[Samba] Switching to another Samba server
David Donahue
david.donahue at FIRSTSOLUTION.COM
Fri Nov 15 02:39:02 GMT 2002
Yup, that definitely did the trick. Thanks!
By the way, you wouldn't happen to know anything about Microsoft's
Services for Unix, would you? Their newsgroup isn't very populated and
little help can be found there. Or, conversely, do you know of any good
NFS clients for Windows? Basically, the file permissions difference
between Samba and Windows is causing problems with my .NET websites. An
NFS clients that translates the permissions better would be ideal,
especially if it could mount an NFS share to a local folder on the
Windows drive so that Windows can't tell (or doesn't care) the
difference (you know, the Unix way... The way it _should_ be).
David P. Donahue
david.donahue at firstsolution.com
First Call Computer Solutions
-----Original Message-----
From: John H Terpstra [mailto:jht at samba.org]
Sent: Wednesday, November 13, 2002 10:43 PM
To: David Donahue
Cc: samba at lists.samba.org
Subject: RE: [Samba] Switching to another Samba server
David,
If this samba server IS your domain controller then you definitely do
NOT want "security = server". This option requires you to add "password
server = *" so that samba can find the external password server (domain
controller).
Instead you want "security = user". That should get rid of the error
messages.
- John T.
On Wed, 13 Nov 2002, David Donahue wrote:
> Well, it would appear that the newly created smbpasswd file, in
> conjunction with Andrew's advice to export /tmp before running smbd,
> did the trick... Mostly. The domain itself seems to be physically
> working. Of course, I'll be conducting more tests as I go along.
> However, my logs still show that same error about a password server.
> I'll re-paste it here:
>
> > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
>
> It doesn't _seem_ to be causing any problems, but any error in a log
> file is cause for concern in my book. Especially when it has the word
> "password" in it. Do you have any idea what it could mean, or perhaps
> could point me in another direction to find it?
>
> Again, I can't thank you enough for your offer to help on this one.
> And, if you wish, I can stop spamming you with all my problems and log
> files :)
>
>
>
> David P. Donahue
> david.donahue at firstsolution.com
> First Call Computer Solutions
>
>
>
> -----Original Message-----
> From: David Donahue
> Sent: Wednesday, November 13, 2002 9:11 AM
> To: 'John H Terpstra'
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Switching to another Samba server
>
>
> >>What is your platform?
>
> Mandrake Linux 9.0 (old server is Mandrake Linux 8.1).
>
> >>Did you build the samba binaries?
>
> 2.2.2, yes. 2.2.6 was built as part of the OS install. I did a full
> install (every package on the list), if that's useful to you.
>
> >>If so, what argumentes did you give to configure when you built it?
>
> For 2.2.2, none. Just "./configure;make;make install"
>
> >>Which files did you copy from the old server to the new one?
>
> smb.conf, smbpasswd, smbusers
>
> >>On the new machine are the UIDs the same as on the old one?
>
> Identical. But, as I said, I'll be re-making the smbpasswd file
> tonight anyway. So if there are any discrepencies in users that I've
> overlooked, that will fix them.
>
>
>
> - John T.
>
> On Wed, 13 Nov 2002, David Donahue wrote:
>
> > I really appreciate your help in this matter. It would seem that
> > I'm still running into some problems with 2.2.6, but this time I
> > have lots
>
> > and lots of log info that might help. First, we'll start with my
> > smb.conf file:
> >
> > ####################################################################
> > ##
> > ##
> > ###
> > [global]
> > workgroup = SAMBA
> > security = server
> > netbios name = EPYON
> > server string = Samba 2.2.6
> > interfaces = 192.168.0.10/24
> > encrypt passwords = Yes
> > passwd program = /usr/bin/passwd %u
> > smb passwd file = /etc/samba/smbpasswd
> > passwd chat = "*New password:*" %n\r "*New password
(again):*"
>
> > %n\r "*Password changed*"
> > unix password sync = Yes
> > syslog = 2
> > log file = /var/log/samba/log.%m
> > time server = Yes
> > add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> > /bin/false -M %u
> > logon script = %U.bat
> > logon path = \\epyon\profile\%U
> > domain logons = Yes
> > os level = 34
> > preferred master = Yes
> > domain master = Yes
> > lock directory = /var/lock/samba/locks
> > admin users = root
> > hosts allow = 192.168.0.
> > hide dot files = No
> >
> > [netlogon]
> > comment = "Domain Logon Services"
> > path = /etc/samba/smblogon
> > browseable = No
> >
> > [homes]
> > comment = "Home Directory for : %u "
> > path = /home/%u
> > writeable = Yes
> > create mask = 0644
> > directory mask = 0755
> > browseable = No
> >
> > [profile]
> > comment = "User profiles"
> > path = /etc/samba/smbprofile
> > writeable = Yes
> > create mask = 0600
> > directory mask = 0700
> > browseable = No
> >
> > [cdimage]
> > comment = "Mounted CD ISO"
> > path = /mnt/cdimage
> >
> > [cdimage2]
> > comment = "Mounted CD ISO"
> > path = /mnt/cdimage2
> >
> > [programs]
> > comment = "Installed Programs"
> > path = /etc/samba/smbprograms
> > writeable = Yes
> > create mask = 0644
> >
> > [share]
> > comment = "Public Share"
> > path = /etc/samba/smbshare
> > writeable = Yes
> > create mask = 0666
> > directory mask = 0777
> >
> > [web]
> > comment = "Website"
> > path = /home/www/public
> > guest ok = yes
> > read only = yes
> >
> > [all]
> > comment = "Root Directory"
> > path = /
> > writeable = Yes
> > create mask = 0644
> > directory mask = 0755
> > ####################################################################
> > ##
> > ##
> > ###
> >
> > This, along with smbpasswd and other samba files, was copied
> > directly from the currently running Samba server on my network. The
> > only changes made were to the name of the workgroup, the interface
> > IP and some of the paths that are slightly different on the new
> > server.
> > Note: Is it possible that copying smbpasswd from another computer
and
> > not directly creating it on the new computer is causing this? This
> > just occurred to me and I can't test it until I get home from work
> > later today.
> >
> > Now, for the log files. I flushed them and started a new server
> > last night, then tried to join the domain this morning, with the
> > same results. Here's the log file for nmbd:
> >
> > ####################################################################
> > ##
> > ##
> > ###
> > [2002/11/12 19:59:01, 0] nmbd/nmbd.c:main(794)
> > Netbios nameserver version 2.2.6pre2 started.
> > Copyright Andrew Tridgell and the Samba Team 1994-2002 [2002/11/12
> > 19:59:01, 0] nmbd/nmbd.c:main(826)
> > standard input is not a socket, assuming -D option [2002/11/12
> > 19:59:01, 0] nmbd/nmbd_logonnames.c:add_logon_names(155)
> > add_domain_logon_names:
> > Attempting to become logon server for workgroup SAMBA on subnet
> > 192.168.0.10 [2002/11/12 19:59:01, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291)
> > become_domain_master_browser_bcast:
> > Attempting to become domain master browser on workgroup SAMBA on
> > subnet 192.168.0.10
> > [2002/11/12 19:59:01, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(305)
> > become_domain_master_browser_bcast: querying subnet 192.168.0.10
for
> > domain master browser on workgroup SAMBA
> > [2002/11/12 19:59:05, 0]
> > nmbd/nmbd_logonnames.c:become_logon_server_success(114)
> > become_logon_server_success: Samba is now a logon server for
> workgroup
> > SAMBA on subnet 192.168.0.10
> > [2002/11/12 19:59:05, 0]
> > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > find_response_record: response packet id 15312 received with no
> > matching record. [2002/11/12 19:59:05, 0]
> > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > find_response_record: response packet id 15313 received with no
> > matching record.
> > [2002/11/12 19:59:09, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_stage2(114)
> > *****
> >
> > Samba server EPYON is now a domain master browser for workgroup
> > SAMBA on subnet 192.168.0.10
> >
> > *****
> > [2002/11/12 19:59:24, 0]
> > nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
> > *****
> >
> > Samba name server EPYON is now a local master browser for
> > workgroup SAMBA on subnet 192.168.0.10
> >
> > *****
> > ####################################################################
> > ##
> > ##
> > ###
> >
> > and now the log file for smbd:
> >
> > ####################################################################
> > ##
> > ##
> > ###
> > [2002/11/12 19:59:03, 0] smbd/server.c:main(707)
> > smbd version 2.2.6pre2 started.
> > Copyright Andrew Tridgell and the Samba Team 1992-2002 [2002/11/12
> > 19:59:03, 0] smbd/server.c:main(751)
> > standard input is not a socket, assuming -D option
> >
######################################################################
> > ##
> > ###
> >
> > and, of course, the log file for the Windows box trying to join the
> > domain:
> >
> > ####################################################################
> > ##
> > ##
> > ###
> > [2002/11/13 07:05:29, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:05:29, 0] smbd/service.c:make_connection(384)
> > root logged in as admin user (root privileges)
> > [2002/11/13 07:05:31, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:05:31, 0] smbd/service.c:make_connection(384)
> > root logged in as admin user (root privileges)
> > [2002/11/13 07:05:32, 0]
> > rpc_server/srv_samr.c:api_samr_set_userinfo(670)
> > api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
> > [2002/11/13 07:06:02, 0] smbd/service.c:set_current_service(60)
> > chdir (/root/tmp) failed
> > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:06:34, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:06:34, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:17, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:21, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:21, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:09:24, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:09:24, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> > [2002/11/13 07:10:34, 0] smbd/password.c:server_cryptkey(1054)
> > password server not available
> > [2002/11/13 07:10:34, 0] smbd/service.c:make_connection(603)
> > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > denied)
> >
######################################################################
> > ##
> > ###
> >
> > As you can see, the client machine generated alot of the same error
> > in a short period of time. The earlier entries (7:05-ish) were
> > undoubtedly when I joined the domain, which looked successful from
> > the
>
> > client's side (hence the "root" mentions in the log... I used the
> > root
>
> > account to physically join the domain). The later entries
> > (7:09-ish) would then have been me trying to logon to the domain
> > after a reboot.
>
> > Neither a normal user, nor root could login to the domain. It
> > always said the domain in unavailable.
> >
> > Again, I really appreciate your offer to help on this. Unless told
> > otherwise, I'll be re-creating the smbpasswd file later this evening
> > and testing that. Are there any changes from 2.2.2 to 2.2.6 that
> > would require me to change something in my smb.conf file?
> >
> >
> >
> > David P. Donahue
> > david.donahue at firstsolution.com
> > First Call Computer Solutions
> > A Montana Technology Resource Company
> >
> >
> >
> > -----Original Message-----
> > From: John H Terpstra [mailto:jht at samba.org]
> > Sent: Monday, November 11, 2002 8:03 PM
> > To: David Donahue
> > Cc: samba at lists.samba.org
> > Subject: Re: [Samba] Switching to another Samba server
> >
> >
> > David,
> >
> > Suggest you update to samba-2.2.6 or later (there will be an update
> > later this week). The /root/tmp issue was a known problem with 2.2.2
> > and has been fixed. Best advice is to update to 2.2.6. If you then
> > still have a problem, email me <jht at samba.org> and I will try to
> > assist.
> >
> > - John T.
> >
> > On Mon, 11 Nov 2002, David Donahue wrote:
> >
> > > I've been running Samba 2.2.2 for a while as a domain controller
> > > on my
> >
> > > mostly Windows network. It's been working great up to this point.
> > > Anyway, I just put together a new Linux server and installed 2.2.2
> > > on it as well.
> > >
> > > I copied the conf file and pretty much mirrored everything on the
> > > existing server, changed the paths and the "workgroup" field in
> > > the conf file to match the new server, and ran the software. I'm
> > > able to join the domain, but when I attempt to login to it after
> > > rebooting, it
> >
> > > says the domain is not available. And when I login to the Windows
> > > machine as the local Administrator and try to connect to the
> > > domain it
> >
> > > says "the server is not configured for transactions."
> > >
> > > The log file samba generated for that client's connection repeats
> > > attempts to access /root/tmp (I don't know why) and keeps saying
> > > that a password server is unavailable. Any ideas?
> > >
> > > Could the problem be some kind of conflict with the current server
> > > on the other machine? Until the new one is fully working I still
> > > have the old one running on the other computer. Admittedly, I
> > > don't
>
> > > know what every setting in the conf file does. So is it likely
> > > that, for certain fields, identical settings on both machines
> > > would cause some kind of conflict during a logon?
> > >
> > >
> > >
> > > David P. Donahue
> > > david.donahue at firstsolution.com
> > > First Call Computer Solutions
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: http://lists.samba.org/mailman/listinfo/samba
> > >
> >
> >
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list