New fun from M$, we have started to test Win-7 on a few machines, and while it worked flawlessly in XP, Vista and Win-7 beta, logging on to the share (AD) from a Win-7 RC doesn't work.
View 1 Replies
I recently upgraded my ubuntu samba fileserver to 10.04 along with increasing the size of my RAID 1 /home directory.I am using the same smb.conf file setup I have used on intrepid ibis setup and hardy heron setup before that.On my new setup, I can see the ubuntu server on my windows 7 machines, but I can't see the shares and can't access them.In checking the logs (/var/log/samba), one log continues to look for a printer share from one Windows machine that I have not set up on samba yet.
I have found a few people who have reported similar problems online, even a few who have filed bugs, but then they say "my computer started working suddenly. I don't know what happened." so they closed the bug. or "my computer started working after I rebooted my machine." I have rebooted all machines on the network. That doesn't fix it.
I'd like to set up a fileserver for myself and a few trusted individuals. I'm computer savvy and I use various linux servers frequently for work, but this is my first time trying to setup my own. Is it possible to have a Samba server setup so it is both secure and facing the Internet? Two questions:
Will opening Samba ports make my default Ubuntu server particularly vulnerable to penetration? More than having an SSH server running? Does Samba/ can Samba be configured to encrypt traffic or is it sent plainly? If so, does Windows and Mac support this secure communication?
If not, what would you suggest? I'd like to achieve something like a network drive and at a difficulty level that my parents could use this if they really wanted to. I will be storing things like financial information and tax returns, but no weapons-grade secrets.
When I try to add a user to samba (using the GNOME UI) in F12, after enter all the information and click OK.it will just hang for about 20 seconds, and then do nothing. Window is still there, I click OK again and same thing.heres the steps i followed:
1) click preferences, Samba Users...
2) click add user
3) select user "joe" (example) from drop down of users
4) enter "joe" windows user name
5) enter password for joe (same as user password)
6) click OK
7) hangs 20 seconds then nothing.window is still there.click OK again same thing no user added
How can I set permissions for users within the share?
Example: I have a share called Programming and some user can create folders within it most others can not, can read the documents.
How do I set permissions?
If I want to add Windows & Mac users as Samba users, must I first add them all as Ubuntu users? If so, since none of the other users will actually be working on the Ubuntu Server, how do I disable the other non-admin users on the Ubuntu Server login screen. I am using Webmin to administer some server settings, and command line for others.
View 3 Replies View RelatedI've prepared a Samba fileserver at work without much too problems and I've prepared a batch file to mount it as z: letter on windows machine at startup.As a sad result the share gets filled with many viruses and became a vehicle of infection.
folder1 ----> folder2 and many other files and folders
folder1 has a condivision access read and write for everyone so I get no problems with passwords for all those who have access but i use ntfs security to do it read only (viruses act like if a pendrive is connected and mainly put infected files just in the "root" of it, in my case in folder 1) and then give everyone full control in folder2. I've been trying to understand how to do this but I'm quite new to linux and smb.conf really scared me. I've tried samba graphical tool which was a lot easier but I'm not able to achieve this kind of result: no need of user password for users to mount the share and no write possibilities in folder 1 and full control in folder 2.
I have two ubuntu 10.04 64-bit servers running samba (3.4.7) and openLDAP (2.4.21). The LDAP directory is successfully replicating between the two servers. These servers also serve as LDAP servers for sudo, pam, nss, and other services for a dozen servers without issues. The BDC samba is configured to use itself for LDAP. I connected to the BDC using the samba ldap credentials and verified I could a) see the Computer object b) read NTPassword and LMPassword. The workstations can authenticate to the domain successfully against the PDC. If a workstation boots and connects to the BDC, they login fails with:
Code:
[2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:336(get_md4pw)
get_md4pw: Workstation MACHINENAME$: no account in domain
[2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:584(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: failed to get machine password for account MACHINENAME$: NT_STATUS_ACCESS_DENIED
Successful authentication against the PDC shows:
Code:
[2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum)
MACHINENAME (192.168.2.145) connect to service netlogon initially as user username (uid=30000, gid=512) (pid 1727)
[2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum)
MACHINENAME (192.168.2.145) connect to service data initially as user nobody (uid=65534, gid=65534) (pid 1727) .....
My all production PC r running under ADC windows2008 server. Recently I implement a file server in CentOS 5. Now I want to integrate Samba (File sharing) using Active Directory so that all access permission to file server comes from AD's permission.
View 2 Replies View RelatedI've set up smbd 3.4.7 on 10.04x64 LTS server. I've set up a couple shares and I'm having problems blocking access to certain directories using native file permissions. There is one directory that has folders for each sales rep to store their current list of quoted clients, I only want sales people to be able to browse the directories owned by themselves. Everything seems to be set up correctly in terms of user groups and permissions on the filesystem.
Below is marina, a sales rep, and brian, a super user of sorts.
id marina:
Code:
uid=1011(marina) gid=1006(office) groups=1006(office),1005(sales)
id nick:
Code:
uid=1000(brian) gid=1006(office) groups=1006(office),118(admin),1001(full),1002(processing),1003(management),1004(it),1005(sales)
Below is the directory with all the sales reps folders.
ls -la:
Code:
total 60
drwxrwxr-x 15 root it 4096 2011-02-10 20:06 .
drwxr-x--- 9 root office 4096 2010-11-19 12:40 ..
drwxrwx--- 13 katya full 4096 2010-12-07 12:36 Katya
drwxrwx--- 18 lana full 4096 2011-02-08 17:09 Lana
drwxrwx--- 23 marina full 4096 2011-02-10 18:09 Marina
drwxrwx--- 4 mike full 4096 2011-02-01 12:42 Mike
With this setup marina only be able to browse her folder, but she can browse all folders and has full write access to all folders. This leads me to believe something is up with the smbd.conf file, which is below.
Code:
[global]
workgroup = COMTREAD
null passwords = no
server string = Root Server
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0 .....
In this case the valid users directive would not work cause I am not making a share for each user. I had this on other shares like the db2 share. My windows box lagged heavily when I tried to access that share with an invalid user. How to deny users the ability to modify permissions I would also like to do that.
I want to use samba in ubuntu.For samba users i make a user in my linux box like
# useradd smith
# useradd jone
These users can also login into my ubuntu system if they want. For samba I want to know that, is there any way to create separate valid list of samba users so that they may access files from windows xp.
I've installed Ubuntu Server 7.10 Gutsy and Webmin 1.500 on it. The thing that I want to do is: I want to share a folder an sub folders for windows users ( guest user) I should modify those folders from my ubuntu desktop 9.10 karmic they are all same folders. Is it possible? if yes how can i make it. you can tell from webmin or samba configuration file.
View 8 Replies View RelatedIn my ongoing hunt for a Samba GUI that is feature packed, well supported, easy to use, yet doesn't suck, I found myself tinkering with eBox. I have it installed and fired up but I'm a little confused. I can add a Samba share - okay great. But I sorta need to add users. Where on earth can I add users? The users and group section of eBox doesn't appear to be related to what I need, and I also cannot get into the access control section of the very share I just created.
View 3 Replies View RelatedI have Ubuntu server 10.04 joined to a domain using Likewise Open. I can login using my domain credentials and have added my domain account to the sudoers file. Now that I've got it joined to the domain I want to add some samba shares and have domain members use their accounts to access them. However, no matter what combination of my domain name and the domain user or group I use in the valid users field it won't let me in. What's the proper way of inputting a domain user or group in the valid user field?
This is the entry I'm using for the share:
Code:
[testshare]
path = /srv/testshare
valid users = @"Domain Name+Domain Group" (Have tried many things here)
public = no
writable = yes
printable = no
create mask = 0765
i am taking another stab at this. The last time i attempted it, it seemed like everyone had a different way to do it, but nobody could give me an answer on how to do it...
I currently have a Domain Controller Running sme server and a domain controller, using ldap as a backend. I have two file servers runing ubuntu 10.04. My overall goal is to have it so when i create a username on the domain controller, it is then automatically copied over to the fileservers. This way everyone will have their own username and password to access the fileservers and ill be able to track what people do on the fileservers.
The next necessity is for me to be able to apply permissions to the folders on the fileserver based on the users that are created on the domain controller.
I having problems detecting my network:
Code:
I'm starting to think that samba is comprised of buggy applications and i'm basically hitting my head against a brick wall for the fun of it. Can anybody vouch for its reliability under fedora 13?
I am very new to Ubuntu (any Linux) evironment. And it has been a long long time since I have dealt with seting up servers. I have done alot of searching but haven't found exactly what I THINK I am looking for.
I want to create a file server (I have created my Ubuntu server cd) and add it to my home network (all windows pcs). I need to be able to access it when away from home ( I work away from home mostly). I will be accessing this with a Windows 7 laptop.
What do I need installed on the server? Samba for the file server part. What else for the remote access? I also would rather not access the data via FTP. I would like it to come up as a drive in my Windows Explorer. If not, I remember back in college (20 years ago) when I could open a little window (XWindow maybe) on the other server.
An issue I see that might not be an issue. I have a static IP from my ISP. It comes into my home via their modem. I attach to the modem with a router. All my laptops connect to it wireless and this server will be wired. How do I hit the server and not one of the laptops with only having the one IP address? Each of these plus my external harddrive and printer have their own internal IP address' that I have assigned.
After a near miss with my 1.5TB, RAID5 file server, I have decided that I need to backup my data to an external hardrive periodically.I have been looking at rsync but the question I have is: Do I format the external hard drive in EXT3 (the sameas my fileserver) or NTFS?All my main machines are Windoze, but the file server is Ubuntu with a samba share.If my server ever went belly up, I would like to be able to access my data from the external hard drive. I guess if it's in EXT3 then windows would be clueless... I would either need to fix the server pronto or access it with a live CD or something.What would I lose if I used NTFS instead of EXT3? I think I would lose permissions and possibly ownerhsip information - are there any other issues?
View 3 Replies View RelatedI was successfully using samba + fedora directory server in fedora 10 as a primary domain controller for my home network (achieved mostly by following barry905's instructions here: [url].
After upgrading to fedora 11, some of the pdc functionality no longer worked.
For example, when i ran 'pdbedit -Lv', i got:
Code:
I was able to fix this by adding to the [global] section in /etc/samba/smb.conf:
Code:
I also found that i could no longer join an xp computer to the domain. i discovered that for some reason, the samba administrator password had been cleared. after running:
Code:
That was fixed.
The last problem, which i have still not fixed, is that roaming profiles no longer work. when i try to do a domain login as user 'htpc' from an xp machine, i get the following message in xp:
Code:
Here's an excerpt of my /etc/samba/smb.conf:
Code:
I wish to prevent the samba messages (mainly nmbd and winbindd) from appearing in the system log (/var/log/messages). I want to allow samba logging to the standard samba logfiles, but prevent the syslog getting clogged up by samba. I added syslog = 0 to smb.conf and reloaded the config but the messages were still appearing. I also tried the following (and restarted the syslog via /sbin/service syslog restart) # Suppress messages from samba.
nmbd.* /dev/null
smbd.* /dev/null
winbindd.* /dev/null
For interests sake the messages I'm getting are below (I'm not concerned about the messages themselves, I can chase them up at my leisure via the samba logs) Mar 18 09:58:29 SERVER nmbd[3808]: query_name_response: Multiple (2) responses received for a query on subnet xx.yy.z.zz for name DOMAIN<1d>. Mar 18 09:58:29 SERVER nmbd[3808]: This response was from IP xx.yy.z.zz, reporting an IP address of xx.yy.z.zz.
I work as an system administrator for AIX and Linux servers. We have an FTP server running in Linux which has shared folders to Windows domain using Samba. The new requirement is to map users created to Linux machine to Windows users in such a way that, when a user logins into Windows machine with an ID say "X123" in domain "TEST", his access control to the samba shares should reflect based on the same user ID created in Linux machine.(FYI. Both the Windows and LINUX machines are in same network and domain). Please let me know the step by step procedure to configure Linux machine (smb.conf entries or any new file to be created for user mapping) to identify Windows user Login and provide access restrictions accordingly.
View 1 Replies View Relatedi installed Samba on my Fedora, have created couple of Share directories and assigned users accordingly, that part is apsolutly fine and working without any problem, but now the next step is i want to assign the quota limits to users to save the disk space,
View 2 Replies View RelatedThe company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
Is there any way to limit x number of samba users by samba ? Say if there are already 5 samba users using the share, I would like to restrict any futher samba requests.. How do i do that ?
View 1 Replies View RelatedHave recently setup Samba on a fresh install of Fedora 14 so that I can use it as a workstation in a Windows 2003 (win2k3) domain.
The install of Samba seems to have worked as I can connect to the Domain using ADS and kerberos. selinux and firewall have been disabled until I have it working 100%
The problem lies when i try to login to Gnome or TTY. It begins to create the home directory for the domain user logging in but after a certain process Fedora logs the user out of the system.
Have looked through several log files (/var/log/messages, log.winbindd, log.winbindd-dc-connect) but am unable to debug it any further.
Have posted the config files below which shows the Fedora machine is successfully connected to the domain as it lists its groups, users and validates logon credentials - it just won't logon!
Where i can go about debugging. Also if you need additional configs.
I am running a Fedora 3 that I had installed from a slightly outdated disk. and I have been making updates by using YUM. But I have a policy of only updating just what is needed and leaving the rest alone. This was fine until some time (I think is was) last year, when our friends at fedora had discontinued support for Fedora 3 and then unwisely deleted all the packages for fedora 3 and fedora 4 off there server. Now it has been a struggle just administer updates when application that I am adding become unhappy with the version that come off of the disk, and I end up with versions that are more current then I wanted. All I wanted is to have access to the packages that were left when the music stopped.
Hear is my current pediment. I now need to run PHP (something I never used until now) and version that came with the disk (ver 4.3.9) is too low for the scripts that I will be running. They need PHP 5. Now I know that were up to something like PHP 5.3.x. But I don't really need that. I am shore there is a version of PHP 5, like versions 5.1, that was available though YUM. If they only just left it there. At least Microsoft leaves all of there window 98 updates on there server for people to use, even though they don't support windows 98 any more.
The biggest reason I want to use YUM or even up2date for my installs and updates, is they minimized the risk of screwing something up.
Here is my question. Dos, anyone know where there is a mirror of fedora 3 updates that fedora used to have on there site?
I am hopping to be able to adjust the baseurl= line in the fedora.repo file to point it to this new mirror and make YUM work like NEW.
My Fedora box is giving me an SELinux security error:
Code: Summary:
SELinux is preventing the samba daemon from reading users' home directories.
Detailed Description:
SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)
Allowing Access: If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
Fix Command:
setsebool -P samba_enable_home_dirs=1
Additional Information:
Source Context system_u:system_r:smbd_t:s0
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects /home/micah [ dir ]
Source smbd
[code]....
I ran "yum update" on 03-06-2009 and it updated my samba version from
3.2.8-0.26.fc10.x86_64
to
3.2.11-0.30.fc10.x86_64
My network shares then became read only!After some digging it turns out my system is not working because of Samba bug 6291, the "force user" option is no longer working.
Ideally I would run another "yum update" and that would fix the problem. Apparently the bug has been fixed in Samba 3.4.0pre2 - when can when we expect that to be released and included when I do a "yum update"?
Alternatively how do I get back to version 3.2.8-0.26.fc10.x86_64 ?
I upgraded from Fedora 10 to Fedora 11, and it seems that when I saved my main.cf file, something changed in the versions and it no longer works. I've tried going through the file and tweaking it, but it's not working. Here is the postconf
[Code]...
Alright I have read through and tried many different tutorials but a VAST majority of them are with virtual users. This is my own personal email server so virtual users is unneccessary when I can just use the users personal mailbox.
My postfix main.cf there are 2 things I am unsure of. 1) For system users which local_recipiant_maps do i use? 2) What should mynetworks be?As I have been testing it out through telnet I can send mail but it doesnt get to my test email (a gmail account) and when i try to send an email locally it seems that everything works fine but the mail doesnt get there, and the error i am getting is that it cant find the user.
