[Samba] Switching to another Samba server

John H Terpstra jht at samba.org
Fri Nov 15 02:46:03 GMT 2002


On Thu, 14 Nov 2002, David Donahue wrote:

> Yup, that definitely did the trick.  Thanks!
>
> By the way, you wouldn't happen to know anything about Microsoft's
> Services for Unix, would you?  Their newsgroup isn't very populated and
> little help can be found there. Or, conversely, do you know of any good
> NFS clients for Windows?  Basically, the file permissions difference
> between Samba and Windows is causing problems with my .NET websites.  An
> NFS clients that translates the permissions better would be ideal,
> especially if it could mount an NFS share to a local folder on the
> Windows drive so that Windows can't tell (or doesn't care) the
> difference (you know, the Unix way... The way it _should_ be).

What is the problem?

Can't you control the difference by using Unix file and directory
permissions? Details please, and I'll try to help.

- John T.

>
>
>
> David P. Donahue
> david.donahue at firstsolution.com
> First Call Computer Solutions
>
> -----Original Message-----
> From: John H Terpstra [mailto:jht at samba.org]
> Sent: Wednesday, November 13, 2002 10:43 PM
> To: David Donahue
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Switching to another Samba server
>
>
> David,
>
> If this samba server IS your domain controller then you definitely do
> NOT want "security = server". This option requires you to add "password
> server = *" so that samba can find the external password server (domain
> controller).
>
> Instead you want "security = user". That should get rid of the error
> messages.
>
> - John T.
>
> On Wed, 13 Nov 2002, David Donahue wrote:
>
> > Well, it would appear that the newly created smbpasswd file, in
> > conjunction with Andrew's advice to export /tmp before running smbd,
> > did the trick... Mostly.  The domain itself seems to be physically
> > working. Of course, I'll be conducting more tests as I go along.
> > However, my logs still show that same error about a password server.
> > I'll re-paste it here:
> >
> > > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> >
> > It doesn't _seem_ to be causing any problems, but any error in a log
> > file is cause for concern in my book.  Especially when it has the word
>
> > "password" in it.  Do you have any idea what it could mean, or perhaps
>
> > could point me in another direction to find it?
> >
> > Again, I can't thank you enough for your offer to help on this one.
> > And, if you wish, I can stop spamming you with all my problems and log
>
> > files :)
> >
> >
> >
> > David P. Donahue
> > david.donahue at firstsolution.com
> > First Call Computer Solutions
> >
> >
> >
> > -----Original Message-----
> > From: David Donahue
> > Sent: Wednesday, November 13, 2002 9:11 AM
> > To: 'John H Terpstra'
> > Cc: samba at lists.samba.org
> > Subject: RE: [Samba] Switching to another Samba server
> >
> >
> > >>What is your platform?
> >
> > Mandrake Linux 9.0 (old server is Mandrake Linux 8.1).
> >
> > >>Did you build the samba binaries?
> >
> > 2.2.2, yes.  2.2.6 was built as part of the OS install.  I did a full
> > install (every package on the list), if that's useful to you.
> >
> > >>If so, what argumentes did you give to configure when you built it?
> >
> > For 2.2.2, none.  Just "./configure;make;make install"
> >
> > >>Which files did you copy from the old server to the new one?
> >
> > smb.conf, smbpasswd, smbusers
> >
> > >>On the new machine are the UIDs the same as on the old one?
> >
> > Identical.  But, as I said, I'll be re-making the smbpasswd file
> > tonight anyway.  So if there are any discrepencies in users that I've
> > overlooked, that will fix them.
> >
> >
> >
> > - John T.
> >
> > On Wed, 13 Nov 2002, David Donahue wrote:
> >
> > > I really appreciate your help in this matter.  It would seem that
> > > I'm still running into some problems with 2.2.6, but this time I
> > > have lots
> >
> > > and lots of log info that might help.  First, we'll start with my
> > > smb.conf file:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [global]
> > >         workgroup = SAMBA
> > >         security = server
> > >         netbios name = EPYON
> > >         server string = Samba 2.2.6
> > >         interfaces = 192.168.0.10/24
> > >         encrypt passwords = Yes
> > >         passwd program = /usr/bin/passwd %u
> > >         smb passwd file = /etc/samba/smbpasswd
> > >         passwd chat = "*New password:*" %n\r "*New password
> (again):*"
> >
> > > %n\r "*Password changed*"
> > >         unix password sync = Yes
> > >         syslog = 2
> > >         log file = /var/log/samba/log.%m
> > >         time server = Yes
> > >         add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> > > /bin/false -M %u
> > >         logon script = %U.bat
> > >         logon path = \\epyon\profile\%U
> > >         domain logons = Yes
> > >         os level = 34
> > >         preferred master = Yes
> > >         domain master = Yes
> > >         lock directory = /var/lock/samba/locks
> > >         admin users = root
> > >         hosts allow = 192.168.0.
> > >         hide dot files = No
> > >
> > > [netlogon]
> > >         comment = "Domain Logon Services"
> > >         path = /etc/samba/smblogon
> > >         browseable = No
> > >
> > > [homes]
> > >         comment = "Home Directory for : %u "
> > >         path = /home/%u
> > >         writeable = Yes
> > >         create mask = 0644
> > >         directory mask = 0755
> > >         browseable = No
> > >
> > > [profile]
> > >         comment = "User profiles"
> > >         path = /etc/samba/smbprofile
> > >         writeable = Yes
> > >         create mask = 0600
> > >         directory mask = 0700
> > >         browseable = No
> > >
> > > [cdimage]
> > >         comment = "Mounted CD ISO"
> > >         path = /mnt/cdimage
> > >
> > > [cdimage2]
> > >         comment = "Mounted CD ISO"
> > >         path = /mnt/cdimage2
> > >
> > > [programs]
> > >         comment = "Installed Programs"
> > >         path = /etc/samba/smbprograms
> > >         writeable = Yes
> > >         create mask = 0644
> > >
> > > [share]
> > >         comment = "Public Share"
> > >         path = /etc/samba/smbshare
> > >         writeable = Yes
> > >         create mask = 0666
> > >         directory mask = 0777
> > >
> > > [web]
> > >         comment = "Website"
> > >         path = /home/www/public
> > >         guest ok = yes
> > >         read only = yes
> > >
> > > [all]
> > >         comment = "Root Directory"
> > >         path = /
> > >         writeable = Yes
> > >         create mask = 0644
> > >         directory mask = 0755
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > >
> > > This, along with smbpasswd and other samba files, was copied
> > > directly from the currently running Samba server on my network.  The
>
> > > only changes made were to the name of the workgroup, the interface
> > > IP and some of the paths that are slightly different on the new
> > > server.
> > > Note: Is it possible that copying smbpasswd from another computer
> and
> > > not directly creating it on the new computer is causing this?  This
> > > just occurred to me and I can't test it until I get home from work
> > > later today.
> > >
> > > Now, for the log files.  I flushed them and started a new server
> > > last night, then tried to join the domain this morning, with the
> > > same results.  Here's the log file for nmbd:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/12 19:59:01, 0] nmbd/nmbd.c:main(794)
> > >   Netbios nameserver version 2.2.6pre2 started.
> > >   Copyright Andrew Tridgell and the Samba Team 1994-2002 [2002/11/12
> > > 19:59:01, 0] nmbd/nmbd.c:main(826)
> > >   standard input is not a socket, assuming -D option [2002/11/12
> > > 19:59:01, 0] nmbd/nmbd_logonnames.c:add_logon_names(155)
> > >   add_domain_logon_names:
> > >   Attempting to become logon server for workgroup SAMBA on subnet
> > > 192.168.0.10 [2002/11/12 19:59:01, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291)
> > >   become_domain_master_browser_bcast:
> > >   Attempting to become domain master browser on workgroup SAMBA on
> > > subnet 192.168.0.10
> > > [2002/11/12 19:59:01, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(305)
> > >   become_domain_master_browser_bcast: querying subnet 192.168.0.10
> for
> > > domain master browser on workgroup SAMBA
> > > [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_logonnames.c:become_logon_server_success(114)
> > >   become_logon_server_success: Samba is now a logon server for
> > workgroup
> > > SAMBA on subnet 192.168.0.10
> > > [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > >   find_response_record: response packet id 15312 received with no
> > > matching record. [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > >   find_response_record: response packet id 15313 received with no
> > > matching record.
> > > [2002/11/12 19:59:09, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_stage2(114)
> > >   *****
> > >
> > >   Samba server EPYON is now a domain master browser for workgroup
> > > SAMBA on subnet 192.168.0.10
> > >
> > >   *****
> > > [2002/11/12 19:59:24, 0]
> > > nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
> > >   *****
> > >
> > >   Samba name server EPYON is now a local master browser for
> > > workgroup SAMBA on subnet 192.168.0.10
> > >
> > >   *****
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > >
> > > and now the log file for smbd:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/12 19:59:03, 0] smbd/server.c:main(707)
> > >   smbd version 2.2.6pre2 started.
> > >   Copyright Andrew Tridgell and the Samba Team 1992-2002 [2002/11/12
> > > 19:59:03, 0] smbd/server.c:main(751)
> > >   standard input is not a socket, assuming -D option
> > >
> ######################################################################
> > > ##
> > > ###
> > >
> > > and, of course, the log file for the Windows box trying to join the
> > > domain:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/13 07:05:29, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:05:29, 0] smbd/service.c:make_connection(384)
> > >   root logged in as admin user (root privileges)
> > > [2002/11/13 07:05:31, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:05:31, 0] smbd/service.c:make_connection(384)
> > >   root logged in as admin user (root privileges)
> > > [2002/11/13 07:05:32, 0]
> > > rpc_server/srv_samr.c:api_samr_set_userinfo(670)
> > >   api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
> > > [2002/11/13 07:06:02, 0] smbd/service.c:set_current_service(60)
> > >   chdir (/root/tmp) failed
> > > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:06:34, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:06:34, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:17, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:21, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:21, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:24, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:09:24, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:10:34, 0] smbd/password.c:server_cryptkey(1054)
> > >   password server not available
> > > [2002/11/13 07:10:34, 0] smbd/service.c:make_connection(603)
> > >   hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > >
> ######################################################################
> > > ##
> > > ###
> > >
> > > As you can see, the client machine generated alot of the same error
> > > in a short period of time.  The earlier entries (7:05-ish) were
> > > undoubtedly when I joined the domain, which looked successful from
> > > the
> >
> > > client's side (hence the "root" mentions in the log... I used the
> > > root
> >
> > > account to physically join the domain).  The later entries
> > > (7:09-ish) would then have been me trying to logon to the domain
> > > after a reboot.
> >
> > > Neither a normal user, nor root could login to the domain.  It
> > > always said the domain in unavailable.
> > >
> > > Again, I really appreciate your offer to help on this.  Unless told
> > > otherwise, I'll be re-creating the smbpasswd file later this evening
>
> > > and testing that.  Are there any changes from 2.2.2 to 2.2.6 that
> > > would require me to change something in my smb.conf file?
> > >
> > >
> > >
> > > David P. Donahue
> > > david.donahue at firstsolution.com
> > > First Call Computer Solutions
> > > A Montana Technology Resource Company
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: John H Terpstra [mailto:jht at samba.org]
> > > Sent: Monday, November 11, 2002 8:03 PM
> > > To: David Donahue
> > > Cc: samba at lists.samba.org
> > > Subject: Re: [Samba] Switching to another Samba server
> > >
> > >
> > > David,
> > >
> > > Suggest you update to samba-2.2.6 or later (there will be an update
> > > later this week). The /root/tmp issue was a known problem with 2.2.2
>
> > > and has been fixed. Best advice is to update to 2.2.6. If you then
> > > still have a problem, email me <jht at samba.org> and I will try to
> > > assist.
> > >
> > > - John T.
> > >
> > > On Mon, 11 Nov 2002, David Donahue wrote:
> > >
> > > > I've been running Samba 2.2.2 for a while as a domain controller
> > > > on my
> > >
> > > > mostly Windows network.  It's been working great up to this point.
>
> > > > Anyway, I just put together a new Linux server and installed 2.2.2
>
> > > > on it as well.
> > > >
> > > > I copied the conf file and pretty much mirrored everything on the
> > > > existing server, changed the paths and the "workgroup" field in
> > > > the conf file to match the new server, and ran the software.  I'm
> > > > able to join the domain, but when I attempt to login to it after
> > > > rebooting, it
> > >
> > > > says the domain is not available.  And when I login to the Windows
>
> > > > machine as the local Administrator and try to connect to the
> > > > domain it
> > >
> > > > says "the server is not configured for transactions."
> > > >
> > > > The log file samba generated for that client's connection repeats
> > > > attempts to access /root/tmp (I don't know why) and keeps saying
> > > > that a password server is unavailable.  Any ideas?
> > > >
> > > > Could the problem be some kind of conflict with the current server
>
> > > > on the other machine?  Until the new one is fully working I still
> > > > have the old one running on the other computer.  Admittedly, I
> > > > don't
> >
> > > > know what every setting in the conf file does.  So is it likely
> > > > that, for certain fields, identical settings on both machines
> > > > would cause some kind of conflict during a logon?
> > > >
> > > >
> > > >
> > > > David P. Donahue
> > > > david.donahue at firstsolution.com
> > > > First Call Computer Solutions
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > >
> > >
> > >
> >
> >
>
>

-- 
John H Terpstra
Email: jht at samba.org




More information about the samba mailing list