headers
Neilnewman | 1 Oct 2007 11:47
Picon
Favicon

Unable to remove file permissions


I am able to add file permissions to an existing file but unable to remove
them again using Explorer from a Windows XP PC.
Anyone seen this issue, and has any kind of solution please.

Samba version 3.0.26a

Problem is apparent in the /itpropserv secure share below:

smb.conf file:
 [global]
        workgroup = DBC
        bind interfaces only = yes
        netbios name = venus
        security = ADS
        realm = DARTFORD.GOV.UK
        server string = Samba (%v) domain (%h)
        encrypt passwords = yes
        preferred master = no
        pid directory = /usr/local/sambaAD/var/locks
        log level = 1
        log file = /usr/local/sambaAD/logs/log.%m
        smb passwd file = /usr/local/sambaAD/private/smbpasswd
        private dir = /usr/local/sambaAD/private
        lock dir = /usr/local/sambaAD/var/locks
        winbind cache time = 30
        allow trusted domains = no
        idmap backend = rid:ADS=100000-200000
        idmap uid = 100000-200000
        idmap gid = 100000-200000
(Continue reading)

Permalink | Reply | 0 comments |
headers
Martin Susil | 1 Oct 2007 13:00
Picon

Mapped network drive randomly disconnects

Hello,

we have a samba 3.0.10 running as a PDC for a network of 50 Windows 
2000/XP clients. The clients sometimes experience a problem, that their 
home folder (shared as \\server\home\) which is mapped to drive Z: 
randomly disconnects in Windows. This is usually related to the network 
load on the workstation - for example if the user is working in Outlook, 
which has its database stored on this network share, the probability of 
the drive getting disconnected is much higher than when the client is 
idle. It is possible to reconnect the network share immediately after 
disconnecting, but it causes various problems to the programs running 
from network.

Have any one experienced similar problem?

Thank you for the answer

-- 

Best regards,

Martin Sušil

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 1 comment |
headers
Przemysław Adam Śmiejek | 1 Oct 2007 13:35
Picon

Samba and AD: Still problem with conection

Hi, 

I have still problem with samba and AD. And I still know nothing :( 

Sometimes it works OK, but seldom. Generaly it can't get users from AD. 
System boots and wbinfo says that there is no users or that there is only 10 
users (in AD I have about 1100). 

I think that this is problem with timeout, because sometimes it works OK. 
Sometimes linux reboot helps... 

And simetimes my dhcp on windows says: ,,no conection to AD''. Mayby my AD 
has too long time to response? 

HELP! Please... I don't know what to do. 

Example:

root <at> komp203l:~# wbinfo -u | wc -l
17

[ restart ] 

root <at> komp203l:~# wbinfo -u | wc -l
1138

-- 
 Przemysław Adam Śmiejek 
 tel. GSM: +48 887-857-555	
--

--
(Continue reading)

Permalink | Reply | 2 comments |
headers
Vadim Vatlin | 1 Oct 2007 13:55

windows admin == ???

Hi there..
How can I create user which will be fully equal windows user Administrator?
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 2 comments |
headers
Gareth Cummings | 1 Oct 2007 14:01

Re: windows admin == ???

Create a group on your samba box called domainadm or whatever you like, 
make sure your username is part of this group then map this group to the 
windows group Domain Admins using this command:

net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=domainadm type=d

You should now be able to log in to a windows box with that username and 
have full windows admin rights.

Vadim Vatlin wrote:
> Hi there..
> How can I create user which will be fully equal windows user 
> Administrator?
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 1 comment |
headers
Julian Pilfold-Bagwell | 1 Oct 2007 14:22
Picon

Logging logins with preexec and Samba/LDAP

Hi all,

I had the following line in my smb.conf with which to log access to the 
home share when users logged in:

preexec = /bin/echo \"%u logged in to %m at %T\"  >> 
/var/log/samba/logons.log

Since updating to LDAP however, it's stopped working and I suspect that smbldap cant handle the %
substitutions for user, machine and time. Has anyone else run into this problem? If so, any help with the
solution would be handy.

Thanks,

--

Julian Pilfold-Bagwell,
Network Manager,
Borden Grammar School,
Sittingbourne,
Kent,
ME10 1EY.

Tel: 01795 424192
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 0 comments |
headers
Vadim Vatlin | 1 Oct 2007 14:38

Re: windows admin == ???

Gareth Cummings wrote:
> Create a group on your samba box called domainadm or whatever you 
> like, make sure your username is part of this group then map this 
> group to the windows group Domain Admins using this command:
>
> net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=domainadm 
> type=d
>
> You should now be able to log in to a windows box with that username 
> and have full windows admin rights.
>
> Vadim Vatlin wrote:
>> Hi there..
>> How can I create user which will be fully equal windows user 
>> Administrator?
Thanks for advice.

will it work with samba in security=user mode?
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 0 comments |
headers
Julian Pilfold-Bagwell | 1 Oct 2007 16:11
Picon

Re: Logging logins with preexec and Samba/LDAP

Mac wrote:
>> Date: Mon, 01 Oct 2007 13:22:25 +0100
>> From: Julian Pilfold-Bagwell <jpb <at> bordengrammar.kent.sch.uk>
>> To: Samba mail List <samba <at> lists.samba.org>
>> Subject: [Samba] Logging logins with preexec and Samba/LDAP
>>
>> I had the following line in my smb.conf with which to log access to the 
>> home share when users logged in:
>>
>> preexec = /bin/echo \"%u logged in to %m at %T\"  >> 
>> /var/log/samba/logons.log
>>
>> Since updating to LDAP however, it's stopped working and I suspect that smbldap cant handle the %
substitutions for user, machine and time. Has anyone else run into this problem? If so, any help with the
solution would be handy.
>>     
>
>
> Did you upgrade Samba recently? (perhaps at the same time as adding
> LDAP?)
>
>
> The way things like "preexec" are handled changed in about 3.0.24 or 25.
>
> I can help if that looks like it might be the issue.
>
>
>
>                                Mac
>           Assistant Systems Administrator  <at> nibsc.ac.uk
(Continue reading)

Permalink | Reply | 0 comments |
headers
Mike Davis | 1 Oct 2007 16:06
Picon
Favicon

numerous IPC$ connections

After upgrading to 3.0.26a and moving to linux my member 
server gets hundreds of IPC$ connections when I run 
smbstatus.  I also see in my logs the following...

[2007/10/01 10:01:15, 0] 
lib/util_tdb.c:tdb_chainlock_with_timeout_internal(84)
  tdb_chainlock_with_timeout_internal: alarm (10) timed out 
for key VALDEZ in tdb /usr/local/samba/private/secrets.tdb

I did a dump of secrets on my old server and there wasnt a 
key for Valdez there.

Now valdez is of teh DC's for the Domain.  I dont start 
seeing all of thsi until we get high activity.  All the 
clients do is login into teh domain and then we have a bat 
file on the DC that mounts their home directory on this 
server.

Can anyone point me in the right direction for tracking down 
why this is happening.  
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Permalink | Reply | 1 comment |
headers
Julian Pilfold-Bagwell | 1 Oct 2007 16:27
Picon

Re: Logging logins with preexec and Samba/LDAP

Mac wrote:
> Hi there,
>
>   
>> Date: Mon, 01 Oct 2007 14:36:26 +0100
>> From: Julian Pilfold-Bagwell <jpb <at> bordengrammar.kent.sch.uk>
>> Subject: Re: [Samba] Logging logins with preexec and Samba/LDAP
>>
>> Yup, I upgraded to 3.0.24 at the same time. How's it changed?
>>     
>
> It was documented (just about) in the release notes.
>
> As the result of a security problem, the way all external commands are
> invoked has been tightend up.  Annyoingly I think 'testparm' doesn't
> tell you this.
>
> In essence, you can't use any meta characters in the invocation at all.
> So your \'s  will cause the command to be ignored by Samba.
>
> The fix is (in general) to write a tiny shell script that does the right
> thing.
>
> Here's an example from our smb.conf:-
>
> [mydocs]
> ;        root preexec = if [ ! -d "/n17/profiles/%u/My Documents" ] ;\
> ;                       then { mkdir -p "/n17/profiles/%u/My Documents" ;\
> ;                              chown -R %u "/n17/profiles/%u" ; \
> ;                              chmod -R 0700 "/n17/profiles/%u" ;} ; \
(Continue reading)

Permalink | Reply | 0 comments |

Gmane