[Samba] Problem logon to PDC

adrian sender adrian_au1 at hotmail.com
Tue Sep 19 14:15:36 GMT 2006

Hi John,

I am currently working on a document with samba, openldap, drbd + heartbeat;

I strongly suggest you make one of your nodes a backup domain controller 
using openldap to replicate the database; this will avoid many issues that 
you are experiencing.

I point users home directories, profiles & shares to the virtual cluster IP; 
this allows domain logons to load roaming profiles whether you login to the 
pdc or bdc. I do this through the smbldap.conf file.

Document should be ready in a few months.


Adrian Sender.

From: John Lauwers <john at robotronic.be>
To: <samba at lists.samba.org>
Subject: [Samba] Problem logon to PDC
Sent: Monday, 18 September 2006 8:44:47 PM

I have setup a cluster system with drbd and heartbeat. I have samba running
as a PDC. Everything works great when I am on server1 But when failover
ocuurs I cannot seem to log on the domain anymore.
I Have symlinks to my home share : /var/cache/samba , /etc/samba/ who are
synced between 2 servers.
Do I have to sync another files ??


>From: samba-request at lists.samba.org
>Reply-To: samba at lists.samba.org
>To: samba at lists.samba.org
>Subject: samba Digest, Vol 45, Issue 24
>Date: Tue, 19 Sep 2006 12:03:05 +0000 (GMT)
>Send samba mailing list submissions to
>	samba at lists.samba.org
>To subscribe or unsubscribe via the World Wide Web, visit
>	https://lists.samba.org/mailman/listinfo/samba
>or, via email, send a message with subject or body 'help' to
>	samba-request at lists.samba.org
>You can reach the person managing the list at
>	samba-owner at lists.samba.org
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of samba digest..."

>Today's Topics:
>    1. Problem logon to PDC (John Lauwers)
>    2. Samba Permission (dazamaz)
>    3. cifs connect to Samba...permissions error (Max Kipness)
>    4. unsuccessful Samba install on AIX 4.3.3. (Joseph E Murphy)
>    5. Question about SWAT (Ivan Arteaga)
>    6. Re: Password Change & WinXP (Martin Hochreiter)
>    7. workgroup drive mapping (Rob Shepherd)
>    8. administrative shares (Luca Ferrari)
>    9. Re: unsuccessful Samba install on AIX 4.3.3. (Volker Lendecke)
>   10. Problem with large files (Valerio daelli)
>   11. Setting Windows drivers gives access denied error
>       (Gundemarie Scholz)
>   12. Setting Initial Passwords (Tony Molloy)
>   13. samba and share quota (Fabio Marcone)

>From: "John Lauwers" <john at robotronic.be>
>To: <samba at lists.samba.org>
>Subject: [Samba] Problem logon to PDC
>Date: Mon, 18 Sep 2006 12:44:47 +0200
>I have setup a cluster system with drbd and heartbeat. I have samba running
>as a PDC. Everything works great when I am on server1 But when failover
>ocuurs I cannot seem to log on the domain anymore.
>I Have symlinks to my home share : /var/cache/samba , /etc/samba/ who are
>synced between 2 servers.
>Do I have to sync another files ??

>From: dazamaz <daza_pitaz at hotmail.com>
>To: samba at lists.samba.org
>Subject: [Samba] Samba Permission
>Date: Mon, 18 Sep 2006 05:15:04 -0700 (PDT)
>Hi guys,
>I have been setting up a samba server to share some directorys around my
>office network. Now I have been successful in making these shared 
>so that everyone can access them, but what I really need to do is to make
>the shares to have limited accessibility.
>What I need is to have 1 folder that is completely Private to everyone else
>but 1 user and everytime I have tried this using the samba share gui (by
>clicking on the option saying only allow this user) noone, not even that
>'allowed' user, can access it.
>Also I need to make a folder that people can traverse to and read the
>contents of and can dump content into this folder but are not allowed to
>delete any content contained in the folder.
>I have been able to get the permissions going so that they are read only 
>read/write but I cannot make the permissions to the exact specifcations 
>I need.
>1 more thing, I thought that maybe I needed to use chmod to change the
>permissions on the directorys to allow for this but, correct if I'm wrong
>please, the 3 numbers don't they represent owner, group and then world?
>So with this I decided to make the permissions according to groups but then
>I found out that I needed to allocate the permissions on the 'world' part 
>order for them to be effective over the network. Thus stopping me from 
>groups to allocate permissions.
>Any help on my situation would be greatly appreciated.
>Sorry for the rather lengthy post but I thought if I add as much detail as 
>could it would make it easier for someone to help me out.
>Cheers guys,


>From: "Max Kipness" <max at assuredata.com>
>To: <samba at lists.samba.org>
>Subject: [Samba] cifs connect to Samba...permissions error
>Date: Mon, 18 Sep 2006 09:44:18 -0500
>I have a Samba 3.0.23a-1.fc5.1 configured on a Fedora 5 server. It's
>joined to an Active Directory 2003 domain controller using Winbind, etc.
>I'm able to connect from various workstations using active directory
>user accounts/credentials just fine to shares on this server,
>permissions work, and all is well. I'm guessing this is set up
>However, from another Fedora 5 server, using cifs, I can mount shares on
>this server, and can list directories/files, but when I try to read or
>write any files, I can a permission denied error.
>So to summarize, if I go to an XP workstation in which I'm logged in as
>domain administrator, go to run and type:
>I can see files, read files and write to files as domain\administrator
>has full access to these files/directories.
>However, if from another Fedora 5 server, I mount the share using:
>mount -rw -t cifs -o user=domain\\administrator,pass=password
>I can list files, but when trying to do a cat on any file, I get:
>cat: /share/FEDORASERVER/SHARENAME/test.txt: Permission denied
>Can someone help with this issue? Shouldn't I be able to read/write from
>either source exactly the same?

>From: Joseph E Murphy <murphyje at us.ibm.com>
>To: samba at lists.samba.org
>Subject: [Samba] unsuccessful Samba install on AIX 4.3.3.
>Date: Mon, 18 Sep 2006 21:53:40 -0400
>Hello all...
>anyone got any ideas how to fix this...   When I run the testparm program
>to test the smb.conf file it processes all of the sections I have
>configured and then does a "Segmentation fault(coredump)".
>This is for AIX 4.3.3.
>Also, when I try and start the smbd process it hangs and then when I go
>and look at the log.smbd file here is the results and where it is hanging:
>[2006/09/05 16:49:10, 5] lib/iconv.c:smb_register_charset(105)
>   Attempting to register new charset ISO-8859-1
>[2006/09/05 16:49:10, 5] lib/iconv.c:smb_register_charset(113)
>   Registered charset ISO-8859-1
>[2006/09/05 16:49:10, 5] lib/iconv.c:smb_register_charset(105)
>   Attempting to register new charset UCS2-HEX
>[2006/09/05 16:49:10, 5] lib/iconv.c:smb_register_charset(113)
>   Registered charset UCS2-HEX
>[2006/09/05 16:49:10, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset 'ISO8859-1' for LOCALE
>This is the last line in the log file.
>It worked on 10 other servers and is failing on two of them.   No obvious
>differences between the sets.
>Any ideas?  Thank you,
>Joe Murphy
>AIX, pSeries, RS/6000 & HACMP IT Specialist
>pSeries FTSS - New England
>IBM Sales and Distribution
>Bedford, NH
>email:      murphyje at us.ibm.com
>phone:    (603) 472-4179
>cell:         (603) 321-7977
>AOL IM:   jmurphyibm

>From: "Ivan Arteaga" <iarteaga at plazareg.com>
>To: <samba at lists.samba.org>
>Subject: [Samba] Question about SWAT
>Date: Mon, 18 Sep 2006 21:51:21 -0500
>I have installed centos 4.3 and the build-in samba implementation, I tried
>to run SWAT but it appears to be not installed, I already have the samba
>service configured and running and I would like to know if it's possible to
>install SWAT without reinstalling samba, or should I run some command in
>order to activate it? I don't know if I'm missing something o_0
>If somebody can give me a hand it will be appreciated!!

>From: Martin Hochreiter <linuxbox at wavenet.at>
>To: samba at lists.samba.org
>Subject: Re: [Samba] Password Change & WinXP
>Date: Tue, 19 Sep 2006 11:09:24 +0200
>>	No. Something is wrong somewhere.
>>	Do you have a local account on WinXP?
>Hi !
>No the account does not exist locally.
>But the machine has already recognized the
>password change ... without any intervention of me

>From: Rob Shepherd <rob at techniumcast.com>
>To: samba at lists.samba.org
>Subject: [Samba] workgroup drive mapping
>Date: Tue, 19 Sep 2006 10:28:19 +0100
>Hi All,
>I have samba serving homes and group shares in my workgroup. 30% of client 
>systems are portables and spend >50% of their time off site.
>Others are fixed single user workstations.
>I have no need to operate a domain, however what options do I have to 
>simplify mapping drives once local network or VPN access is restored.
>Is there some logon script type stuff I can use just for the workgroup? or 
>some windows client software?

>From: Luca Ferrari <fluca1978 at infinito.it>
>To: samba at lists.samba.org
>Subject: [Samba] administrative shares
>Date: Tue, 19 Sep 2006 12:39:26 +0200
>Hi all,
>I cannot find a good description of how to use the windows administrative
>shares. Since I'd like to mount them from a Linux box, using samba, to
>perform backup of the user client, I'd like to know how can I access them. 
>particular, in a computer where I've got a single user, without password,
>what are the share credentials? And how can I set permissions for such 
>Any good document?

>From: Volker Lendecke <Volker.Lendecke at SerNet.DE>
>Reply-To: Volker.Lendecke at SerNet.DE
>To: Joseph E Murphy <murphyje at us.ibm.com>
>CC: samba at lists.samba.org
>Subject: Re: [Samba] unsuccessful Samba install on AIX 4.3.3.
>Date: Tue, 19 Sep 2006 12:55:32 +0200
>On Mon, Sep 18, 2006 at 09:53:40PM -0400, Joseph E Murphy wrote:
> > anyone got any ideas how to fix this...   When I run the testparm 
> > to test the smb.conf file it processes all of the sections I have
> > configured and then does a "Segmentation fault(coredump)".
> >
> > This is for AIX 4.3.3.
>You did not tell which Samba version you have. Did you
>compile it yourself (which compiler?), did you download it
>from somewhere? And, can you do a 'truss testparm'?

><< attach26 >>

>From: "Valerio daelli" <valerio.daelli at gmail.com>
>To: samba at lists.samba.org
>Subject: [Samba] Problem with large files
>Date: Tue, 19 Sep 2006 13:08:41 +0200
>we have samba 3.0.14a on FreeBSD 5.4.
>We tried with different kind of locking and oplocks (both enabled and
>If we try to copy from a Windows XP client a file larger than 3g, we get
>these error:
>Cannot copy XXX. The specified network name is no longer available.
>We traced this problem in the logs (log level 10) and we got this error
>[2006/09/19 10:29:41, 5] smbd/uid.c:change_to_user(281)
>  change_to_user uid=(3280,3280) gid=(0,952)
>[2006/09/19 10:29:41, 4] smbd/vfs.c:vfs_ChDir(660)
>  vfs_ChDir to /data/exports/Services/Services
>[2006/09/19 10:29:41, 10] smbd/nttrans.c:reply_ntcreate_and_X(607)
>  reply_ntcreateX: flags = 0x16, desired_access = 0x20189 file_attributes =
>0x80, share_access = 0x7, create_disposition = 0x1 create_options = 0x940
>root_dir_fid = 0x0
>[2006/09/19 10:29:41, 10] smbd/nttrans.c:map_create_disposition(341)
>  map_create_disposition: Mapped create_disposition 0x1 to 0x1
>[2006/09/19 10:29:41, 10] smbd/nttrans.c:map_share_mode(423)
>  map_share_mode: FILE_SHARE_DELETE requested. open_mode = 0x8000
>[2006/09/19 10:29:41, 10] smbd/nttrans.c:map_share_mode(480)
>  map_share_mode: Mapped desired access 0x20189, share access 0x7, file
>attributes 0x80 to open_mode 0x8040
>[2006/09/19 10:29:41, 5] smbd/filename.c:unix_convert(108)
>  unix_convert called on file "s-comp/IFOM/PROVA/Caschetto.tib"
>[2006/09/19 10:29:41, 10] smbd/statcache.c:stat_cache_lookup(210)
>  stat_cache_lookup: lookup failed for name
>[2006/09/19 10:29:41, 10] smbd/statcache.c:stat_cache_lookup(210)
>  stat_cache_lookup: lookup failed for name [S-COMP/IFOM/PROVA]
>[2006/09/19 10:29:41, 10] smbd/statcache.c:stat_cache_lookup(210)
>  stat_cache_lookup: lookup failed for name [S-COMP/IFOM]
>[2006/09/19 10:29:41, 10] smbd/statcache.c:stat_cache_lookup(210)
>  stat_cache_lookup: lookup failed for name [S-COMP]
>[2006/09/19 10:29:41, 5] smbd/statcache.c:stat_cache_add(135)
>  stat_cache_add: Added entry (8289d20:size20)
>[2006/09/19 10:29:41, 5] smbd/filename.c:unix_convert(170)
>  conversion finished s-comp/IFOM/PROVA/Caschetto.tib ->
>[2006/09/19 10:29:41, 3] smbd/dosmode.c:unix_mode(111)
>  unix_mode(s-comp/IFOM/PROVA/Caschetto.tib) returning 0664
>[2006/09/19 10:29:41, 5] smbd/files.c:file_new(129)
>  allocated file structure 3875, fnum = 7971 (1 used)
>[2006/09/19 10:29:41, 10] smbd/open.c:open_file_shared1(1047)
>  open_file_shared: fname = s-comp/IFOM/PROVA/Caschetto.tib, dos_attrs = 
>share_mode = 8040, ofun = 1, mode = 664, oplock request = 3
>[2006/09/19 10:29:41, 8] smbd/dosmode.c:dos_mode(283)
>  dos_mode: s-comp/IFOM/PROVA/Caschetto.tib
>[2006/09/19 10:29:41, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
>  dos_mode_from_sbuf returning
>[2006/09/19 10:29:41, 8] smbd/dosmode.c:dos_mode(315)
>  dos_mode returning
>[2006/09/19 10:29:41, 10] locking/locking.c:get_share_modes(480)
>  get_share_modes: share_mode_entry[0]: pid = 93583, share_mode = 0x11,
>desired_access = 0x30196, port = 0x0, type= 0x0, file_id = 395, dev = 
>inode = 6383100
>[2006/09/19 10:29:41, 2] smbd/open.c:check_share_mode(530)
>  Share violation on file
>(4,1,1,93583,s-comp/IFOM/PROVA/Caschetto.tib,fcbopen = 0, flags = 0) = 0
>[2006/09/19 10:29:41, 10] smbd/open.c:fd_open(50)
>  fd_open: name s-comp/IFOM/PROVA/Caschetto.tib, flags = 00 mode = 0664, fd
>= 26.
>[2006/09/19 10:29:41, 2] smbd/open.c:open_file(245)
>  vdaelli opened file s-comp/IFOM/PROVA/Caschetto.tib read=Yes write=No
>[2006/09/19 10:29:41, 4] smbd/open.c:open_file_shared1(1204)
>  open_file_shared : share_mode deny - calling open_file with flags=0x0
>flags2=0x0 mode=0664 returned 1
>[2006/09/19 10:29:41, 10] smbd/open.c:defer_open_sharing_error(875)
>  defer_open_sharing_error: time [1158654581.742007] adding deferred open
>entry for mid 52224, file s-comp/IFOM/PROVA/Caschetto.tib
>[2006/09/19 10:29:41, 10]
>  push_sharing_violation_open_smb_message: pushing message len 154 mid 
>timeout time [1158654582.692007]
>[2006/09/19 10:29:41, 10] smbd/process.c:push_queued_message(125)
>  push_message: pushed message length 154 on queue
>[2006/09/19 10:29:41, 10] locking/locking.c:add_deferred_open(1183)
>  add_deferred_open: creating entry for file
>s-comp/IFOM/PROVA/Caschetto.tib. num_deferred_open_entries = 1
>while in this case the function get_share_modes is invoked, and we get 
>there, if we copy a file smaller the function is not invoked and we don't
>get any error.
>In both cases ftruncate is successfullt called and we don't get any error.
>Thanks for your help
>Valerio Daelli

>From: Gundemarie Scholz <spamyousilly at inbox.ru>
>To: samba at lists.samba.org
>Subject: [Samba] Setting Windows drivers gives access denied error
>Date: Tue, 19 Sep 2006 11:50:22 +0100
>Good morning!
>For some time I have been experiencing a problem with adding Windows 
>drivers for printers available and configured in CUPS already. Not being 
>utterly familiar with how the process works I first tried it as root from 
>different Windows machines, both W2K and XP Pro. I saw the driver files 
>being uploaded, but then got an error message 'Printer settings could not 
>be saved. Access is denied.'.
>So I decided to do it 'on foot' like the official Samba-3 book describes. 
>Adding the drivers again was not a problem, but setting them gave a 
>'SetPrinter call failed! result was WERR_ACCESS_DENIED'.
>Version of Samba is 3.0.7 on Solaris 5.9, so not the latest one, but it 
>used to work, and now it doesn't, without any of my colleagues or me having 
>changed a setting (at least not consciously).
>testparm smb.conf showed no errors. The relevant bits in smb.conf
>looks like this:
>         workgroup = [snipped]
>         netbios name = [snipped]
>         server string = [snipped]
>         interfaces = [snipped]
>         nt acl support = yes
>         wins server = [snipped]
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         security = domain
>         encrypt passwords = Yes
>         hosts allow = [snipped]
>         update encrypted = Yes
>         log file = /var/log/samba.d/smb.%m
>         max log size = 10000
>         log level = 2
>         name resolve order = lmhosts hosts wins bcast
>         add user script = /usr/sbin/useradd -d /dev/null -g 212 -s 
>/bin/false -M %u
>         winbind trusted domains only = yes
>         logon script = %U.pyw
>         logon path = \\%L\%u\profile
>         logon home = \\%L\%u
>         logon drive = H:
>         password server = [snipped]
>         domain master = No
>         preferred master = No
>         domain logons = No
>         os level = 69
>         dns proxy = No
>         load printers = yes
>         printing = cups
>         printcap name = cups
>         printer admin = root, pcadmin
>         #disable spoolss = No
>         use client driver = No
>         message command = /bin/mailx -s 'message from %f' \
>         root < %s; rm %s
>         path = /usr/local/samba/printers
>         browseable = yes
>         read only = yes
>         write list = root, pcadmin
>         guest ok = Yes
>         comment = Test all printers
>         path = /tmp
>         browseable = no
>         writeable = no
>         printable = yes
>         printer admin = root, pcadmin
>         create mask = 0600
>         guest ok = Yes
>         use client driver =yes
>I came as far as successfully adding the drivers to the
>appropriate directory with
>% /usr/local/samba/bin/smbclient //localhost/print\$ -U root \
>-c 'cd W32X86; put [list of drivers snipped]'
>Domain=[snipped] OS=[Unix] Server=[Samba 3.0.7]
>[list of drivers snipped]
>% /usr/local/samba/bin/rpcclient -U root -c \
>'adddriver "Windows NT x86" "gavin:[list of drivers snipped]"' \
>and got a success message. But trying to set the drivers resulted in an
>% /usr/local/samba/bin/rpcclient -U root -c \
>'setdriver gavin gavin' localhost
>added interface ip=[snipped] bcast=[snipped] nmask=[snipped]
>SetPrinter call failed!
>First I tried setting 'use client driver =no' in the printers section, but 
>that didn't make any difference.
>Then I got advised by a friend to change the following settings:
>         log level = 7
>         debug uid = yes
>         printer admin = root, pcadmin
>         #write list = root, pcadmin
>Having done that even copying the drivers failed, so I uncommented the 
>write list entry again. Now I have some 1300 lines of output due to the 
>high log level, but what should I actually be looking for?

>From: Tony Molloy <tony.molloy at ul.ie>
>Reply-To: tony.molloy at ul.ie
>To: samba at lists.samba.org
>Subject: [Samba] Setting Initial Passwords
>Date: Tue, 19 Sep 2006 12:18:04 +0100
>I'm trying to write a perl script to "add new users and set initial
>passwords" for them using smbpasswd.
>The relevant parts of the script are as follows
>         @tmp = split(/:/,);
>         $login = $tmp[0];
>         $password = $tmp[1];
>         print "$login $password\n";
>         exec("smbpasswd -a $login -s $password");
>The print statement works and I see the username and password. However the
>exec statement fails and just dispalys the smbpasswd help screen.
>Is it possible to add new accounts and set their initial passwords with

>Tony Molloy.
>Dept. of Comp. Sci.
>University of Limerick

>From: Fabio Marcone <fabio.marcone at duet.it>
>To: samba at lists.samba.org
>Subject: [Samba] samba and share quota
>Date: Tue, 19 Sep 2006 13:15:07 +0200
>Hi to all,
>I'm looking for a tutorial/howto to manage disk quota share.
>I found some documents about filesystem quotas using quotatool but none
>about quota on samba shares.
>In smb.conf man I found "get quota command" and " set quota command" but
>I didn't understand if I can use them to set share quota and I didn't
>find documents about it.
>Anyone knows a tutorial/howto about it?

>Dott. Fabio Marcone
>2T srl
>Telefono	                        +39 - 0871- 540154
>Fax		                        +39 - 0871- 571594
>Email	                           	fabio.marcone at duet.it
>Indirizzo				Viale B. Croce 573
>                                         66013 Chieti Scalo (CH)
>GNU/Linux registered user  		#400424

>samba mailing list
>samba at lists.samba.org

More information about the samba mailing list