| freetown2 | could the changes in samba...it's gone through a bit |
|---|
| freetown2 | so browsing is fine but once writes get involved...the XP clients all 'freeze' for a while at the same time? |
|---|
| freetown2 | or individually? |
|---|
| Markle | it affects more than one client if the other clients are trying to do something involving samba |
|---|
| Markle | I think that's where I was getting mixed up describing the behaviour. |
|---|
| freetown2 | that's the part where I start running out of ideas if i/o is not going through the roof... |
|---|
| Markle | So if the timeout thing gets triggered you won't be able to browse the shares either. |
|---|
| freetown2 | a triggers then b and c are affect |
|---|
| freetown2 | hopefully someone can dig that out for us...i'm still running 3.0.3x |
|---|
| freetown2 | heading home soon, hope you get an answer and a solution |
|---|
| Markle | freetown, thanks very much for your input :) |
|---|
| mbarper | Hi guys |
|---|
| mbarper | I have some problems with my 2 samba domains to create a interdomain trust relationship |
|---|
| mbarper | Somebody could help me? |
|---|
| mbarper | [root@moi-server ~]# net rpc trustdom list Unable to find a suitable server [2010/04/27 10:36:29, 0] utils/net_rpc.c:rpc_trustdom_list(6083) Couldn't connect to domain controller |
|---|
| Irssi_ | hi |
|---|
| pt | i am trying to connect to a samba-server from a xp-client and get the error: \\192.168.1.254\Volume1 is not accessible. You might not have permissions to use this network resource... |
|---|
| pt | but the samba-server is an open share |
|---|
| pt | and the permissions on the files of the samba-server are 777 |
|---|
| pt | if i look to Microsoft Windows Network(Entire Network), i couldn't see the Workgroup |
|---|
| pt | has anyone an idea? |
|---|
| pt | samba-logfile http://nopaste.info/991bd1e378.html |
|---|
| mbarper | my problem is solved :) |
|---|
| uwe | hello, i have samba printers on cups print server, im trying to set it up that it would be colored capable, in cups it is already set so, what should i do in order to make windows clients aware that its color capable ? |
|---|
| BluntObject | uwe: Use the correct driver on your Windows client. |
|---|
| uwe | BluntObject, im using cups-windows driver (unified for all printers) |
|---|
| BluntObject | uwe: Same advice still applies. Have you checked that the cups-windows driver supports color? |
|---|
| uwe | well, frankly no, i havent, i assumed that it sends stuff in postscript which should support colors |
|---|
| blingme | uwe: depends on the windows driver you are using |
|---|
| blingme | windows isn't like unix .... |
|---|
| blingme | if you're abusing some windows postscript driver ... it could be for a b&w printer .... |
|---|
| twb | So I just heard about this SMB2 thing that Microsoft rolled out in NT6.0. |
|---|
| twb | What resource should I be reading for Samba's take on SMB2? http://wiki.samba.org/index.php/Linux_SMB2_client_design ? |
|---|
| uwe | ok, in my test pages (printed from windows) it says Color support: no , is this info from the driver or from the configuration/settings ? or can it be either one ? |
|---|
| RoyK | hi all. is smb2 in recent samba3? |
|---|
| twb | RoyK: stop following me! |
|---|
| Action: RoyK hands twb a beer |
| twb | Good idea. |
|---|
| blingme | 3.5.x has some "experimental" support |
|---|
| RoyK | I guess I'll better wait for v4, then |
|---|
| blingme | 1)that may be quite a wait, 2)4.0.0 may not have SMB2 support .... |
|---|
| blingme | samba3 is ahead on "file serving" features AFAIK |
|---|
| RoyK | what else do you use it for? making coffee? |
|---|
| twb | Wikipedia says that samba4 has experimental smb2 support. |
|---|
| twb | And if Wikipedia says it, it MUST be true!!1! |
|---|
| Action: RoyK takes twb's beer |
| twb | RoyK: that's the Hypertext Coffee Pot Protocol. You need Emacs for that, not Samba. |
|---|
| RoyK | I know HTCPCP :) |
|---|
| twb | You'll also need an elec eng background, since sadly you cannot buy HTCPCP-compliant coffee machines yet. |
|---|
| Action: twb rails at capitalism |
| idra | RoyK, master has almost complete smb2 support, we expect to have full smb2 support in s3 within the month |
|---|
| idra | s/the/a/ |
|---|
| twb | idra: is anybody working on a linux client side yet? |
|---|
|
|
| RoyK | twb: you mean smbfs? isn't that in kernel? |
|---|
| twb | RoyK: for SMB2, not smb/cifs |
|---|
| RoyK | yeah, but most smb mounts I've done uses smbfs, which is in kernel, not samba |
|---|
| idra | twb, there is some work for an smb2 driver, but it will take time, however smb is fine for linux, do you have servers that do only smb2 ? |
|---|
| idra | RoyK, smbfs is ancient code, not maintained for ages, you want to use the cifs driver |
|---|
| twb | idra: no, I was just going "ooh, sexy, a new protocol that claims to be more performant" |
|---|
| RoyK | idra: it's not really a need, more of a "want" since smb1 isn't very well suited for slow WANs |
|---|
| twb | I don't actually give a shit about Windows hosts; it's a perk of my current gig :-) |
|---|
| RoyK | idra: I'll remember that |
|---|
| idra | RoyK, smb2 is not too different although it may have some minor improvements |
|---|
| RoyK | I thought they had cut down on the chatting there? |
|---|
| RoyK | low-latency wan links aren't very good with smb/cifs |
|---|
| RoyK | nfs4 is good, though, but not well supported in linux |
|---|
| RoyK | and hardly in windoze |
|---|
| idra | RoyK, nfsv4 works just fine in linux |
|---|
| RoyK | I haven't tried with kerberos, but without it I got issues connecting to solaris |
|---|
| twb | Solaris isn't Linux |
|---|
| twb | heterogeneity leads to Interesting Times |
|---|
| RoyK | twb: I know, but solaris has been using nfs4 for some time and afaik their implementation is quite good |
|---|
| RoyK | twb: heh - yes - but interesting in terms of good (not Pratchett's version) :) |
|---|
| RoyK | homogeneity be damned :) |
|---|
| uwe | BluntObject, blingme , thank you for your hints, you were perfectly right, i just could not see it, the ps5ui.dll that i used is from adobe and apparently was too old, using the file that comes with windows (i used one from 2003) fixed the color management tab issue ! |
|---|
| uwe | the cups-windows driver seems to simply utilize that dll , and thus the problem is not related to it directly |
|---|
| BluntObject | Happy to see uwe's problem is now resolved. |
|---|
| mdjoker | Hello, I have a small question about the machine SID and the domain SID of my samba pdc (3.0 on SLES10). Back when I originally set up the PDC, I saved the machine SID of its netbios hostname (the domain SID should be the same as this, right?). About a year ago the hostname of the PDC had to change. Now I just took a look at my secrets.tdb and something seems to be very wrong. |
|---|
| mdjoker | In there I can see two SIDs: The SID of the old (!) hostname, which is the same as the one i originally saved and the domain SID which is different. |
|---|
| mdjoker | Also there is no SID for the new hostname, causing net getlocalsid to fail. |
|---|
| mdjoker | I guess I'm humbly asking for advice on how to proceed here. :) |
|---|
| neosimago | hello people; we're looking to transform our old ldap backend authentication on samba 2 to a new ldap 2.3 backend on samba 3 and the schemas are not playing nice during the add. Is there a scrip to convert our old ldap 1.9 datablase full of machine names from samba 2 to be compatible with samba 3? |
|---|
| hatseflats | evening everyone |
|---|
| power | hi,is it possible to create windows shares, per user, with one pub one priv directory ? |
|---|
| hatseflats | having some trouble with two samba servers on my network, a while ago one became inaccessible through it's hostname |
|---|
| hatseflats | http://paste.pocoo.org/show/206829/ this is the configuration for the working server, the malfunctioning box has almost the same config, just some more shares |
|---|
| hatseflats | I have third box on which I repeatedly call smbtree to check which box is discoverable |
|---|
| hatseflats | it's all local to my private home network, so I don't care about security at al |
|---|
| mdjoker | you've probably checked, but the nmbd process is still running on the inaccessible box? |
|---|
| hatseflats | mdjoker: yes, the problem has persisted over several weeks now |
|---|
| hatseflats | during which the box has been rebooted a few times |
|---|
| hatseflats | using it's IP to access the shares works just fine |
|---|
| hatseflats | but now I have a machine on the network which doesn't support hardcoded ip addresses, as such I need to fix this hostname crud |
|---|
| mdjoker | hm. do you know which of the systems is the local master browser? maybe you can try to query its database to find more info about what's wrong or something? |
|---|
| hatseflats | I don't know what a local master is, and wouldn't know which of the boxes is supposed to be the master on this network |
|---|
| hatseflats | but I suppose it's some administrative task bestowed on one box in particular? |
|---|
| mdjoker | well the local master browser is kind of the box that gathers the netbios names and serves them to clients. if you say the nmbd on the affected system is fine, i just guesses there could be a problem in the master browser's database. i'm not too fit in samba's netbios internals, so it's just a vague guess. |
|---|
| neosimago | slapadd is complaining with my machine accounts; '(65) object class 'posixAccount' requires attribute 'cn' ' -- any leads to how these entries may be accepted into the database? |
|---|
| mdjoker | only other thing i can suggest right now is you try to set up one of the boxes as a WINS server. that will speed up netbios name lookups in any case and may also make this problem go away |
|---|
| mdjoker | sorry... |
|---|
| hatseflats | no problem, I'll stick around if someone els gets an idea or something :) |
|---|
| mdjoker | good luck. i'm doing the same right now. :) |
|---|
| hatseflats | about wins, I've tried that once before a week or two ago I think, didn't work out either |
|---|
| mdjoker | also, if you don't get any ideas, i'd suggest you raise your log level in smb.conf to at least 2 on the affected system for the time being, this will also increase nmbd's log output. when you notice the system disappear next time, look though the logs. you might find something odd. |
|---|
| mdjoker | what exactly didn't work about WINS? i suppose you enabled "wins support = yes" on one system and "wins server = <ip_of_wins_box>" on all the others? |
|---|
| hatseflats | oh, it's not dissapearing, it's completely lost in the current way clients do the lookup |
|---|
| hatseflats | can't find it at all |
|---|
| hatseflats | not off and on |
|---|
| hatseflats | mdjoker: yeah, read through the howto from oreilly, but the lookup of that one server still failed |
|---|
| mdjoker | well that's strange. i've never seen this myself, sorry. |
|---|
| hatseflats | meh, it's probably some obscure flipswitch I left on somewhere somehow |
|---|
| hatseflats | always something so stupendously obvious that you miss it |
|---|
| mdjoker | still, do increase your log level on that machine a bit and restart nmbd. you might just spot an error message or something. |
|---|
| hatseflats | oh darn |
|---|
| hatseflats | found it |
|---|
| mdjoker | you did? |
|---|
| hatseflats | the working system was on netmask 255.240.0.0, like all the other boxes in the network |
|---|
| hatseflats | but the second server has a hardwired ip, without hte new subnet |
|---|
| hatseflats | so it was still set at 255.255.255.0 |
|---|
| mdjoker | oh. :) |
|---|
| hatseflats | *palmface* |
|---|
| mdjoker | heh, i wouldn't have thought of that. nice. |
|---|
| hatseflats | makes complete sense tho |
|---|
| hatseflats | when I read the logs for the broken box I noticed that log.nmbd claimed it was the local master on the network |
|---|
| hatseflats | and I had just read that local masters work for subnets or something |
|---|
| mdjoker | well that certainly makes sense. |
|---|
| hatseflats | well, thanks for soundboarding mdjoker, you did help :) |
|---|
| mdjoker | well thanks, great you figured it out. :) |
|---|
| mdjoker | so what happened was maybe because it thought it was the local master on its subnet (which was correct in away), it probably didn't advertize itself to the real master. or something. :) |
|---|
| hatseflats | I think so too. |
|---|
| hatseflats | and the broadcast for the node's hostname lookup would fail as well |
|---|
| hatseflats | because the broadcast happened on 172.31.255.255 |
|---|
| hatseflats | and not on the 172.16.0.255 subnet it was listening on |
|---|
| mdjoker | yes, that's true of course. well i've learned something today. :) |
|---|
| mdjoker | just have to think of the broader picture sometimes. |
|---|
| hatseflats | indeed |
|---|
| hatseflats | well, good night to you, I'm off to bed :)( |
|---|
| mdjoker | power: what did you mean earlier? every user should have each one private and one public share? or should the public share be global? |
|---|
| power | mdjoker~ well, yes,but for the private one, he should be able to add users that can access |
|---|
| power | without r00t privilages |
|---|
| mdjoker | well you *could* use POSIC ACLs on the samba filesystem for that. |
|---|
| mdjoker | *POSIX |
|---|
| power | ie, create a directory,and say user1 user2 can read,write, user3 can read, else have no access |
|---|
| power | any tutorial for that mdjoker ? |
|---|
| mdjoker | i don't know any that cover both ACLs in general and in connection with samba offhand, sorry. |
|---|
| power | ok thanks |
|---|
| mdjoker | but you might want to learn about POSIX ACLs in general first. they're essentially more flexible than normal unix permissions in that you can add access control entries like: user foo may read and write this file, user bar may only read, user bang may read and execute. |
|---|
| power | mdjoker~ after a quick google look,i can say that this one needs some patching and recompiling. |
|---|
| mdjoker | then you just need to make sure that the ACLs on the private directories are set sensibly and they map properly to (windows-)clients through samba. |
|---|
| Action: power crosses fingers |
| mdjoker | err no, not for POSIX ACLs, certainly not. |
|---|
| mdjoker | you will not get all functionality in windows-clients as on an NTFS file system but the basics work. |
|---|
| mdjoker | ie your users will be able to add ACEs onto their files like "now user foo may also read this file". |
|---|
| mdjoker | given a correct share configuration in smb.conf that is. :) |
|---|
| power | http://www.bluelightning.org/linux/samba_acl_howto/ this one says i need a patched kernel and samba |
|---|
| mdjoker | let me see.. |
|---|
| mdjoker | well... > 18 July 2003 |
|---|
| mdjoker | that was a time when 2.4 kernels still needed patches to even support file system ACLs. :) |
|---|
| power | lol |
|---|
| mdjoker | it seems |
|---|
| power | didnt notice the date |
|---|
| mdjoker | about ACL support itself, don't worry. probably all halfway relevant distributions ship their kernels with ACL support for ext2/3/4, xfs, reiser, you name it. |
|---|
| saulo | Hello all. I'm with a problem with Samba+LDAP: "smbldap-useradd -a myuser" returns "Can't call method "get_value" on an undefined value at /usr/sbin/smbldap-useradd line 231.". What can be? |
|---|
| mdjoker | power: maybe try this, it's from suse but POSIX ACLs are distribution independent. they also work the same way on other unixes. http://www.suse.de/~agruen/acl/linux-acls/online/ |
|---|
| mdjoker | once you learn to work with getfacl and setfacl, try to read up on how to pair samba with ACLs. there are some options in smb.conf that affect how they are handled, how they are inherited and so on. |
|---|
| saulo | In reality, my problem is with smbldap-tools package. But no idea about what can be happening |
|---|
| mdjoker | power: Also, I just noticed, there is a chapter about ACLs and their limitations wrt samba here: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2614541 |
|---|
| mdjoker | I guess you should be aware of these. |
|---|
| power | you helped a lot thanks |
|---|
| power | ill make a fresh centos installation and start testing |
|---|
| mdjoker | good luck! :) |
|---|
| power | the last problem on your last link, about MS WORD, is really funny :D |
|---|
| mdjoker | heh, yes actually sometimes we have this problem in our setup. it can be a pain. |
|---|
| power | have you ever used openfiler ? i was about to test it, but i always prefer a custom solution based on centos,then such customized OSes |
|---|
| neosimago1 | hi people. using the local box with ldap 2.3/ samba 3; what are some test methods to verify that samba is using ldap for verification to local resources shared? |
|---|
| mdjoker | i've read about it and wanted to try it for some time but never got the chance unfortunately. i once tried freenas though. it supports ZFS which has extremely advanced ACLs but i couldn't get them to work as i wanted with windows clients. |
|---|
| power | ive a freenas running on an old pc,for some basic NFS support, but its extremely dangerous to play with it, the chance that it will survive a reboot is about %5 |
|---|
| mdjoker | wow, that sounds adventurous. :) |
|---|
| saulo | neosimago1: using LDAP? smbldap-tools working? |
|---|
| power | zfs sounds OK to me :\ |
|---|
| power | i can use solaris instead of centos |
|---|
| mdjoker | well... i've put a lot of time into exactly that |
|---|
| mdjoker | and to be honest, i failed. |
|---|
| power | oh, freebsd also supports it natively, that explains freenas supporting it |
|---|
| mdjoker | yes, however slightly older versions than solaris, obviously. :) |
|---|
| power | yeah |
|---|
| power | if you are around here always, i will share my experiences about this one tomorrow |
|---|
| power | ill try ZFS |
|---|
| mdjoker | be aware that you might have to put _a_lot_ f time into that |
|---|
| mdjoker | also, if at all possible, use the opensolaris CIFS server, not samba |
|---|
| power | oh |
|---|
| power | i hope that configuration files are similar |
|---|
| mdjoker | windows clients with samba and zfs acls will mess with the order of access control entries, causing major havoc. |
|---|
| power | i see |
|---|
| mdjoker | i've had test cases where for example trying to add read access to a user as the owner of a file caused the owner to lose complete access. |
|---|
| mdjoker | the main problem is this: zfs acls and ntfs acls are very similar in functionality. but the trouble is in the detail. ntfs ACEs are in a different order. so the windows clients sets them in an order it thinks is correct but in actuality that will have a completely different effect on ZFS itself, which samba then has to honor. |
|---|
| mdjoker | the solaris CIFS server seems to handle this better. however it seems you cannot join that into an NT4/samba domain, only ADS. |
|---|
| mdjoker | just so you know what you're getting into. :) |
|---|
| power | i dont have a domain , most of the clients are xp home edition :( |
|---|
| mdjoker | I see. well, maybe i was just completely incapable and actually it's not hard. |
|---|
Popular searches: 
