headers
George Sapountzis | 1 Dec 2009 02:44
Picon

Re: autogen.sh failing over samba share

On Sun, Nov 29, 2009 at 11:45 AM, Volker Lendecke
<Volker.Lendecke <at> sernet.de> wrote:
> On Sun, Nov 29, 2009 at 03:22:26AM +0200, George Sapountzis wrote:
>> - configure is not created with +x permission
>
> Could that be the "create mask" setting?
>

Yes, using 0744 (default value) for "create mask" sets the x bit for
configure bit. However, it also sets the x bit for all(?) new/modified
files. This creates other problems. For example the source code is in
a mercurial repo, so whenever I do an update/checkout, files are
checked out with the x bit set and mercurial spuriously thinks that
the files are modified.

So, I guess the question is how do I configure samba so that
permission bits from the client are set the same as if the operation
was performed at the server ?

>> - configure creates tmp dirs with self-pointing links that cannot be
>> removed on the samba share:
>>
>> rm: cannot remove directory `conf5057.dir': Directory not empty
>
> Don't know about that one. I think we'd need logs from the
> delete attempt of the symlink.
>

I attach the log file from the samba server with log level set to 10
for the following operations:
(Continue reading)

Permalink | Reply | 2 comments |
headers
Volker Lendecke | 1 Dec 2009 08:54
Picon
Favicon

Re: Unknown panic actions

On Thu, Nov 26, 2009 at 01:54:42PM +0100, Ralph Kutschera wrote:
> Volker Lendecke schrieb:
>> On Tue, Nov 24, 2009 at 04:59:19PM +0100, Ralph Kutschera wrote:
>>>   Well, after installing logwatch I found the following. Maybe this 
>>> can  help?
>>
>> What version of Unix and what version of Samba are you
>> running?
>
> # cat /proc/version
> Linux version 2.6.18-6-686 (Debian 2.6.18.dfsg.1-26etch1)  
> (dannf <at> debian.org) (gcc version 4.1.2 20061115 (prerelease) (Debian  
> 4.1.1-21)) #1 SMP Thu Nov 5 16:28:13 UTC 2009
>
> # smbd --version
> Version 3.0.24

Any chance you try with a later version?

Volker

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 4 comments |
headers
Derek Simkowiak | 1 Dec 2009 09:26

Password Change from Windows machines ("You do not have permission to change your password")

    Hello,
    I just wasted several hours trying to figure out why I could not 
change Samba passwords from Windows XP computers.  I'm posting here so 
that there is some form of documentation about this on the web.

    My setup is basically this:

- Samba 3.3.2  (running under Ubuntu 9.04)
- OpenLDAP user database
- Full O.S. support for OpenLDAP auth, using nsswitch and PAM. 
    (My client LDAP config was installed using *auth-client-config *as 
per https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html, 
plus some tweaking in /etc/smbldap-tools/. )

    I can ssh into the box as a system user that exists only in LDAP 
(and not in /etc/passwd).  I can also change my LDAP password at the 
bash prompt by typing "passwd" (via PAM), or smbldap-passwd, or 
smbpasswd.  That all works as per the documentation.

    The problem: I could not change my password from Windows boxen.  
They kept giving me "You do not have permission to change your password."

    I found the solution by cranking up the log level to 10.  I 
eventually found this golden snippet in all the noise:

[2009/11/30 23:23:37,  4] auth/pampass.c:smb_pam_chauthtok(670)
  smb_pam_chauthtok: PAM: Password Change for User: dereks
[2009/11/30 23:23:37, 10] auth/pampass.c:smb_pam_passchange_conv(284)
  smb_pam_passchange_conv: starting converstation for 1 messages
[2009/11/30 23:23:37, 10] auth/pampass.c:smb_pam_passchange_conv(312)
(Continue reading)

Permalink | Reply | 1 comment |
headers
Daniel Sheridan | 1 Dec 2009 13:36
Picon

Re: domain printer issues

On Mon, 2009-11-30 at 09:14 +1100, Brian May wrote:
> Daniel Sheridan wrote:
> > FWIW, I have the same problem here with Samba 3.4.2 and Windows XP
> > clients. In fact, one printer driver works via point'n'print, but 
> > the others do not, so for now I've set all printers to use that one
> > driver (the PPDs are similar enough that it's not a problem).
> 
> Ok, so maybe it was the upgrade from 3.2.5 to 3.4.2 (required for
> Windows 7) that broke things. The first few days seemed fine, so I
> thought it was OK, but maybe that is because nobody reported
> problems...

I'm currently blaming 3.4.x. Downgrading to 3.3.2 (the most recent 3.3
easily available as an Ubuntu package) makes the driver installation
work perfectly. Upgrading to 3.4.x breaks it again. Clean /var/lib/samba
and /var/cache/samba each time.

	Dan.

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 4 comments |
headers
Diego Zuccato | 1 Dec 2009 14:03
Picon
Favicon

Mapping 'emails' to realms

Hello all.

Still no luck with UPN logon. I think there's something missing in my 
krb5.conf, but can't find WHAT.

Our UPNs are in the form of email addresses (name.surnameX <at> unibo.it for 
people in PERSONALE and name.surnameX <at> studio.unibo.it for people in 
STUDENTI domain).
I never could make logon-by-upn work, but SOMETIMES "wbinfo -n UPN" 
resolves to the right SID (stopped working after an upgrade).
I usually only keep winbindd running, no smbd/nmbd (the PCs are in a lab 
and only need samba to authenticate users on AD keeping consistent 
UID/GID, and grant access to shared resources via Kerberos).

Is there something obvious I'm missing?

TIA.

-- 
Diego Zuccato
Servizi Informatici
Dip. di Astronomia - Università di Bologna
Via Ranzani, 1 - 40126 Bologna - Italy
tel.: +39 051 20 95786
mail: diego.zuccato <at> unibo.it
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
(Continue reading)

Permalink | Reply | 0 comments |
headers
Fabrizio Reale | 1 Dec 2009 14:36
Favicon

Re: Authenticate Samba with an LDAP w/o the schema

Hi,

Kevin Keane wrote:

> There are a few ways you could do it, but none of them are good.

I asked it because I do it with other tools like Plone.
And they just need to use use the LDAP bind service.

> 
> Basically, the principle has to be that because you can't touch the LDAP
> server, you have to use user name/passwords for authentication. The
> situation is fundamentally the same as if you had your users listed in
> /etc/passwd, so all the same techniques should still work (albeit with
> modifications).
> 
> Here are the options. Sorry I can't provide details, only outlines to get
> you started.
> 
> - Turn off CHAP and use plain text passwords. VERY bad idea, but it should
> work. You will probably have to configure PAM to authenticate against the
> LDAP server - I'm not quite sure exactly how to do that.
> 
> - Use smbpasswd to store the Samba passwords, and use Samba's various
> mechanisms to keep the passwords in sync between LDAP and smbpasswd.
> 
> - What kind of LDAP server is it? It may offer some other mechanism that
> you can use. For instance, Active Directory would work easily by having
> your Samba server join the AD domain.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Kevin Keane | 1 Dec 2009 15:14

Re: Authenticate Samba with an LDAP w/o the schema

> -----Original Message-----
> From: samba-bounces <at> lists.samba.org [mailto:samba-
> bounces <at> lists.samba.org] On Behalf Of Fabrizio Reale
> Sent: Tuesday, December 01, 2009 5:37 AM
> To: samba <at> lists.samba.org
> Subject: Re: [Samba] Authenticate Samba with an LDAP w/o the schema
> 
> Hi,
> 
> Kevin Keane wrote:
> 
> > There are a few ways you could do it, but none of them are good.
> 
> I asked it because I do it with other tools like Plone.
> And they just need to use use the LDAP bind service.

The reason Samba can't use the LDAP bind approach is that Samba doesn't have access to the plain-text
passwords because by default Windows no longer sends it over the network. That is, unless you follow my
first suggestion and turn off CHAP.

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
Dale Schroeder | 1 Dec 2009 15:42
Favicon

Re: domain printer issues

Daniel,

The printing changes in 3.4.x seem to have affected numerous Debian 
users, but not all in the same manner.
For me, the upgrade caused some pcl5 drivers to cease functioning.  
Newer drivers helped in some cases,
but for one printer where there was no newer driver, I resorted to using 
the postscript driver instead.

Dale

Daniel Sheridan wrote:
> On Mon, 2009-11-30 at 09:14 +1100, Brian May wrote:
>   
>> Daniel Sheridan wrote:
>>     
>>> FWIW, I have the same problem here with Samba 3.4.2 and Windows XP
>>> clients. In fact, one printer driver works via point'n'print, but 
>>> the others do not, so for now I've set all printers to use that one
>>> driver (the PPDs are similar enough that it's not a problem).
>>>       
>> Ok, so maybe it was the upgrade from 3.2.5 to 3.4.2 (required for
>> Windows 7) that broke things. The first few days seemed fine, so I
>> thought it was OK, but maybe that is because nobody reported
>> problems...
>>     
>
> I'm currently blaming 3.4.x. Downgrading to 3.3.2 (the most recent 3.3
> easily available as an Ubuntu package) makes the driver installation
> work perfectly. Upgrading to 3.4.x breaks it again. Clean /var/lib/samba
(Continue reading)

Permalink | Reply | 0 comments |
headers
Battersby-Cornmell, Robin Alasdair | 1 Dec 2009 15:44
Picon

nmbd startup fails


Dear all,

I regret that I am very new to this tool from the install side.  I have so far altered shares on a running machine only.

I have (thanks to Joss for some help already) installed version 3.4.3 under AIX 6.1 giving it our preferred
base directory of /opt/freeware/samba/3.4.3

I have copied over the smb.conf file from the source machine (AIX 5.2 / Samba 2.0.7) and tweaked the content
of .../sbin so that a shell script intercepts the call to the real swat, smbd and nmbd to ensure that the
correct PATH & LIBPATH are set and this seems to work fine for swat & smbd, but nmbd always fails with the
following in .../var/log.nmbd:-

[2009/12/01 14:27:07,  0] nmbd/nmbd.c:854(main)
  nmbd version 3.4.3 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2009
[2009/12/01 14:27:07,  0] lib/util_sock.c:938(open_socket_in)
  bind failed on port 137 socket_addr = 0.0.0.0.
  Error = The socket name is already in use.

It is true that the port 137 is in use as inetd has the entries:-

netbios-ssn stream tcp  nowait  root    /opt/freeware/samba/3.4.3/bin/smbd smbd
netbios-ns  dgram  udp  wait    root    /opt/freeware/samba/3.4.3/bin/nmbd nmbd

This is how we have it on the old server.  Oddly, smbd starts just fine and swat allows me to manage the smb.conf
file - not that I understand most of the options.

I still have no users being able to access the server, but I haven't even begun to look at security.  The old
server has a pointer to a Windows domain controller, so I'm hoping that it is all contained in there and I
(Continue reading)

Permalink | Reply | 1 comment |
headers
Leandro Tracchia | 1 Dec 2009 16:03
Picon

Upgrading to Vista with Samba 3.0.28a

I've been running a samba 3.0.28a PDC with XP clients for a while now.
The setup has been working flawlessly. I'm considering upgrading some
of the clients to Vista. Are there any known issues to Vista using
this version of Samba that I should know about. I all need to do is
join the Samba domain and connect to a few network shares.
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 1 comment |

Gmane