[Samba] Switching to another Samba server
John H Terpstra
jht at samba.org
Fri Nov 15 02:46:03 GMT 2002
On Thu, 14 Nov 2002, David Donahue wrote:
> Yup, that definitely did the trick. Thanks!
>
> By the way, you wouldn't happen to know anything about Microsoft's
> Services for Unix, would you? Their newsgroup isn't very populated and
> little help can be found there. Or, conversely, do you know of any good
> NFS clients for Windows? Basically, the file permissions difference
> between Samba and Windows is causing problems with my .NET websites. An
> NFS clients that translates the permissions better would be ideal,
> especially if it could mount an NFS share to a local folder on the
> Windows drive so that Windows can't tell (or doesn't care) the
> difference (you know, the Unix way... The way it _should_ be).
What is the problem?
Can't you control the difference by using Unix file and directory
permissions? Details please, and I'll try to help.
- John T.
>
>
>
> David P. Donahue
> david.donahue at firstsolution.com
> First Call Computer Solutions
>
> -----Original Message-----
> From: John H Terpstra [mailto:jht at samba.org]
> Sent: Wednesday, November 13, 2002 10:43 PM
> To: David Donahue
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Switching to another Samba server
>
>
> David,
>
> If this samba server IS your domain controller then you definitely do
> NOT want "security = server". This option requires you to add "password
> server = *" so that samba can find the external password server (domain
> controller).
>
> Instead you want "security = user". That should get rid of the error
> messages.
>
> - John T.
>
> On Wed, 13 Nov 2002, David Donahue wrote:
>
> > Well, it would appear that the newly created smbpasswd file, in
> > conjunction with Andrew's advice to export /tmp before running smbd,
> > did the trick... Mostly. The domain itself seems to be physically
> > working. Of course, I'll be conducting more tests as I go along.
> > However, my logs still show that same error about a password server.
> > I'll re-paste it here:
> >
> > > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> >
> > It doesn't _seem_ to be causing any problems, but any error in a log
> > file is cause for concern in my book. Especially when it has the word
>
> > "password" in it. Do you have any idea what it could mean, or perhaps
>
> > could point me in another direction to find it?
> >
> > Again, I can't thank you enough for your offer to help on this one.
> > And, if you wish, I can stop spamming you with all my problems and log
>
> > files :)
> >
> >
> >
> > David P. Donahue
> > david.donahue at firstsolution.com
> > First Call Computer Solutions
> >
> >
> >
> > -----Original Message-----
> > From: David Donahue
> > Sent: Wednesday, November 13, 2002 9:11 AM
> > To: 'John H Terpstra'
> > Cc: samba at lists.samba.org
> > Subject: RE: [Samba] Switching to another Samba server
> >
> >
> > >>What is your platform?
> >
> > Mandrake Linux 9.0 (old server is Mandrake Linux 8.1).
> >
> > >>Did you build the samba binaries?
> >
> > 2.2.2, yes. 2.2.6 was built as part of the OS install. I did a full
> > install (every package on the list), if that's useful to you.
> >
> > >>If so, what argumentes did you give to configure when you built it?
> >
> > For 2.2.2, none. Just "./configure;make;make install"
> >
> > >>Which files did you copy from the old server to the new one?
> >
> > smb.conf, smbpasswd, smbusers
> >
> > >>On the new machine are the UIDs the same as on the old one?
> >
> > Identical. But, as I said, I'll be re-making the smbpasswd file
> > tonight anyway. So if there are any discrepencies in users that I've
> > overlooked, that will fix them.
> >
> >
> >
> > - John T.
> >
> > On Wed, 13 Nov 2002, David Donahue wrote:
> >
> > > I really appreciate your help in this matter. It would seem that
> > > I'm still running into some problems with 2.2.6, but this time I
> > > have lots
> >
> > > and lots of log info that might help. First, we'll start with my
> > > smb.conf file:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [global]
> > > workgroup = SAMBA
> > > security = server
> > > netbios name = EPYON
> > > server string = Samba 2.2.6
> > > interfaces = 192.168.0.10/24
> > > encrypt passwords = Yes
> > > passwd program = /usr/bin/passwd %u
> > > smb passwd file = /etc/samba/smbpasswd
> > > passwd chat = "*New password:*" %n\r "*New password
> (again):*"
> >
> > > %n\r "*Password changed*"
> > > unix password sync = Yes
> > > syslog = 2
> > > log file = /var/log/samba/log.%m
> > > time server = Yes
> > > add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> > > /bin/false -M %u
> > > logon script = %U.bat
> > > logon path = \\epyon\profile\%U
> > > domain logons = Yes
> > > os level = 34
> > > preferred master = Yes
> > > domain master = Yes
> > > lock directory = /var/lock/samba/locks
> > > admin users = root
> > > hosts allow = 192.168.0.
> > > hide dot files = No
> > >
> > > [netlogon]
> > > comment = "Domain Logon Services"
> > > path = /etc/samba/smblogon
> > > browseable = No
> > >
> > > [homes]
> > > comment = "Home Directory for : %u "
> > > path = /home/%u
> > > writeable = Yes
> > > create mask = 0644
> > > directory mask = 0755
> > > browseable = No
> > >
> > > [profile]
> > > comment = "User profiles"
> > > path = /etc/samba/smbprofile
> > > writeable = Yes
> > > create mask = 0600
> > > directory mask = 0700
> > > browseable = No
> > >
> > > [cdimage]
> > > comment = "Mounted CD ISO"
> > > path = /mnt/cdimage
> > >
> > > [cdimage2]
> > > comment = "Mounted CD ISO"
> > > path = /mnt/cdimage2
> > >
> > > [programs]
> > > comment = "Installed Programs"
> > > path = /etc/samba/smbprograms
> > > writeable = Yes
> > > create mask = 0644
> > >
> > > [share]
> > > comment = "Public Share"
> > > path = /etc/samba/smbshare
> > > writeable = Yes
> > > create mask = 0666
> > > directory mask = 0777
> > >
> > > [web]
> > > comment = "Website"
> > > path = /home/www/public
> > > guest ok = yes
> > > read only = yes
> > >
> > > [all]
> > > comment = "Root Directory"
> > > path = /
> > > writeable = Yes
> > > create mask = 0644
> > > directory mask = 0755
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > >
> > > This, along with smbpasswd and other samba files, was copied
> > > directly from the currently running Samba server on my network. The
>
> > > only changes made were to the name of the workgroup, the interface
> > > IP and some of the paths that are slightly different on the new
> > > server.
> > > Note: Is it possible that copying smbpasswd from another computer
> and
> > > not directly creating it on the new computer is causing this? This
> > > just occurred to me and I can't test it until I get home from work
> > > later today.
> > >
> > > Now, for the log files. I flushed them and started a new server
> > > last night, then tried to join the domain this morning, with the
> > > same results. Here's the log file for nmbd:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/12 19:59:01, 0] nmbd/nmbd.c:main(794)
> > > Netbios nameserver version 2.2.6pre2 started.
> > > Copyright Andrew Tridgell and the Samba Team 1994-2002 [2002/11/12
> > > 19:59:01, 0] nmbd/nmbd.c:main(826)
> > > standard input is not a socket, assuming -D option [2002/11/12
> > > 19:59:01, 0] nmbd/nmbd_logonnames.c:add_logon_names(155)
> > > add_domain_logon_names:
> > > Attempting to become logon server for workgroup SAMBA on subnet
> > > 192.168.0.10 [2002/11/12 19:59:01, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291)
> > > become_domain_master_browser_bcast:
> > > Attempting to become domain master browser on workgroup SAMBA on
> > > subnet 192.168.0.10
> > > [2002/11/12 19:59:01, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(305)
> > > become_domain_master_browser_bcast: querying subnet 192.168.0.10
> for
> > > domain master browser on workgroup SAMBA
> > > [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_logonnames.c:become_logon_server_success(114)
> > > become_logon_server_success: Samba is now a logon server for
> > workgroup
> > > SAMBA on subnet 192.168.0.10
> > > [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > > find_response_record: response packet id 15312 received with no
> > > matching record. [2002/11/12 19:59:05, 0]
> > > nmbd/nmbd_responserecordsdb.c:find_response_record(235)
> > > find_response_record: response packet id 15313 received with no
> > > matching record.
> > > [2002/11/12 19:59:09, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_stage2(114)
> > > *****
> > >
> > > Samba server EPYON is now a domain master browser for workgroup
> > > SAMBA on subnet 192.168.0.10
> > >
> > > *****
> > > [2002/11/12 19:59:24, 0]
> > > nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
> > > *****
> > >
> > > Samba name server EPYON is now a local master browser for
> > > workgroup SAMBA on subnet 192.168.0.10
> > >
> > > *****
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > >
> > > and now the log file for smbd:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/12 19:59:03, 0] smbd/server.c:main(707)
> > > smbd version 2.2.6pre2 started.
> > > Copyright Andrew Tridgell and the Samba Team 1992-2002 [2002/11/12
> > > 19:59:03, 0] smbd/server.c:main(751)
> > > standard input is not a socket, assuming -D option
> > >
> ######################################################################
> > > ##
> > > ###
> > >
> > > and, of course, the log file for the Windows box trying to join the
> > > domain:
> > >
> > > ####################################################################
> > > ##
> > > ##
> > > ###
> > > [2002/11/13 07:05:29, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:05:29, 0] smbd/service.c:make_connection(384)
> > > root logged in as admin user (root privileges)
> > > [2002/11/13 07:05:31, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:05:31, 0] smbd/service.c:make_connection(384)
> > > root logged in as admin user (root privileges)
> > > [2002/11/13 07:05:32, 0]
> > > rpc_server/srv_samr.c:api_samr_set_userinfo(670)
> > > api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
> > > [2002/11/13 07:06:02, 0] smbd/service.c:set_current_service(60)
> > > chdir (/root/tmp) failed
> > > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:06:27, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:06:27, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:06:34, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:06:34, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:17, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:17, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:21, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:21, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:22, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:22, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:23, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:23, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:09:24, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:09:24, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > > [2002/11/13 07:10:34, 0] smbd/password.c:server_cryptkey(1054)
> > > password server not available
> > > [2002/11/13 07:10:34, 0] smbd/service.c:make_connection(603)
> > > hal (192.168.0.4) Can't change directory to /root/tmp (Permission
> > > denied)
> > >
> ######################################################################
> > > ##
> > > ###
> > >
> > > As you can see, the client machine generated alot of the same error
> > > in a short period of time. The earlier entries (7:05-ish) were
> > > undoubtedly when I joined the domain, which looked successful from
> > > the
> >
> > > client's side (hence the "root" mentions in the log... I used the
> > > root
> >
> > > account to physically join the domain). The later entries
> > > (7:09-ish) would then have been me trying to logon to the domain
> > > after a reboot.
> >
> > > Neither a normal user, nor root could login to the domain. It
> > > always said the domain in unavailable.
> > >
> > > Again, I really appreciate your offer to help on this. Unless told
> > > otherwise, I'll be re-creating the smbpasswd file later this evening
>
> > > and testing that. Are there any changes from 2.2.2 to 2.2.6 that
> > > would require me to change something in my smb.conf file?
> > >
> > >
> > >
> > > David P. Donahue
> > > david.donahue at firstsolution.com
> > > First Call Computer Solutions
> > > A Montana Technology Resource Company
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: John H Terpstra [mailto:jht at samba.org]
> > > Sent: Monday, November 11, 2002 8:03 PM
> > > To: David Donahue
> > > Cc: samba at lists.samba.org
> > > Subject: Re: [Samba] Switching to another Samba server
> > >
> > >
> > > David,
> > >
> > > Suggest you update to samba-2.2.6 or later (there will be an update
> > > later this week). The /root/tmp issue was a known problem with 2.2.2
>
> > > and has been fixed. Best advice is to update to 2.2.6. If you then
> > > still have a problem, email me <jht at samba.org> and I will try to
> > > assist.
> > >
> > > - John T.
> > >
> > > On Mon, 11 Nov 2002, David Donahue wrote:
> > >
> > > > I've been running Samba 2.2.2 for a while as a domain controller
> > > > on my
> > >
> > > > mostly Windows network. It's been working great up to this point.
>
> > > > Anyway, I just put together a new Linux server and installed 2.2.2
>
> > > > on it as well.
> > > >
> > > > I copied the conf file and pretty much mirrored everything on the
> > > > existing server, changed the paths and the "workgroup" field in
> > > > the conf file to match the new server, and ran the software. I'm
> > > > able to join the domain, but when I attempt to login to it after
> > > > rebooting, it
> > >
> > > > says the domain is not available. And when I login to the Windows
>
> > > > machine as the local Administrator and try to connect to the
> > > > domain it
> > >
> > > > says "the server is not configured for transactions."
> > > >
> > > > The log file samba generated for that client's connection repeats
> > > > attempts to access /root/tmp (I don't know why) and keeps saying
> > > > that a password server is unavailable. Any ideas?
> > > >
> > > > Could the problem be some kind of conflict with the current server
>
> > > > on the other machine? Until the new one is fully working I still
> > > > have the old one running on the other computer. Admittedly, I
> > > > don't
> >
> > > > know what every setting in the conf file does. So is it likely
> > > > that, for certain fields, identical settings on both machines
> > > > would cause some kind of conflict during a logon?
> > > >
> > > >
> > > >
> > > > David P. Donahue
> > > > david.donahue at firstsolution.com
> > > > First Call Computer Solutions
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions: http://lists.samba.org/mailman/listinfo/samba
> > > >
> > >
> > >
> >
> >
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list