[Samba] Samba 3.0 Problems
k.hawkes at zombies.force9.net
Fri Oct 3 19:21:18 GMT 2003
I installed Samba 3.0 RPM onto our RH 9.0 system (a test system), it took me
a long time to configure this one up as I wanted to learn how it does what
it does and why, so when we deploy it as our main PDC (once S3 becomes
final), we can be aware of any issues or bugs ahead of time.
Anyhow, I have come across a few problems with it, whether these are known
issues already or not I am not sure, but I'm letting you on the list know
about them in any event.
1 - I cannot seem to copy ANY files of ANY size from ANY Samba share to any
other location, be that, share to share, share to hard disk etc... it says
the network name is no longer available. If I try to copy again, it does
complete the copy the second time around.
I have not looked at oplocks or anything and have left those settings at
their defaults, the permissions on the share are that ANYONE can write to
it, it doesn't discriminate.
This was confirmed on Win2K-SP3, Win2K-Adv. Server and Win2K3 Server. It has
not been tried from any Windows 98/NT machines.
2 - I have configured poledit so that users in the 'Domain Admins' group are
allowed to access command prompt/regedit etc... the group mapping has been
confirmed as correct as the Admin Desktop has a link that just says 'Admin',
staff has just 'Staff' and users have just 'Users'. This problem spawned
several others, which may or may not be related below.
If I login as staff/user, all restrictions appear to be in place that should
be, if I login as an admin (a user who is member of UNIX group 'domadm'
which is mapped to NT group 'Domain Admins' and 'Administrators') it says it
has the admin start menu and desktop, yet it's restricted down. I have
double and triple checked my policies to make sure that nothing got in there
untoward, but it all looks clean.
The purpose of the 'Domain Admins' policy object (same with Staff and Domain
Users) is so we do not need seperate policy objects and that ALL admins have
the same policies set. (This is primarily to test that group mappings and
such, work how we'd like them to)
3 - Sometimes, when you login, it complains about not being able to create
directory '\\server\username.pds' on the server, now I've done some reading
on this and did fixes that seem to work. But every now and again it seems to
sneak back in, particularly with users who do NOT have their own policy
object and thus, must use a group-mapped policy (such as 'Staff' etc...).
4 - There appears to be a problem when you try to login as root or ANYONE
who is a member of the 'root' group, it says 'a device attached to the
system is not functioning'. I'm not sure whether this is by design or what,
but it's not documented. The NT Admin user 'ntadmin' who is NOT a member of
the 'root' group can login, yet users like 'administrator' who are in 'root'
group (among others) cannot login and get this message.
I regret I can't give you copies of my smb.conf etc... as these are at work
and I'm currently at home. But if this helps, I'm using the 'smbpasswd'
backend, using the Samba 3.0 RPM downloaded from the UK mirrors' service for
I apologise if this has already been brought up before and I apologise that
I can't give you much more information than is outlined above. If anyone has
any ideas or suggestions, we'd be only too grateful to try anything and get
back to you. (Anything you'd like tried etc... will have to wait until
Monday now I'm afraid)
Apart from my problems though, I'd like to say I'm impressed with the way
Samba 3.0 gets around many of our 'poledit' problems and that we can
possibly actually use an LDAP backend to have a single password server for
the entire site and have distributed PDCs who all have access to a master
list of passwords/usernames/security setups etc... (any thoughts on this?)
Thanking you all in advance,
Mr. K. Hawkes
"May darkness be your only ally, for in the shadows you can hide" - Kris
"In darkness, there is strength." - Kris 2002
"What we do in life echoes in eternity." - Anon
"Remember folks, get your victims to scream, they live longer, you laugh
stronger" - Anon
"If people never notice you when you're around, they're not going to miss
you when you're not" - Kris 2003
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----
More information about the samba