R: Re: R: Re: R: Re: Samba misconfiguration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




>----Messaggio originale----
>Da: craigwhite@xxxxxxxxxxx
>Data: 22-feb-2011 
13.04
>A: <users@xxxxxxxxxxxxxxxxxxxxxxx>
>Ogg: Re: R: Re: R: Re: Samba 
misconfiguration
>
>On Mon, 2011-02-21 at 17:52 +0100, antonio.montagnani@alice.
it wrote:
>> 
>> >----Messaggio originale----
>> >Da: craigwhite@xxxxxxxxxxx
>> 
>Data: 21-feb-2011 
>> 16.43
>> >A: <users@xxxxxxxxxxxxxxxxxxxxxxx>
>> >Ogg: 
Re: R: Re: Samba 
>> misconfiguration
>> >
>> >On Mon, 2011-02-21 at 17:38 
+0100, antonio.montagnani@alice.
>> it wrote:
>> >> 
>> >
>> >> I attach a log 
file of a test with samba trying to connect 
>> by smbclient...I 
>> >> am at a 
dead point.
>> >----
>> >no ability to look at the log 
>> until much, much 
later.
>> >
>> >What is output of command...
>> >
>> >pdbedit -Lv antonio
>> 

>> >
>> >?
>> >
>> >Craig
>> >
>> >
>> >-- 
>> >This message has been scanned 
for viruses and
>> 
>> >dangerous content by MailScanner, and is
>> >believed 
to be clean.
>> >
>> >-- 
>> >users 
>> mailing list
>> >users@lists.
fedoraproject.org
>> >To unsubscribe or change 
>> subscription options:
>> >https://admin.fedoraproject.org/mailman/listinfo/users>Guidelines:http://fedoraproject.org/wiki/Mailing_list_guidelines
>> >
>>  pdbedit -Lv antonio
>> INFO: Current debug levels:
>>   all: True/10

>>   tdb: 
>> False/0
>>   printdrivers: False/0
>>   lanman: False/0
>>   smb: 
False/0
>>   rpc_parse: 
>> False/0
>>   rpc_srv: False/0
>>   rpc_cli: False/0

>>   passdb: False/0
>>   sam: False/0
>> 
>>   auth: False/0
>>   winbind: 
False/0
>>   vfs: False/0
>>   idmap: False/0
>>   quota: 
>> False/0
>>   
acls: False/0
>>   locking: False/0
>>   msdfs: False/0
>>   dmapi: False/0

>>   
>> registry: False/0
>> doing parameter server string = Samba Server 
Version %v
>> doing 
>> parameter print command = 
>> doing parameter guest ok 
= yes
>> doing parameter 
>> workgroup = workgroup
>> doing parameter username 
map = /etc/samba/smbusers
>> doing 
>> parameter security = user
>> doing 
parameter lprm command = 
>> doing parameter max 
>> log size = 50
>> doing 
parameter wins support = Yes
>> doing parameter guest account 
>> = nfsnobody

>> pm_process() returned Yes
>> lp_servicenumber: couldn't find homes
>> 
>> 
set_server_role: role = ROLE_STANDALONE
>> Attempting to register new charset 
UCS-
>> 2LE
>> Registered charset UCS-2LE
>> Attempting to register new charset 
UTF-16LE
>> 
>> Registered charset UTF-16LE
>> Attempting to register new 
charset UCS-2BE
>> 
>> Registered charset UCS-2BE
>> Attempting to register new 
charset UTF-16BE
>> 
>> Registered charset UTF-16BE
>> Attempting to register 
new charset UTF8
>> Registered 
>> charset UTF8
>> Attempting to register new 
charset UTF-8
>> Registered charset UTF-8
>> 
>> Attempting to register new 
charset ASCII
>> Registered charset ASCII
>> Attempting to 
>> register new 
charset 646
>> Registered charset 646
>> Attempting to register new 
>> charset 
ISO-8859-1
>> Registered charset ISO-8859-1
>> Attempting to register new 
>> 
charset UCS2-HEX
>> Registered charset UCS2-HEX
>> Substituting charset 'UTF-8' 
for 
>> LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> Substituting 
charset 'UTF-8' for 
>> LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> 
Substituting charset 'UTF-8' for 
>> LOCALE
>> Substituting charset 'UTF-8' for 
LOCALE
>> Substituting charset 'UTF-8' for 
>> LOCALE
>> Substituting charset 
'UTF-8' for LOCALE
>> Substituting charset 'UTF-8' for 
>> LOCALE
>> 
Substituting charset 'UTF-8' for LOCALE
>> Substituting charset 'UTF-8' for 
>> 
LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> Substituting charset 'UTF-
8' for 
>> LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> Netbios name 
list:-
>> 
>> my_netbios_names[0]="ACER"
>> Attempting to register passdb 
backend ldapsam
>> 
>> Successfully added passdb backend 'ldapsam'
>> 
Attempting to register passdb 
>> backend ldapsam_compat
>> Successfully added 
passdb backend 'ldapsam_compat'
>> 
>> Attempting to register passdb backend 
NDS_ldapsam
>> Successfully added passdb 
>> backend 'NDS_ldapsam'
>> 
Attempting to register passdb backend NDS_ldapsam_compat
>> 
>> Successfully 
added passdb backend 'NDS_ldapsam_compat'
>> Attempting to register 
>> passdb 
backend smbpasswd
>> Successfully added passdb backend 'smbpasswd'
>> 
>> 
Attempting to register passdb backend tdbsam
>> Successfully added passdb 
backend 
>> 'tdbsam'
>> Attempting to register passdb backend wbc_sam
>> 
Successfully added 
>> passdb backend 'wbc_sam'
>> Attempting to find a passdb 
backend to match tdbsam 
>> (tdbsam)
>> Found pdb backend tdbsam
>> pdb backend 
tdbsam has a valid init
>> 
>> tdbsam_open: successfully opened 
/var/lib/samba/private/passdb.tdb
>> 
>> pdb_set_username: setting username 
antonio, was 
>> pdb_set_domain: setting domain 
>> ACER, was 
>> 
pdb_set_nt_username: setting nt username , was 
>> pdb_set_full_name: 
>> 
setting full name antonio, was 
>> Home server: acer
>> Substituting charset 
'UTF-8' 
>> for LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> 
Substituting charset 'UTF-8' 
>> for LOCALE
>> Substituting charset 'UTF-8' for 
LOCALE
>> Substituting charset 'UTF-8' 
>> for LOCALE
>> Substituting charset 
'UTF-8' for LOCALE
>> Substituting charset 'UTF-8' 
>> for LOCALE
>> 
Substituting charset 'UTF-8' for LOCALE
>> Substituting charset 'UTF-8' 
>> for 
LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> Substituting charset 'UTF-
8' 
>> for LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> Substituting 
charset 'UTF-8' 
>> for LOCALE
>> Substituting charset 'UTF-8' for LOCALE
>> 
pdb_set_homedir: setting 
>> home dir \\acer\antonio, was 
>> 
pdb_set_dir_drive: setting dir drive , was NULL
>> 
>> pdb_set_logon_script: 
setting logon script , was 
>> Home server: acer
>> 
>> pdb_set_profile_path: 
setting profile path \\acer\antonio\profile, was 
>> 
>> pdb_set_workstations: 
setting workstations , was 
>> account_policy_get: name: 
>> password history, 
val: 0
>> pdb_set_user_sid: setting user sid S-1-5-21-3734388162-
>> 611009795-
2949902601-1003
>> pdb_set_user_sid_from_rid:
>> 	setting user sid S-1-5-21-
>> 
3734388162-611009795-2949902601-1003 from rid 1003
>> account_policy_get: 
name: 
>> maximum password age, val: -1
>> Finding user antonio
>> Trying 
_Get_Pwnam(), 
>> username as lowercase is antonio
>> Get_Pwnam_internals did 
find user [antonio]!
>> 
>> Opening cache file at /var/lib/samba/gencache.tdb

>> Opening cache file at 
>> /var/lib/samba/gencache_notrans.tdb
>> Cache entry 
with key = IDMAP/GID2SID/500 
>> couldn't be found 
>> gid_to_sid: winbind 
failed to find a sid for gid 500
>> LEGACY: 
>> gid 500 -> sid S-1-22-2-500
>> 
account_policy_get: name: password history, val: 0
>> 
>> pdb_set_username: 
setting username antonio, was 
>> pdb_set_domain: setting domain 
>> ACER, was 

>> pdb_set_nt_username: setting nt username , was 
>> pdb_set_full_name: 
>> 
setting full name antonio, was 
>> Home server: acer
>> pdb_set_homedir: 
setting home 
>> dir \\acer\antonio, was 
>> pdb_set_dir_drive: setting dir 
drive , was NULL
>> 
>> pdb_set_logon_script: setting logon script , was 
>> 
Home server: acer
>> 
>> pdb_set_profile_path: setting profile path 
\\acer\antonio\profile, was 
>> 
>> pdb_set_workstations: setting workstations 
, was 
>> account_policy_get: name: 
>> password history, val: 0
>> 
pdb_set_user_sid: setting user sid S-1-5-21-3734388162-
>> 611009795-2949902601-
1003
>> pdb_set_user_sid_from_rid:
>> 	setting user sid S-1-5-21-
>> 3734388162-
611009795-2949902601-1003 from rid 1003
>> Returning expired cache 
>> entry: 
key = IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513, value 
>> = 
-1, timeout = Mon Feb 21 17:50:39 2011
>> Adding cache entry with key = 
>> 
IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513 and timeout = Thu 

>> Jan  1 01:00:00 1970
>>  (-1298307042 seconds in the past)
>> winbind failed 
to find 
>> a gid for sid S-1-5-21-3734388162-611009795-2949902601-513
>> 
>> 
lookup_global_sam_rid: looking up RID 513.
>> pdb_getsampwrid (TDB): error 
looking 
>> up RID 513 by key RID_00000201.
>> Can't find a unix id for an 
unmapped group
>> 
>> LEGACY: mapping failed for sid S-1-5-21-3734388162-
611009795-2949902601-513
>> 
>> pdb_set_group_sid: setting group sid S-1-5-21-
3734388162-611009795-2949902601-
>> 513
>> Unix username:        antonio
>> NT 
username:          
>> Account Flags:        
>> [U          ]
>> User 
SID:             S-1-5-21-3734388162-611009795-2949902601-
>> 1003
>> Primary 
Group SID:    S-1-5-21-3734388162-611009795-2949902601-513
>> Full 
>> 
Name:            antonio
>> Home Directory:       \\acer\antonio
>> HomeDir 
>> 
Drive:        
>> Logon Script:         
>> Profile Path:         
>> 
\\acer\antonio\profile
>> Domain:               ACER
>> Account desc:         

>> 
>> Workstations:         
>> Munged dial:          
>> Logon 
time:           0
>> Logoff 
>> time:          never
>> Kickoff time:         
never
>> Password last set:    lun, 21 
>> feb 2011 16:17:06 CET
>> 
account_policy_get: name: minimum password age, val: 0
>> 
>> Password can 
change:  lun, 21 feb 2011 16:17:06 CET
>> account_policy_get: name: 
>> maximum 
password age, val: -1
>> Password must change: never
>> Last bad password   : 

>> 0
>> Bad password count  : 0
>> Logon hours         : 
>> 
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>----
>http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html>

>specifically, this should help...
>
>http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html#id2598404
>
>Fix your groups, make sure the user 'antonio' and the group he belongs
>to 
have access to the directory/files in the share.
>
>Craig
>
>
>-- 
>

As I am 
no good at Samba administration I had a look to a standard smb.conf file and I 
found

	# various scripts can be used on a domain controller or a stand-alone
	
# machine to add or delete corresponding UNIX accounts:

;	add user script = 
/usr/sbin/useradd "%u" -n -g users
;	add group script = /usr/sbin/groupadd "%g"

;	add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome 
-s /bin/false "%u"
;	delete user script = /usr/sbin/userdel "%u"
;	delete user 
from group script = /usr/sbin/userdel "%u" "%g"
;	delete group script = 
/usr/sbin/groupdel "%g"


is it sufficient to uncomment some of these lines???


tnx again

Antonio
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux