C0002B32BF1CC012EE1E3@eesekkex001.kkekant.ericsson.se> Visit www.samba.org and follow the instructions there. cheers Gustavo > -----Original Message----- > From: Rodrigo Benzaquen [mailto:rodrigo@mercadolibre.com] > Sent: segunda-feira, 24 de setembro de 2001 09:09 > To: samba-ntdom@lists.samba.org > Subject: Unsuscribe > > > unsuscribe > > Hi, how can I do to unsuscribe ? > > Thanks > > > From mpc at star.sr.bham.ac.uk Mon Sep 24 06:35:12 2001 From: mpc at star.sr.bham.ac.uk (Mark Cooke) Date: Tue Dec 2 02:35:51 2003 Subject: Weird Folder Looping In-Reply-To: <91C8BF85397AD411B62A0090274FA17F5D67D4@wangex.wta.slr.com> Message-ID: Having looked more closely at the backup process here, it seems there are more serious issues I need to examine. I added the -v flag to smbtar to produce a verbose output, and there are many cases of the following types of error. This is between a linux machine running 2.2.1a, and a solaris machine also running 2.2.1a. 1. This one appears to be a case sensitivity issue. ICLink and iclink are different files, so this warning I understand: 13487 ( 286.3 kb/s) \mgc-c4\bin\rm_ic_readlocks 11245 ( 296.8 kb/s) \mgc-c4\bin\ICLink File size change - truncating \mgc-c4\bin\iclink to 1469 bytes 1469 ( 68.3 kb/s) \mgc-c4\bin\iclink 3849 ( 101.6 kb/s) \mgc-c4\bin\InstantXpert 2. These ones are more worrying: Error reading file \mgc-c4\lib\VerilogCXEldo : code 0 Didn't get entire file. size=6742692, nread=4258800 6742692 ( 114.4 kb/s) \mgc-c4\lib\VerilogCXEldo code 0 opening remote file \mgc-c4\lib\toasc.exe (\mgc-c4\lib\) code 0 opening remote file \mgc-c4\lib\tobin.exe (\mgc-c4\lib\) code 0 opening remote file \mgc-c4\lib\creefft.exe (\mgc-c4\lib\) Error reading file \mgc-c4\lib\curve_v.exe. Got 0 bytes Didn't get entire file. size=364760, nread=0 364760 ( 183.0 kb/s) \mgc-c4\lib\curve_v.exe Error reading file \mgc-c4\lib\curve_t.exe. Got 0 bytes Didn't get entire file. size=368448, nread=28092 368448 (10280.4 kb/s) \mgc-c4\lib\curve_t.exe Error reading file \mgc-c4\lib\tsdb_cmp.exe : code 0 Didn't get entire file. size=117064, nread=0 117064 ( 448.3 kb/s) \mgc-c4\lib\tsdb_cmp.exe Error reading file \mgc-c4\lib\tsdb_dig.exe. Got 0 bytes Didn't get entire file. size=121960, nread=79566 121960 ( 773.4 kb/s) \mgc-c4\lib\tsdb_dig.exe ERRDOS - ERRbadfid (Invalid file handle.) opening remote file \mgc-c4\lib\tsdb_read.exe (\mgc-c4\lib\) ERRDOS - ERRbadfid (Invalid file handle.) opening remote file \mgc-c4\lib\tsdb_reduce.exe (\mgc-c4\lib\) ERRDOS - ERRbadfid (Invalid file handle.) opening remote file \mgc-c4\lib\tsdb_write.exe (\mgc-c4\lib\) ERRDOS - ERRbadfid (Invalid file handle.) opening remote file \mgc-c4\lib\fanal.exe (\mgc-c4\lib\) Mentor Graphics (mgc) does use symlinks extensively, but the links all appear correct. Certainly for the files above that are failing for some reason. Mark On Sat, 22 Sep 2001 DavidAtkinson@solectron.com wrote: > Date: Sat, 22 Sep 2001 10:45:50 +1000 > From: DavidAtkinson@solectron.com > To: damason@davenet.mine.nu, DavidAtkinson@solectron.com > Cc: samba-ntdom@lists.samba.org, aspiteri@eatonassoc.com > Subject: RE: Weird Folder Looping > > David, > It may have been the Services for Macintosh (I usually find my gut instincts > are right), but I'll try setting up a test network and see If I can > replecate the results. I do, however believe that this problem is completely > unrelated to the orriginal problems Mark and Barry brought up. Finding Macs > may be hard, though. > > For anyone who cares Solectron Corp. (www.solectron.com) has a policy of > using purely Microsoft Software (poor, misguided souls). > > -----Original Message----- > From: David A. Mason [mailto:damason@davenet.mine.nu] > Sent: Saturday, 22 September 2001 10:30 AM > To: DavidAtkinson@solectron.com > Cc: samba-ntdom@lists.samba.org; aspiteri@eatonassoc.com > Subject: Re: Weird Folder Looping > > > I'm sorry about the whole unsubstantiated rumor thing, but I know it > happened on NT4 SP4 with NT4, 2000Pro, Win95, Win98, Mac clients at an > office in San Francisco where I used to work, and it also happened at a > client running NT4 SP6 with the same spread of clients. > > I have access to neither office, now, and I didn't document it, because I'd > just delete the folders now and then. > > I think for some reason, at the time, I blamed the Macs, but that might have > been plain, old superstition. > > DAM > ----- Original Message ----- > From: > To: > Cc: > Sent: Friday, September 21, 2001 5:24 PM > Subject: RE: Weird Folder Looping > > > > David, > > In that case I have no idea. I have, however, only ever seen this problem > > with some of my samba servers, and I was able to trace it all back to > > looping sym links. Could you please send some details of the problem as > you > > have seen it on your NT systems as I want to try and replicate the > results. > > You've got me interested now. I have evedently never actually seen the > > problem you are refering to. > > > > -----Original Message----- > > From: David A. Mason [mailto:damason@davenet.mine.nu] > > Sent: Saturday, 22 September 2001 10:13 AM > > To: Mark Cooke; DavidAtkinson@solectron.com > > Cc: samba-ntdom@lists.samba.org > > Subject: Re: Weird Folder Looping > > > > > > I don't think this one is Samba/symlinks' fault. I've seen it on NT file > > servers, myself (even with no Linux clients). > > ----- Original Message ----- > > From: "Mark Cooke" > > To: > > Cc: > > Sent: Thursday, September 20, 2001 5:06 PM > > Subject: RE: Weird Folder Looping > > > > > > > I have seen this behaviour between two installs of samba. We have a > > > Linux based backup server (2.2.1a) using smbtar to do weekly archives > > > of various desktop machines. > > > > > > The desktops are a mix of Win2000/NT4/solaris 2.6 with samba 2.2.1a > > > > > > I have seen this behaviour recently causing backups to fail by > > > crashing the smbtar and have been trying to pin it down. > > > Unfortunately, I need the backups to follow some sym links. > > > > > > Mark > > > > > > On Fri, 21 Sep 2001 DavidAtkinson@solectron.com wrote: > > > > > > > That problem relates to Symbolic References. You can turn off this > > behaviour > > > > with a directive like follow symbolic link = no, but you will have to > > check > > > > the manual. I have this behaviour on my servers too, and I mostly just > > > > ignore it, but you can either disable it or you can tel your users not > > to > > > > try going down all these directories.> > > > > > > > > -----Original Message----- > > > > From: Barry, Christopher [mailto:cbarry@infiniconsys.com] > > > > Sent: Friday, 21 September 2001 9:35 AM > > > > To: Samba-Ntdom (E-mail) > > > > Subject: Weird Folder Looping > > > > > > > > > > > > Hi. Has anyone seen the behavior of having explorer folder traversal > > > > loop? By this I mean, directories repeat over and over. > > > > > > > > As an example, say the samba server has a share on it called > documents. > > > > I'll navigate to a file 3 or 4 directories beneath documents. Let's > say > > > > the path looks like: > > > > > > > > documents\dir1\dir2\dir3\dir4\somefile.txt > > > > > > > > As I expand the tree, it can drop back to the root of documents, > adding > > > > ghost directories, like: > > > > > > > > documents\dir1\dir2\dir1\dir2\dir1\dir2\dir3\dir4\somefile.txt > > > > > > > > It's flaky. Has anyone seen this? Not all of our win2k boxes produce > > > > this problem, all are at sp2. I'm using msdfs with samba 2.2.1a > > > > > > -- > > > > > > +-------------------------------------------------------------------------+ > > > Mark Cooke The views expressed above are mine and are > not > > > Systems Programmer necessarily representative of university > > policy > > > University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ > > > > > > +-------------------------------------------------------------------------+ > > > > > > > > > > > > > > > > > -- +-------------------------------------------------------------------------+ Mark Cooke The views expressed above are mine and are not Systems Programmer necessarily representative of university policy University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/ +-------------------------------------------------------------------------+ From ppz at mail.com Mon Sep 24 06:57:04 2001 From: ppz at mail.com (Piet Pelz) Date: Tue Dec 2 02:35:51 2003 Subject: Umlaut in Domainname Message-ID: <20010924140001.20325.qmail@mail.com> Hello List, does anyone know how to join a SAMBA File Server in a domain that contains a "Umlaut" such as ? or ?? What I did: On the NT server added the computer sambaserv. On the Samba server joined the domain: smbpasswd -j dr?ber -r NTSERV The Samba Server generated a .mac file with the Umlaut: DR?BER.SAMBASERV.mac However, the computer doe not appear in network neighbourhood. It appears somewhere with strange characters in place of the Umlaut. In smb.conf the entry is workgroup=DR?BER Any idea but to change the domainname? Thanks a lot Piet -- _______________________________________________ Have you downloaded the latest calling software from Net2Phone? Click here to get it now! http://www.net2phone.com/cgi-bin/adforward.cgi?p_key=NH211JK&url=http://commcenter.net2phone.com/ From emercer at rad.upenn.edu Mon Sep 24 07:01:03 2001 From: emercer at rad.upenn.edu (Eric Mercer) Date: Tue Dec 2 02:35:52 2003 Subject: Symantec Ghost cann't join Samba-PDC domain References: Message-ID: <3BAF3D2A.BF2EBDC@rad.upenn.edu> One possible work-around: When you capture the ghost image of a client machine, don't remove it from the domain first. Capture the image, and record the password hash from the smbpasswd entry for that machine. When you apply the image to another workstation, put the hash in that workstation's entry. I've done this with NT4 & I haven't had a problem (yet). I don't know how Win2K will react. -Eric From mhaney at info4cars.com Mon Sep 24 07:09:03 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:35:52 2003 Subject: Symantec Ghost cann't join Samba-PDC domain In-Reply-To: Message-ID: Here's my suggestion from someone who has done close to a thousand of these types of installs using ghost: Do not have the machine in the domain when you ghost it. Add it later. This way you guarantee that it works. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Matt Lessem Sent: Monday, September 24, 2001 3:47 AM To: samba-ntdom@lists.samba.org Subject: Symantec Ghost cann't join Samba-PDC domain I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for about 100 machines in teaching labs at a university. In general, the server works well. It is very stable and has no problem supporting 400+ users. As an added bonus, it also serves as a firewall and a dhcp server and provides the students with ssh/scp access to their home directories. The one major problem I'm having involves using Symantec Ghost 7 Enterprise edition to image the Windows 2000 clients in the labs. I won't spend too much time explaining how this works, as only those familiar with Ghost will likely have any suggestions or care to read on. What happens is: when Ghost 7 Console re-images a client machine, it attempts to re-add it to the domain using a name and password given to Ghost when it is installed. This user exist on the Samba-PDC server, and has permission to create domain accounts. When the freshly imaged client machine comes back up, with the correct name and thinking it is in the correct domain, it gives an error of, roughly, "Failed to join domain. Bad parameter". I hit "ok" and the machine reboots. When the client comes up again, it still thinks it is in the domain. If I attempt to login to the domain, it says roughly, "Unable to logon to domain. Computer account is nonexistant or password is wrong". Of course, all of these machines already have accounts on the Samba-PDC server. The solution, up to this point, has been to remove each machine from the domain, reboot, put each machine back into the domain, providing a name and password for the samba-pdc that can do that, and reboot again. You can see how this could get old with 100 clients. I have seen Ghost 7 successfully put machines back into a domian that is run by a Win2K server, so it is not purely a matter of Ghost being broken. Questions you might be able to help me with: 1. How is Ghost attempting to re-add these machines to the domain? If it is attempting to use user manager for domain style commands, I know that Samba-PDC does not support that. If it is doing something else, what is that? 2. Is Samba logging the attempts by Ghost to rejoin these machines to the domain? If so, where? 3. Is anyone doing this successfully? In other words, is it just me/my server? 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a Samba-PDC to play nice -- besides moving to a Win2K Server and just using the Samba machine as a file server? Any help or thoughts are much appreciated. Thanks, Matt Lessem From acci at mmcable.com Mon Sep 24 07:17:05 2001 From: acci at mmcable.com (Charles Moon) Date: Tue Dec 2 02:35:52 2003 Subject: mount -t smbfs ... or equivalent Message-ID: <2F266B61FB25D5118CAA009027949336018D5D@server.gigeek.com> Again as a reminder, I am able to access a share on the NT server. It is only a Win98 node that fails. > Unless you have selected user-based authentication... I am using the default "share level" authentication > Have you set a password for the share? No password is set. > If there is no password, try using mount -t smbfs -o username=me,guest //winbox/share /mnt. I did this as suggested. No success however. > The first step though should be to find out how the Win98 box is authenticating... I believe it is a "guest" or "everyone" authentication. I am able to browse into the share with no problem from any users login. > If the share you are talking about is \\machine\c$ then you must have the remote admin password... The share is not a hidden share. It is simply an ordinary share w/ full access and no password. When mounting the share, I don't get any error messages. It appears to mount okay. When attempting to browse or "ls" the newly mounted directory "/mnt/mounted" I get: "ls: /mnt/mounted: Input/output error". I also get "# smb_refresh_inode: /// changed mode, 0040755 to 0100755" when attempting to access the mounted directory from a web browser. > -----Original Message----- > From: DavidAtkinson@solectron.com [mailto:DavidAtkinson@solectron.com] > Sent: Sunday, September 23, 2001 7:10 PM > To: samba-ntdom@lists.samba.org > Subject: RE: mount -t smbfs ... or equivalent > > > Charles, > Unless you have selected user-based authentication, and have > setup that user > on the Win98 Share, It is likely that the Win98 machine is > being confused by > the username. Have you set a password for the share ? If you > have, you must > use the password you set, not your own, and the username > becomes irrelivant. > If there is no password, try using mount -t smbfs -o username=me,guest > //winbox/share /mnt. The first step though should be to find > out how the > Win98 box is authenticating, and then make sure you have > permission. If the > share you are talking about is \\machine\c$ then you must > have the remote > admin password, or be in the remote admin list (second tab of > three in the > Passwords control-panel applet) and you must have at least > the file sharing > service installed. The printer sharing is optional. This is > done through the > Network Control-Panel. > > -----Original Message----- > From: Charles Moon [mailto:acci@mmcable.com] > Sent: Saturday, 22 September 2001 12:31 PM > To: samba-ntdom@lists.samba.org > Subject: mount -t smbfs ... or equivalent > > > > I have a Redhat 6.2 server as anode on a Windows NT 4.0 > network. I can > successfully mount a share on the NT server using # mount -t smbfs -o > username=foo,password=bar //ntserver_box/share /redhat_box/directory. > However, I fail to successfully mount a share from a Windows > 98 node using > the same structure (i.e. # mount -t smbfs -o username=foo,password=bar > //win98_box/share /redhat_box/other_directory). > > Can someone give me some insight here? > > g.i. geek > From linux at fenix.uam.mx Mon Sep 24 12:04:45 2001 From: linux at fenix.uam.mx (Lista linux) Date: Tue Dec 2 02:35:52 2003 Subject: Symantec Ghost cann't join Samba-PDC domain In-Reply-To: Message-ID: Hi, I'm using Ghost to mirror an image from a samba server over 14 computers, but when I do it in parallel with all machines, it takes up to 7seven hours. I have read that using Ghost in some particular mode (broadcast, I guess) this could be faster, What do I need to do this? Thank you in advance. On Mon, 24 Sep 2001, Mark Haney wrote: > Here's my suggestion from someone who has done close to a thousand of these > types of installs using ghost: Do not have the machine in the domain when > you ghost it. Add it later. This way you guarantee that it works. > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Matt Lessem > Sent: Monday, September 24, 2001 3:47 AM > To: samba-ntdom@lists.samba.org > Subject: Symantec Ghost cann't join Samba-PDC domain > > > > I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for > about 100 machines in teaching labs at a university. > > In general, the server works well. It is very stable and has no problem > supporting 400+ users. As an added bonus, it also serves as a firewall > and a dhcp server and provides the students with ssh/scp access to their > home directories. > > The one major problem I'm having involves using Symantec Ghost 7 > Enterprise edition to image the Windows 2000 clients in the labs. I > won't spend too much time explaining how this works, as only those > familiar with Ghost will likely have any suggestions or care to read on. > > What happens is: when Ghost 7 Console re-images a client machine, it > attempts to re-add it to the domain using a name and password given to > Ghost when it is installed. This user exist on the Samba-PDC server, and > has permission to create domain accounts. > > When the freshly imaged client machine comes back up, with the correct > name and thinking it is in the correct domain, it gives an error of, > roughly, "Failed to join domain. Bad parameter". I hit "ok" and the > machine reboots. When the client comes up again, it still thinks it is > in the domain. If I attempt to login to the domain, it says roughly, > "Unable to logon to domain. Computer account is nonexistant or password > is wrong". Of course, all of these machines already have accounts on the > Samba-PDC server. > > The solution, up to this point, has been to remove each machine from the > domain, reboot, put each machine back into the domain, providing a name > and password for the samba-pdc that can do that, and reboot again. You > can see how this could get old with 100 clients. > > I have seen Ghost 7 successfully put machines back into a domian that is > run by a Win2K server, so it is not purely a matter of Ghost being > broken. > > Questions you might be able to help me with: > > 1. How is Ghost attempting to re-add these machines to the domain? If it > is attempting to use user manager for domain style commands, I know that > Samba-PDC does not support that. If it is doing something else, what is > that? > > 2. Is Samba logging the attempts by Ghost to rejoin these machines to > the domain? If so, where? > > 3. Is anyone doing this successfully? In other words, is it just me/my > server? > > 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a > Samba-PDC to play nice -- besides moving to a Win2K Server and just > using the Samba machine as a file server? > > Any help or thoughts are much appreciated. > > Thanks, > Matt Lessem > > -- Ing. Romy Perez Moreno e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx http://fenix.uam.mx/romy tel: 5318 9067 / 5382-7157 From kwillett at ignisys.com Mon Sep 24 14:04:02 2001 From: kwillett at ignisys.com (Ken Willett) Date: Tue Dec 2 02:35:52 2003 Subject: Joining domain; "credentials in conflict" error Message-ID: <003401c1453c$69a01e20$6401a8c0@Titan> When joining an NT or W2K client to a domain, one may run into the error "Credentials are in conflict with an existing set of credentials". This has been noted in previous posts, and occurs with both Samba and Windows PDC's (it's really a client problem, not a server problem). Recently I struggled with this while reimaging machines using Ghost, because immediately on login, the client would authenticate to the server for purposes of mapping a network share. Once that has happened, attempting to join the domain will fail with the message given above. Sometimes unmapping the drive(s) will get around this problem, but this doesn't always seem to work. My recipe now, which is simple enough, is: 1. Unplug the network cable from the workstation. 2. Log in as administrator, ignoring any network-related messages. 3. Plug the cable back in. 4. Join the domain. If the cable is inaccessible, and you are using DHCP, you can do an "ipconfig /release", log out and back in, and then do an "ipconfig /renew" before joining the domain. From Alexander.Dubielczyk at gmx.de Mon Sep 24 16:03:03 2001 From: Alexander.Dubielczyk at gmx.de (Alexander Dubielczyk) Date: Tue Dec 2 02:35:52 2003 Subject: destroyed machine accounts Message-ID: <15lenA-0YzsvYC@fmrl02.sul.t-online.com> Hello everybody, I have a problem with samba-2.2.0 PDC working on a SuSE linux. Sometimes the machine accounts of some workstations (W2K,SP1) seem to be destroyed by samba or the client itself. Everything works fine, but suddenly after a reboot you aren?t able to log into the domain anymore and have to create a new machine- account. The message you get when trying to log in is something like: "you don`t have a valid machine account for this domain". Any ideas? Gru?, Alex (AlexDu@Nrh.De) From DavidAtkinson at solectron.com Mon Sep 24 16:30:03 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:52 2003 Subject: Joining domain; "credentials in conflict" error Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67DD@wangex.wta.slr.com> You can also achieve this effect by depatching at the switch, or if you know the local administrator password you can delete the machine account using server manager and login as the local administrator and recreate the machine account that way. You can sometimes get lucky and have a domain administrator account work after deleting the domain account, but this does not always work. If you get really desperate you can use the original NT/Win2K install disk in recovery mode to restore the virgin SAM, just say you don't have a recovery disk, but I'm not sure how much this wipes out. -----Original Message----- From: Ken Willett [mailto:kwillett@ignisys.com] Sent: Tuesday, 25 September 2001 7:04 AM To: samba-ntdom@lists.samba.org Subject: Joining domain; "credentials in conflict" error When joining an NT or W2K client to a domain, one may run into the error "Credentials are in conflict with an existing set of credentials". This has been noted in previous posts, and occurs with both Samba and Windows PDC's (it's really a client problem, not a server problem). Recently I struggled with this while reimaging machines using Ghost, because immediately on login, the client would authenticate to the server for purposes of mapping a network share. Once that has happened, attempting to join the domain will fail with the message given above. Sometimes unmapping the drive(s) will get around this problem, but this doesn't always seem to work. My recipe now, which is simple enough, is: 1. Unplug the network cable from the workstation. 2. Log in as administrator, ignoring any network-related messages. 3. Plug the cable back in. 4. Join the domain. If the cable is inaccessible, and you are using DHCP, you can do an "ipconfig /release", log out and back in, and then do an "ipconfig /renew" before joining the domain. From DavidAtkinson at solectron.com Mon Sep 24 16:47:05 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:52 2003 Subject: SAMBA Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67DE@wangex.wta.slr.com> Bob, Under Linux (well, any SysV Unix, I think) you can start and stop using /etc/rc.d/init.d/smb start /etc/rc.d/init.d/smb stop /etc/rc.d/init.d/smb restart Under AIX I believe that by default it sets itself up in inetd, so there is no need to restart, just do a ps -ef to find out where it's process ID and then kill -HUP those processes. I am also including a page by our local AIX admin (BTW: We also use AIX 4.x, our most recent version is 4.3.2, but hey, we have 1 Tiger-2) NB: Although the attached documentation may mention IBM Wangaratta, Bluegum Wangaratta or Solectron Wangaratta, do not consider the procedures mentioned here in to in any way refelct the procedures or to be in any way endorsed by the aforementioned companies. It outlines what we do, but it is not an approved procedure. --------------------------------- SAMBA on CCS Install Get an account for the host on the PDC Using the server admin tool, just add a new host as an 'NT Workstation or Server' Install the samba fileset with smit install The install from an AIX install file was rather trivial. Aparently the install adds the swat entry to /etc/services and adds entries to /etc/inetd.conf to run the daemons under inetd. Comment out the lines for smbd & nmbd as follows: # The following three lines are for the Samba SMB Server (freeware) # netbios-ssn stream tcp nowait root /usr/local/bin/smbd smbd # netbios-ns dgram udp wait root /usr/local/bin/nmbd nmbd swat stream tcp nowait.400 root /usr/local/bin/swat swat Add the following to the end of /etc/rc.tcpip # Start samba /usr/local/bin/nmbd -D & /usr/local/bin/smbd -D & Edit /usr/local/lib/smb.conf and set the following: security = domain password server = bgntpdc wins server = 10.206.177.51 Ensure that none of the above lines are commented out. Also, with the security = statement, there is an uncommented statement immediately after the commented one. Make sure you dont end up with 2 conflicting statements. Run the following command ONCE ONLY & BEFORE STARTING SAMBA smbpasswd -j BGNT Save the files /var/samba/private/BGNT.CCS.mac & MACHINE.SID Reboot or run the above commands manually to start Samba. If smbpasswd is run a second time these files will be corrupted. Either restore the original files or Delete system account on PDC Recreate system account on PDC rerun smbpasswd -j BGNT Make sure you save BGNT.CCS.mac & MACHINE.SID this time !! Config The config file is /usr/local/lib/smb.conf Maps The map name is /var/samba/users.map This is a mapping of BGNT domain userids to CCS userids The format is: jaa = jatkinson If passwords are different for the NT domain and the referenced unix account you will need to initialise the password on the unix box. Enter: /usr/local/bin/smbpasswd uuser Where uuser is the unix user referenced to the NT user in the users.map file When prompted enter the NT password. Connection Environment John Atkinson 18-APR-00 -----Original Message----- From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] Sent: Tuesday, 25 September 2001 5:12 AM To: 'DavidAtkinson@solectron.com' Subject: SAMBA I cannot stop and restart the smbd services, is there a script or command line to start and stop the SAMBA processes? Robert F. Stoddard Information Systems Manager Morrison Products, Inc. bstoddard@morrisonproducts.com 216-486-4000 x182 From lkcl at samba-tng.org Mon Sep 24 18:09:02 2001 From: lkcl at samba-tng.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:35:52 2003 Subject: se_access_check usage Message-ID: <20010925030746.G1399@angua.rince.de> http://dcerpc.net/article/index.xvl?acct=article:_01 article on how to use se_access_check, with example pseudo-code for: SamrConnect, SamrOpenUser, SamrQueryUserInfo and SamrQuerySecurityDescriptor. serious implementors of any windows nt-style service will need to follow the advice laid down in this article in order to provide full windows nt style security access control checking. obtaining service-specific security information is left up to the implementor: this article simply outlines exactly what to _do_ with that information once it is obtained. for information on the discussion that led up to this article being written, see article itself where links to archives will have been posted. if anyone else knows of any relevant links please either create an account on dcerpc.net and post them, or let me know, and i will ensure that they are added to the article. comments on the article itself: likewise. thanks. luke From npande at bajajauto.co.in Mon Sep 24 21:18:01 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:35:52 2003 Subject: SAMBA References: <91C8BF85397AD411B62A0090274FA17F5D67DE@wangex.wta.slr.com> Message-ID: <3BB0060B.291A6AAE@bajajauto.co.in> It may be so with AIX 4.x. I had installed samba on AIX 3.x, and I had to start it manually (both smb and nmb). It was real PITA. However, I didn't install it using smit (maybe thats why it had so many probs!). HTH, Ciao, Nitin :) DavidAtkinson@solectron.com wrote: > Bob, > Under Linux (well, any SysV Unix, I think) you can start and stop using > > /etc/rc.d/init.d/smb start > /etc/rc.d/init.d/smb stop > /etc/rc.d/init.d/smb restart > > Under AIX I believe that by default it sets itself up in inetd, so there is > no need to restart, just do a ps -ef to find out where it's process ID and > then kill -HUP those processes. I am also including a page by our local AIX > admin (BTW: We also use AIX 4.x, our most recent version is 4.3.2, but hey, > we have 1 Tiger-2) > > NB: Although the attached documentation may mention IBM Wangaratta, Bluegum > Wangaratta or Solectron Wangaratta, do not consider the procedures mentioned > here in to in any way refelct the procedures or to be in any way endorsed by > the aforementioned companies. It outlines what we do, but it is not an > approved procedure. > > --------------------------------- > > SAMBA on CCS > Install > Get an account for the host on the PDC > Using the server admin tool, just add a new host as an 'NT Workstation or > Server' > > Install the samba fileset with smit install > > The install from an AIX install file was rather trivial. > > Aparently the install adds the swat entry to /etc/services and adds entries > to /etc/inetd.conf to run the daemons under inetd. > > Comment out the lines for smbd & nmbd as follows: > > # The following three lines are for the Samba SMB Server (freeware) > # netbios-ssn stream tcp nowait root /usr/local/bin/smbd smbd > # netbios-ns dgram udp wait root /usr/local/bin/nmbd nmbd > swat stream tcp nowait.400 root /usr/local/bin/swat swat > > Add the following to the end of /etc/rc.tcpip > # Start samba > /usr/local/bin/nmbd -D & > /usr/local/bin/smbd -D & > > Edit /usr/local/lib/smb.conf and set the following: > security = domain > password server = bgntpdc > wins server = 10.206.177.51 > > Ensure that none of the above lines are commented out. Also, with the > security = statement, there is an uncommented statement immediately after > the commented one. Make sure you dont end up with 2 conflicting statements. > Run the following command ONCE ONLY & BEFORE STARTING SAMBA > > smbpasswd -j BGNT > > Save the files /var/samba/private/BGNT.CCS.mac & MACHINE.SID > Reboot or run the above commands manually to start Samba. > > If smbpasswd is run a second time these files will be corrupted. Either > restore the original files or > > Delete system account on PDC > Recreate system account on PDC > rerun smbpasswd -j BGNT > Make sure you save BGNT.CCS.mac & MACHINE.SID this time !! > Config > The config file is /usr/local/lib/smb.conf > Maps > The map name is /var/samba/users.map > This is a mapping of BGNT domain userids to CCS userids > The format is: > > jaa = jatkinson > > If passwords are different for the NT domain and the referenced unix account > you will need to initialise the password on the unix box. Enter: > > /usr/local/bin/smbpasswd uuser > > Where uuser is the unix user referenced to the NT user in the users.map file > > When prompted enter the NT password. > > Connection Environment > > > > John Atkinson 18-APR-00 > > -----Original Message----- > From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] > Sent: Tuesday, 25 September 2001 5:12 AM > To: 'DavidAtkinson@solectron.com' > Subject: SAMBA > > I cannot stop and restart the smbd services, is there a script or command > line to start and stop the SAMBA processes? > > Robert F. Stoddard > Information Systems Manager > Morrison Products, Inc. > bstoddard@morrisonproducts.com > 216-486-4000 x182 From DavidAtkinson at solectron.com Mon Sep 24 23:36:02 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:53 2003 Subject: SAMBA Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67E1@wangex.wta.slr.com> I have had no experience with Samba under AIX 3.x, but on 4.x we have only ever installed it using smit -----Original Message----- From: NITIN PANDE [mailto:npande@bajajauto.co.in] Sent: Tuesday, 25 September 2001 2:20 PM To: DavidAtkinson@solectron.com; Samba Subject: Re: SAMBA It may be so with AIX 4.x. I had installed samba on AIX 3.x, and I had to start it manually (both smb and nmb). It was real PITA. However, I didn't install it using smit (maybe thats why it had so many probs!). HTH, Ciao, Nitin :) DavidAtkinson@solectron.com wrote: > Bob, > Under Linux (well, any SysV Unix, I think) you can start and stop using > > /etc/rc.d/init.d/smb start > /etc/rc.d/init.d/smb stop > /etc/rc.d/init.d/smb restart > > Under AIX I believe that by default it sets itself up in inetd, so there is > no need to restart, just do a ps -ef to find out where it's process ID and > then kill -HUP those processes. I am also including a page by our local AIX > admin (BTW: We also use AIX 4.x, our most recent version is 4.3.2, but hey, > we have 1 Tiger-2) > > NB: Although the attached documentation may mention IBM Wangaratta, Bluegum > Wangaratta or Solectron Wangaratta, do not consider the procedures mentioned > here in to in any way refelct the procedures or to be in any way endorsed by > the aforementioned companies. It outlines what we do, but it is not an > approved procedure. > > --------------------------------- > > SAMBA on CCS > Install > Get an account for the host on the PDC > Using the server admin tool, just add a new host as an 'NT Workstation or > Server' > > Install the samba fileset with smit install > > The install from an AIX install file was rather trivial. > > Aparently the install adds the swat entry to /etc/services and adds entries > to /etc/inetd.conf to run the daemons under inetd. > > Comment out the lines for smbd & nmbd as follows: > > # The following three lines are for the Samba SMB Server (freeware) > # netbios-ssn stream tcp nowait root /usr/local/bin/smbd smbd > # netbios-ns dgram udp wait root /usr/local/bin/nmbd nmbd > swat stream tcp nowait.400 root /usr/local/bin/swat swat > > Add the following to the end of /etc/rc.tcpip > # Start samba > /usr/local/bin/nmbd -D & > /usr/local/bin/smbd -D & > > Edit /usr/local/lib/smb.conf and set the following: > security = domain > password server = bgntpdc > wins server = 10.206.177.51 > > Ensure that none of the above lines are commented out. Also, with the > security = statement, there is an uncommented statement immediately after > the commented one. Make sure you dont end up with 2 conflicting statements. > Run the following command ONCE ONLY & BEFORE STARTING SAMBA > > smbpasswd -j BGNT > > Save the files /var/samba/private/BGNT.CCS.mac & MACHINE.SID > Reboot or run the above commands manually to start Samba. > > If smbpasswd is run a second time these files will be corrupted. Either > restore the original files or > > Delete system account on PDC > Recreate system account on PDC > rerun smbpasswd -j BGNT > Make sure you save BGNT.CCS.mac & MACHINE.SID this time !! > Config > The config file is /usr/local/lib/smb.conf > Maps > The map name is /var/samba/users.map > This is a mapping of BGNT domain userids to CCS userids > The format is: > > jaa = jatkinson > > If passwords are different for the NT domain and the referenced unix account > you will need to initialise the password on the unix box. Enter: > > /usr/local/bin/smbpasswd uuser > > Where uuser is the unix user referenced to the NT user in the users.map file > > When prompted enter the NT password. > > Connection Environment > > > > John Atkinson 18-APR-00 > > -----Original Message----- > From: Stoddard, Bob [mailto:BStoddard@MorrisonProducts.com] > Sent: Tuesday, 25 September 2001 5:12 AM > To: 'DavidAtkinson@solectron.com' > Subject: SAMBA > > I cannot stop and restart the smbd services, is there a script or command > line to start and stop the SAMBA processes? > > Robert F. Stoddard > Information Systems Manager > Morrison Products, Inc. > bstoddard@morrisonproducts.com > 216-486-4000 x182 From mharrata at sqli.com Tue Sep 25 01:19:02 2001 From: mharrata at sqli.com (M Harrata) Date: Tue Dec 2 02:35:53 2003 Subject: NT4 problem Message-ID: Hi all, I install a Samba 2.2.1a as a PDC of NT4 domain. That'all right. But now when i try to open the "user administration box" or the "server administration box" all my BDC controler show a message like "invalid symbolic name, would you like to administer an other domain ?" Any idea ? Thanks a lot. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 18/09/2001 From anette.oevreaas at i-com.no Tue Sep 25 01:46:09 2001 From: anette.oevreaas at i-com.no (anette.oevreaas@i-com.no) Date: Tue Dec 2 02:35:53 2003 Subject: Samba and Windows 2000 Message-ID: Hi there! We have Samba 1.9.18p1 installed on our HP-Unix ver. 10.2. It was installed three years ago and it has been working successfully since then. In our network we have NT 4.0 and W2000 Clients and Servers, besides our Samba server. We have just started to use W2000 and we have discovered that both clients and servers is not able to connect to our Samba server. With NT 4.0 SP3 there was a similar problem, but by changing the registry, it could connect. I have been searching and looking for some information on this problem at Samba's web page, but could not find anything. It might be that our version of Samba is to old as well, but I am not quite sure. So if anyone knows......... Another question I have is how an upgrade of Samba is working. Will it be replacing the existing version, or will it upgrade it. So if anyone know this as well, I would be very greateful. In advance, thank you very very much!!!!!!! Best regards, *********************************************************************** Anette Vevle Oevreaas System Administrator/Systems Consultant i-COM AS Tel.: +47 55 94 35 18 Fax.: +47 55 94 35 01 Mob.: +47 98 21 65 18 Web: http://www.i-com.no/ From mhaney at info4cars.com Tue Sep 25 03:01:06 2001 From: mhaney at info4cars.com (Mark Haney) Date: Tue Dec 2 02:35:53 2003 Subject: Symantec Ghost cann't join Samba-PDC domain In-Reply-To: Message-ID: >>I have read that using Ghost in some particular mode (broadcast, I >>guess) this could be faster, What do I need to do this? Well, the way I used to do it was to use Ghost Multicast server (I think that was the name). YOu had to purchase a special version (or key to unlock the feature) that allowed you to Multicast ghost images. I used it several times a couple years ago. I don't really know about the newer versions as I now work for a much smaller company, but I think the Enterprise Edition of Ghost includes that feature. -----Original Message----- From: Lista linux [mailto:linux@fenix.uam.mx] Sent: Monday, September 24, 2001 3:11 PM To: Mark Haney Cc: Matt Lessem; samba-ntdom@lists.samba.org Subject: RE: Symantec Ghost cann't join Samba-PDC domain Hi, I'm using Ghost to mirror an image from a samba server over 14 computers, but when I do it in parallel with all machines, it takes up to 7seven hours. I have read that using Ghost in some particular mode (broadcast, I guess) this could be faster, What do I need to do this? Thank you in advance. On Mon, 24 Sep 2001, Mark Haney wrote: > Here's my suggestion from someone who has done close to a thousand of these > types of installs using ghost: Do not have the machine in the domain when > you ghost it. Add it later. This way you guarantee that it works. > > -----Original Message----- > From: samba-ntdom-admin@lists.samba.org > [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Matt Lessem > Sent: Monday, September 24, 2001 3:47 AM > To: samba-ntdom@lists.samba.org > Subject: Symantec Ghost cann't join Samba-PDC domain > > > > I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for > about 100 machines in teaching labs at a university. > > In general, the server works well. It is very stable and has no problem > supporting 400+ users. As an added bonus, it also serves as a firewall > and a dhcp server and provides the students with ssh/scp access to their > home directories. > > The one major problem I'm having involves using Symantec Ghost 7 > Enterprise edition to image the Windows 2000 clients in the labs. I > won't spend too much time explaining how this works, as only those > familiar with Ghost will likely have any suggestions or care to read on. > > What happens is: when Ghost 7 Console re-images a client machine, it > attempts to re-add it to the domain using a name and password given to > Ghost when it is installed. This user exist on the Samba-PDC server, and > has permission to create domain accounts. > > When the freshly imaged client machine comes back up, with the correct > name and thinking it is in the correct domain, it gives an error of, > roughly, "Failed to join domain. Bad parameter". I hit "ok" and the > machine reboots. When the client comes up again, it still thinks it is > in the domain. If I attempt to login to the domain, it says roughly, > "Unable to logon to domain. Computer account is nonexistant or password > is wrong". Of course, all of these machines already have accounts on the > Samba-PDC server. > > The solution, up to this point, has been to remove each machine from the > domain, reboot, put each machine back into the domain, providing a name > and password for the samba-pdc that can do that, and reboot again. You > can see how this could get old with 100 clients. > > I have seen Ghost 7 successfully put machines back into a domian that is > run by a Win2K server, so it is not purely a matter of Ghost being > broken. > > Questions you might be able to help me with: > > 1. How is Ghost attempting to re-add these machines to the domain? If it > is attempting to use user manager for domain style commands, I know that > Samba-PDC does not support that. If it is doing something else, what is > that? > > 2. Is Samba logging the attempts by Ghost to rejoin these machines to > the domain? If so, where? > > 3. Is anyone doing this successfully? In other words, is it just me/my > server? > > 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a > Samba-PDC to play nice -- besides moving to a Win2K Server and just > using the Samba machine as a file server? > > Any help or thoughts are much appreciated. > > Thanks, > Matt Lessem > > -- Ing. Romy Perez Moreno e-mail: romy@fenix.uam.mx, romy@correo.azc.uam.mx http://fenix.uam.mx/romy tel: 5318 9067 / 5382-7157 From dave.stevenson at durham.ac.uk Tue Sep 25 03:58:09 2001 From: dave.stevenson at durham.ac.uk (Dave Stevenson) Date: Tue Dec 2 02:35:53 2003 Subject: trivial problem with MACHINE.SID location in 2_2 Message-ID: <3BB062CD.5377930F@durham.ac.uk> Sorry if this has been fixed already, but haven't seen it in archives... Samba configured as a domain controller creates MACHINE.SID in the root directory as "privateMACHINE.SID" rather than private/MACHINE.SID ( using default location and prefix) Possible missing a "/" in the default value of the private directory? or when generating location of MACHINE.SID?) My guess is that the problem is trivial and lies in line of pdb_generate_sam_sid(void) in machine_sid.c in the passdb directory. line 80,81 pstrcat(sid_file,"MACHINE.SID") should be pstrcat(sid_file,"/MACHINE.SID") (Dont forget to keep your original privateMACHINE.SID file contents) Samba 2_2 CVS ( 2.2.2-pre ?) 19-9-01 download built with gcc 2.95.2 under Solaris2.8 (Ultra 10) From gustavo.michels at emersonenergy.com Tue Sep 25 04:24:17 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:53 2003 Subject: Samba and Windows 2000 Message-ID: <7F0147C496F3D411813C0002B32BF1CC013774BB@eesekkex001.kkekant.ericsson.se> Hi, The change you make in the NT registry is to force NT to use non encrypted passwords (default prior to SP3). Windows 2000 won't send any unencrypted information. Looks like you have to upgrade... Look the Samba HOWTO for a guide in upgrading your server. cheers Gustavo > -----Original Message----- > From: anette.oevreaas@i-com.no [mailto:anette.oevreaas@i-com.no] > Sent: ter?a-feira, 25 de setembro de 2001 05:30 > To: samba-ntdom@lists.samba.org > Subject: Samba and Windows 2000 > > > Hi there! > > We have Samba 1.9.18p1 installed on our HP-Unix ver. 10.2. It > was installed > three years ago and it has been working successfully since > then. In our > network we have NT 4.0 and W2000 Clients and Servers, besides > our Samba > server. We have just started to use W2000 and we have > discovered that both > clients and servers is not able to connect to our Samba > server. With NT 4.0 > SP3 there was a similar problem, but by changing the > registry, it could > connect. I have been searching and looking for some > information on this > problem at Samba's web page, but could not find anything. It > might be that > our version of Samba is to old as well, but I am not quite sure. So if > anyone knows......... > > Another question I have is how an upgrade of Samba is > working. Will it be > replacing the existing version, or will it upgrade it. So if > anyone know > this as well, I would be very greateful. > > In advance, thank you very very much!!!!!!! > > Best regards, > > ************************************************************** > ********* > Anette Vevle Oevreaas > System Administrator/Systems Consultant > i-COM AS > > Tel.: +47 55 94 35 18 > Fax.: +47 55 94 35 01 > Mob.: +47 98 21 65 18 > Web: http://www.i-com.no/ > > From robert.szentmihalyi at entracom.de Tue Sep 25 05:06:04 2001 From: robert.szentmihalyi at entracom.de (Robert Szentmihalyi) Date: Tue Dec 2 02:35:53 2003 Subject: samba auth problem Message-ID: <200109251414243.SM00085@there> Hi! I have set up a SAMBA server with SAMBA_2_2 (CVS version) in a large network with several Windows NT 4.0 PDCs. The machine has joined the right domain successfully, but when trying to access the it from a Windows client, I am prompted for a password and cannot access any share. In log.smbd I get the following messages: [2001/09/24 17:19:30, 0] rpc_client/cli_netlogon.c:cli_net_auth2(160) cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT [2001/09/24 17:19:30, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2001/09/24 17:19:30, 0] smbd/password.c:connect_to_domain_password_server(1372) connect_to_domain_password_server: unable to setup the PDC credentials to machine . Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. [2001/09/24 17:19:30, 0] smbd/password.c:domain_client_validate(1591) domain_client_validate: Domain password server not available. Does anybody know why I get NT_STATUS_NO_TRUST_SAM_ACCOUNT? I haven't found any hint on the net so far. Any ideas on this highly appreciated. TIA, Robert From don at donarmstrong.com Tue Sep 25 07:08:05 2001 From: don at donarmstrong.com (Don Armstrong) Date: Tue Dec 2 02:35:53 2003 Subject: netlogin login script and Win2K Message-ID: I seem to be having an issue with netlogin login scripts and win2k clients, both sp1 and sp2. I've run the newest cvs (as of 1 hour ago) and 2.2.1a [pam/utmp/ssl/quotas/syslog], and for some reason, users authenticated with the samba PDC are not running the logon script. (debian unstable with 2.4.9) The script is able to be run normally by browsing [netlogon] and running it, and smb.conf is set up accoring to man smb.conf. Here is the relevant section of smb.conf: [global] <> logon script = STARTUP.BAT logon path = \\%N\profiles logon drive = H: logon home = \\%N\%u domain logons = Yes os level = 64 preferred master = True domain master = True guest account = guest [netlogon] path = /exports/smb/netlogin comment = Network Logon Service writable = no <> STARTUP.BAT is in /exports/smb/netlogin/ and is 0755 as expected. There are no obvious errors in the logs, save a [2001/09/25 07:03:33, 0] rpc_server/srv_pipe.c:api_rpcTNP(1215) api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. [2001/09/25 07:03:33, 0] rpc_server/srv_netlog.c:api_net_sam_logon(208) api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. If anyone is successfully running login scripts with win2k and 2.2.1a, I'd love to hear from you with your smb.conf and anything strange that you've done. I'm not familiar enough with the actual process of sending the login script to the win2k box, but if you know of documentation on what it's supposed to look like, I can go through logging output. Thanks! Don Armstrong ----------------------------------------------------- Anylevel | .naidnE elttil atah I The Future by Design | http://www.anylevel.com | http://www.donarmstrong.com ----------------------------------------------------- From krister.poromaa at home.se Tue Sep 25 07:11:03 2001 From: krister.poromaa at home.se (Krister Poromaa) Date: Tue Dec 2 02:35:53 2003 Subject: (no subject) Message-ID: <001101c145cd$9b2fd520$6412a8c0@administratr> Hello samba-ntdom How can I restrict that user user1 only can log in from pc1, user2 from pc2 and user3 from anyone in the subnet? OS on pc:s are Win9x Thank you Krister -------------- next part -------------- HTML attachment scrubbed and removed From jay at toltec.metran.cx Tue Sep 25 08:52:08 2001 From: jay at toltec.metran.cx (Jay Ts) Date: Tue Dec 2 02:35:54 2003 Subject: Samba and Windows 2000 In-Reply-To: from "anette.oevreaas@i-com.no" at Sep 25, 2001 10:30:13 AM Message-ID: <200109251550.f8PFott00317@toltec.metran.cx> Anette wrote: > > We have Samba 1.9.18p1 installed on our HP-Unix ver. 10.2. It was installed > three years ago and it has been working successfully since then. In our > network we have NT 4.0 and W2000 Clients and Servers, besides our Samba > server. We have just started to use W2000 and we have discovered that both > clients and servers is not able to connect to our Samba server. First, IMO you "should" upgrade if you want to support Windows 2000 clients. Your version of Samba simply does not have good support for that. It would be best, for security purposes, to run Samba as a domain controller. Otherwise, you'll be running your network with very poor security at the very best. > With NT 4.0 SP3 there was a similar problem, but by changing the > registry, it could connect. That would point to the issue of plaintext vs. encrypted passwords. Old versions of Windows (Win95 and Win NT before SP3) used plaintext passwords, happily sending them over the network for any password sniffer program to grab. You can change later versions of Windows to use plaintext passwords if you want - the information is included in the Samba distribution, in the docs directory. Look for files called Win95_PlainPassword.reg NT4_PlainPassword.reg Win98_PlainPassword.reg WinME_PlainPassword.reg Win2000_PlainPassword.reg But you'd be much better off using encrypted passwords! > Another question I have is how an upgrade of Samba is working. Will it be > replacing the existing version, or will it upgrade it. If you are upgrading from the source distribution, the new files will overwrite the old ones. You can call that an upgrade or a replacement. Pick one. :) As I recall(?) HP may include Samba in their HP UX distribution. Maybe they have an upgrade package you can install(?). That might be the simplest way to do it. - Jay Ts jayts@iname.com From Curtis at scdservices.zzn.com Tue Sep 25 09:08:02 2001 From: Curtis at scdservices.zzn.com (Curtis) Date: Tue Dec 2 02:35:54 2003 Subject: Win98 Logon Script Question Message-ID: I have a logon script STARTUP.BAT ?It's working great except for when Windows 98/Me clients login it's not mapping the users home directory to an H: drive. Here is STARTUP.BAT NET TIME \\MOUSE /SET /YES NET USE H: \\MOUSE\%USERNAME% NET USE M: \\MORPHEUS\PUBLIC NET USE N: \\NEO\ZION NET USE O: \\MOUSE\PUBLIC As you can see the second command: uses the %USERNAME% Variable to map the username to the users home directory on the Samba Server. ? However this is working great for my NT and W2K clients it's just the 98/Me clients that are having problems. ? I know this isn't really a Linux question and more of an NT question, but I thought someone on this list may have a quick solution. Oh, I was using the Global parameters: logon path = \\%N\profiles logon drive = H: logon home = \\%N\%u Which was working however I didn't want to use roaming profiles, so I did away with those and know I'm trying to find a way for windows 98/Me clients to map their home directories from the STARTUP.BAT file without having individual BAT files. Thanks, Curtis Strite SCD Services P.O. Box 95 Arnold MO, 63010 www.killerpigs.com www.scdservices.com www.angryland.com Get your Free E-mail at http://scdservices.zzn.com ____________________________________________________________ Get your own FREE Web and POP E-mail Service in 14 languages at http://www.zzn.com. From rickera2 at SLU.EDU Tue Sep 25 09:28:02 2001 From: rickera2 at SLU.EDU (Tony Ricker) Date: Tue Dec 2 02:35:54 2003 Subject: Win98 Logon Script Question References: Message-ID: <3BB0B144.F46F757D@slu.edu> Curtis, I have my samba PDC mapping the drives just fine. I am using 2.2.1a with the following smb.conf configurations: logon script = ###.bat (this must be in the netlogon folder) logon path = \\%L\Profiles\%U (%L server netbios name, %U username) Hope this helps. Cheers, Tony Curtis wrote: > I have a logon script STARTUP.BAT It's working great except for when > Windows 98/Me clients login it's not mapping the users home directory > to an H: drive. > > Here is STARTUP.BAT > > NET TIME \\MOUSE /SET /YES > NET USE H: \\MOUSE\%USERNAME% > NET USE M: \\MORPHEUS\PUBLIC > NET USE N: \\NEO\ZION > NET USE O: \\MOUSE\PUBLIC > > As you can see the second command: uses the %USERNAME% Variable to > map the username to the users home directory on the Samba Server. > However this is working great for my NT and W2K clients it's just the > 98/Me clients that are having problems. > > I know this isn't really a Linux question and more of an NT question, > but I thought someone on this list may have a quick solution. > > Oh, I was using the Global parameters: > > logon path = \\%N\profiles > logon drive = H: > logon home = \\%N\%u > > Which was working however I didn't want to use roaming profiles, so I > did away with those and know I'm trying to find a way for windows > 98/Me clients to map their home directories from the STARTUP.BAT file > without having individual BAT files. > > Thanks, > Curtis Strite > SCD Services > P.O. Box 95 > Arnold MO, 63010 > > www.killerpigs.com > www.scdservices.com > www.angryland.com > Get your Free E-mail at http://scdservices.zzn.com > ____________________________________________________________ > Get your own FREE Web and POP E-mail Service in 14 languages at http://www.zzn.com. From kwillett at ignisys.com Tue Sep 25 12:22:03 2001 From: kwillett at ignisys.com (Ken Willett) Date: Tue Dec 2 02:35:54 2003 Subject: Symantec Ghost cann't join Samba-PDC domain Message-ID: <008d01c145f7$321cee40$6401a8c0@Titan> Ghost 7.0 Enterprise Edition does have multicast support. We just got it, so I haven't had a chance to try it yet. The idea is that you configure a small boot partition on each client machine. When booted with that partition, the client waits for multicast data to be sent from the console. Once you get all your machines ready to receive, you start the multicast and they all update their main partition at once. Sounds great; I don't know how well it works in practice. From: "Mark Haney" To: "Lista linux" Cc: "Matt Lessem" , Subject: RE: Symantec Ghost cann't join Samba-PDC domain Date: Tue, 25 Sep 2001 06:02:56 -0400 >>I have read that using Ghost in some particular mode (broadcast, I >>guess) this could be faster, What do I need to do this? Well, the way I used to do it was to use Ghost Multicast server (I think that was the name). YOu had to purchase a special version (or key to unlock the feature) that allowed you to Multicast ghost images. I used it several times a couple years ago. I don't really know about the newer versions as I now work for a much smaller company, but I think the Enterprise Edition of Ghost includes that feature. From gms_mouse at mail.ru Tue Sep 25 12:52:02 2001 From: gms_mouse at mail.ru (GMS) Date: Tue Dec 2 02:35:54 2003 Subject: Win98 Logon Script Question In-Reply-To: References: Message-ID: <141599299.20010925235446@mail.ru> Try to set net use H: /home GMS mailto:gms_mouse@mail.ru From gms_mouse at mail.ru Tue Sep 25 12:54:01 2001 From: gms_mouse at mail.ru (GMS) Date: Tue Dec 2 02:35:54 2003 Subject: (no subject) In-Reply-To: <001101c145cd$9b2fd520$6412a8c0@administratr> References: <001101c145cd$9b2fd520$6412a8c0@administratr> Message-ID: <192685640.20010925235613@mail.ru> You need to configure PAM refer documentation on pam-smb GMS mailto:gms_mouse@mail.ru From paula at scripps.edu Tue Sep 25 14:04:02 2001 From: paula at scripps.edu (Paula J. Lindsay) Date: Tue Dec 2 02:35:54 2003 Subject: Solaris problem, please help. Message-ID: <3BB0F329.B265C9CC@void.scripps.edu> Dear Samba people, I have a Solaris 8 running samba 2.2.1a. I've had printing running on this version of samba under solaris 7; no problems. Under Solaris 8, unless /var/spool/lp/tmp has permissions "755" win95 and win98 print jobs don't print. The print files simply stay in the samba directory under /var/spool/lp/tmp whiched I've named memprt01. Permissions on that directory (memprt01) are "1777", where the sticky bit is turned on. The files never leave memprt01 and don't ever print. win2000 has no problem, you can put the files there and then it copies the files over to the print queue. The file permissions on /var/spool/lp/tmp are changed each time lpshut and lpsched are run. This behavior of these programs (lpshut and lpsched) has been going on since Solaris 2.6. Has anyone ever ran into this problem? Any help would be greatly appreciated. Many thanks. -------------- next part -------------- An embedded message was scrubbed... From: "Paula J. Lindsay" Subject: can't print on Solaris 8 Date: Tue, 25 Sep 2001 14:01:02 -0700 (PDT) Size: 2508 Url: http://lists.samba.org/archive/samba-ntdom/attachments/20010925/a01ba9b7/nsmail3BB0F2B75FBC94E.eml From mathog at mendel.bio.caltech.edu Tue Sep 25 14:31:06 2001 From: mathog at mendel.bio.caltech.edu (David Mathog) Date: Tue Dec 2 02:35:54 2003 Subject: Windows virus/worm triggers Samba warnings Message-ID: In an earlier post I mentioned that log messages like: [2001/09/10 13:05:51,0]nmbd/nmbd_incomingdgrams.c:process_get_backup_list_request (682) process_get_backup_list_request: domain list requested for workgroup SAF and I am not a domain master browser. Can arise when a machine other than the official WINS server (the one that Samba knows about run a WINS service. Unfortunately, it turns out that this is not the most common cause of this problem, which is some sort of as yet unidentified virus/worm that has so far infected about 5 Windows machines on our campus. By unidentified I mean that nobody has yet told me its name - it may already have been classified by the antivirus people. That said, this beast managed to infect an NT server running a current version of Norton Antivirus, survived the nightly disk scan, and kept on trolling for victims on the campus net. The same or a similar pathogen also infected at least one W95 machine - and those cannot run a "real" WINS service. So don't ignore these messages when they pile up in your log file. Crank logging up to level 3 and you'll see this message preceding the one above in the log.nmbd files: 2001/09/1013:05:51,3]nmbd/nmbd_incomingdgrams.c:process_get_backup_list_request(648) process_get_backup_list_request: request from FOOTER<00> IP 131.215.184.175 to SAF<1b>. which will tell you the name of the machine triggering the messages. If your experience is like mine - at least half of those machines will be infected. This will show you all the culprits still in your log files: fgrep "get_backup_list_request: r" /var/log/samba/log.nmbd* To date I've not seen these messages coming from any of the Windows machines which use files from my Samba fileserver. Regards, David Mathog mathog@caltech.edu Manager, Sequence Analysis Facility, Biology Division, Caltech From admin at cia-g.com Tue Sep 25 15:52:03 2001 From: admin at cia-g.com (David Wilk) Date: Tue Dec 2 02:35:54 2003 Subject: Success with win2k client and Samba 2.2.1a PDC Message-ID: <20010925165440.A13103@cygnus.wks.Gallup.cia-g.com> Hey guys, I've posted lot's of questions to lists in the past and have usually wound up successfull (with linux it's usually a matter of figuring out what *i'm* doing wrong) but haven't contributed back too much. So, I posted here asking how the hell I could get Samba 2.2.1a to allow win2k clients to join the domain it was PDC for. So, if you follow the FAQ in the docs directory in the source for samba- 2.2.1a, it's mostly correct. First, no matter what I put in 'domain admin group' that user was not allowed to join the domain. win2k would say invalid username or password and the smbd log would say that it didn't have priviledges to open smbpasswd (makes no sense to me either). so, I added root to smbpasswd with (smbpasswd -a root) giving the same passwd as what's in /etc/passwd. This still didn't work. Win2k complained of an incorrect network password and the smbd log complained that it couldn't become the requested user. (this didn't make sense to me either.. starting to suspect some bugs...) Now, the FAQ says you can add machine accounts manually *or* do it automatically. well, as far as I'm concerned it will only work if you set it up to add them automatically. Here's what to add to smb.conf: add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u Now, when trying to join the domain from a win2k (SP2) client as 'root' it works. It might take a while, but it works. At least it did for me. I hope this helps anyone struggling with this problem. Feel free to email me any questions ya got. remember, anything is better than having to actually admin a winblows box. : ) have fun. Dave -- ******************************* David Wilk System Administrator Community Internet Access, Inc. (It's history) dwilk@cia-g.com From DavidAtkinson at solectron.com Tue Sep 25 21:11:04 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:54 2003 Subject: Samba and Windows 2000 Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67E4@wangex.wta.slr.com> I have a copy 1.9.something running using server based auth. (It is RedHat 5.2, no updates). It still works fine, and I have yet to see a valid reason to upgrade it. There are some very nice features in the newer version, but the old 1.9.x release works fine. It even handles encrypted passwords. It is good if you can upgrade, but not vital. It would however be (by me also) highly recommended that you start using encrypted passwords. Regards David Atkinson. -----Original Message----- From: Jay Ts [mailto:jay@toltec.metran.cx] Sent: Wednesday, 26 September 2001 1:51 AM To: anette.oevreaas@i-com.no Cc: samba-ntdom@lists.samba.org Subject: Re: Samba and Windows 2000 Anette wrote: > > We have Samba 1.9.18p1 installed on our HP-Unix ver. 10.2. It was installed > three years ago and it has been working successfully since then. In our > network we have NT 4.0 and W2000 Clients and Servers, besides our Samba > server. We have just started to use W2000 and we have discovered that both > clients and servers is not able to connect to our Samba server. First, IMO you "should" upgrade if you want to support Windows 2000 clients. Your version of Samba simply does not have good support for that. It would be best, for security purposes, to run Samba as a domain controller. Otherwise, you'll be running your network with very poor security at the very best. > With NT 4.0 SP3 there was a similar problem, but by changing the > registry, it could connect. That would point to the issue of plaintext vs. encrypted passwords. Old versions of Windows (Win95 and Win NT before SP3) used plaintext passwords, happily sending them over the network for any password sniffer program to grab. You can change later versions of Windows to use plaintext passwords if you want - the information is included in the Samba distribution, in the docs directory. Look for files called Win95_PlainPassword.reg NT4_PlainPassword.reg Win98_PlainPassword.reg WinME_PlainPassword.reg Win2000_PlainPassword.reg But you'd be much better off using encrypted passwords! > Another question I have is how an upgrade of Samba is working. Will it be > replacing the existing version, or will it upgrade it. If you are upgrading from the source distribution, the new files will overwrite the old ones. You can call that an upgrade or a replacement. Pick one. :) As I recall(?) HP may include Samba in their HP UX distribution. Maybe they have an upgrade package you can install(?). That might be the simplest way to do it. - Jay Ts jayts@iname.com From npande at bajajauto.co.in Tue Sep 25 22:15:03 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:35:55 2003 Subject: Windows virus/worm triggers Samba warnings References: Message-ID: <3BB164ED.9E27BD14@bajajauto.co.in> And it came to pass that David Mathog wrote: > In an earlier post I mentioned that log messages like: > > [2001/09/10 > 13:05:51,0]nmbd/nmbd_incomingdgrams.c:process_get_backup_list_request > (682) process_get_backup_list_request: domain list requested for > workgroup SAF and I am not a domain master browser. > > Can arise when a machine other than the official WINS server (the one > that Samba knows about run a WINS service. Unfortunately, it turns out > that this is not the most common cause of this problem, which is some > sort of as yet unidentified virus/worm that has so far infected about 5 > Windows machines on our campus. By unidentified I mean that nobody > has yet told me its name - it may already have been classified by the > antivirus people. > That said, this beast managed to infect an NT server running a current > version of Norton Antivirus, survived the nightly disk scan, and kept on > trolling for victims on the campus net. The same or a similar pathogen > also infected at least one W95 machine - and those cannot run a "real" > WINS service. > > So don't ignore these messages when they pile up in your log file. > Crank logging up to > level 3 and you'll see this message preceding the one above in the > log.nmbd files: > > 2001/09/1013:05:51,3]nmbd/nmbd_incomingdgrams.c:process_get_backup_list_request(648) > process_get_backup_list_request: request from FOOTER<00> IP > 131.215.184.175 > to SAF<1b>. > > which will tell you the name of the machine triggering the messages. If > your experience > is like mine - at least half of those machines will be infected. This > will show you all the culprits still in your log files: > > fgrep "get_backup_list_request: r" /var/log/samba/log.nmbd* > > To date I've not seen these messages coming from any of the Windows > machines which > use files from my Samba fileserver. > > Regards, > > David Mathog > mathog@caltech.edu > Manager, Sequence Analysis Facility, Biology Division, Caltech This could be that Nimda or Sircam virus. What is the role of your infected NT Server? Sircam sends out e-mail to other guys. Also, on similar topic, I was wondering if someone could provide these worm signatures. Each of these virus/worm leave a fingerprint on the files. Maybe I could scan the files on Samba server searching for these fingerprints on users shares. Norton Antivirus has a virus scanner for Solaris only. Linux and other guys have to depend on M$ box to scan them. Any suggestions, TIA, Ciao, Nitin Pande Mail Administrator From lubo at ru.acad.bg Tue Sep 25 22:51:03 2001 From: lubo at ru.acad.bg (Lyubomir Velkov) Date: Tue Dec 2 02:35:55 2003 Subject: Another upgrade problem 2.2.19 --> 2.4.9 Message-ID: <3BB17C71.13EA9F55@ru.acad.bg> Hi all After the upgrade RedHat7.0 --> 7.1 (and 2.2.19 --> 2.4.9 ) , compiling and installing new samba 2.2.1a (from src.rpm package) I decided to move to new quota format also. I used quota utilities (convertquota) to convert quota.user to aquota.user but it seems samba didn't noticed the change - all users can see and use all disk space without compling with limitations. I also noticed that quota utilities didn't detect and use new quota (aquota.user) except if I expressly point that ( -F vfsv0 ). (I've compiled the kernel with quota support) What's wrong here? Plese help ( users own my hard!) ------------------------ Lyubomir Velkov University of Rousse From jra at samba.org Tue Sep 25 23:52:03 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:35:55 2003 Subject: Another upgrade problem 2.2.19 --> 2.4.9 In-Reply-To: <3BB17C71.13EA9F55@ru.acad.bg>; from lubo@ru.acad.bg on Wed, Sep 26, 2001 at 08:57:53AM +0200 References: <3BB17C71.13EA9F55@ru.acad.bg> Message-ID: <20010925235112.A3382@va.samba.org> On Wed, Sep 26, 2001 at 08:57:53AM +0200, Lyubomir Velkov wrote: > > Hi all > > After the upgrade RedHat7.0 --> 7.1 (and 2.2.19 --> 2.4.9 ) , compiling > and installing new samba 2.2.1a (from src.rpm package) I decided to move > to new quota format also. I used quota utilities (convertquota) to > convert quota.user to aquota.user but it seems samba didn't noticed the > change - all users can see and use all disk space without compling with > limitations. > I also noticed that quota utilities didn't detect and use new quota > (aquota.user) except if I expressly point that ( -F vfsv0 ). > (I've compiled the kernel with quota support) > What's wrong here? > Plese help ( users own my hard!) The quota support was changed in RH7.1, and needs different code from RH7.0. I've updated the quota code in 2.2 CVS to work on RH7.1, but only with a RH shipped kernel. If you change to a Linus series kernel then the quota support in Samba will not work. There's not much I can do about this until Linus merges the working quota code from the -ac kernel series. Jeremy. From ratzka at hrz.uni-marburg.de Wed Sep 26 00:17:03 2001 From: ratzka at hrz.uni-marburg.de (Wolfgang Ratzka) Date: Tue Dec 2 02:35:55 2003 Subject: Windows virus/worm triggers Samba warnings References: <3BB164ED.9E27BD14@bajajauto.co.in> Message-ID: <3BB180E5.E3D44F72@hrz.uni-marburg.de> NITIN PANDE wrote: > This could be that Nimda or Sircam virus. What is the role of your infected NT Server? > Sircam sends out e-mail to other guys. As far as I can tell, it does not have an integrated A.I. that would only pick male victims ;-). > Also, on similar topic, I was wondering if someone could provide these worm signatures. > Each of these virus/worm leave a fingerprint on the files. Maybe I could scan the files > on Samba server searching for these fingerprints on users shares. Norton Antivirus has > a virus scanner for Solaris only. Linux and other guys have to depend on M$ box to scan > them. Any suggestions, There are several products that do run on Linux. For a list see e.g. http://openantivirus.sourceforge.net/av-unix_e.txt -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany (0x2b|~(0x2b))==??? From lubo at ru.acad.bg Wed Sep 26 01:47:02 2001 From: lubo at ru.acad.bg (Lyubomir Velkov) Date: Tue Dec 2 02:35:55 2003 Subject: Another upgrade problem 2.2.19 --> 2.4.9 References: <3BB17C71.13EA9F55@ru.acad.bg> <20010925235112.A3382@va.samba.org> Message-ID: <3BB1A57F.D4668946@ru.acad.bg> Thank you for your prompt response Jeremy. If I install back older quota package will it work with 2.4.9 kernel and 2.2.1a samba (this seems to me faster than downloading and installing the CVS samba and recompiling old 2.4.2 kernel)? Jeremy Allison wrote: > > On Wed, Sep 26, 2001 at 08:57:53AM +0200, Lyubomir Velkov wrote: > > > > Hi all > > > > After the upgrade RedHat7.0 --> 7.1 (and 2.2.19 --> 2.4.9 ) , compiling > > and installing new samba 2.2.1a (from src.rpm package) I decided to move > > to new quota format also. I used quota utilities (convertquota) to > > convert quota.user to aquota.user but it seems samba didn't noticed the > > change - all users can see and use all disk space without compling with > > limitations. > > I also noticed that quota utilities didn't detect and use new quota > > (aquota.user) except if I expressly point that ( -F vfsv0 ). > > (I've compiled the kernel with quota support) > > What's wrong here? > > Plese help ( users own my hard!) > > The quota support was changed in RH7.1, and needs different > code from RH7.0. > > I've updated the quota code in 2.2 CVS to work on RH7.1, but > only with a RH shipped kernel. If you change to a Linus > series kernel then the quota support in Samba will not work. > > There's not much I can do about this until Linus merges the > working quota code from the -ac kernel series. > > Jeremy. From DavidAtkinson at solectron.com Wed Sep 26 02:05:03 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:55 2003 Subject: File Locking problem (I think) Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67E7@wangex.wta.slr.com> This is a problem I have been struglling with for some months, so I thought I'd throw it out there to see if anyone can help. I have a RedHat 7.1 box (but I have had this under earlier versions) running samba 2.0.7 (or thereabouts) which has a share called music. Under various folders I have various MP3 repositories and video clips, etc... which are world readable (ie public = yes). I have configured an access list ("valid users=@music"; "write list=@music") and confirmed that the share is writable by connecting a creating and deleteing folders and creating and deleteing text files (through the windows explorer interface). The text files created are able to be modified an indefinite number of times in Notepad and then deleted at the end. The problem I have is that when I copy videos off CDs (which is currently my only source of music videos, because I wouldn't want to be doing anything illegal ;-) ) they copy onto the share without problems, but then they cannot be renamed or deleted. The problem possibly stems from the owner being set to root:music (my user id, "david", is in the "music" group). I have found that this problem doesn't occur (for the "david" user) when the permissions are david:music, but I would prefer to be able to have users other than myself be able to modify song names. I have been able to telnet into my file server and modify the file names (both as "root" and as "david") which indicates the file sytem permissions (I have tried both 775 and 664) are correct. As all the permisions appear to be correct on the UNIX side my thinking is that this is possibly a file locking thing. I'm not to sure how Samba tracks file locks, but it is wierd that Samba would lock a file as soon as it is loaded onto a share. If anyone has any suggestions or would like me to clarify/elaborate on any of the areas, please feel free to either broadcast the question/request/suggestion or contact me directly. Thanks in advance (and well done for making it thorugh my problem description!) Regards David Atkinson From DavidAtkinson at solectron.com Wed Sep 26 02:24:01 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:35:55 2003 Subject: File Locking problem (I think) Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67E9@wangex.wta.slr.com> Because I want other people to be able to get in and modify the file names and file contents without having to give them accounts to login with. -----Original Message----- From: Kauffmann, Andreas [mailto:andreas.kauffmann@tzdan.de] Sent: Wednesday, 26 September 2001 7:16 PM To: DavidAtkinson@solectron.com Subject: AW: File Locking problem (I think) why u make it so difficult? why don?t make this share with apache as a webshare? :-) -----Urspr?ngliche Nachricht----- Von: DavidAtkinson@solectron.com [mailto:DavidAtkinson@solectron.com] Gesendet: Mittwoch, 26. September 2001 10:08 An: samba-ntdom@lists.samba.org Betreff: File Locking problem (I think) This is a problem I have been struglling with for some months, so I thought I'd throw it out there to see if anyone can help. I have a RedHat 7.1 box (but I have had this under earlier versions) running samba 2.0.7 (or thereabouts) which has a share called music. Under various folders I have various MP3 repositories and video clips, etc... which are world readable (ie public = yes). I have configured an access list ("valid users=@music"; "write list=@music") and confirmed that the share is writable by connecting a creating and deleteing folders and creating and deleteing text files (through the windows explorer interface). The text files created are able to be modified an indefinite number of times in Notepad and then deleted at the end. The problem I have is that when I copy videos off CDs (which is currently my only source of music videos, because I wouldn't want to be doing anything illegal ;-) ) they copy onto the share without problems, but then they cannot be renamed or deleted. The problem possibly stems from the owner being set to root:music (my user id, "david", is in the "music" group). I have found that this problem doesn't occur (for the "david" user) when the permissions are david:music, but I would prefer to be able to have users other than myself be able to modify song names. I have been able to telnet into my file server and modify the file names (both as "root" and as "david") which indicates the file sytem permissions (I have tried both 775 and 664) are correct. As all the permisions appear to be correct on the UNIX side my thinking is that this is possibly a file locking thing. I'm not to sure how Samba tracks file locks, but it is wierd that Samba would lock a file as soon as it is loaded onto a share. If anyone has any suggestions or would like me to clarify/elaborate on any of the areas, please feel free to either broadcast the question/request/suggestion or contact me directly. Thanks in advance (and well done for making it thorugh my problem description!) Regards David Atkinson From info at bofest.de Wed Sep 26 02:42:02 2001 From: info at bofest.de (info) Date: Tue Dec 2 02:35:56 2003 Subject: usrmgr in samba 2.2.1 Message-ID: <002a01c14670$a509aa00$c57ba8c0@pluto> Hi out there, after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does not work any more. I get a message "stub erhielt falsche Daten". Does anybody have the same problems ? Bye Uwe From Matthew.Quinney at hollandandholland.com Wed Sep 26 02:45:02 2001 From: Matthew.Quinney at hollandandholland.com (Matthew.Quinney@hollandandholland.com) Date: Tue Dec 2 02:35:56 2003 Subject: usrmgr in samba 2.2.1 Message-ID: Hi there, I have the same problem about the stub returning bad data. I just assumed however that this feature was not implemented in Samba, only in TNG. Can anybody else confirm this ? Thanks Matt --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com "info" Sent by: To: samba-ntdom-admin@lists cc: .samba.org Subject: usrmgr in samba 2.2.1 26/09/2001 10:50 Hi out there, after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does not work any more. I get a message "stub erhielt falsche Daten". Does anybody have the same problems ? Bye Uwe _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From rasmus.wiman at sami.se Wed Sep 26 02:47:02 2001 From: rasmus.wiman at sami.se (Rasmus Wiman) Date: Tue Dec 2 02:35:56 2003 Subject: Executing files from desktop? Message-ID: <20010926114838.50d13287.rasmus.wiman@sami.se> Hi all, I have a small problem with my samba PDC. Whenever a user downloads some executable file from the network and saves it on the desktop, it is saved without execute permissions. If the same file is saved on the hard drive it's executable. I suspect that it's due to wrong create mask in the Profiles share, but how should the permissions be? Here is my share definition for the netlogon share: [Profiles] path = /usr/local/samba/profiles browseable = no guest ok = yes writable = yes create mask = 0600 directory mask = 0700 Thans in advance --------------------- Rasmus Wiman SAMI Labs From adrian.head at bytecomm.com.au Wed Sep 26 02:54:03 2001 From: adrian.head at bytecomm.com.au (Adrian Head) Date: Tue Dec 2 02:35:56 2003 Subject: File Locking problem (I think) Message-ID: I'm doing exactly the same thing - but I have never had a problem. I havn't seen your smb.conf but all I have on my share is some thing like: [share] comment = example share path = /mnt/somewhere group = users write list = user1 public = yes writable = no printable = no create mask = 0644 directory mask = 0775 I can copy files over and then do what I like. And others can do what they like. I'm running samba 2.2.1a. Adrian Head > -----Original Message----- > From: DavidAtkinson@solectron.com [SMTP:DavidAtkinson@solectron.com] > Sent: Wednesday, 26 September 2001 19:27 > To: samba-ntdom@lists.samba.org > Subject: RE: File Locking problem (I think) > > Because I want other people to be able to get in and modify the file > names > and file contents without having to give them accounts to login with. > > -----Original Message----- > From: Kauffmann, Andreas [mailto:andreas.kauffmann@tzdan.de] > Sent: Wednesday, 26 September 2001 7:16 PM > To: DavidAtkinson@solectron.com > Subject: AW: File Locking problem (I think) > > > why u make it so difficult? > > why don?t make this share with apache as a webshare? :-) > > -----Urspr?ngliche Nachricht----- > Von: DavidAtkinson@solectron.com [mailto:DavidAtkinson@solectron.com] > Gesendet: Mittwoch, 26. September 2001 10:08 > An: samba-ntdom@lists.samba.org > Betreff: File Locking problem (I think) > > > This is a problem I have been struglling with for some months, so I > thought > I'd throw it out there to see if anyone can help. > > I have a RedHat 7.1 box (but I have had this under earlier versions) > running > samba 2.0.7 (or thereabouts) which has a share called music. Under > various > folders I have various MP3 repositories and video clips, etc... which > are > world readable (ie public = yes). I have configured an access list > ("valid > users=@music"; "write list=@music") and confirmed that the share is > writable > by connecting a creating and deleteing folders and creating and > deleteing > text files (through the windows explorer interface). The text files > created > are able to be modified an indefinite number of times in Notepad and > then > deleted at the end. The problem I have is that when I copy videos off > CDs > (which is currently my only source of music videos, because I wouldn't > want > to be doing anything illegal ;-) ) they copy onto the share without > problems, but then they cannot be renamed or deleted. > > The problem possibly stems from the owner being set to root:music (my > user > id, "david", is in the "music" group). I have found that this problem > doesn't occur (for the "david" user) when the permissions are > david:music, > but I would prefer to be able to have users other than myself be able > to > modify song names. I have been able to telnet into my file server and > modify > the file names (both as "root" and as "david") which indicates the > file > sytem permissions (I have tried both 775 and 664) are correct. > > As all the permisions appear to be correct on the UNIX side my > thinking > is > that this is possibly a file locking thing. I'm not to sure how Samba > tracks > file locks, but it is wierd that Samba would lock a file as soon as it > is > loaded onto a share. > > > > If anyone has any suggestions or would like me to clarify/elaborate on > any > of the areas, please feel free to either broadcast the > question/request/suggestion or contact me directly. Thanks in advance > (and > well done for making it thorugh my problem description!) > > Regards > David Atkinson From anders.vedmar at interactiveinstitute.se Wed Sep 26 03:07:02 2001 From: anders.vedmar at interactiveinstitute.se (Anders Vedmar) Date: Tue Dec 2 02:35:56 2003 Subject: Executing files from desktop? In-Reply-To: <20010926114838.50d13287.rasmus.wiman@sami.se> References: <20010926114838.50d13287.rasmus.wiman@sami.se> Message-ID: <200109261009.f8QA9Kh06704@nav.interactiveinstitute.se> On Wednesday 26 September 2001 11:48, Rasmus Wiman wrote: > Hi all, > > I have a small problem with my samba PDC. Whenever a user downloads some > executable file from the network and saves it on the desktop, it is saved > without execute permissions. If the same file is saved on the hard drive > it's executable. I suspect that it's due to wrong create mask in the > Profiles share, but how should the permissions be? > Here is my share definition for the netlogon share: > [Profiles] > path = /usr/local/samba/profiles > browseable = no > guest ok = yes > writable = yes > create mask = 0600 I do "force create mode = 0700" > directory mask = 0700 > > Thans in advance > > > --------------------- > Rasmus Wiman > SAMI Labs -- /A ........................................... "I may not have morals, but I have standards." From abo at netlands.de Wed Sep 26 04:06:02 2001 From: abo at netlands.de (Andreas Boeckler) Date: Tue Dec 2 02:35:56 2003 Subject: kerberized smbmount? Message-ID: <20010926130903.A23857@netlands.de> Hi, is there any chance of kerberized smbmount-client in the near future. Or is NTLM-Authentification the only way to mount a share? it would be very neat to login via libpam_krb5.so or kinit and mount the rest via script. greetings Andy -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #358: struck by the Good Times virus From andreas.kauffmann at tzdan.de Wed Sep 26 04:36:02 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:35:56 2003 Subject: Big Problem... screw up samba or linux:( Message-ID: Hy Samba Cracks... I hope under you is a Linux crack too... I tried to add a user to my linux box, and may misstyped the command :) Although everything: Now when I reboot the Box, it says on any Deamon it wants to start: "/dev/null" Read only Filesystem... or something like that :,( Any Ideas how to fix that? Thanks! A_VeNoM From Jon.Naumann at dynetics.com Wed Sep 26 04:43:02 2001 From: Jon.Naumann at dynetics.com (Jon Naumann) Date: Tue Dec 2 02:35:57 2003 Subject: Win2Ksp1 & Samba 2.2.1a Message-ID: <3BB1C02B.60281AF4@dynetics.com> Greetings: I have used Samba 2.0.x & NT4 for 2 years successfully... I have just constructed a new Samba Server (2.2.1a) on a RedHat Linux 7.1 server. My SMB.CONF file looks like : os level = 64 preferred master = yes domain master = yes local master = yes security = user encrypt passwords = yes domain logons = yes log level = 3 log file = /opt/Samba/log.%m max log size = 512 debug timestamp = yes large readwrite = Yes logon path = \\server\profile\%U logon script = logon.cmd logon home = \\server\home logon drive = Z: [netlogon] path = /opt/Samba/netlogon guest ok = Yes [home] path=/nfs0/home/%U read only = no guest ok = yes [profile] path=/nfs0/home/%U/profile create mode = 0600 directory mode = 0700 writeable = yes NT4 machines join the domain & users can log on & off with no problems. W2K machines join the domain just fine. Users can log on just fine. But when W2K users log-off, get the error message : Windows cannot copy C:\Documuments & Settings\username\Templates to \\server\profile\user\Templates DETAIL: The system cannot find the specified path. Yet when logged in as a user, user can issue copy command to copy files using above path. Can anyone shed some light here ? Is there some way to just disable roaming profiles ? Thanks in advance, Jon Naumann -------------------------------- From andreas.kauffmann at tzdan.de Wed Sep 26 04:54:02 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:35:57 2003 Subject: WG: Big Problem... screw up samba or linux:( Message-ID: Correction: EVERYTHING is write only!!! What the heck happened there? And... How can I fix that? :( -----Urspr?ngliche Nachricht----- Von: Kauffmann, Andreas Gesendet: Mittwoch, 26. September 2001 12:34 An: samba@samba.org Cc: samba-ntdom@samba.org Betreff: Big Problem... screw up samba or linux:( Wichtigkeit: Hoch Hy Samba Cracks... I hope under you is a Linux crack too... I tried to add a user to my linux box, and may misstyped the command :) Although everything: Now when I reboot the Box, it says on any Deamon it wants to start: "/dev/null" Read only Filesystem... or something like that :,( Any Ideas how to fix that? Thanks! A_VeNoM From gustavo.michels at emersonenergy.com Wed Sep 26 05:05:37 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:57 2003 Subject: Another upgrade problem 2.2.19 --> 2.4.9 Message-ID: <7F0147C496F3D411813C0002B32BF1CC01377840@eesekkex001.kkekant.ericsson.se> Hi, Quota system is completely broken under linus kernels. I tried with 2.4.9 and had exactly the same problems. Linus kernels won't handle vfsv0 and redhat systems do not handle vfsold correctly. If you want to use quota, you must use either redhat or alan cox kernels. I am using redhat 2.4.3-12 without any problems. cheers Gustavo > -----Original Message----- > From: Lyubomir Velkov [mailto:lubo@ru.acad.bg] > Sent: quarta-feira, 26 de setembro de 2001 03:58 > To: samba-ntdom@lists.samba.org > Subject: Another upgrade problem 2.2.19 --> 2.4.9 > > > > Hi all > > After the upgrade RedHat7.0 --> 7.1 (and 2.2.19 --> 2.4.9 ) , > compiling > and installing new samba 2.2.1a (from src.rpm package) I > decided to move > to new quota format also. I used quota utilities (convertquota) to > convert quota.user to aquota.user but it seems samba didn't > noticed the > change - all users can see and use all disk space without > compling with > limitations. > I also noticed that quota utilities didn't detect and use new quota > (aquota.user) except if I expressly point that ( -F vfsv0 ). > (I've compiled the kernel with quota support) > What's wrong here? > Plese help ( users own my hard!) > > ------------------------ > Lyubomir Velkov > University of Rousse > > From gustavo.michels at emersonenergy.com Wed Sep 26 05:18:05 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:35:57 2003 Subject: Big Problem... screw up samba or linux:( Message-ID: <7F0147C496F3D411813C0002B32BF1CC0137784C@eesekkex001.kkekant.ericsson.se> Reboot your system, in the lilo prompt enter 'linux single' and you should have access to your server. cheers Gustavo > -----Original Message----- > From: Kauffmann, Andreas [mailto:andreas.kauffmann@tzdan.de] > Sent: quarta-feira, 26 de setembro de 2001 08:34 > To: samba@samba.org > Cc: samba-ntdom@samba.org > Subject: Big Problem... screw up samba or linux:( > Importance: High > > > Hy Samba Cracks... > > I hope under you is a Linux crack too... > > I tried to add a user to my linux box, and may misstyped the > command :) > > Although everything: Now when I reboot the Box, it says on > any Deamon it > wants to start: "/dev/null" Read only Filesystem... or something like > that :,( > > Any Ideas how to fix that? > > > Thanks! > > A_VeNoM > > > > From Paul.Blackaller at lfs.co.uk Wed Sep 26 05:58:07 2001 From: Paul.Blackaller at lfs.co.uk (Paul Blackaller) Date: Tue Dec 2 02:35:57 2003 Subject: Connection to 2 NT domains Message-ID: All I've got Samba 2.2.1a working well on Solaris 2.8 using domain level security connecting to our local NT4 service pack 6 domain. Would it be possible to allow users from another remote Windows2000 domain to connect? I know very little at the moment about the remote domain, but I do know they can remotely shell on to the samba server. I'd appreciate any advice. Paul Blackaller Technical Analyst Tel: 01582 845087 e-mail: paul.blackaller@lfs.co.uk From p.mayers at ic.ac.uk Wed Sep 26 06:25:03 2001 From: p.mayers at ic.ac.uk (Mayers, Philip J) Date: Tue Dec 2 02:35:57 2003 Subject: kerberized smbmount? Message-ID: It's doable. I made a start adding NTLMSSP-ExtendedSecurity into smbd and libsmbclient, but the authentication rewrite was going on, and the codebase just changed too quickly, plus other commitments meant I had a hard time keeping up. I didn't look at smbmount, but in *theory* as long as the SessSetup&X happens in the user-space code, it would be quite easy. The kernel module would have to upcall out to the userspace code for rekeying (although there are some interesting code-sharing possibilities with the CITI NFSv4 work...). I suspect an architecture similar to CIPEs would be best - convert the socket into "something else" by altering the kernel vfs ops for it, only passing certain pseudo-packets back to SMBmount. You could even implement signing and sealing in userspace that way. Once extended-security negotiation works reliably with NTLMSSPv1/2, adding in a Kerberos version would be relatively trivial. However, library license issues (I prefer MIT kerberos over Heimdal) might be a problem. If someone would like to assist me in trying this again, I'll have time in a couple of weeks after the start of term has settled down to a simmer :o) I got stuck getting NTLMSSP working, as I started to see NTLMSSP packets the like of which have never been seen! Regards, Phil +------------------------------------------+ | Phil Mayers | | Network & Infrastructure Group | | Information & Communication Technologies | | Imperial College | +------------------------------------------+ -----Original Message----- From: Andreas Boeckler [mailto:abo@netlands.de] Sent: 26 September 2001 12:09 To: samba-ntdom@lists.samba.org Subject: kerberized smbmount? Hi, is there any chance of kerberized smbmount-client in the near future. Or is NTLM-Authentification the only way to mount a share? it would be very neat to login via libpam_krb5.so or kinit and mount the rest via script. greetings Andy -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #358: struck by the Good Times virus From sudptt06 at free.fr Wed Sep 26 06:34:03 2001 From: sudptt06 at free.fr (sudptt06@free.fr) Date: Tue Dec 2 02:35:57 2003 Subject: unsuscribe Message-ID: <20010926.13425751@servius.sudptt06.org> From abartlet at pcug.org.au Wed Sep 26 07:32:01 2001 From: abartlet at pcug.org.au (Andrew Bartlett) Date: Tue Dec 2 02:35:57 2003 Subject: kerberized smbmount? References: Message-ID: <3BB1E573.32AA34E2@bartlett.house> "Mayers, Philip J" wrote: > > It's doable. I made a start adding NTLMSSP-ExtendedSecurity into smbd and > libsmbclient, but the authentication rewrite was going on, and the codebase > just changed too quickly, plus other commitments meant I had a hard time > keeping up. I didn't look at smbmount, but in *theory* as long as the > SessSetup&X happens in the user-space code, it would be quite easy. Correct, the kernel only get the connection after the tree connect, so the session setup is long gone. > The kernel module would have to upcall out to the userspace code for > rekeying (although there are some interesting code-sharing possibilities > with the CITI NFSv4 work...). I suspect an architecture similar to CIPEs > would be best - convert the socket into "something else" by altering the > kernel vfs ops for it, only passing certain pseudo-packets back to SMBmount. > You could even implement signing and sealing in userspace that way. > > Once extended-security negotiation works reliably with NTLMSSPv1/2, adding > in a Kerberos version would be relatively trivial. However, library license > issues (I prefer MIT kerberos over Heimdal) might be a problem. If someone > would like to assist me in trying this again, I'll have time in a couple of > weeks after the start of term has settled down to a simmer :o) I got stuck > getting NTLMSSP working, as I started to see NTLMSSP packets the like of > which have never been seen! If I can be of *any* assistance whatsoever in this just give me an e-mail. This is exactly the kind of thing I have been attempting to make this 'AuthRewrite' capable of supporting, and I'm sorry to hear it got in your way. Furthermore, if there bits of this code where getting the infrustruture in would help, or where my keeping the changes sane could make you life easier, just tell me :-) Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Samba Team member, Build Farm maintainer abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net From jmcd at us.ibm.com Wed Sep 26 07:33:06 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 Message-ID: It works fine for me, from W2k, NT, and 9x. But I'm running the latest 2.2 CVS ---------------------------- Jim McDonough IBM Linux Technology Center 6 Minuteman Drive Scarborough, ME 04074 USA jmcd@us.ibm.com Phone: (207) 885-5565 IBM tie-line: 776-9984 Matthew.Quinney@hollandandholland.com@lists.samba.org on 09/26/2001 05:50:21 AM Sent by: samba-ntdom-admin@lists.samba.org To: cc: Subject: Re: usrmgr in samba 2.2.1 Hi there, I have the same problem about the stub returning bad data. I just assumed however that this feature was not implemented in Samba, only in TNG. Can anybody else confirm this ? Thanks Matt --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com "info" Sent by: To: samba-ntdom-admin@lists cc: .samba.org Subject: usrmgr in samba 2.2.1 26/09/2001 10:50 Hi out there, after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does not work any more. I get a message "stub erhielt falsche Daten". Does anybody have the same problems ? Bye Uwe _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From Matthew.Quinney at hollandandholland.com Wed Sep 26 07:33:32 2001 From: Matthew.Quinney at hollandandholland.com (Matthew.Quinney@hollandandholland.com) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 Message-ID: Hey Again, How easy is it to go from an RPM to CVS then ? I am keen to use usermanager as I think it will help my colleagues ? Thanks Matt Q --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com "Jim McDonough" To: Matthew.Quinney@hollandandholland.com Subject: Re: usrmgr in samba 2.2.1 26/09/2001 15:27 It works fine for me, from W2k, NT, and 9x. But I'm running the latest 2.2 CVS ---------------------------- Jim McDonough IBM Linux Technology Center 6 Minuteman Drive Scarborough, ME 04074 USA jmcd@us.ibm.com Phone: (207) 885-5565 IBM tie-line: 776-9984 Matthew.Quinney@hollandandholland.com@lists.samba.org on 09/26/2001 05:50:21 AM Sent by: samba-ntdom-admin@lists.samba.org To: cc: Subject: Re: usrmgr in samba 2.2.1 Hi there, I have the same problem about the stub returning bad data. I just assumed however that this feature was not implemented in Samba, only in TNG. Can anybody else confirm this ? Thanks Matt --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com "info" Sent by: To: samba-ntdom-admin@lists cc: .samba.org Subject: usrmgr in samba 2.2.1 26/09/2001 10:50 Hi out there, after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does not work any more. I get a message "stub erhielt falsche Daten". Does anybody have the same problems ? Bye Uwe _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From greg at kwikfind.com Wed Sep 26 08:12:14 2001 From: greg at kwikfind.com (Greg Zartman) Date: Tue Dec 2 02:35:58 2003 Subject: Samba and Windows 2000 In-Reply-To: <91C8BF85397AD411B62A0090274FA17F5D67E4@wangex.wta.slr.com> References: <91C8BF85397AD411B62A0090274FA17F5D67E4@wangex.wta.slr.com> Message-ID: <100151652401@jupiter.hosting4u.net> On Wednesday 26 September 2001 00:13, DavidAtkinson@solectron.com wrote: > I have a copy 1.9.something running using server based auth. (It is RedHat > 5.2, no updates). It still works fine, and I have yet to see a valid reason > to upgrade it. Unless you want/ need PDC functionality on the samba machine, there is no reason to upgrade. However, if you are trying to mix Win2k and Samba PDC, then you are going to have to upgrade to the recent release of Samba 2.2. Greg From greg at kwikfind.com Wed Sep 26 09:09:09 2001 From: greg at kwikfind.com (Greg Zartman) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 In-Reply-To: References: Message-ID: <100152053901@jupiter.hosting4u.net> On Wednesday 26 September 2001 12:02, Matthew.Quinney@hollandandholland.com wrote: > Greg, > > I am using Red Hat Linux 7.1 with Samba RPM version 2.2.1a. > OK, I have a document that will get you up and going with a CVS version if very little time. I used this when I first started using Samba in Feb and I was a total green-horn... http://home.nexgo.de/36bit/samba.html You'll want to look in section 2.5.1: Installing a new level. Let me know if this works. Greg From Matthew.Quinney at hollandandholland.com Wed Sep 26 09:24:14 2001 From: Matthew.Quinney at hollandandholland.com (Matthew.Quinney@hollandandholland.com) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 Message-ID: Greg, I am using Red Hat Linux 7.1 with Samba RPM version 2.2.1a. Thanks ! Matt --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com Greg Zartman cc: Subject: Re: usrmgr in samba 2.2.1 26/09/2001 13:53 Please respond to greg On Wednesday 26 September 2001 10:33, you wrote: > Hey Again, > > How easy is it to go from an RPM to CVS then ? I am keen to use usermanager > as I think it will help my colleagues ? > Matthew, It is very easy, but highly dependent on the Linux distribution that you are using. What are you using? Greg _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From charles at fwbbc.edu Wed Sep 26 09:26:07 2001 From: charles at fwbbc.edu (Charles Wise) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 In-Reply-To: Message-ID: <000001c146a8$4294e9b0$781f11ac@WISE1> It works in the latest CVS. -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org] On Behalf Of Matthew.Quinney@hollandandholland.com Sent: Wednesday, September 26, 2001 4:50 AM To: samba-ntdom@lists.samba.org Subject: Re: usrmgr in samba 2.2.1 Hi there, I have the same problem about the stub returning bad data. I just assumed however that this feature was not implemented in Samba, only in TNG. Can anybody else confirm this ? Thanks Matt ------------------------------------------------------------------------ --------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com "info" Sent by: To: samba-ntdom-admin@lists cc: .samba.org Subject: usrmgr in samba 2.2.1 26/09/2001 10:50 Hi out there, after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does not work any more. I get a message "stub erhielt falsche Daten". Does anybody have the same problems ? Bye Uwe _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From Matthew.Quinney at hollandandholland.com Wed Sep 26 09:36:04 2001 From: Matthew.Quinney at hollandandholland.com (Matthew.Quinney@hollandandholland.com) Date: Tue Dec 2 02:35:58 2003 Subject: usrmgr in samba 2.2.1 Message-ID: Greg, It looks like the best way is to remove the RPM version keeping my config files and then moving to CVS. Thanks for all your help !! Matt --------------------------------------------------------------------------------------------------- Matthew Quinney Network Manager Holland & Holland Ltd 31-33 Bruton ST London W1X 8JS Tel - 0207 4994411 email - matthew.quinney@hollandandholland.com Greg Zartman cc: Subject: Re: usrmgr in samba 2.2.1 26/09/2001 14:20 Please respond to greg Matt, I just realized that the document that I sent you doesn't tell you how to actually download a CVS tag. Here is what you do. 1. cd /usr/local/src 2. Run the command: cvs -d :pserver:cvs@samba.org:/cvsroot login 3. When prompted for a password, type in cvs. 4. Run the command: cvs -d :pserver:cvs@samba.org:/cvsroot co -r SAMBA_2_2 samba 5. This will create a directory called samba, containing the current source tree and a bunch of samples, help files, and documents. From here, you can follow the document I sent you. One final not, if you want to update you CVS tag at a later time, you can use the command: cvs update -d -P (after you are in the /usr/local/src and have input the command in line 2 above). This command will update only the changed files in the cvs tree. Doing this will save you alot of time and put less load on the samba download servers. Good luck. Greg This will update only those files that have changed _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From greg at kwikfind.com Wed Sep 26 09:46:02 2001 From: greg at kwikfind.com (Greg Zartman) Date: Tue Dec 2 02:35:59 2003 Subject: usrmgr in samba 2.2.1 In-Reply-To: References: Message-ID: <100152196701@jupiter.hosting4u.net> > It looks like the best way is to remove the RPM version keeping my config > files and then moving to CVS. Actually, I think the best way is to leave the RPM version in place and install the CVS right over the top using the instructions in the document that I sent you. At least this is they why I've done it on half a dozen machines or so. By all means, make a backup of your smb.conf file though. The proceedure doesn't overwrite that file, but never can be too safe. Greg From Gary at EdisonInfo.com Wed Sep 26 10:23:09 2001 From: Gary at EdisonInfo.com (Gary MacKay) Date: Tue Dec 2 02:35:59 2003 Subject: usrmgr in samba 2.2.1 References: Message-ID: <3BB1F12B.3F9DE414@EdisonInfo.com> So am I (yesterday's) and have never had it work yet! Jim McDonough wrote: > > It works fine for me, from W2k, NT, and 9x. But I'm running the latest 2.2 > CVS > > ---------------------------- > Jim McDonough > IBM Linux Technology Center > 6 Minuteman Drive > Scarborough, ME 04074 > USA > > jmcd@us.ibm.com > > Phone: (207) 885-5565 > IBM tie-line: 776-9984 > > Matthew.Quinney@hollandandholland.com@lists.samba.org on 09/26/2001 > 05:50:21 AM > > Sent by: samba-ntdom-admin@lists.samba.org > > To: > cc: > Subject: Re: usrmgr in samba 2.2.1 > > Hi there, > > I have the same problem about the stub returning bad data. I just assumed > however that this feature was not implemented in Samba, only in TNG. > > Can anybody else confirm this ? > > Thanks > > Matt > > --------------------------------------------------------------------------------------------------- > > Matthew Quinney > > Network Manager > Holland & Holland Ltd > 31-33 Bruton ST > London > W1X 8JS > Tel - 0207 4994411 > email - matthew.quinney@hollandandholland.com > > "info" > Sent by: To: > > samba-ntdom-admin@lists cc: > .samba.org Subject: usrmgr in > samba 2.2.1 > > 26/09/2001 10:50 > > Hi out there, > > after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does > not work any more. I get a message "stub erhielt falsche Daten". Does > anybody have the same problems ? > > Bye Uwe > > _____________________________________________________________________ > This message has been checked for all known viruses by UUNET delivered > through the MessageLabs Virus Control Centre. For further information visit > http://www.uk.uu.net/products/security/virus/ From kourosh at loop.com Wed Sep 26 11:05:06 2001 From: kourosh at loop.com (Kourosh Ghassemieh) Date: Tue Dec 2 02:35:59 2003 Subject: Windows virus/worm triggers Samba warnings In-Reply-To: <3BB164ED.9E27BD14@bajajauto.co.in> References: Message-ID: <5.1.0.14.0.20010926105443.00abc050@pop.loop.com> I've used McAfee's antivuris on Linux for a while and it works very well. They do have a Linux product but it can be a bit hard to find on their web site and their licensing is based on how many users access the server so it can get pretty expensive pretty quickly. You can download a demo version from their web site. Hope this helps. At 10:47 AM 9/26/2001 +0530, NITIN PANDE wrote: >This could be that Nimda or Sircam virus. What is the role of your >infected NT Server? >Sircam sends out e-mail to other guys. >Also, on similar topic, I was wondering if someone could provide these >worm signatures. >Each of these virus/worm leave a fingerprint on the files. Maybe I could >scan the files >on Samba server searching for these fingerprints on users shares. Norton >Antivirus has >a virus scanner for Solaris only. Linux and other guys have to depend on >M$ box to scan >them. Any suggestions, >TIA, Ciao, >Nitin Pande >Mail Administrator -- ------------------------------------------------------------------------ Kourosh Ghassemieh MindWare Information Systems & Technologies 9255 Sunset Blvd, Penthouse West Hollywood CA 90069 (310) 729-1784 kourosh@loop.com ++++Networking Solutions for Your Business++++ From jmcd at us.ibm.com Wed Sep 26 11:06:49 2001 From: jmcd at us.ibm.com (Jim McDonough) Date: Tue Dec 2 02:35:59 2003 Subject: usrmgr in samba 2.2.1 Message-ID: Gary MacKay wrote: >So am I (yesterday's) and have never had it work yet! > >> It works fine for me, from W2k, NT, and 9x. But I'm running the latest 2.2 >> CVS Hmm, from what platform are you running usrmgr? I'm just trying to get a hint of what could be going wrong. And what were you doing in usrmgr when you got the message? Looking at a user, choosing a domain, just starting it up...? ---------------------------- Jim McDonough IBM Linux Technology Center 6 Minuteman Drive Scarborough, ME 04074 USA jmcd@us.ibm.com Phone: (207) 885-5565 IBM tie-line: 776-9984 So am I (yesterday's) and have never had it work yet! Jim McDonough wrote: > > It works fine for me, from W2k, NT, and 9x. But I'm running the latest 2.2 > CVS > > ---------------------------- > Jim McDonough > IBM Linux Technology Center > 6 Minuteman Drive > Scarborough, ME 04074 > USA > > jmcd@us.ibm.com > > Phone: (207) 885-5565 > IBM tie-line: 776-9984 > > Matthew.Quinney@hollandandholland.com@lists.samba.org on 09/26/2001 > 05:50:21 AM > > Sent by: samba-ntdom-admin@lists.samba.org > > To: > cc: > Subject: Re: usrmgr in samba 2.2.1 > > Hi there, > > I have the same problem about the stub returning bad data. I just assumed > however that this feature was not implemented in Samba, only in TNG. > > Can anybody else confirm this ? > > Thanks > > Matt > > --------------------------------------------------------------------------------------------------- > > Matthew Quinney > > Network Manager > Holland & Holland Ltd > 31-33 Bruton ST > London > W1X 8JS > Tel - 0207 4994411 > email - matthew.quinney@hollandandholland.com > > "info" > Sent by: To: > > samba-ntdom-admin@lists cc: > .samba.org Subject: usrmgr in > samba 2.2.1 > > 26/09/2001 10:50 > > Hi out there, > > after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains does > not work any more. I get a message "stub erhielt falsche Daten". Does > anybody have the same problems ? > > Bye Uwe > > _____________________________________________________________________ > This message has been checked for all known viruses by UUNET delivered > through the MessageLabs Virus Control Centre. For further information visit > http://www.uk.uu.net/products/security/virus/ From greg at kwikfind.com Wed Sep 26 11:26:23 2001 From: greg at kwikfind.com (Greg Zartman) Date: Tue Dec 2 02:35:59 2003 Subject: Windows virus/worm triggers Samba warnings In-Reply-To: <5.1.0.14.0.20010926105443.00abc050@pop.loop.com> References: <5.1.0.14.0.20010926105443.00abc050@pop.loop.com> Message-ID: <100152823501@jupiter.hosting4u.net> On Wednesday 26 September 2001 13:57, Kourosh Ghassemieh wrote: > I've used McAfee's antivuris on Linux for a while and it works very well. > They do have a Linux product but it can be a bit hard to find on their > web site and their licensing is based on how many users access the > server so it can get pretty expensive pretty quickly. You can download > a demo version from their web site. > For a Linux solution, the best scanning software I've run accross is RAV by GeCAD. http://www.ravantivirus.com From abrock at georgefox.edu Wed Sep 26 13:42:51 2001 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:36:00 2003 Subject: WINS trouble ... Message-ID: <5.1.0.14.2.20010926133449.02b12d80@mail.georgefox.edu> I am having difficulty with WINS. Specifically, I have a WINS server installed and running with the following configuration at address XXX.XXX.224.1 and YYY.YYY.64.1 (it is multi-homed) named "DNS1" running Samba 2.2.0-alpha3: # Global parameters [global] workgroup = IT security = DOMAIN encrypt passwords = Yes password server = IT-PDC log level = 2 syslog = 0 logon script = startup.bat wins support = Yes I also have another server at YYY.YYY.94.1 named "WES-SUN" running Samba 2.0.7 with the following: [global] workgroup = PORTLAND server string = Portland Center File and Print Server encrypt passwords = Yes passwd program = /bin/passwd %u unix password sync = Yes syslog = 0 logon script = startup.bat domain logons = Yes os level = 34 preferred master = Yes domain master = Yes wins server = XXX.XXX.224.1 utmp consolidate = Yes utmp = Yes However, when I attempt to browse to from a Win95, Win98, or WinNT (or even Win2K) box, I am unable to browse the distant network. I am including below some commands I used to demonstrate the problem, Tony From my workstation at YYY.YYY.64.51 I attempt the following: C:\WINDOWS>net view \\wes-sun Error 53: The computer name specified in the network path cannot be located. Make sure you are specifying the computer name correctly, or try again later when the remote computer is available. C:\WINDOWS>nbtstat -c No names in cache C:\WINDOWS>net view \\dns1 Shared resources at \\DNS1 Sharename Type Comment ------------------------------------------------------------------------------- abrock Disk Home directory of abrock Archives Disk Network Services Archives Help Desk Print Help Desk LaserWriter 12/640 PS netlogon Disk The command was completed successfully. C:\WINDOWS>new view *** complete list of 70 machines *** C:\WINDOWS>net view /workgroup:portland Error 6118: The computer(s) sharing resources in this workgroup cannot be located. The computer(s) might have been restarted. Wait a few minutes, and then try again. If the problem persists, make sure your network-adapter settings are correct. C:\WINDOWS> ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From canfield at uindy.edu Wed Sep 26 18:53:03 2001 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:36:00 2003 Subject: Symantec Ghost cann't join Samba-PDC domain In-Reply-To: References: Message-ID: <1001555424.2305.9.camel@defiant> Yes, we are successfully doing what you want. The trick is that (as I understand it) Ghost wants your console machine to be logged in with administrative privileges. In other words, it wants the console machine to be able to reset the domain account on behalf of the client. I have not been able to make this work, but we've talked to the head of Symantec's Ghost Support and they seem very willing to work on this problem. Perhaps if one of the samba developers in interested, I could put the right people in touch with each other to make this feature work. More importantly, there is a way to automatically add machines to the domain with Ghost. You have to use Ghost's support of the Microsoft SysPrep utility, rather than GhostWalker and the built-in domain adding support. This is documented in one of the Ghost manuals. It's not real easy to figure out, but as long as you understand how to add a machine to the domain in samba, and you are willing to read all of the documents, it can be made to work. Plus, using sysprep has the added bonus of letting us ghost to machines with different hardware because it resets the hardware profile. Note that SysPrep should work with any disk imaging software, not just ghost. If you get really stuck, perhaps I can post our sysprep config file as an example, but that part is really just a matter of reading the SysPrep docs. DC On Mon, 2001-09-24 at 02:47, Matt Lessem wrote: > > I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for > about 100 machines in teaching labs at a university. > > In general, the server works well. It is very stable and has no problem > supporting 400+ users. As an added bonus, it also serves as a firewall > and a dhcp server and provides the students with ssh/scp access to their > home directories. > > The one major problem I'm having involves using Symantec Ghost 7 > Enterprise edition to image the Windows 2000 clients in the labs. I > won't spend too much time explaining how this works, as only those > familiar with Ghost will likely have any suggestions or care to read on. > > What happens is: when Ghost 7 Console re-images a client machine, it > attempts to re-add it to the domain using a name and password given to > Ghost when it is installed. This user exist on the Samba-PDC server, and > has permission to create domain accounts. > > When the freshly imaged client machine comes back up, with the correct > name and thinking it is in the correct domain, it gives an error of, > roughly, "Failed to join domain. Bad parameter". I hit "ok" and the > machine reboots. When the client comes up again, it still thinks it is > in the domain. If I attempt to login to the domain, it says roughly, > "Unable to logon to domain. Computer account is nonexistant or password > is wrong". Of course, all of these machines already have accounts on the > Samba-PDC server. > > The solution, up to this point, has been to remove each machine from the > domain, reboot, put each machine back into the domain, providing a name > and password for the samba-pdc that can do that, and reboot again. You > can see how this could get old with 100 clients. > > I have seen Ghost 7 successfully put machines back into a domian that is > run by a Win2K server, so it is not purely a matter of Ghost being > broken. > > Questions you might be able to help me with: > > 1. How is Ghost attempting to re-add these machines to the domain? If it > is attempting to use user manager for domain style commands, I know that > Samba-PDC does not support that. If it is doing something else, what is > that? > > 2. Is Samba logging the attempts by Ghost to rejoin these machines to > the domain? If so, where? > > 3. Is anyone doing this successfully? In other words, is it just me/my > server? > > 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a > Samba-PDC to play nice -- besides moving to a Win2K Server and just > using the Samba machine as a file server? > > Any help or thoughts are much appreciated. > > Thanks, > Matt Lessem > > From DavidAtkinson at solectron.com Thu Sep 27 00:04:04 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:36:00 2003 Subject: File Locking problem (I think) Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67EF@wangex.wta.slr.com> Thanks for your help guys. I guess I'll have to try upgrading to the most recent stable release. -- And to pre-empt what I know some are going to say, by guys (in this context) I am making a gender independent reference to all the people on the list. -----Original Message----- From: Adrian Head [mailto:adrian.head@bytecomm.com.au] Sent: Wednesday, 26 September 2001 7:57 PM To: DavidAtkinson@solectron.com; samba-ntdom@lists.samba.org Subject: RE: File Locking problem (I think) I'm doing exactly the same thing - but I have never had a problem. I havn't seen your smb.conf but all I have on my share is some thing like: [share] comment = example share path = /mnt/somewhere group = users write list = user1 public = yes writable = no printable = no create mask = 0644 directory mask = 0775 I can copy files over and then do what I like. And others can do what they like. I'm running samba 2.2.1a. Adrian Head > -----Original Message----- > From: DavidAtkinson@solectron.com [SMTP:DavidAtkinson@solectron.com] > Sent: Wednesday, 26 September 2001 19:27 > To: samba-ntdom@lists.samba.org > Subject: RE: File Locking problem (I think) > > Because I want other people to be able to get in and modify the file > names > and file contents without having to give them accounts to login with. > > -----Original Message----- > From: Kauffmann, Andreas [mailto:andreas.kauffmann@tzdan.de] > Sent: Wednesday, 26 September 2001 7:16 PM > To: DavidAtkinson@solectron.com > Subject: AW: File Locking problem (I think) > > > why u make it so difficult? > > why don?t make this share with apache as a webshare? :-) > > -----Urspr?ngliche Nachricht----- > Von: DavidAtkinson@solectron.com [mailto:DavidAtkinson@solectron.com] > Gesendet: Mittwoch, 26. September 2001 10:08 > An: samba-ntdom@lists.samba.org > Betreff: File Locking problem (I think) > > > This is a problem I have been struglling with for some months, so I > thought > I'd throw it out there to see if anyone can help. > > I have a RedHat 7.1 box (but I have had this under earlier versions) > running > samba 2.0.7 (or thereabouts) which has a share called music. Under > various > folders I have various MP3 repositories and video clips, etc... which > are > world readable (ie public = yes). I have configured an access list > ("valid > users=@music"; "write list=@music") and confirmed that the share is > writable > by connecting a creating and deleteing folders and creating and > deleteing > text files (through the windows explorer interface). The text files > created > are able to be modified an indefinite number of times in Notepad and > then > deleted at the end. The problem I have is that when I copy videos off > CDs > (which is currently my only source of music videos, because I wouldn't > want > to be doing anything illegal ;-) ) they copy onto the share without > problems, but then they cannot be renamed or deleted. > > The problem possibly stems from the owner being set to root:music (my > user > id, "david", is in the "music" group). I have found that this problem > doesn't occur (for the "david" user) when the permissions are > david:music, > but I would prefer to be able to have users other than myself be able > to > modify song names. I have been able to telnet into my file server and > modify > the file names (both as "root" and as "david") which indicates the > file > sytem permissions (I have tried both 775 and 664) are correct. > > As all the permisions appear to be correct on the UNIX side my > thinking > is > that this is possibly a file locking thing. I'm not to sure how Samba > tracks > file locks, but it is wierd that Samba would lock a file as soon as it > is > loaded onto a share. > > > > If anyone has any suggestions or would like me to clarify/elaborate on > any > of the areas, please feel free to either broadcast the > question/request/suggestion or contact me directly. Thanks in advance > (and > well done for making it thorugh my problem description!) > > Regards > David Atkinson From service at arrowsmithcomputerco.com.au Thu Sep 27 02:07:03 2001 From: service at arrowsmithcomputerco.com.au (service) Date: Tue Dec 2 02:36:00 2003 Subject: Win2k Logon error - Trust Relationships ??? Message-ID: <01092717135001.17438@arrow1> Hi, Problem: Basicly my Win2k Machine can register it's self on the Domain but after the first re-boot when I try to login to the domain it comes up with the following error: "The system cannot log you on to this domain because the system's computer account in it's primary domain is missing or the password on that account is incorrect." I can logon the local machine, where I can access the shares on the samba server, It seems at the re-boot phase it's loosing the trust relationship. When on the Win2k machine, when I try accessing the domain users (ie. through, control pannel, users & password, new user, browse) the following error comes up. "The user could not be added because the following error has occurred: The trust relationship between this workstation and the primary domain failed." I have tryed putting the workstation back on the domain many times, but after each re-boot the same logon errors start. What I have: Samba 2.2.1a (1st tryed on Samba 2.2.0) Redhat Linux 7.1 with Kernel ver 2.4.2-SGI with XFS v1.0 Win 2k ver 5.00.2195 (+ tryed a Win2k with Service Pack 2) The error log's for the win2k machine states: "[2001/09/27 16:29:07, 1] smbd/reply.c:reply_sesssetup_and_X(1067) Username guest is invalid on this system" The Smb.conf file looks like: --start-- [global] workgroup = domain netbios name = server domain admin group = @adm log level = 2 server string = server samba server hosts allow = 192.168. 127. printcap name = /etc/printcap load printers = yes printing = lprng ;guest account = guest log file = /var/log/samba/%m.log max log size = 1047 security = user encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd unix passwd sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options - TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon path = \\%N\Profiles\%u logon drive = h: logon home = \\server\%u logon script = ascript.bat wins support = yes wins proxy = yes dns proxy = yes --end-- From andreas.kauffmann at tzdan.de Thu Sep 27 03:37:02 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:36:00 2003 Subject: Passwords. Message-ID: Hy everybody out there! Since my Domain is running, I?ve got the next Problem... :( When I join my Domain, everything is okay, but when I reboot and want to logon then, The Linux Domain won?t take my password. I Added my Workstation Trust Account and made "smbpasswd -a -m pc00" (PC00 ist the Trust account added with pc00\$) What do I do wrong? Thanks and regards! VeNoM ///\\ (O O) +-----------------oOO--(_)--------------------+ | Andreas Kauffmann | | Telematikzentrum D?rrwangen GmbH & Co. KG | | andreas.kauffmann@tzdan.de | +---------------------------oOO---------------+ Hauptstra?e 3 |__|__| || || 91602 D?rrwangen ooO Ooo 09856/979 48 - 21 From A.Boswell at uea.ac.uk Thu Sep 27 03:39:02 2001 From: A.Boswell at uea.ac.uk (Boswell Andrew Dr (ITCS) s139) Date: Tue Dec 2 02:36:00 2003 Subject: samba smbd process looping : Samba 2.2.1 Message-ID: <145A1EE99BF6D411956A00508BB3B99121FD9A@exchange1.uea.ac.uk> Hi Samba and Samba-ntdom lists, We have been running Samba 2.2.1 since it came out July 11th on a cluster of Compaq Tru 64 machines. Since our students returned last week (using NT workstations in our labs.), we have been having a problem of looping Samba processes occuring and hogging CPU eg from a typical ps, 14 mins of CPU: PSR USER RUSER PID PPID %CPU %MEM VSZ RSS TIME STARTED NI COMMAND 0 root 31846 517 33.5 0.6 6.51M 1.8M 14:23.99 13:05:23 10 smbd Across 4 servers, we've had 11 incidents of this in the last 24 hours. It is quite probable that this has been occuring for a while (ie since 2.2.1) but we have only noticed now with hundreds of students using the system. A trace on the processes shows: cpca5 # trace -p 9504 Tracing process /proc/09504 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 fcntl (10, 9, 0x11fffeac0) = 0 .... etc - it just goes on & on like this with no other calls that I can see. Some sort of file locking? It has been difficult to relate the incidents to particular applications running on the Windows client machines as if things go slow the students will just tend to leave the machine. However, yesterday, I did manage to relate one case yesterday to a user running a VirusScan over their files on the Samba share - this was the only access to the drive they had made. Stopping the Virus Scanner didn't stop the looping process. If the process was killed before the Virus Scanner was stopped, it restarted. However, once the Vuris Scanner was stopped, the process was killed and didn't restart. Strange. Although, the runaway process appears to be disconnected, it is not completely. Does anyone know / can help with: - the reason for this - end user applications likely to cause it. I suspect its more general than the Virus Scanner. - preventative measures I have put up crontab scripts to kill the processes after 10 mins of CPU, but even this hits the servers before the scripts cut in. With thanks in advance Andrew ========================================= Dr Andrew Boswell email : A.Boswell@uea.ac.uk School Liaison Consultant phone : +44-1603-593856 IT and Computing Services fax : +44-1603-593467 University of East Anglia Room : ITCS 0.09A Norwich, NR4 7TJ, UK From Gary at EdisonInfo.com Thu Sep 27 03:57:02 2001 From: Gary at EdisonInfo.com (Gary MacKay) Date: Tue Dec 2 02:36:00 2003 Subject: usrmgr in samba 2.2.1 References: Message-ID: <3BB30659.34D6838E@EdisonInfo.com> RedHat 7.0 with all up2date patches. Latest CVS of samba, well as of two weeks ago. From a WinNT workstation and an NT server box, I get the "The Tag is Invalid" error as soon as I launch UsrMgr.exe. It then asks if I want to join a different domain, I say no, it exits. - Gary Jim McDonough wrote: > > Gary MacKay wrote: > >So am I (yesterday's) and have never had it work yet! > > > >> It works fine for me, from W2k, NT, and 9x. But I'm running the latest > 2.2 > >> CVS > > Hmm, from what platform are you running usrmgr? I'm just trying to get a > hint of what could be going wrong. And what were you doing in usrmgr when > you got the message? Looking at a user, choosing a domain, just starting > it up...? > > ---------------------------- > Jim McDonough > IBM Linux Technology Center > 6 Minuteman Drive > Scarborough, ME 04074 > USA > > jmcd@us.ibm.com > > Phone: (207) 885-5565 > IBM tie-line: 776-9984 > > So am I (yesterday's) and have never had it work yet! > > Jim McDonough wrote: > > > > It works fine for me, from W2k, NT, and 9x. But I'm running the latest > 2.2 > > CVS > > > > ---------------------------- > > Jim McDonough > > IBM Linux Technology Center > > 6 Minuteman Drive > > Scarborough, ME 04074 > > USA > > > > jmcd@us.ibm.com > > > > Phone: (207) 885-5565 > > IBM tie-line: 776-9984 > > > > Matthew.Quinney@hollandandholland.com@lists.samba.org on 09/26/2001 > > 05:50:21 AM > > > > Sent by: samba-ntdom-admin@lists.samba.org > > > > To: > > cc: > > Subject: Re: usrmgr in samba 2.2.1 > > > > Hi there, > > > > I have the same problem about the stub returning bad data. I just assumed > > however that this feature was not implemented in Samba, only in TNG. > > > > Can anybody else confirm this ? > > > > Thanks > > > > Matt > > > > > --------------------------------------------------------------------------------------------------- > > > > > Matthew Quinney > > > > Network Manager > > Holland & Holland Ltd > > 31-33 Bruton ST > > London > > W1X 8JS > > Tel - 0207 4994411 > > email - matthew.quinney@hollandandholland.com > > > > "info" > > Sent by: To: > > > > samba-ntdom-admin@lists cc: > > .samba.org Subject: usrmgr in > > samba 2.2.1 > > > > 26/09/2001 10:50 > > > > Hi out there, > > > > after upgrading from amba 2.2.0 to 2.2.1a my user manager for domains > does > > not work any more. I get a message "stub erhielt falsche Daten". Does > > anybody have the same problems ? > > > > Bye Uwe > > > > _____________________________________________________________________ > > This message has been checked for all known viruses by UUNET delivered > > through the MessageLabs Virus Control Centre. For further information > visit > > http://www.uk.uu.net/products/security/virus/ From uwe.strahmann at bofest.de Thu Sep 27 07:12:04 2001 From: uwe.strahmann at bofest.de (Uwe Strahmann) Date: Tue Dec 2 02:36:00 2003 Subject: AW: usrmgr in samba 2.2.1 In-Reply-To: Message-ID: <000001c1475e$e3847050$6dbb9e3e@pluto> I'm using W2K SP1 as platform and using Suse linux 7.2 with the samba 2.2.1a from the suse ftp server. UsrMgr is Version 4.0.1371.1. Error message appears only when I am connected to domain as domain user - when I'm using a local account and have no connection to domain everything works fine. Error message appears on start up and /or selecting the domain with the samba PDC. bye Uwe >Hmm, from what platform are you running usrmgr? I'm just trying to get a >hint of what could be going wrong. And what were you doing in usrmgr when<<<< >you got the message? Looking at a user, choosing a domain, just starting >it up...? From thomas at epact.se Thu Sep 27 07:40:02 2001 From: thomas at epact.se (Thomas =?iso-8859-1?Q?S=F6rlin?=) Date: Tue Dec 2 02:36:00 2003 Subject: usrmgr in samba 2.2.1 Message-ID: <3BB33A98.5AA3CCD7@epact.se> My user manager crashes when trying to start it as local adminstrator on an NT box. (New install, SP6) I'm running samba 2.2.1a on RedHat 7.1 as PDC. "An application error has occured and an application error log is being generated LSASS.exe Exception: access violation (0xc0000005) Address: 0x77f64d8a" This is followed by an "RPC failure" announcement. Is this possibly related? /Thomas From d.lukwata at fh-mannheim.de Thu Sep 27 07:58:03 2001 From: d.lukwata at fh-mannheim.de (Dominic) Date: Tue Dec 2 02:36:00 2003 Subject: sync passwords Message-ID: <000801c14765$1a774e60$358f138d@bts.fhmannheim.de> Hi all, I have managed to make smbpasswd update both unix NIS passwords and smb-passwords. Only that the price is a big security hole! yppasswd needs the root password! So I have changed the chat in smb.conf to include the root password in clear text. smb passwd file = /usr/local/samba/private/smbpasswd unix password sync = yes passwd program = /usr/bin/yppasswd %u passwd chat = *NIS* \n *NIS* %n\n *new* %n\n *changed* encrypt passwords = yes Now this has worked, but really not acceptable, since smb.conf must be readable by every one! So the root password can be read by anyone! Does any one know how to go around this? Thanks a bunch Dominic -------------- next part -------------- HTML attachment scrubbed and removed From dave.stevenson at durham.ac.uk Thu Sep 27 08:24:02 2001 From: dave.stevenson at durham.ac.uk (Dave Stevenson) Date: Tue Dec 2 02:36:01 2003 Subject: Dual logon servers? Message-ID: <3BB3438C.6A106562@durham.ac.uk> " A Domain controller for Domain XXXX could not be contacted" I have two Samba servers running 2_2 CVS under Solaris2.8 (gcc 2.95.2) One is a PDC with mandatory profile and logon script PDC other (call it BDC?) security=user security=domain password server = domain logons = yes domain logons=yes preferred master = yes preferred master=no local master = yes local master=no domain master = auto domain master=no os level = 66 os level = Shares etc for profiles and netlogon (replicated via unix) "BDC" has joined the domain OK And logons fail ( intermittently but pretty frequently with the usual "Domain controller for... ...could not be found" ) setting BDC domain logons=no and the problem disappears (Unless the PDC is put under prolonged heavy load:-) Am I missing something or just being too optimistic re the possibility of sharing the logon/profile load between two servers? - any ideas welcome PS 2_2 is working fine as print server with auto driver downloads - wonderful, excellent job. From charles at fwbbc.edu Thu Sep 27 09:42:02 2001 From: charles at fwbbc.edu (Charles Wise) Date: Tue Dec 2 02:36:01 2003 Subject: sync passwords In-Reply-To: <000801c14765$1a774e60$358f138d@bts.fhmannheim.de> References: <000801c14765$1a774e60$358f138d@bts.fhmannheim.de> Message-ID: <1001611553.3bb36121d76b5@mail.fwbbc.edu> smb.conf only has to be readable and writeable by root not everyone. Your solution still may have security implications though. Quoting Dominic : > Hi all, > > I have managed to make smbpasswd update both unix NIS passwords > and smb-passwords. Only that the price is a big security hole! > yppasswd needs the root password! So I have changed the chat in smb.conf > to > include the root password in clear text. > > smb passwd file = /usr/local/samba/private/smbpasswd > unix password sync = yes > passwd program = /usr/bin/yppasswd %u > passwd chat = *NIS* \n *NIS* %n\n *new* %n\n *changed* > encrypt passwords = yes > > Now this has worked, but really not acceptable, since smb.conf must be > readable by every one! So the root password can be read by anyone! > > Does any one know how to go around this? > > Thanks a bunch > > Dominic > Charles Wise FWBBC Computer Support charles@fwbbc.edu From abo at netlands.de Thu Sep 27 11:10:04 2001 From: abo at netlands.de (Andreas Boeckler) Date: Tue Dec 2 02:36:01 2003 Subject: best of 2 worlds Message-ID: <20010927201259.A26553@netlands.de> hi, has anyone tried to combine the purpose of the libnss_ldap and libnss_winbind module? Instead of talking in Legacy mode to an WIN2K DC, it would be possible to do a ldaprequest to it: kinit ldapsearch -h -L -b "DC=DOMAIN,DC=NET" "(objectClass=user)" returns the user-list ldapsearch -h -L -b "DC=DOMAIN,DC=NET" "(objectClass=group)" returns the groups-list ldapsearch -h -L -b "DC=DOMAIN,DC=NET" "(sAMAccountName=) objectSid returns the SID of the user or group or whatever .. I think, the only problem is the preauthentication to make the ldaprequest, but that could be solved with this: http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp greetings Andy -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #384: t's an ID-10-T error From thomasdeniau at mac.com Thu Sep 27 11:12:03 2001 From: thomasdeniau at mac.com (Thomas Deniau) Date: Tue Dec 2 02:36:01 2003 Subject: [newbie] winbind Message-ID: Hi ! I'm trying to integrate a Linux 2.4 box into a NT 4 network. I've managed to get 'getent passwd' and 'getent group' to work with winbind using Samba-HEAD. But when I try to 'su' to one of the domain users, pam_winbind says in /var/log/messages that the user doesn't exist ! (whereas it IS listed in getent passwd). Any clue ? Thanks. From barth at cck.uni-kl.de Thu Sep 27 12:06:11 2001 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:36:01 2003 Subject: sync passwords In-Reply-To: <000801c14765$1a774e60$358f138d@bts.fhmannheim.de> Message-ID: <3BB39538.6916.2D72988@localhost> > Hi all, > > I have managed to make smbpasswd update both unix NIS passwords > and smb-passwords. Only that the price is a big security hole! > yppasswd needs the root password! So I have changed the chat in smb.conf to > include the root password in clear text. > > smb passwd file = /usr/local/samba/private/smbpasswd > unix password sync = yes > passwd program = /usr/bin/yppasswd %u > passwd chat = *NIS* \n *NIS* %n\n *new* %n\n *changed* > encrypt passwords = yes > > Now this has worked, but really not acceptable, since smb.conf must be > readable by every one! So the root password can be read by anyone! > > Does any one know how to go around this? If the NIS server is your PDC you can use passwd in the chat and push the NIS maps with cron or a "cd /var/yp; make" at the end of the chat. Christian > > Thanks a bunch > > Dominic > _(_)_ wWWWw _ @@@@ (_)@(_) vVVVv _ @@@@ (___) _(_)_ @@()@@ wWWWw (_)\ (___) _(_)_ @@()@@ Y (_)@(_) @@@@ (___) `|/ Y (_)@(_) @@@@ \|/ (_)\ / Y \| \|/ /(_) \| |/ | \ | \ |/ | / \ | / \|/ |/ \| \|/ jgs|// \\|/// \\\|//\\\|/// \|/// \\\|// \\|// \\\|// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ From yanek at cigital.com Thu Sep 27 12:34:02 2001 From: yanek at cigital.com (Yanek Korff) Date: Tue Dec 2 02:36:01 2003 Subject: Client enters subdomain, WINS broken Message-ID: <4BC10D47D7ACD3119FA800104B1F8836013A4CDC@exchange.cigital.com> Just changed the internal domain structure so that clients are in a subdomain of our top-level. Suddenly all unix machines running smb/nmb are (a) out of the browse list (b) inaccessible via UNC So I tried the following: (a) adding IN A records for them in the top level domain (b) adding netbios name = HOSTNAME in smb.conf (c) adding wins server = our wins server In one case I am able to see the system in the browse list... but attempting to open it yields: "Server not configured for transactions." What's going on? -Yanek. From rlendrum at code-works.com Thu Sep 27 13:17:02 2001 From: rlendrum at code-works.com (Robert Lendrum) Date: Tue Dec 2 02:36:01 2003 Subject: Hello and stuff! :} Message-ID: <005e01c14792$068e4930$aa1c5fa5@math.tarleton.edu> Hi, I need the URL for the winbind files. I noted in samba-2.2.1.html that windbind was not included and would not be until later releases. I have tried google.com searches looking for the source or bin files to d/l. I want to build a Unix/Linux server that will use a windows NT 4.0 server PDC for user authentication for my school new CS program. Winbind seems to be my answer. But, I need the to d/l it. So, if you know where to get the current release of winbind please email me the URL or hey may be the files them selves if its not too big. :} Thanks in advance Eric Lendrum -------------- next part -------------- HTML attachment scrubbed and removed From gustavo.michels at emersonenergy.com Thu Sep 27 13:52:02 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:36:01 2003 Subject: [newbie] winbind Message-ID: <7F0147C496F3D411813C0002B32BF1CC01377CC3@eesekkex001.kkekant.ericsson.se> Hi, You should add entries to the relatives pam files. If you use a red hat system, you just have to change the system-auth file to add winbind support. Look in the archives for 1-2 weeks ago, there is a post with a working system-auth, if that's your case. cheers Gustavo > -----Original Message----- > From: Thomas Deniau [mailto:thomasdeniau@mac.com] > Sent: quinta-feira, 27 de setembro de 2001 13:17 > To: samba-ntdom@lists.samba.org > Subject: [newbie] winbind > > > Hi ! > I'm trying to integrate a Linux 2.4 box into a NT 4 network. > > I've managed to get 'getent passwd' and 'getent group' to > work with winbind > using Samba-HEAD. > But when I try to 'su' to one of the domain users, pam_winbind says in > /var/log/messages that the user doesn't exist ! (whereas it > IS listed in > getent passwd). > > Any clue ? > > Thanks. > > From abrock at georgefox.edu Thu Sep 27 14:39:02 2001 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:36:01 2003 Subject: WINS ... Message-ID: <5.1.0.14.2.20010927143811.02f37530@mail.georgefox.edu> Does anyone know of problems when attempting to use Samba 2.2.0 for WINS? We have been experiencing problems with cross domain browsing, and I am not certain how to troubleshoot problems. I posted a message a couple days ago with details but haven't seen any response. Thanks in advance! Tony ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From bob at urban.csuohio.edu Thu Sep 27 14:47:20 2001 From: bob at urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:36:01 2003 Subject: SMBD eating CPU time - I know it was talked about Message-ID: <200109272147.f8RLlxm25665@wolf.urban.csuohio.edu> I know others have seen the problem w/ one or a few smbd processes eating up massive amount of CPU. I was trying to look through the mailing list archives, but there seems to be chunks of them missing - like most of the month of August - so my search didn't turn up anything. So, can someone steer me in the right direction to correct this problem? I have 2.2.1a on Solaris 8, and the eating CPU happened just enough to be annoying. Thanks very much! Bob Martel ****************************************************************************** Speaking only for myself - CSU pays better people than me to speak for them. Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From jra at samba.org Thu Sep 27 15:15:01 2001 From: jra at samba.org (Jeremy Allison) Date: Tue Dec 2 02:36:01 2003 Subject: SMBD eating CPU time - I know it was talked about In-Reply-To: <200109272147.f8RLlxm25665@wolf.urban.csuohio.edu>; from bob@urban.csuohio.edu on Thu, Sep 27, 2001 at 05:47:59PM -0400 References: <200109272147.f8RLlxm25665@wolf.urban.csuohio.edu> Message-ID: <20010927151429.F7262@va.samba.org> On Thu, Sep 27, 2001 at 05:47:59PM -0400, Robert M. Martel wrote: > > I know others have seen the problem w/ one or a few smbd processes > eating up massive amount of CPU. I was trying to look through the mailing list > archives, but there seems to be chunks of them missing - like most of the month > of August - so my search didn't turn up anything. > > So, can someone steer me in the right direction to correct this problem? > I have 2.2.1a on Solaris 8, and the eating CPU happened just enough to be > annoying. This is something we've fixed in the 2.2.2 CVS tree. It's a set of fixes not easy to release as a simple patch to 2.2.1a. I suggest you checkout the SAMBA_2_2 branch and use this at present. We're getting this ready for release and so could do with feedback. Thanks, Jeremy. From justindd at iastate.edu Thu Sep 27 15:16:26 2001 From: justindd at iastate.edu (Justin D Davis) Date: Tue Dec 2 02:36:01 2003 Subject: smbpasswd Message-ID: <5.1.0.14.2.20010927171608.00a6b120@justindd.mail.iastate.edu> What is wrong with this damn thing? Most of my users...no problems. From win2k or from smbclient. But several of them worked, and suddenly stopped. I can't make them work again. The accounts are enabled, and I can access them from win2k, but not from smbclient, and not from my audiotron music unit. This happens when running 2.2.1a or the current CVS Please reply directly since I'm no longer subscribed to the list From npande at bajajauto.co.in Thu Sep 27 20:48:02 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:36:02 2003 Subject: Windows virus/worm triggers Samba warnings References: <5.1.0.14.0.20010926105443.00abc050@pop.loop.com> <100152823501@jupiter.hosting4u.net> Message-ID: <3BB3F32D.78E25C5F@bajajauto.co.in> Thanks guys (and gals) out there. All the references have been helpful. I think my Linux box is more secure now. ----->And I agree with David Atkinson in one of his posts. That when I say guys, it's gender independent (least bit sexist!) ;) Nitin Pande Bajaj Auto Ltd. Mail Administrator Ext. 6960 Greg Zartman wrote: > On Wednesday 26 September 2001 13:57, Kourosh Ghassemieh wrote: > > I've used McAfee's antivuris on Linux for a while and it works very well. > > They do have a Linux product but it can be a bit hard to find on their > > web site and their licensing is based on how many users access the > > server so it can get pretty expensive pretty quickly. You can download > > a demo version from their web site. > > > > For a Linux solution, the best scanning software I've run accross is RAV by > GeCAD. > http://www.ravantivirus.com From thomasdeniau at yahoo.fr Fri Sep 28 00:02:06 2001 From: thomasdeniau at yahoo.fr (=?iso-8859-1?q?=20?=) Date: Tue Dec 2 02:36:02 2003 Subject: [newbie] winbind In-Reply-To: <7F0147C496F3D411813C0002B32BF1CC01377CC3@eesekkex001.kkekant.ericsson.se> Message-ID: <20010928070416.92250.qmail@web13507.mail.yahoo.com> --- "Michels, Gustavo [EES/BR]" a ?crit : > Hi, > > You should add entries to the relatives pam files. > If you use a red hat > system, you just have to change the system-auth file > to add winbind support. > Look in the archives for 1-2 weeks ago, there is a > post with a working > system-auth, if that's your case. In fact I've just checked and I think my PAM setup is fine. However wbinfo -t tells me : Secret is bad 0xc00000e5 and winbindd in debug level 100, when I do wbinfo -t, tells me : accepted socket 10 [ 1825]: check machine account read failed on sock 10, pid 1825: EOF Any idea ? TIA, -- Thomas Deniau ___________________________________________________________ Do You Yahoo!? -- Un e-mail gratuit @yahoo.fr ! Yahoo! Courrier : http://fr.mail.yahoo.com From d.lukwata at fh-mannheim.de Fri Sep 28 01:12:02 2001 From: d.lukwata at fh-mannheim.de (Dominic) Date: Tue Dec 2 02:36:02 2003 Subject: samba to trust another windows domain Message-ID: <000801c147f5$a38e34d0$358f138d@bts.fhmannheim.de> Hi all, thanks for the response about the sync password. I will work and try the proporsals. There is still another big problem and may be someone has a hint how to solve it: How can I make a Samba PDC trust another windows domain? We have two subnets: One of them is a heterogeneous with Unix/Linux and Windows workstations. One of the Linux Workstation (call it PDC1) is the NIS-Server and is also the Samba Domain Controller. Let us call this Domain (NIS and Samba) DOMAIN1 . Unix-NIS accounts and Samba Accounts are identical. Let the Net-IP be 121.20.100.0 Another subnet is a pure windows (NT) domain. Call the domain controller PDC2 and the Domain DOMAIN2. Let the Net-IP be 121.20.200.0 Now a lot of users in DOMAIN2 like to log on the Unix-Workstaions in DOMAIN1. The Windows-Machine in DOMAIN2 are used just as Access-Terminals to Unix-Work- stations in DOMAIN1. Because of different departments DOMAIN1 and DOMAIN2 cannot be merged to one domain. Consequently windows users from DOMAIN2 liking to log on Unix-DOMAIN1 must have two accounts. One in DOMAIN2 just to provide access to the windows machine. Then another account in DOMAIN1 for Unix-Access (e.g. via ssh and eXeed). Now this is a doulbe work with all its disavantages. The questionis: How can I make users have only one account in DOMAIN1 but be able to log on DOMAIN2? Can I solve this by making the Samba DOMAIN1 trust the NT DOMAIN2 (and vice versa). How ? (i.e. How can I make the Samba DOMAIN1 trust the NT DOMAIN2?) Thanks a lot for any hint Dominic -------------- next part -------------- HTML attachment scrubbed and removed From npande at bajajauto.co.in Fri Sep 28 01:23:03 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:36:02 2003 Subject: samba to trust another windows domain References: <000801c147f5$a38e34d0$358f138d@bts.fhmannheim.de> Message-ID: <3BB433DE.D0DA17@bajajauto.co.in> This is from Roman Kozello---------------------> Make sure you set up 'domain admin users' in smb.conf. Mapping this account to root in smbusers file and adding a user root to smbpasswd may also be necessary. However, creating machine trust account through Windows Net->Properties leads to disabled account. Enable it with webmin or look at smbpasswd file - remove letter D at the right side of appropriate string. Then, close Net->Properties applets window and join domain again without creating an account. You should go. Or, better, create Unix account with no shell, no home, no password... And # smbpasswd -a -m Join domain without creating trust account from Win side. ---------------------- HTH. Ciao, Nitin Pande Mail Administrator Bajaj Auto Ltd. Ext . 6960 Dominic wrote: > Hi all, thanks for the response about the sync password. I will work > and trythe proporsals. There is still another big problem and may be > someone has a hint howto solve it: How can I make a Samba PDC trust > another windows domain? We have two subnets: One of them is a > heterogeneous with Unix/Linux and Windows workstations.One of the > Linux Workstation (call it PDC1) is the NIS-Server and is alsothe > Samba Domain Controller. Let us call this Domain (NIS and Samba) > DOMAIN1 .Unix-NIS accounts and Samba Accounts are identical.Let the > Net-IP be 121.20.100.0 Another subnet is a pure windows (NT) domain. > Call the domain controller PDC2and the Domain DOMAIN2. Let the Net-IP > be 121.20.200.0 Now a lot of users in DOMAIN2 like to log on the > Unix-Workstaions in DOMAIN1.The Windows-Machine in DOMAIN2 are used > just as Access-Terminals to Unix-Work-stations in DOMAIN1. Because of > different departments DOMAIN1 and DOMAIN2cannot be merged to one > domain. Consequently windows users from DOMAIN2 liking to log on > Unix-DOMAIN1 must havetwo accounts. One in DOMAIN2 just to provide > access to the windows machine. Thenanother account in DOMAIN1 for > Unix-Access (e.g. via ssh and eXeed). Now this is a doulbe work with > all its disavantages. The questionis: How can I make users have only > one account in DOMAIN1 but be able to log on DOMAIN2?Can I solve this > by making the Samba DOMAIN1 trust the NT DOMAIN2 (and vice versa).How > ? (i.e. How can I make the Samba DOMAIN1 trust the NT DOMAIN2?) Thanks > a lot for any hint Dominic -------------- next part -------------- HTML attachment scrubbed and removed From andreas.kauffmann at tzdan.de Fri Sep 28 02:18:01 2001 From: andreas.kauffmann at tzdan.de (Kauffmann, Andreas) Date: Tue Dec 2 02:36:02 2003 Subject: Server saved Profiles?! Message-ID: Hy everybody out there! I?ve got a Problem with samba-2.2.1a and SuSe Linux 7.2. When I want to logon a user to my domain, the client always says "Your Server saved Profile is not available"... But I made a /home/[usr]/profile directory. There is nothing in this directory, but at the first logon the client should generate a profile or not? I think that I have an error in my smb.conf with the netlogon path and share. Here is the smb.conf. I hope one of you will answer me with a corrected smb.conf :) because I have to get the server runing until 2hours :) Very Very thanks for your help! <> -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 549 bytes Desc: smb.conf Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010928/f3902ee4/smb.obj From lukwata at roxi.rz.fh-mannheim.de Fri Sep 28 02:22:02 2001 From: lukwata at roxi.rz.fh-mannheim.de (Lukwata Dominic) Date: Tue Dec 2 02:36:02 2003 Subject: samba to trust another windows domain In-Reply-To: <3BB433DE.D0DA17@bajajauto.co.in> Message-ID: Hi, > This is from Roman Kozello---------------------> > Make sure you set up 'domain admin users' in smb.conf. Mapping this > account to root in smbusers file and adding a user root to smbpasswd may > also be necessary. Sorry for silly sounding questions. I had to deal with Samba for the fist time since two weeks ago: Would you please give an example of the "domain admin users" line. How can this account be maped to root and where is the smbusers file? > However, creating machine trust account through Windows Net->Properties > leads to disabled account. > Enable it with webmin or look at smbpasswd file - remove letter D at the > right side of appropriate string. Where to get webmin? I have tried excecute webmin but it is not known. (the letter D was possible inserted by a mail program) > Then, close Net->Properties applets window and join domain again without > creating an account. You should go. > > Or, better, create Unix account with no shell, no home, > no password... > And # smbpasswd -a -m > Join domain without creating trust account from Win side. A trust account for a windows worksatstion in DOMAIN2 (not PDC) was created in Samba DOMAIN1. But from DOMAIN2 the workstation could not access DOMAIN1 (may be because they are different subnets: DOMAIN1 121.20.100.0 and DOMAIN2 121.20.200.0). Must a PDC of DOMNIN2 at first have a trust account in Samba DOMAIN1? (Must then also all windows workstations in DOMAIN2 have trust accounts in Samba DOMAIN1?) Thanks very much for the hints. Dominic > > Dominic wrote: > > > Hi all, thanks for the response about the sync password. I will work > > and trythe proporsals. There is still another big problem and may be > > someone has a hint howto solve it: How can I make a Samba PDC trust > > another windows domain? We have two subnets: One of them is a > > heterogeneous with Unix/Linux and Windows workstations.One of the > > Linux Workstation (call it PDC1) is the NIS-Server and is alsothe > > Samba Domain Controller. Let us call this Domain (NIS and Samba) > > DOMAIN1 .Unix-NIS accounts and Samba Accounts are identical.Let the > > Net-IP be 121.20.100.0 Another subnet is a pure windows (NT) domain. > > Call the domain controller PDC2and the Domain DOMAIN2. Let the Net-IP > > be 121.20.200.0 Now a lot of users in DOMAIN2 like to log on the > > Unix-Workstaions in DOMAIN1.The Windows-Machine in DOMAIN2 are used > > just as Access-Terminals to Unix-Work-stations in DOMAIN1. Because of > > different departments DOMAIN1 and DOMAIN2cannot be merged to one > > domain. Consequently windows users from DOMAIN2 liking to log on > > Unix-DOMAIN1 must havetwo accounts. One in DOMAIN2 just to provide > > access to the windows machine. Thenanother account in DOMAIN1 for > > Unix-Access (e.g. via ssh and eXeed). Now this is a doulbe work with > > all its disavantages. The questionis: How can I make users have only > > one account in DOMAIN1 but be able to log on DOMAIN2?Can I solve this > > by making the Samba DOMAIN1 trust the NT DOMAIN2 (and vice versa).How > > ? (i.e. How can I make the Samba DOMAIN1 trust the NT DOMAIN2?) Thanks > > a lot for any hint Dominic > Dominic Lukwata FH Mannheim Windeckstrasse 110 D-68163 Mannheim Germany Tel.: +49 621 292 6227 Fax.: +49 621 292 6237 eMail: d.lukwata@fh-mannheim.de From DavidAtkinson at solectron.com Fri Sep 28 03:05:02 2001 From: DavidAtkinson at solectron.com (DavidAtkinson@solectron.com) Date: Tue Dec 2 02:36:02 2003 Subject: Joining NT Domain Message-ID: <91C8BF85397AD411B62A0090274FA17F5D67F8@wangex.wta.slr.com> Hi guys, here's a quick one (I hope). I get : [root@ariel david]# smbpasswd -r bgntpdc -j bgnt tdb(/etc/samba/secrets.tdb): tdb_lock failed on list 103 ltype=1 (Invalid argument) Unable to write the machine account password for machine ARIEL in domain BGNT. [root@ariel david]# I have created the account in the domain. Am I using the correct smbpasswd command ? From lists at aussie.nu Fri Sep 28 03:23:02 2001 From: lists at aussie.nu (Bob Purdon - Lists) Date: Tue Dec 2 02:36:02 2003 Subject: NT into Samba domain? In-Reply-To: <200109272147.f8RLlxm25665@wolf.urban.csuohio.edu> Message-ID: OK, I'm pissed. I've wasted the equivalent of 2 days on this and tried everything I could find, ranging from the Samba documentation, HOWTO's, and what I've found on mailing lists... I have a working Samba PDC here at home. It talks to Windows 95 machines just fine, the logon script runs, and that side is all happy. A few weeks ago I ran up a Windows NT 4 box, followed the instructions for creating machine accounts and joining the domain, and it too worked just fine. Since then I've brought my NT box home from work, but I'll be stuffed if I can make it work. I've changed the domain name to match what I use here, but if I click OK in the "Identification Changes" box I get the error "The domain controller for this domain cannot be located" (when I did this on the first NT box, it worked fine). If I use the 'Create account in domain' option, with username 'root' and the password defined for root in the smbpasswd file, it welcomes me to the domain fine. ...but, when I reboot, it tells me that there is a problem with the machine account or the password for the machine account is wrong. So, is there some reason why an NT box will refuse to work with Samba after it's previously been part of a genuine NT domain? The logs aren't showing any obvious errors (debug level 9). The relevant parts of my smb.conf are below: [global] security = user status = yes workgroup = PURDON encrypt passwords = yes domain logons = yes logon script = scripts\login.bat domain admin group = @adm add user script = /bin/false guest account = fuckifiknow share modes = no os level = 65 preferred master = yes domain master = yes local master = yes printing = bsd printcap name = /etc/printcap load printers = yes lock directory = /var/locks oplocks = true strict locking = no socket options = TCP_NODELAY log file = /var/log/samba.log mangle case = no wins support = yes [ some config cut from here relating to shares ] [netlogon] path = /usr/local/samba/netlogon read only = yes From jolt at nicholasofmyra.org Fri Sep 28 05:34:03 2001 From: jolt at nicholasofmyra.org (Joseph) Date: Tue Dec 2 02:36:02 2003 Subject: NT into Samba domain? References: Message-ID: <3BB46E9D.20604@nicholasofmyra.org> I'm going to take a guess here, but I believe you need a valid add user script to get it to "Create account in domain". Bob Purdon - Lists wrote: ... > If I use the 'Create account in domain' option, with username 'root' and > the password defined for root in the smbpasswd file, it welcomes me to the > domain fine. > > ...but, when I reboot, it tells me that there is a problem with the > machine account or the password for the machine account is wrong. ... > [global] ... > add user script = /bin/false From johnl at sotxlighthouse.org Fri Sep 28 06:02:03 2001 From: johnl at sotxlighthouse.org (johnl@sotxlighthouse.org) Date: Tue Dec 2 02:36:02 2003 Subject: w2k terminal server and w2kpro roaming profiles Message-ID: <3BB42F27.5995.895DCF5@localhost> Hello, I am running a linux2.4.6/samba 2.2.1a PDC with a w2k citrix terminal server as a member of the domain. I had been logging in to the ts citrix desktop from a w98 machine, relatively uneventfully. I've just got a w2kpro workstation, joined it to the domain, and logged in to the ts citrix desktop. All the icons from my w2kpro wrkstn showed up on my ts desktop! Although they looked like 'dos' applications because the links were bad, when I clicked on them, they connected back to my w2kpro desktop and ran! This is a feature I can do without. How can I keep the ts desktop from running my profile? Thanks for any help you all may give. --- John Francis Lee, IS Manager South Texas Lighthouse for the Blind 1907 Leopard Street PO Box 9697 Corpus Christi TX 78469 361.883.6553x45 361.883.1041 fax JohnL@sotxlighthouse.org From stanley.g.skidmore at boeing.com Fri Sep 28 07:30:04 2001 From: stanley.g.skidmore at boeing.com (Skidmore, Stanley G) Date: Tue Dec 2 02:36:02 2003 Subject: Network Places Message-ID: Good Morning All, I have a samba pdc up, and working just fine with W2k machines as members of the domain. I only have one problem, users keep asking if they can create a network place instead of just mapping a drive letter. The ability to create a network place does not seem to work. Has anyone else had this problem? Regards Stan Skidmore M&CT SiteOps From jolt at nicholasofmyra.org Fri Sep 28 07:51:03 2001 From: jolt at nicholasofmyra.org (Joseph) Date: Tue Dec 2 02:36:02 2003 Subject: Network Places References: Message-ID: <3BB48EC8.4090002@nicholasofmyra.org> I just tried it, it seems to work for me. I am also running a samba pdc. What problems are they having? Skidmore, Stanley G wrote: > Good Morning All, > I have a samba pdc up, and working just fine with W2k machines as members of the domain. I only have one problem, users keep asking if they can create a network place instead of just mapping a drive letter. The ability to create a network place does not seem to work. Has anyone else had this problem? > > Regards > Stan Skidmore > M&CT SiteOps > > > From gustavo.michels at emersonenergy.com Fri Sep 28 09:22:03 2001 From: gustavo.michels at emersonenergy.com (Michels, Gustavo [EES/BR]) Date: Tue Dec 2 02:36:02 2003 Subject: [newbie] winbind Message-ID: <7F0147C496F3D411813C0002B32BF1CC01377ED1@eesekkex001.kkekant.ericsson.se> Hi, Try deleting the computer account (server manager in pdc) and rejoin the domain with 'smbpasswd -r PDC -j DOMAIN -UAdministrator'. Wbinfo -t should report that secret is good. cheers Gustavo > -----Original Message----- > From: [mailto:thomasdeniau@yahoo.fr] > Sent: sexta-feira, 28 de setembro de 2001 04:04 > To: samba-ntdom@lists.samba.org > Subject: RE: [newbie] winbind > > > --- "Michels, Gustavo [EES/BR]" > a ?crit : > Hi, > > > > You should add entries to the relatives pam files. > > If you use a red hat > > system, you just have to change the system-auth file > > to add winbind support. > > Look in the archives for 1-2 weeks ago, there is a > > post with a working > > system-auth, if that's your case. > > In fact I've just checked and I think my PAM setup is > fine. > However wbinfo -t tells me : > > Secret is bad > 0xc00000e5 > > and winbindd in debug level 100, when I do wbinfo -t, > tells me : > > accepted socket 10 > [ 1825]: check machine account > read failed on sock 10, pid 1825: EOF > > Any idea ? > > TIA, > > -- > Thomas Deniau > > > ___________________________________________________________ > Do You Yahoo!? -- Un e-mail gratuit @yahoo.fr ! > Yahoo! Courrier : http://fr.mail.yahoo.com > From gustavo at ccs.univali.br Fri Sep 28 10:05:22 2001 From: gustavo at ccs.univali.br (Gustavo Schroeder) Date: Tue Dec 2 02:36:03 2003 Subject: Incorrect password Message-ID: <3BB4AF96.9F7A43DF@ccs.univali.br> Hi pals i?m running samba version 2.0.10-2 on redhat 7.1. i?m trying to set up a pdc for a laboratory here at the university, but i?m facing a little problem. all the clients are on the same network (and also the server). i?ve created normal unix users at the server and setted up the config file for domain logons here?s a copy of my smb.conf file #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = LAPAM # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = lprng # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # Put a capping on the size of the log files (in Kb). max log size = 0 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server or # security = domain ; password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd # The following is needed to keep smbclient from spouting spurious errors # when Samba is built with support for SSL. # ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt # The following are needed to allow password changing from Windows to # update the Linux sytsem password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names ; username map = /etc/samba/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/samba/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # All NetBIOS names must be resolved to IP Addresses # 'Name Resolve Order' allows the named resolution mechanism to be specified # the default order is "host lmhosts wins bcast". "host" means use the unix # system gethostbyname() function call that will use either /etc/hosts OR # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both wins server = 10.10.10.10 # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no printable = yes ===============================End=========================================== I?ve configured a win98 client to log into the domain called "LAPAM" when i try to log in, win98 gives me the following error: >>The domain password is not correct or the access to the logon server was denied<< any guess what i?m missing? best regards Gustavo Schroeder Sys admin From Ulrich.Kohlhase at t-online.de Fri Sep 28 10:12:55 2001 From: Ulrich.Kohlhase at t-online.de (Ulrich Kohlhase) Date: Tue Dec 2 02:36:03 2003 Subject: sync passwords Message-ID: <005a01c14841$cb7a5270$0101a8c0@uk> Dominic, you may want to use a script similar to the one appended below. This script needs perl and a (very) small adjustment in Sambas source file "chgpasswd.c", please have a look at the commented lines. Good luck, Ulrich Kohlhase ---------------------------------------------------- #!/usr/bin/perl # # in smb.conf (yes, it's a dot in passwd chat !): # passwd program = /usr/bin/perl /usr/local/samba/lib/chgpasswd.pl %u %n # passwd chat = . # unix password sync = Yes # # in $PATH_TO_SAMBA_SOURCE/source/smbd/chgpasswd.c: # pstring_sub(passwordprogram, "%u", name); # add this new line: # pstring_sub(passwordprogram, "%n", newpass); # use Time::localtime; ($username, $newpass) = @ARGV; # logging stuff: my $tm = localtime(); $datestring = sprintf "%02d.%02d.%04d",$tm->mday, $tm->mon + 1, $tm->year + 1900; $logfilename = sprintf ">>/usr/local/samba/var/pass.log"; # change password in /etc/shadow without interaction: $cmdtext = sprintf "echo %s:%s | /usr/sbin/chpasswd", $username, $newpass; system($cmdtext); $logtext = sprintf "User \"%s\" succeeded changing password \"***\" ... ",$username; open (logfile, $logfilename); printf logfile "%s - %02d:%02d:%02d : %s \n", $datestring, $tm->hour, $tm->min, $tm->sec, $logtext; close logfile; # change password in NIS DB $cmdtext = sprintf "make -C /var/yp >> /dev/null"; system($cmdtext); ------------------------------------------------ > Hi all, > I have managed to make smbpasswd update both unix NIS passwords > and smb-passwords. Only that the price is a big security hole! > yppasswd needs the root password! So I have changed the chat in smb.conf = > to include the root password in clear text. > smb passwd file =3D /usr/local/samba/private/smbpasswd > unix password sync =3D yes > passwd program =3D /usr/bin/yppasswd %u > passwd chat =3D *NIS* \n *NIS* %n\n *new* %n\n = > *changed* encrypt passwords =3D yes > Now this has worked, but really not acceptable, since smb.conf must be > readable by every one! So the root password can be read by anyone! > Does any one know how to go around this? > Thanks a bunch From dcurry at cgtime.com Fri Sep 28 10:16:02 2001 From: dcurry at cgtime.com (Daniel Curry) Date: Tue Dec 2 02:36:03 2003 Subject: Samba and Win2k AD authentication Message-ID: <731E36372B5FD248AF790189519A32C12084D5@mailhub.cgtime.com> I need to all Linux File servers to my network. We are using Win2k with AD for Exchange2k (the one system my management will not let go of). How can I keep a single point of authentication for all users, Linux or windows based workstations? We also have several Sun Ultra 10 systems with Solaris 8. I would like to include them into the single authentication schema as well. I will gladly read and such, just need to know where to start. Thanks Daniel Curry Systems Administrator CGtime, Inc. 625 Second Street Suite 201 San Francisco, CA 94107 ph: 415-348-6516 fx: 415-348-6505 cell: 510-579-6680 From awilliam at whitemice.org Fri Sep 28 13:40:06 2001 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:36:03 2003 Subject: Samba and Win2k AD authentication In-Reply-To: <731E36372B5FD248AF790189519A32C12084D5@mailhub.cgtime.com> Message-ID: >I need to all Linux File servers to my network. We are using Win2k with >AD for Exchange2k (the one system my management will not let go of). >How can I keep a single point of authentication for all users, Linux or >windows based workstations? pam_ldap and nss_ldap claim to support AD >We also have several Sun Ultra 10 systems with Solaris 8. I would like >to include them into the single authentication schema as well. I will >gladly read and such, just need to know where to start. Solaris support PAM, and thus I assume NSS. -- ----------------------------------------------------------- Ximian GNOME, Evolution, LTSP, and RedHat Linux + LVM & XFS ----------------------------------------------------------- From greg at kwikfind.com Fri Sep 28 13:55:02 2001 From: greg at kwikfind.com (Greg J. Zartman) Date: Tue Dec 2 02:36:03 2003 Subject: Machine accounts Message-ID: <1001699720.8227.129.camel@laptop> I have a couple of questions with regards to machine accounts. 1) Can someone please explain to me what happens between samba and a winnt/2k machine when that machine joins and leaves a domain? At one time, about six months ago, one had to delete machine accounts from the smbpasswd database by hand when rejoining for example. This doesn't seem to be the case now. 2) Is the $ symbol after a machine name M$ convention or did the Samba team come up with this? 3) Is this a correct statement: When you leave the domain and change to a workgroup, nothing is changed on the server side. When you re-join the domain, samba re-generates a different random password that it stores in smbpasswd, overwriting the previous password, and things proceed as normal. Thanks. Greg J. Zartman From dmair at us.ibm.com Fri Sep 28 14:25:10 2001 From: dmair at us.ibm.com (David Mair) Date: Tue Dec 2 02:36:03 2003 Subject: User mapping Message-ID: Hello: We are attempting to set up our own custom security template for a Samba 2.2.1a domain. We are running RH7.1 on a P3 933Mhz machine with approximately 300 users sharing 75 nodes. All client nodes are running W2K SP1 (moving to SP2). We would like to set up a global security template that is provided by the PDC and overrides the local template. I'm not sure where exactly we would need to place the template on the server for it do accomplish this. Is this possible? I have seen some mailing list entries and other references to this under searches on Google but nothing concrete thus far. Our second problem is with user groups. Curiously, when doing group administration, we can see a partial list of domain users. When performing group/user admin tasks and looking at the available entries in the domain we only see the first 17 entries of the smbpasswd file and the generic "Domain Admins" and "Domain Users" groups but have no admin control over these groups. I've tried using both the W2K users and groups snap-in and the old NT4 Usrmgr.exe apps and both have the same result. I'm assuming that the "Domain Users" covers all of the users in our smbpasswd file, however, I'd like to be more sure than this. Any suggestions would be much appreciated. Thanks, Dave Consultant, n.: [From con "to defraud, dupe, swindle," or, possibly, French con (vulgar) "a person of little merit" + sult elliptical form of "insult."] A tipster disguised as an oracle, especially one who has learned to decamp at high speed in spite of a large briefcase and heavy wallet. From bbladow at sendit.nodak.edu Fri Sep 28 17:43:02 2001 From: bbladow at sendit.nodak.edu (Garrett Bladow) Date: Tue Dec 2 02:36:03 2003 Subject: Samba 2.2.1a PDC Message-ID: Hello, Recently I have been charged to turn my Samba server into a PDC. I need to authenticate Windows 2000 machines as well as Windows XP. My server runs Linux Mandrake (kernel 2.4.3), Samba version 2.2.1a. The machine trust accounts and the user accounts are made (both in the passwd and smbpasswd). I have test boxes with each OS, They are both able to join the domain. Upon reboot, I am not able to log into the domain. This the Windows Error message: 'The system can not log you on now because the domain BLUELTE is not available' I am including my smb.conf. Any help is appreciated. Garrett Bladow NDSU - ITS - Client Services Group ----BEGIN smb.conf ---- # SMB.CONF # CREATED: Garrett Bladow # from bluelightspecial.cc.ndsu.nodak.edu (134.129.71.112) # Date: 09.28.2001 # Global parameters [global] #-------BASIC GLOBAL-------- netbios name = BLUE netbios aliases = BLUELTE BLUE BLUELITE workgroup = BLUELTE server string = Cluster Samba Test os level = 65 time server = Yes socket options = TCP_NODELAY dns proxy = No follow symlinks = YES #-------GLOBAL SECURITY security = user hosts allow = 127. 134.129.0.0/255.255.0.0 encrypt passwords = Yes admin users = bladow smb passwd file = /usr/local/samba/private/smbpasswd #username map = /usr/local/samba/lib/users.map #add user script = /usr/sbin/useradd -d /dev/null -g 12893 -s /bin/false -M %u #-------LOGGING------- log file = /var/log/samba/log.%m max log size = 1000 log level = 3 #---------DOMAIN LOGIN----- domain logons = Yes announce as = NT Server announce version = 4.0 domain master = Yes local master = Yes preferred master = Yes nt pipe support = yes nt smb support = yes #ROAMING PROFILE STUFF # logon path = \\blue\profiles\%U # logon script = %U.bat domain admin group = root bladow @smbadmin #---------WINS SERVER------- wins server = Yes wins server = lan.ext.NoDak.edu #---------SHARES------------ [mac] comment = Sean OSX mac share path = /sambashare/mac read only = YES valid users = bladow,snelson write list = bladow,snelson admin users = bladow,snelson [music] comment = garrett's music path = /music read only = Yes # admin users = bladow valid users = bladow #[profile] # comment = Roaming User Profile # path = /sambashare/profiles # create mode = 0600 # directory mode = 0700 # writeable = Yes # browseable = No [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba print ok = Yes browseable = No [cluster] path = /sambashare/cluster/ read only = NO admin users = bladow write list = bladow [netlogon] comment = The domain logon service path = /sambashare/logon browseable = No writable = No write list = @smbadmin -----/END smb.conf----- From lists at aussie.nu Sat Sep 29 02:03:02 2001 From: lists at aussie.nu (Bob Purdon - Lists) Date: Tue Dec 2 02:36:03 2003 Subject: NT into Samba domain? In-Reply-To: <3BB46E9D.20604@nicholasofmyra.org> Message-ID: > I'm going to take a guess here, but I believe you need a valid add user > script to get it to "Create account in domain". That's what I'm about to try... The documentation certainly suggests that, but it *appeared* to work without it (but obviously failed at the login stage). The first time I did this with NT, against the same server, I was able to just enter the domain name and click OK, without using the 'Create account in domain' option. Not sure why I can't this time, but anyway... ... Well, tried the add user script. Ended up creating a script which wrote some stuff to syslog and did nothing because Samba is under FreeBSD and none of the FreeBSD tools like usernames with '$' in them. So, I added the user to the password file manually. Did a 'Create account in domain' and it added the account to the smbpasswd file, but I still get "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect". I believe I'm right in assuming it's the password in the smbpasswd file it's using... I think I'm going to run up another NT box and try that - if it works straight out, I'll re-install my existing NT box. Using an NT server as a server isn't out of the question - the amount of time (and hence money) I've wasted so far is well above what a new license of NT costs. From shanu at exocore.com Sat Sep 29 03:00:02 2001 From: shanu at exocore.com (Shanker Balan) Date: Tue Dec 2 02:36:03 2003 Subject: Samba_2.2 + --with-ldapsam Message-ID: <20010929152816.A17407@exocore.com> Hello: Just giving Samba_2_2 with --with-ldapsam a try. I have the following in my smb.conf: ldap server = ldap.mydomain.com ldap port = 389 ldap suffix = "dc=mydomain,dc=com" ldap admin dn = "cn=Manager,dc=mydomain,dc=com" A quick question: Where does one give the admin password? smbd.log shows the following: fetch_ldap_pw: no ldap secret retrieved! ldap_connect_system: Failed to retrieve password for cn=Manager,dc=mydomain,dc=com from secrets.tdb Any help appreciated! -- Princess Leia Organa: Help me, Obi-wan Kenobi. You're my only hope. From jerry at samba.org Sat Sep 29 05:29:05 2001 From: jerry at samba.org (Gerald (Jerry) Carter) Date: Tue Dec 2 02:36:03 2003 Subject: Samba_2.2 + --with-ldapsam In-Reply-To: <20010929152816.A17407@exocore.com> Message-ID: On Sat, 29 Sep 2001, Shanker Balan wrote: > Hello: > > Just giving Samba_2_2 with --with-ldapsam a try. I have the following in > my smb.conf: > > ldap server = ldap.mydomain.com > ldap port = 389 > ldap suffix = "dc=mydomain,dc=com" > ldap admin dn = "cn=Manager,dc=mydomain,dc=com" > > A quick question: Where does one give the admin password? smbd.log shows > the following: > > fetch_ldap_pw: no ldap secret retrieved! ldap_connect_system: Failed to > retrieve password for cn=Manager,dc=mydomain,dc=com from secrets.tdb > > Any help appreciated! You need to add the password for the "ldap admin dn" using root# smbpasswd -w cheers, jerry From abo at netlands.de Sat Sep 29 12:43:04 2001 From: abo at netlands.de (Andreas Boeckler) Date: Tue Dec 2 02:36:03 2003 Subject: Samba and Win2k AD authentication In-Reply-To: References: <731E36372B5FD248AF790189519A32C12084D5@mailhub.cgtime.com> Message-ID: <20010929214527.A984@netlands.de> On Fri, Sep 28, 2001 at 04:42:25PM -0400, Adam Williams wrote: > >I need to all Linux File servers to my network. We are using Win2k with > >AD for Exchange2k (the one system my management will not let go of). > >How can I keep a single point of authentication for all users, Linux or > >windows based workstations? > > pam_ldap and nss_ldap claim to support AD> yes .. but you need the Services for Unix to be installed on the Windows2000 ADS see doc/README.SFU in the libnss_ldap-source I'm trying to get libnss_winbind and libnss_ldap together. I hope that it will work. > >We also have several Sun Ultra 10 systems with Solaris 8. I would like > >to include them into the single authentication schema as well. I will > >gladly read and such, just need to know where to start. > > Solaris support PAM, and thus I assume NSS. -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #125: we just switched to Sprint. From abo at netlands.de Sat Sep 29 12:43:17 2001 From: abo at netlands.de (Andreas Boeckler) Date: Tue Dec 2 02:36:03 2003 Subject: Samba and Win2k AD authentication In-Reply-To: References: <731E36372B5FD248AF790189519A32C12084D5@mailhub.cgtime.com> Message-ID: <20010929214527.A984@netlands.de> On Fri, Sep 28, 2001 at 04:42:25PM -0400, Adam Williams wrote: > >I need to all Linux File servers to my network. We are using Win2k with > >AD for Exchange2k (the one system my management will not let go of). > >How can I keep a single point of authentication for all users, Linux or > >windows based workstations? > > pam_ldap and nss_ldap claim to support AD> yes .. but you need the Services for Unix to be installed on the Windows2000 ADS see doc/README.SFU in the libnss_ldap-source I'm trying to get libnss_winbind and libnss_ldap together. I hope that it will work. > >We also have several Sun Ultra 10 systems with Solaris 8. I would like > >to include them into the single authentication schema as well. I will > >gladly read and such, just need to know where to start. > > Solaris support PAM, and thus I assume NSS. -- Andreas B?ckler netlands edv consulting GbR mailto:abo@netlands.de BOFH excuse #125: we just switched to Sprint. From Kevin at i-cho.com Sat Sep 29 23:29:02 2001 From: Kevin at i-cho.com (Kevin Cho) Date: Tue Dec 2 02:36:03 2003 Subject: Unknown parameter encountered: "share modes" References: Message-ID: <001201c1497a$9fb76a80$6501a8c0@petra> Just compiled the latest cvs. When I tried to "testparm" the smb.conf, I get the following error: Unknown parameter encountered: "share modes" Ignoring unknown parameter "share modes" When it runs, I cannot seem to browse the shared pub dirs on Samba PDC. Any ideas? Kev From loos_alexander at web.de Sun Sep 30 02:51:26 2001 From: loos_alexander at web.de (Alexander Loos) Date: Tue Dec 2 02:36:03 2003 Subject: Samba Network error ! Message-ID: <004201c14995$cb3cd1c0$0b01a8c0@servertec> Hi all, Ihave big problems running Samba in our company ! We use a NT Server for the Verification and the Samba Server as a file server. I made an Update to 2.2.1a to solv some problems. Now there occurs an network error when trying to connect a share the Win NT Client says:"Network error ...:Could not find the specified path to the share " !!!!! But the path in the smb.conf is correct ! We have this problem with some home directories and some normal shares !!!! Can anybody help me ? Thx Alex -------------- next part -------------- HTML attachment scrubbed and removed From general at dazoneusa.com Sun Sep 30 13:04:05 2001 From: general at dazoneusa.com (general@dazoneusa.com) Date: Tue Dec 2 02:36:03 2003 Subject: DaZoneUSA proudly presents new release of Webebuilder 5.1 Message-ID: <3BB4745E.14915@kang.dazone.co.kr> 3 jZry֧v From awilliam at whitemice.org Sun Sep 30 18:57:01 2001 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:36:03 2003 Subject: Samba and Win2k AD authentication In-Reply-To: <20010929214527.A984@netlands.de> References: <731E36372B5FD248AF790189519A32C12084D5@mailhub.cgtime.com> <20010929214527.A984@netlands.de> Message-ID: <1001901544.1369.2.camel@estate1.whitemice.org> >>>I need to all Linux File servers to my network. We are using Win2k with >>>AD for Exchange2k (the one system my management will not let go of). >>>How can I keep a single point of authentication for all users, Linux or >>>windows based workstations? >>pam_ldap and nss_ldap claim to support AD >yes .. but you need the >Services for Unix to be installed on the Windows2000 ADS >see doc/README.SFU in the libnss_ldap-source >I'm trying to get libnss_winbind and libnss_ldap together. I hope that it will work. How about - http://www.css-solutions.ca/ad4unix/index.html which looks like an alternative to the UNIX services package from M$. From npande at bajajauto.co.in Sun Sep 30 20:55:01 2001 From: npande at bajajauto.co.in (NITIN PANDE) Date: Tue Dec 2 02:36:03 2003 Subject: Samba Network error ! References: <004201c14995$cb3cd1c0$0b01a8c0@servertec> Message-ID: <3BB7E923.4C6BA346@bajajauto.co.in> Alexander, It could be that samba may not be able to find the commands. I had similar problems mounting shares. The paths in smb.conf did relate to TRUE paths of binaries. I would make sure of that. I have also seen that RPM install is radically different than the CVS thingy. HTH, Ciao, Nitin Pande Mail Administrator Alexander Loos wrote: > Hi all, Ihave big problems running Samba in our company !We use a NT > Server for the Verification and the Samba Server as a file server.I > made an Update to 2.2.1a to solv some problems. Now there occurs an > network error when trying to connect a share the Win NT Client > says:"Network error ...:Could not find the specified path to the share > " !!!!! But the path in the smb.conf is correct !We have this problem > with some home directories and some normal shares !!!! Can anybody > help me ? Thx Alex From shanu at exocore.com Sun Sep 30 21:23:28 2001 From: shanu at exocore.com (Shanker Balan) Date: Tue Dec 2 02:36:03 2003 Subject: Samba_2.2 + --with-ldapsam In-Reply-To: ; from jerry@samba.org on Sat, Sep 29, 2001 at 07:33:39AM -0500 References: <20010929152816.A17407@exocore.com> Message-ID: <20011001095350.A9685@exocore.com> Hello: Gerald (Jerry) Carter wrote, > You need to add the password for the "ldap admin dn" using > > root# smbpasswd -w Hmm... something funny happening here! [root@godzilla] /usr/local/samba-ldap/bin# ./smbpasswd -w secret INFO: Debug class all level = 3 (pid 9791 from pid 9791) -w not available unless configured --with-ldap But i have compiled it with --with-ldapsam! [root@godzilla] /usr/local/samba-ldap/bin# ./smbpasswd INFO: Debug class all level = 3 (pid 9836 from pid 9836) New SMB password: Retype new SMB password: ldap_open_connection: connection opened fetch_ldap_pw: no ldap secret retrieved! ldap_connect_system: Failed to retrieve password for cn=Manager,dc=mydomain,dc=com from secrets.tdb Failed to find entry for user root. Failed to modify password entry for user root So what did i screw up? -- Darth Vader: Luke, help me take this mask off. Luke Skywalker: But you'll die. Darth Vader: Nothing can stop that now. Just for once, let me look upon you with my own eyes.