headers
Heather Choi | 26 May 05:16
Picon

Splitting up directories with Samba variables

In my smb.conf file, I currently I have a user share definition as:

[userdir]
     path = /samba/%U
     writeable = yes

The problem is, the user pool is in the tens of thousands, so it is not 
practical to have that many directories within /samba.
I'd like to somehow dynamically configure the path with subdirectories, 
using the first, and second letter of the username as the first and 
second nested subdirectory.
So the share path for username  "JOHN" would point dynamically to  
/samba/J/O/JOHN.

Does anyone know how to accomplish this using the user session variable 
%U?  Is there any concept of using a sub-string for a Samba variable?
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
Leonard Degollado | 24 May 19:52
Picon
Favicon

GPFS on Linux exported via Samba to Windows Clients, locking issue


I have a 3-node GPFS on Linux Cluster (3.4.0-12) with Samba 3.6.5
The problem  is with file locking across the Cluster.
Windows Client-1 maps the GPFS directory-1 from GPFS node-1 and initiates a
Write of File-1
Windows Client-2 maps the GPFS directory-1 from GPFS node-2 and should only
have READ access but not Modify/Delete/Rename access to File-1.

However, Windows Client-2 is able to Modify, Delete and Rename File-1
instead of being prevented by the locks.

If both Windows Clients (1 and 2) both map to GPFS node-1, the locking
mechanism works as designed.  Client-2 can Read but cannot
Modify/Delete/Rename File-1.
What are all the required parameters that should be specified in the
smb.conf file to enable the locking to work across the GPFS Cluster when
various Clients map to different nodes?

I have defined and tested every smb locking parameter combination without
any success.

Leonard
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
Derek Lewis | 25 May 20:24
Picon
Favicon

errors during samba 3.6.5 compile

Hello,

I am trying to compile Samba 3.6.5 from the official tarball, I am
following the how-to from samba.org and run into several errors like the
following example when I try to run configure from the source3 directory:
configure: failed program was:
| /* confdefs.h */

I am running Ubuntu 10.04 LTS server edition.

I have compiled a previous version and ran into a similar problem, I
suspect I am missing some libraries.

Derek
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
Juan Pablo Lorier | 25 May 15:25
Picon
Favicon

Can't join samba4 as domain controller


Hi,

I'm trying to join samba 4 alpha 20 to my windows 2003 AD domain and I get this error:

Adding SPNs to CN=SAMBADC1,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
Setting account password for SAMBADC1$
Enabling account
Calling bare provision
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBADC1,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
Deleted
 CN=NTDS 
Settings,CN=SAMBADC1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Deleted CN=SAMBADC1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
ERROR(exceptions.NameError): uncaught exception - global name 'all' is not defined
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/netcmd/__init__.py", line 160, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/netcmd/domain.py", line 179, in run
    machinepass=machinepass)
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/join.py", line 964, in join_DC
    ctx.do_join()
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/join.py", line 870, in do_join
    ctx.join_provision()
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/join.py", line 598, in join_provision
    dns_backend="NONE")
  File "/usr/local/samba/lib64/python2.4/site-packages/samba/provision/__init__.py", line
1704, in provision
    sitename=sitename, rootdn=rootdn)
(Continue reading)

Permalink | Reply | 0 comments |
headers
Marc Rechté | 25 May 14:38
Picon

Enabling winbind idmap_hash module

Hello,
I am using samba 3.5 (Red Hat Linux 6) which comes with idmap_hash plugin.

I have put the following in smb.conf:
    workgroup = WORKGROUP
    password server = *
    security = domain
    idmap backend = hash
    idmap uid = 500-33554431
    idmap gid = 500-33554431
    winbind nss info = hash
    winbind normalize names = yes
    idmap_hash:name_map = /etc/samba/name_map.cfg
    template shell = /bin/bash
    winbind use default domain = false
    winbind offline logon = no
    winbind enum users = true
    winbind enum groups = true
    log level = winbind:3

An abstract of /etc/samba/name_map.cfg is:
ntadmins=WORKGROUP\Domain Admins

I restarted winbind.

The problem is that the following command gives:
# getent group "WORKGROUP\Domain Admins"
WORKGROUP\domain_admins:*:16777224:

Instead of something like:
(Continue reading)

Permalink | Reply | 0 comments |
headers
NdK | 25 May 14:34
Picon

Re: Samba as member of multi domain AD (nss/pam)

Il 25/05/2012 09:57, Marcel Ritter ha scritto:

> our setup looks much like yours:
>    One domain "FAUAD" containing all our users, and several
>    domains containing computer objects (and maybe "local" users).
> 
> To prevent inconsistencies in user/group membership, we'd like
> to use nss/pam winbind on the unix side to get users/groups out
> of our AD.
Add winbind to /etc/nss.conf (passwd and group lines). Then use idmap
rid for the domains you're interested in (and tdb fot eventual others):
        idmap backend = tdb
        idmap uid = 10000-99999
        idmap gid = 10000-99999
        idmap config PERSONALE:backend = rid
        idmap config PERSONALE:base_rid  = 500
        idmap config PERSONALE:range = 100000 - 49999999
        idmap config STUDENTI:backend = rid
        idmap config STUDENTI:base_rid  = 500
        idmap config STUDENTI:range = 50000000 - 99999999
Users and groups in PERSONALE and STUDENTI are consistent across all
servers, while other domains receive "first come first served" ids.

> However for most purposes it'd be nice to only get the short user
> names ("user" instead of "FAUAD+user") for all domains (or at
> least for a selectable domain). AFAIK the "default domain" is the
> one the computer object is created in (in our case this is *not* the
> one containing the user objects).
> 
> I haven't found an option to specify this "default domain" without
(Continue reading)

Permalink | Reply | 0 comments |
headers
Ralf Aumueller | 25 May 12:56
Picon
Picon
Favicon

Problem joining to a Samba PDC (Probably caused by "unix charset")

Hello,

trying to join a Windows 7 64-Bit PC to a Samba PDC (3.6.5) fails with message
"Domain not found or no connection possible". After some testing I found that
the problem was caused by the Samba-parameter "unix charset = ISO8859-1".
When I start the nmbd with same config-file just without the "unix charset" the
PC can join the domain (smbd runs with org. config-file. Samba runs on CentOS6
(en_US.UTF-8)).

Is this the expected behavior?

(At the moment I need ISO8859-1 because the files were saved with this charset).

Best regards,

Ralf
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 1 comment |
headers
lejeczek | 25 May 09:54
Picon
Favicon

3.2.15 sys_get_vfs_quota -- failed for mntpath[ a device ] bdev [ a device ] qtype[4] id[513]: Invalid argument

or/and
... qtype[2] id[501]: Invalid argument

above version of samba does not seem to be able to recognize 
FS(ext4) quotas,
could you gents.ladies shed some light please? very much 
appreciated.
regards
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
aurfalien | 24 May 22:25
Picon

exported LDAP DB > file > smbpasswd?

Hi all,

I am using OpenLDAP and over have ~800 users in its DB.

I would like to simply use Samba as a file server, no PDC.

I have been able to export my LDAP DB to a file containing hashes of users passwords.

Is there a way I can import this file to smbpasswd or other file that Samba understands so that my 800 some odd
users won't have to re register there passwords?

I would really love to avoid having 800 annoyed users retyping there passwords for accessing shares.

I have them currently authenticating on Windows via an LDAP client (pGina).

- aurf
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 9 comments |
headers
Paul Elliott | 24 May 18:16
Picon

Lots of NT_STATUS_OBJECT_NAME_COLLISION errors, harmless?

Hello all,

I'm attempting to setup a small Windows network using Samba as the PDC 
(and the only server involved). Clients are running Windows 7 (x86_64) 
and the server is running Debian Squeeze with samba 3.5.6. For now I'm 
just using tdmsam as the passwd backend.

The problem I have is that I see lots of errors involving 
NT_STATUS_OBJECT_NAME_COLLISION, here's an example at login time for 
user pre500 with roaming profiles enabled:

[2012/05/24 15:36:15.038884,  3] smbd/dosmode.c:166(unix_mode)
   unix_mode(pre500.V2) returning 0700
[2012/05/24 15:36:15.038902,  2] smbd/open.c:2505(open_directory)
   open_directory: unable to create pre500.V2. Error was 
NT_STATUS_OBJECT_NAME_COLLISION
[2012/05/24 15:36:15.038925,  3] smbd/error.c:80(error_packet_set)
   error packet at smbd/error.c(153) cmd=162 (SMBntcreateX) 
NT_STATUS_OBJECT_NAME_COLLISION

And similar errors at logout for every directory within the profile:

[2012/05/24 15:36:15.975852,  3] smbd/dosmode.c:166(unix_mode)
   unix_mode(pre500.V2/AppData/Roaming/Microsoft/Windows/Start Menu) 
returning 0700
[2012/05/24 15:36:15.975870,  2] smbd/open.c:2505(open_directory)
   open_directory: unable to create 
pre500.V2/AppData/Roaming/Microsoft/Windows/Start Menu. Error was 
NT_STATUS_OBJECT_NAME_COLLISION
[2012/05/24 15:36:15.975888,  3] smbd/error.c:80(error_packet_set)
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sylvain | 24 May 15:39
Picon

Samba / LDAP : map uid to another field ?

Hi !

I have an OpenLDAP where users DN are in the form «
uid=P1234,ou=people,dc=example,dc=com » and where the login is in the «
eduPersonPrincipalName » attribute (ex : jdoe).
I have configured my system (Debian Squeeze) to authenticate against LDAP
(libpam-ldapd + libnss-ldapd with a mapping uid<->eduPersonPrincipalName),
if I do « ssh jdoe <at> server », it's works great.
Now I want to give Samba share to theses users so I configured Samba
(3.5.6) to connect to LDAP but I cannot authenticate with
eduPersonPrincipalName, if I use the « uid », it's works.
I have searched for a mapping option in samba but I didn't found...
Is it possible to map « uid » attribute to another attribute ? If yes, how ?

Here the smb.conf :

[global]
        server string = %h server
        obey pam restrictions = Yes
        passdb backend = ldapsam:"ldap://192.168.102.153"
        pam password change = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
        unix password sync = Yes
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        domain logons = Yes
        domain master = Yes
(Continue reading)

Permalink | Reply | 3 comments |

Gmane