Samba: Difference between revisions
m (→HOWTO) |
|||
(70 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=Documentation= | |||
*[http://www.samba.org Homepage] | *[http://www.samba.org Homepage] | ||
Line 9: | Line 9: | ||
*[http://samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html User Rights and Privileges] | *[http://samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html User Rights and Privileges] | ||
*[http://samba.osmirror.nl/samba/docs/man/Samba-HOWTO-Collection/locking.html Oplocks] | *[http://samba.osmirror.nl/samba/docs/man/Samba-HOWTO-Collection/locking.html Oplocks] | ||
*[http://www.wlug.org.nz/SambaErrorMessages Samba error messages] | |||
*[http://docs.hp.com/en/B8725-90074/ch11s02.html Samba Domain Model] | |||
*[http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1155693,00.html groups members etc] | |||
==Samba and ACLs== | |||
*http://www.bluelightning.org/linux/samba_acl_howto/ | |||
==Migration== | |||
*[http://us3.samba.org/samba/docs/man/Samba-Guide/ntmigration.html NT to Samba migration] | |||
*[http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/NT4Migration.html Migration from NT4 PDC to Samba-3 PDC] | |||
*http://lists.samba.org/archive/samba/2005-December/114772.html | |||
*[http://www.opensubscriber.com/message/samba%40lists.samba.org/2866267.html Migrating profiles] | |||
=smb.conf= | |||
*[https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html smb.conf manpage] | |||
==server role== | |||
*[https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html#SERVERROLE server role] | |||
==Samba and DNS== | |||
*[https://wiki.samba.org/index.php/DNS_Administration DNS Administration] | |||
== Samba and LDAP == | == Samba and LDAP == | ||
*[http://autosambaldap.sourceforge.net/ Automated Samba + LDAP Installation For FreeBSD 7.1] | |||
*[http://wiki.samba.org/index.php/Samba_&_LDAP Samba&LDAP doc] | *[http://wiki.samba.org/index.php/Samba_&_LDAP Samba&LDAP doc] | ||
*[[smbldap-tools]] | *[[smbldap-tools]] | ||
Line 16: | Line 39: | ||
*[http://www.nomis52.net/?section=docs&page=samldap Debian Samba 3 / LDAP / PHP LDAP Admin HOWTO] | *[http://www.nomis52.net/?section=docs&page=samldap Debian Samba 3 / LDAP / PHP LDAP Admin HOWTO] | ||
*[http://www.ofb.net/~jheiss/samba/ldap.shtml samba and ldap] | *[http://www.ofb.net/~jheiss/samba/ldap.shtml samba and ldap] | ||
*[http://aqua.subnet.at/~max/ldap/ Part I: Using OpenLDAP on Debian Woody to serve Linux and Samba Users] | *[http://aqua.subnet.at/~max/ldap/ Part I: Using OpenLDAP on Debian Woody to serve Linux and Samba Users] | ||
*[http://swik.net/Samba+LDAP http://swik.net/Samba+LDAP] (vague collection of links) | *[http://swik.net/Samba+LDAP http://swik.net/Samba+LDAP] (vague collection of links) | ||
Line 25: | Line 47: | ||
*[http://www.nomis52.net/?section=docs&page=samldap Another pam/ldap page, just some broken pics there] | *[http://www.nomis52.net/?section=docs&page=samldap Another pam/ldap page, just some broken pics there] | ||
*[http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html Samba (v.3) PDC LDAP howto] | *[http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html Samba (v.3) PDC LDAP howto] | ||
*http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Basic_Setup | |||
*[http://www.iallanis.info/smbldap-tools/docs/samba-ldap-howto/ Samba-LDAP howto] | |||
==Samba as PDC== | ==Samba as PDC== | ||
*[[Samba as PDC]] | |||
*[http://daniel.fiser.cz/?go=samba Samba PDC mini-HOWTO] | *[http://daniel.fiser.cz/?go=samba Samba PDC mini-HOWTO] | ||
*[http://www.novell.com/coolsolutions/feature/5832.html Troubleshooting Roaming Profiles on Microsoft Windows NT/2000] | *[http://www.novell.com/coolsolutions/feature/5832.html Troubleshooting Roaming Profiles on Microsoft Windows NT/2000] | ||
Line 35: | Line 60: | ||
*[http://searchopensource.techtarget.com/tip/0,289483,sid39_gci1159865,00.html Managing Samba: Remote GUI tools] | *[http://searchopensource.techtarget.com/tip/0,289483,sid39_gci1159865,00.html Managing Samba: Remote GUI tools] | ||
*[http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Performance_Tuning HOWTO LDAP SAMBA PDC Performance Tuning] | *[http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Performance_Tuning HOWTO LDAP SAMBA PDC Performance Tuning] | ||
*[http://itdump.wordpress.com/2007/11/22/how-to-setup-pdc-using-samba/ How to setup PDC using Samba in Debian] | |||
net rpc group addmem "Domain Users" someuser | net rpc group addmem "Domain Users" someuser | ||
Line 42: | Line 68: | ||
cpau.exe to run stuff as other user | cpau.exe to run stuff as other user | ||
=== | remember to add option ''netbios-name-servers'' to ''dhcpd.conf'' | ||
*http:// | |||
==High Availability== | |||
*[http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/SambaHA.html High Availability] | |||
*[http://ctdb.samba.org/ CTDB] | |||
*[http://www.how2forge.org/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 Setting Up An Active/Active Samba CTDB Cluster Using GFS & DRBD] | |||
=HOWTO= | |||
==Automatically create home directory== | |||
On Ubuntu: | |||
pam-auth-update --enable mkhomedir | |||
==Rename linux domain member== | |||
https://marc.info/?l=smb-clients&m=121764337631413 | |||
net ads leave -U administrator@MYDOMAIN.COM | |||
Next, change the netbios name value in the /etc/samba/smb.conf file, e.g. | |||
netbios name = <NEW NAME> | |||
Restart the samba and winbind daemons | |||
# /etc/init.d/smb restart && /etc/init.d/winbind restart | |||
Finally, you rejoin it to the domain | |||
net ads join -U administrator@MYDOMAIN.COM | |||
Make sure everything OK. | |||
net ads testjoin | |||
getent passwd | |||
getent group | |||
Check winbind | |||
wbinfo -t | |||
wbinfo -u | |||
==User management== | |||
===List users=== | |||
pdbedit -L -v | |||
=Software= | |||
*http://www.samba.org/samba/GUI/ | |||
=Terms= | |||
*[[RID]] | *[[RID]] | ||
*[[SID]] | *[[SID]] | ||
= Commands and tools= | |||
* | ==net== | ||
*[http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetCommand.html Chapter 13. Remote and Local Management: The Net Command] | |||
==testparm== | |||
==pdbedit== | |||
*smbclient | pdbedit -L | ||
==smbmount== | |||
mount -t smbfs -o username=someuser //servername/sharename /mnt/sharename/ | |||
or in fstab: | |||
//servername/sharename /mountpoint cifs noauto,username=foobar 0 0 | |||
If you get very vague warnings on debian this means you didn't install one of many smb* packages, probably '''smbfs''' | |||
==[[smbclient]]== | |||
==smbstatus== | |||
==smbtree== | |||
==nmblookup== | |||
nmblookup -M domainname | |||
==wins== | |||
==dfree== | |||
to show correct disk space/free | |||
*[http://sourceforge.net/projects/lam LDAP Account Manager] | *[http://sourceforge.net/projects/lam LDAP Account Manager] | ||
*[http://www.nomis52.net/data/mkntpwd.tar.gz mkntpwd.tar.gz] | *[http://www.nomis52.net/data/mkntpwd.tar.gz mkntpwd.tar.gz] | ||
*[http://wiki.samba.org/index.php/Account_Management_Tools Samba Account Management Tools] | *[http://wiki.samba.org/index.php/Account_Management_Tools Samba Account Management Tools] | ||
== | *gsambad too manage samba users | ||
===Cannot update roaming profile | |||
==tdbtool== | |||
==tdbbackup== | |||
=Windows commands= | |||
(if not found, install NT 4.0 Resource Kit) | |||
==nltest== | |||
http://support.microsoft.com/kb/158148 | |||
==gpresult== | |||
==gpedit== | |||
=FAQ= | |||
==Cannot update roaming profile== | |||
Usually because a file is in use, check out | Usually because a file is in use, check out | ||
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs | HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs | ||
===Can't join domain | ==Dump/check configuration== | ||
testparm | |||
==Windows complaining about wrong rights on profile== | |||
*http://gentoo-wiki.com/HOWTO_Implement_Samba_as_your_PDC#Configure_Windows_XP_clients | |||
*http://support.microsoft.com/kb/327259 | |||
*http://support.microsoft.com/kb/221833 | |||
==No security tab in Explorer== | |||
*http://www.mydigitallife.info/2006/07/19/missing-or-no-security-tab-found-in-windows-xp-professional/ | |||
===Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security=== | |||
profile acls = yes | |||
==Can't join domain== | |||
close all shares | close all shares | ||
log in to windows, no anonymous 'login' | log in to windows, no anonymous 'login' | ||
==on access virus scanning== | |||
*http://johannes.jakeapp.com/blog/?p=54 | |||
*http://www.dazuko.org | |||
==Windows cannot connect to the domain, etc..== | |||
Switch to workgroup, set system name first, reboot, join domain again, reboot. | |||
==win2k: Error joining domain: User name could not be found== | |||
means samba couldn't find MACHINE name, probably a failing add machine script? | |||
also check /var/log/samba/log.machinename for Get_Pwnam and "add machine" | |||
==create_builtin_users: Failed to create Users== | |||
we can only guess | |||
==Unable to sync browse lists in this workgroup== | |||
Unable to find the Domain Master Browser name for the workgroup | |||
find_domain_master_name_query_fail | |||
==synching mess== | |||
turn off csc policy | |||
==CIFS VFS: cifs_mount failed w/return code = -5== | |||
add sec=ntlm to options | |||
==Find samba config file== | |||
smbd -b | grep "CONFIGFILE" | |||
==reload samba config== | |||
smbcontrol smbd reload-config | |||
#or all of them: | |||
smbcontrol all reload-config | |||
===Can't find pid for destination 'reload-config'=== | |||
You were using wrong syntax | |||
===Failed to join domain: failed to find DC for domain FOO - The object was not found.=== | |||
start with checking dns | |||
=== | ===check_account: Failed to find local account with UID=== | ||
Check for winbind plugins and presence in nsswitch.conf |
Latest revision as of 10:29, 12 July 2024
Documentation
- Homepage
- Samba HOWTO collection
- my old samba links
- O'Reilly book
- Gentoo Samba Howto
- fully automating the installation of Windows 2000 Professional and Server, Windows XP, and Windows Server 2003
- User Rights and Privileges
- Oplocks
- Samba error messages
- Samba Domain Model
- groups members etc
Samba and ACLs
Migration
- NT to Samba migration
- Migration from NT4 PDC to Samba-3 PDC
- http://lists.samba.org/archive/samba/2005-December/114772.html
- Migrating profiles
smb.conf
server role
Samba and DNS
Samba and LDAP
- Automated Samba + LDAP Installation For FreeBSD 7.1
- Samba&LDAP doc
- smbldap-tools
- Samba-LDAP on Debian
- Debian Samba 3 / LDAP / PHP LDAP Admin HOWTO
- samba and ldap
- Part I: Using OpenLDAP on Debian Woody to serve Linux and Samba Users
- http://swik.net/Samba+LDAP (vague collection of links)
- change password on samba/ldap
- LJ quick howto for samba/ldap
- LDAP Authentication
- Samba3 and LDAP
- Another pam/ldap page, just some broken pics there
- Samba (v.3) PDC LDAP howto
- http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Basic_Setup
- Samba-LDAP howto
Samba as PDC
- Samba as PDC
- Samba PDC mini-HOWTO
- Troubleshooting Roaming Profiles on Microsoft Windows NT/2000
- Samba as PDF on Gentoo
- profile management
- Samba and windows profiles
- UNIX and Windows User Management
- Managing Samba: Remote GUI tools
- HOWTO LDAP SAMBA PDC Performance Tuning
- How to setup PDC using Samba in Debian
net rpc group addmem "Domain Users" someuser
nt 4.0 reskit to manage domain users!!
cpau.exe to run stuff as other user
remember to add option netbios-name-servers to dhcpd.conf
High Availability
HOWTO
Automatically create home directory
On Ubuntu:
pam-auth-update --enable mkhomedir
Rename linux domain member
https://marc.info/?l=smb-clients&m=121764337631413
net ads leave -U administrator@MYDOMAIN.COM
Next, change the netbios name value in the /etc/samba/smb.conf file, e.g.
netbios name = <NEW NAME>
Restart the samba and winbind daemons
- /etc/init.d/smb restart && /etc/init.d/winbind restart
Finally, you rejoin it to the domain
net ads join -U administrator@MYDOMAIN.COM
Make sure everything OK.
net ads testjoin getent passwd getent group
Check winbind
wbinfo -t wbinfo -u
User management
List users
pdbedit -L -v
Software
Terms
Commands and tools
net
testparm
pdbedit
pdbedit -L
smbmount
mount -t smbfs -o username=someuser //servername/sharename /mnt/sharename/
or in fstab:
//servername/sharename /mountpoint cifs noauto,username=foobar 0 0
If you get very vague warnings on debian this means you didn't install one of many smb* packages, probably smbfs
smbclient
smbstatus
smbtree
nmblookup
nmblookup -M domainname
wins
dfree
to show correct disk space/free
- gsambad too manage samba users
tdbtool
tdbbackup
Windows commands
(if not found, install NT 4.0 Resource Kit)
nltest
http://support.microsoft.com/kb/158148
gpresult
gpedit
FAQ
Cannot update roaming profile
Usually because a file is in use, check out
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\ExcludeProfileDirs
Dump/check configuration
testparm
Windows complaining about wrong rights on profile
- http://gentoo-wiki.com/HOWTO_Implement_Samba_as_your_PDC#Configure_Windows_XP_clients
- http://support.microsoft.com/kb/327259
- http://support.microsoft.com/kb/221833
No security tab in Explorer
Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security
profile acls = yes
Can't join domain
close all shares log in to windows, no anonymous 'login'
on access virus scanning
Windows cannot connect to the domain, etc..
Switch to workgroup, set system name first, reboot, join domain again, reboot.
win2k: Error joining domain: User name could not be found
means samba couldn't find MACHINE name, probably a failing add machine script? also check /var/log/samba/log.machinename for Get_Pwnam and "add machine"
create_builtin_users: Failed to create Users
we can only guess
Unable to sync browse lists in this workgroup
Unable to find the Domain Master Browser name for the workgroup find_domain_master_name_query_fail
synching mess
turn off csc policy
CIFS VFS: cifs_mount failed w/return code = -5
add sec=ntlm to options
Find samba config file
smbd -b | grep "CONFIGFILE"
reload samba config
smbcontrol smbd reload-config
- or all of them:
smbcontrol all reload-config
Can't find pid for destination 'reload-config'
You were using wrong syntax
Failed to join domain: failed to find DC for domain FOO - The object was not found.
start with checking dns
check_account: Failed to find local account with UID
Check for winbind plugins and presence in nsswitch.conf