Samba: Difference between revisions
m (→FAQ) |
m (→HOWTO) |
||
(10 intermediate revisions by the same user not shown) | |||
Line 20: | Line 20: | ||
*[http://www.opensubscriber.com/message/samba%40lists.samba.org/2866267.html Migrating profiles] | *[http://www.opensubscriber.com/message/samba%40lists.samba.org/2866267.html Migrating profiles] | ||
=smb.conf= | |||
*[https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html smb.conf manpage] | |||
==server role== | |||
*[https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html#SERVERROLE server role] | |||
==Samba and DNS== | |||
*[https://wiki.samba.org/index.php/DNS_Administration DNS Administration] | |||
Line 68: | Line 75: | ||
*[http://ctdb.samba.org/ CTDB] | *[http://ctdb.samba.org/ CTDB] | ||
*[http://www.how2forge.org/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 Setting Up An Active/Active Samba CTDB Cluster Using GFS & DRBD] | *[http://www.how2forge.org/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 Setting Up An Active/Active Samba CTDB Cluster Using GFS & DRBD] | ||
=HOWTO= | |||
==Automatically create home directory== | |||
On Ubuntu: | |||
pam-auth-update --enable mkhomedir | |||
==Rename linux domain member== | |||
https://marc.info/?l=smb-clients&m=121764337631413 | |||
net ads leave -U administrator@MYDOMAIN.COM | |||
Next, change the netbios name value in the /etc/samba/smb.conf file, e.g. | |||
netbios name = <NEW NAME> | |||
Restart the samba and winbind daemons | |||
# /etc/init.d/smb restart && /etc/init.d/winbind restart | |||
Finally, you rejoin it to the domain | |||
net ads join -U administrator@MYDOMAIN.COM | |||
Make sure everything OK. | |||
net ads testjoin | |||
getent passwd | |||
getent group | |||
Check winbind | |||
wbinfo -t | |||
wbinfo -u | |||
==User management== | |||
===List users=== | |||
pdbedit -L -v | |||
=Software= | =Software= | ||
Line 126: | Line 172: | ||
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs | HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs | ||
==Dump/check configuration== | |||
testparm | |||
==Windows complaining about wrong rights on profile== | ==Windows complaining about wrong rights on profile== | ||
Line 177: | Line 225: | ||
#or all of them: | #or all of them: | ||
smbcontrol all reload-config | smbcontrol all reload-config | ||
===Can't find pid for destination 'reload-config'=== | |||
You were using wrong syntax | |||
===Failed to join domain: failed to find DC for domain FOO - The object was not found.=== | |||
start with checking dns | |||
===check_account: Failed to find local account with UID=== | |||
Check for winbind plugins and presence in nsswitch.conf |
Latest revision as of 10:29, 12 July 2024
Documentation
- Homepage
- Samba HOWTO collection
- my old samba links
- O'Reilly book
- Gentoo Samba Howto
- fully automating the installation of Windows 2000 Professional and Server, Windows XP, and Windows Server 2003
- User Rights and Privileges
- Oplocks
- Samba error messages
- Samba Domain Model
- groups members etc
Samba and ACLs
Migration
- NT to Samba migration
- Migration from NT4 PDC to Samba-3 PDC
- http://lists.samba.org/archive/samba/2005-December/114772.html
- Migrating profiles
smb.conf
server role
Samba and DNS
Samba and LDAP
- Automated Samba + LDAP Installation For FreeBSD 7.1
- Samba&LDAP doc
- smbldap-tools
- Samba-LDAP on Debian
- Debian Samba 3 / LDAP / PHP LDAP Admin HOWTO
- samba and ldap
- Part I: Using OpenLDAP on Debian Woody to serve Linux and Samba Users
- http://swik.net/Samba+LDAP (vague collection of links)
- change password on samba/ldap
- LJ quick howto for samba/ldap
- LDAP Authentication
- Samba3 and LDAP
- Another pam/ldap page, just some broken pics there
- Samba (v.3) PDC LDAP howto
- http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Basic_Setup
- Samba-LDAP howto
Samba as PDC
- Samba as PDC
- Samba PDC mini-HOWTO
- Troubleshooting Roaming Profiles on Microsoft Windows NT/2000
- Samba as PDF on Gentoo
- profile management
- Samba and windows profiles
- UNIX and Windows User Management
- Managing Samba: Remote GUI tools
- HOWTO LDAP SAMBA PDC Performance Tuning
- How to setup PDC using Samba in Debian
net rpc group addmem "Domain Users" someuser
nt 4.0 reskit to manage domain users!!
cpau.exe to run stuff as other user
remember to add option netbios-name-servers to dhcpd.conf
High Availability
HOWTO
Automatically create home directory
On Ubuntu:
pam-auth-update --enable mkhomedir
Rename linux domain member
https://marc.info/?l=smb-clients&m=121764337631413
net ads leave -U administrator@MYDOMAIN.COM
Next, change the netbios name value in the /etc/samba/smb.conf file, e.g.
netbios name = <NEW NAME>
Restart the samba and winbind daemons
- /etc/init.d/smb restart && /etc/init.d/winbind restart
Finally, you rejoin it to the domain
net ads join -U administrator@MYDOMAIN.COM
Make sure everything OK.
net ads testjoin getent passwd getent group
Check winbind
wbinfo -t wbinfo -u
User management
List users
pdbedit -L -v
Software
Terms
Commands and tools
net
testparm
pdbedit
pdbedit -L
smbmount
mount -t smbfs -o username=someuser //servername/sharename /mnt/sharename/
or in fstab:
//servername/sharename /mountpoint cifs noauto,username=foobar 0 0
If you get very vague warnings on debian this means you didn't install one of many smb* packages, probably smbfs
smbclient
smbstatus
smbtree
nmblookup
nmblookup -M domainname
wins
dfree
to show correct disk space/free
- gsambad too manage samba users
tdbtool
tdbbackup
Windows commands
(if not found, install NT 4.0 Resource Kit)
nltest
http://support.microsoft.com/kb/158148
gpresult
gpedit
FAQ
Cannot update roaming profile
Usually because a file is in use, check out
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs
Dump/check configuration
testparm
Windows complaining about wrong rights on profile
- http://gentoo-wiki.com/HOWTO_Implement_Samba_as_your_PDC#Configure_Windows_XP_clients
- http://support.microsoft.com/kb/327259
- http://support.microsoft.com/kb/221833
No security tab in Explorer
Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security
profile acls = yes
Can't join domain
close all shares log in to windows, no anonymous 'login'
on access virus scanning
Windows cannot connect to the domain, etc..
Switch to workgroup, set system name first, reboot, join domain again, reboot.
win2k: Error joining domain: User name could not be found
means samba couldn't find MACHINE name, probably a failing add machine script? also check /var/log/samba/log.machinename for Get_Pwnam and "add machine"
create_builtin_users: Failed to create Users
we can only guess
Unable to sync browse lists in this workgroup
Unable to find the Domain Master Browser name for the workgroup find_domain_master_name_query_fail
synching mess
turn off csc policy
CIFS VFS: cifs_mount failed w/return code = -5
add sec=ntlm to options
Find samba config file
smbd -b | grep "CONFIGFILE"
reload samba config
smbcontrol smbd reload-config
- or all of them:
smbcontrol all reload-config
Can't find pid for destination 'reload-config'
You were using wrong syntax
Failed to join domain: failed to find DC for domain FOO - The object was not found.
start with checking dns
check_account: Failed to find local account with UID
Check for winbind plugins and presence in nsswitch.conf