IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1822.24 MB
Powered by
Channel Info
Network: freenodeChannel: #samba |
Search in www.irclog.org
Log from #samba at freenode 2006-07-28
[00:09]<scznnv>Alright I guess I'm stupid but I can't seem to find the option to have samba check credentials against the internal user database (In a Gentoo Linux environment). security = user isnt allowing me to authenitcate as local user 'skreet'... any suggestions?
[00:12]<||aw>Skreet: that's because smb protocol uses a challenge-responce auth system which is not compatable with the posix way
[00:13]<||aw>Skreet: so you are not overlooking it, it simply isn't possible
[00:13]<||aw>simple way, smbpasswd -a skreet
[00:14]<||aw>harder way but integrated, setup both samba and nsswitch/pam to use ldap
[00:15]<scznnv>||cw, What does smbpasswd do, exactly? add credentials to the internal passwd db?
[00:15]<burndnd>mount.cifs question: why does 'mount -t cifs -ouid=500,gid=500 ...' not result in uid/gid 500 owning the locally-presented files? is that possible in another manner?
[00:15]<||aw>it make a smbpasswd file
[00:15]<||aw>and creates a smb SID for the users as well
[00:16]<scznnv>||cw, I'm interested in actually deploying ldap and having both pam and samba use it, any good resources for this?
[00:16]<||aw>BugeyeD: does the server have samba's unix extentions enabled? they are on by default
[00:16]<||aw>Skreet: I've only made it work once, found a howto on debian/ubuntu
[00:17]<burndnd>||cw: i compiled via freebsd ports, so not sure - will check right now though. (is there a ... -v command that will tell me?)
[00:17]<||aw>Skreet: I'd be suprized if the gentoo docs don't have a good writeup
[00:17]<||aw>BugeyeD: testparm -v |grep "unix extentions"
[00:17]<scznnv>||cw, It sounds interesting but i'm not sure it's necessary for a 3 user environment, although keeping credentials the same amoung all network resources would be nice
[00:18]<||aw>BugeyeD: er, that's unix extensions
[00:18]<burndnd>||cw: unix extensions = Yes :)
[00:19]<burndnd>||cw: my problem is, of course, that the local uids do not match the remote uids.
[00:20]<dzj2nzvj>would like to know if samba with ldap support multiple domains?
[00:21]<||aw>BugeyeD: right, and you can't override uni extentions client side
[00:21]<||aw>mroberto: ldap deosn't add anything like that
[00:22]<||aw>mroberto: you can still do multi domains by starting samba with different conf files and binding to interfaces
[00:23]<||aw>but be sure the 2nd conf overrides everything, including log files and printer spool
[00:23]<dzj2nzvj>I have 5 servers with 5 domains and 5 ldaps
[00:23]<dzj2nzvj>but I want to have central ldap server for all my domains
[00:24]<dzj2nzvj>with replication of the one ldap server across the network
[00:24]<scznnv>why have 5 domains if you're going to share 1 ldap server?
[00:25]<burndnd>||cw: ahhh! 'unix extensions = No' fixed this issue. thanks!
[00:27]<dzj2nzvj>cause they are in 5 locations
[00:28]<||aw>mroberto: well, you have to tell samba what OU to look at, I don't see why you couldn't run multiple OU's on the ldap and point different samba PDC's to it
[00:29]<dzj2nzvj>ohh ok
[00:29]<dzj2nzvj>I will do some test
[00:29]<dzj2nzvj>I think some of the commands will break
[00:29]<dzj2nzvj>but that's ok
[00:29]<||aw>like whay
[00:29]<||aw>what
[00:29]<||aw>you'd still have 5 samba server
[00:29]<||aw>s
[00:30]<dzj2nzvj>yea
[00:30]<dzj2nzvj>the smbldap search funtions
[00:30]<dzj2nzvj>might cause some issues
[00:34]<scznnv>||cw, So you're using LDAP on your box now?
[00:35]<dzj2nzvj>yea
[00:35]<||aw>mroberto: why, each server would searcha different OU
[00:35]<||aw>Skreet: on one, yes
[00:36]<dzj2nzvj>No I have 5 different ldap samba servers
[00:36]<dzj2nzvj>I just want to be available to manage just one ldap server
[00:36]<dzj2nzvj>so I want to move all the SID etc to one server with one ldap and just replicate that to the other servers
[00:36]<||aw>yes, but you would still have 5 samba servers
[00:36]<||aw>using 5 OU's
[00:37]<dzj2nzvj>5 domain Sids yes
[00:37]<||aw>mroberto: is there an orgizational reason for 5 domains? it is possible, via a BDC/ldap slave system to have 5 locations in one domain
[00:43]<dzj2nzvj>Not sure
[01:22]<cjnnq>Newbie.. I have a Samba server running on an Ubuntu box. Can connect locally within winxp without issue while at office, however, cannot connect outside of office. Can log onto Ubuntu box remotely without issue using VNC. Pls help.
[01:31]<pzrgc->huh ports 137-139 get blocked on the internet CJ492
[01:32]<pzrgc->set up a VPN insteade
[01:32]<cjnnq>Is there a manual way to open ports 137-139 or is VPN easier?
[01:33]<pzrgc->you don't wanna use samba over the internet.
[01:33]<pzrgc->set up openVPN
[01:33]<cjnnq>samba too insecure?
[01:33]<pzrgc->no, the win32 implementation of SMB is
[01:34]<pzrgc->besides all ISP's block traffic on those ports
[01:34]<pzrgc->so you're not gonna get anywhere
[01:34]<-- rfgw_yjggsru xrs>http://www.microsoft.com/windowsserver2003/ <- 3,400,000,000+ users can't be wrong")
[01:34]<cjnnq>that would explain my frustration for the last few weeks, thought I was just an idiot or something...
[01:35]<cjnnq>any good websites to read/look at on how to get openVPN up and running?
[01:35]<pzrgc->I was gonna google.
[01:35]<pzrgc->and I have to leave anyway
[01:36]<cjnnq>okay well thank you for inf telling why it wasn't working...
[01:36]<cjnnq>cya
[01:37]<cjnnq>Anyone else able to suggest a good openVPN "how to" or Wiki? Basically, I have a SATA Raid 5 running on an Ubuntu Server. I setup Samba so that I could use the box as a large harddrive to store all of my docs on. Problem is, I can't get at them once I take my laptop home from the orfice.. Any suggestions?
[01:38]<cjnnq>...laptop is running winxp pro
[01:58]<pugnjgn>i have a laptop that sometimes when i log into my samba pdc it will not get the logon profile or setup my shares and says it will local profile
[02:49]<-- rfgw_yjggsru xrs>http://www.microsoft.com/windowsserver2003/ <- 3,400,000,000+ users can't be wrong")
[02:59]<pugnjgn>well guess not...thanks
[03:50]<szpzzy_zf>Hi all, I have a winbind setup and working. wbinfo -u and -g are very fast and return all of the users and groups. However, wbinfo -a user%pass takes 9 seconds to successfully authenticate
[03:50]<szpzzy_zf>any ideas why the wbinfo -a would be so slow?
[03:58]<|rabbit|>greetings
[03:58]<|rabbit|>is there a way to enforce a central group policy with vanilla samba3 or I need some additional software like nitrobit group policy?
[03:58]<|rabbit|>different articles found via google sort of contradict each other
[04:18]<saxdnn>can anyone give me some help resolving group issue with Samba 3.0.23 and Active Directory 2003. The error that seems most prevalent is "Failed to create BUILTIN\Administrators group"
[04:49]<pfraaym_>how can i check what username a share has been mapped with a connected windows client
[04:49]<pfraaym_>net status shares only shows the IP address of the connection, not user name
[04:50]<saxdnn>are you trying to script this, or just looking it up when needed?
[04:51]<pfraaym_>just when i need to
[04:52]<pfraaym_>bloody windows clients with saved password in explorer it seems even when mapping a drive with a dif user, it must try the saved user/pass as well
[04:52]<saxdnn>as long as you don't mind manually typing in, try using the IP address gleaned from net status shares, and grep for it in the output of smbstatus
[04:53]<saxdnn>eg: smbstatus | grep ip.add.re.ss
[04:53]<pfraaym_>but i want to find out the username of the connection, not the ip
[04:53]<saxdnn>the username is on the same line as the IP
[04:54]<saxdnn>should be the first thing on the line
[04:54]<pfraaym_>i get these columns Service pid machine Connected at
[04:54]<saxdnn>sorry, the second thing on the line
