I am trying to run Samba 2.2.4 on solaris 2.8 with W2K clients. I have an NT app installed onto the Solaris 8 server which i would like to run off of the mapped samba network drive. When i try to start the NT app it attempts to read a file on the samba drive called .root.passwords but fails (This file can be accessed with notepad). The following is an extract from the samba error log. I get the same error message with NT ACL support both enabled and disabled. 2002/05/15 13:11:52, 3] lib/util.c:(387) unix_clean_name [/common/config/.root.passwords] [2002/05/15 13:11:52, 3] smbd/dosmode.c:(111) unix_mode(common/config/.root.passwords) returning 0644 [2002/05/15 13:11:52, 3] lib/util.c:(387) unix_clean_name [common/config/.root.passwords] [2002/05/15 13:11:52, 4] smbd/open.c:(892) calling open_file with flags=0x0 flags2=0x0 mode=0644 [2002/05/15 13:11:52, 2] smbd/open.c:(233) INSTALL opened file common/config/.root.passwords read=Yes write=No (numopen=10) [2002/05/15 13:11:52, 3] smbd/posix_acls.c:(449) unpack_nt_owners: unable to validate owner sid for S-1-5-21-1456024563-1430335328-122644288-2355. [2002/05/15 13:11:52, 2] smbd/close.c:(213) kplus closed file common/config/.root.passwords (numopen=9) [2002/05/15 13:11:52, 3] smbd/error.c:(91) error string = No such file or directory [2002/05/15 13:11:52, 3] smbd/error.c:(110) error packet at smbd/nttrans.c(1375) cmd=160 (SMBnttrans) NT_STATUS_ACCESS_DENIED [2002/05/15 13:11:52, 3] smbd/process.c:(866) Transaction 320 of length 45 [2002/05/15 13:11:52, 3] smbd/process.c:(673) switch message SMBclose (pid 928) [2002/05/15 13:11:52, 4] smbd/uid.c:(118) change_to_user: Skipping user change - already user [2002/05/15 13:11:52, 3] smbd/sec_ctx.c:(314) setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0 [2002/05/15 13:11:52, 3] smbd/sec_ctx.c:(319) 1 user groups: 1000 This is a problem that i have reported previously and from what i gather it is a known bug that is being worked on. The error message has changed slightly since previous samba 2.2.X versions. The following log extract is taken from the same problem with samba 2.2.3a -> [2002/02/21 11:15:44, 3] smbd/posix_acls.c:unpack_nt_owners(443) > unpack_nt_owners: unable to validate owner sid.Note the missing "for S-1-5-21-1456024563-1430335328-122644288-2355" that i now get with 2.2.4 This application has worked fine with samba 2.0.X with WINNT clients for a couple of years but this problem is now preventing me from upgrading not only samba 2.0.X to 2.2.X but WINNT to 2000 and Solaris2.6 to Solaris 8. If anyone can give me an idea of why this is happening, if there is a way around it, and if there is likely to be a fix for it soon it would be appreciated. Just incase you need it heres my smb.conf # Samba config file created using SWAT # from lnserver (10.33.47.4) # Date: 2002/05/15 13:09:03 # Global parameters [global] workgroup = BCILDN netbios name = LNKSVR5 netbios aliases = lnksvr5 security = DOMAIN encrypt passwords = Yes map to guest = Bad User password server = LNSERVER SATURN_BDC username map = /usr/local/samba/private/usermap log level = 4 syslog = 4 guest account = ksmb create mask = 0644 [kplushome] comment = kplushome path = /usr/kplushome read only = No guest ok = Yes nt acl support = No hide dot files = No fstype = Samba [homes] comment = homes path = /HOME/%u read only = No browseable = No Thanks Tom Mead
Hello, I'm trying to use the VFS modules included with version 2.2.4. System is RedHat 7.2 with precompiled binaries from samba.org. Modules (audit & recycle) have been recompiled from sources. The recycle modules doesn't work at all for me, panic & crashes whenever I try to delete a file. The audit module seem to work but every now and then it crashes also. Anybody has hany experience with this? Thanks. Regards, -- Denis Sbragion InfoTecna Tel: +39 0362 805396, Fax: +39 0362 805404 URL: http://www.infotecna.it
On Wed, 15 May 2002, Mead, Tom wrote:> This is a problem that i have reported previously and from what i gather > it is a known bug that is being worked on. The error message has changed > slightly since previous samba 2.2.X versions. The following log extract > is taken from the same problem with samba 2.2.3a - > > > [2002/02/21 11:15:44, 3] smbd/posix_acls.c:unpack_nt_owners(443) > > unpack_nt_owners: unable to validate owner sid. > Note the missing "for S-1-5-21-1456024563-1430335328-122644288-2355" that i > now get with 2.2.4 > > This application has worked fine with samba 2.0.X with WINNT clients for > a couple of years but this problem is now preventing me from upgrading > not only samba 2.0.X to 2.2.X but WINNT to 2000 and Solaris2.6 to > Solaris 8. If anyone can give me an idea of why this is happening, if > there is a way around it, and if there is likely to be a fix for it soon > it would be appreciated.OK. You are not running winbindd correct? Is this a domain SID or the SID of the local Samba box? cheers, jerry --------------------------------------------------------------------- Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org -- http://www.plainjoe.org "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--
A 07:38 16/05/02 -0500, Gerald Carter a ?crit :>On Wed, 15 May 2002, Mead, Tom wrote: > >> This is a problem that i have reported previously and from what i gather >> it is a known bug that is being worked on. The error message has changed >> slightly since previous samba 2.2.X versions. The following log extract >> is taken from the same problem with samba 2.2.3a - >> >> > [2002/02/21 11:15:44, 3] smbd/posix_acls.c:unpack_nt_owners(443) >> > unpack_nt_owners: unable to validate owner sid. >> Note the missing "for S-1-5-21-1456024563-1430335328-122644288-2355" that i >> now get with 2.2.4 >> >> This application has worked fine with samba 2.0.X with WINNT clients for >> a couple of years but this problem is now preventing me from upgrading >> not only samba 2.0.X to 2.2.X but WINNT to 2000 and Solaris2.6 to >> Solaris 8. If anyone can give me an idea of why this is happening, if >> there is a way around it, and if there is likely to be a fix for it soon >> it would be appreciated. > >OK. You are not running winbindd correct? Is this a domain SID >or the SID of the local Samba box?might this be related to the following problem ? [root@server share]# /usr/local/samba/bin/smbcacls //server/share file -U DOMAIN\\ADMIN%PASSWORD INFO: Debug class all level = 2 (pid 13443 from pid 13443) added interface ip=a.b.c.d bcast=a.b.c.255 nmask=255.255.255.0 REVISION:1 error connecting to a.b.c.d:445 (Connection refused) failed session setup OWNER:S-1-5-21-xxxxxxxxxx-yyyyyyyyyy-zzzzzzzzz-1607 cli_pipe: return critical error. Error was NT_STATUS_NETWORK_NAME_DELETED GROUP:S-1-5-21-xxxxxxxxxx-yyyyyyyyyy-zzzzzzzzz-3925 ACL:cli_pipe: return critical error. Error was NT_STATUS_NETWORK_NAME_DELETED S-1-1-0:ALLOWED/0/O ACL:cli_pipe: return critical error. Error was NT_STATUS_NETWORK_NAME_DELETED S-1-5-21-xxxxxxxxxx-yyyyyyyyyy-zzzzzzzzz-3925:ALLOWED/0/O ... [root@server share]# SIDs are either local or domain SIDs - * - * - * - * - * - * - Bien s?r que je suis perfectionniste ! Mais ne pourrais-je pas l'?tre mieux ? Thierry ITTY eMail : Thierry.Itty@Besancon.org FRANCE
Hi,
Thanks for replying - I assumed from your reply that i should have winbindd
running so i have configured and started it up as i wasn't using it before -
see smbd.conf below
[global]
workgroup = BCILDN
netbios name = LNKSVR5
netbios aliases = lnksvr5
security = DOMAIN
encrypt passwords = Yes
map to guest = Bad User
password server = LNSERVER SATURN_BDC
username map = /usr/local/samba/private/usermap
log level = 4
syslog = 4
winbind uid = 10000-20000
winbind gid = 10000-20000
guest account = ksmb
create mask = 0644
[kplushome]
comment = kplushome
path = /usr/kplushome
read only = No
guest ok = Yes
nt acl support = No
hide dot files = No
fstype = Samba
[homes]
comment = homes
path = /HOME/%u
read only = No
browseable = No
I have tried to start the app as mentioned before but it fails with the same
error (Unable to read .root.passwords). The log output is below.
2002/05/16 16:34:31, 3] lib/util.c:(387)
unix_clean_name [/common/config/.root.passwords]
[2002/05/16 16:34:31, 3] smbd/dosmode.c:(111)
unix_mode(common/config/.root.passwords) returning 0644
[2002/05/16 16:34:31, 3] lib/util.c:(387)
unix_clean_name [common/config/.root.passwords]
[2002/05/16 16:34:31, 4] smbd/open.c:(892)
calling open_file with flags=0x0 flags2=0x0 mode=0644
[2002/05/16 16:34:31, 2] smbd/open.c:(233)
INSTALL opened file common/config/.root.passwords read=Yes write=No
(numopen=1
0)
[2002/05/16 16:34:32, 3] smbd/posix_acls.c:(2112)
set_nt_acl: chown common/config/.root.passwords. uid = 10000, gid = 10000.
[2002/05/16 16:34:32, 3] smbd/posix_acls.c:(2116)
set_nt_acl: chown common/config/.root.passwords, 10000, 10000 failed.
Error Not owner.
[2002/05/16 16:34:32, 2] smbd/close.c:(213)
kplus closed file common/config/.root.passwords (numopen=9)
[2002/05/16 16:34:32, 3] smbd/error.c:(91)
error string = Not owner
[2002/05/16 16:34:32, 3] smbd/error.c:(110)
error packet at smbd/nttrans.c(1375) cmd=160 (SMBnttrans)
NT_STATUS_ACCESS_DEN
IED
[2002/05/16 16:34:32, 3] smbd/process.c:(866)
Transaction 335 of length 45
[2002/05/16 16:34:32, 3] smbd/process.c:(673)
switch message SMBclose (pid 1177)
[2002/05/16 16:34:32, 4] smbd/uid.c:(118)
change_to_user: Skipping user change - already user
[2002/05/16 16:34:32, 3] smbd/sec_ctx.c:(314)
setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0
[2002/05/16 16:34:32, 3] smbd/sec_ctx.c:(319)
2 user groups:
1000 10000
[2002/05/16 16:34:32, 3] smbd/reply.c:(3021)
close fd=33 fnum=8437 (numopen=9)
[2002/05/16 16:34:32, 2] smbd/close.c:(213)
kplus closed file kplus/winnt/bin/msvcirt.dll (numopen=8)
[2002/05/16 16:34:32, 3] smbd/process.c:(866)
Transaction 336 of length 45
[2002/05/16 16:34:32, 3] smbd/process.c:(673)
switch message SMBclose (pid 1177)
[2002/05/16 16:34:32, 4] smbd/uid.c:(118)
change_to_user: Skipping user change - already user
[2002/05/16 16:34:32, 3] smbd/sec_ctx.c:(314)
setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0
[2002/05/16 16:34:32, 3] smbd/sec_ctx.c:(319)
2 user groups:
1000 10000
To answer your second question - i'm not sure if it is the domain SID or the
SID of the box. How do i find out?
Thanks
Tom
-----Original Message-----
From: Gerald Carter [mailto:jerry@samba.org]
Sent: 16 May 2002 13:39
To: Mead, Tom
Cc: 'samba@lists.samba.org'
Subject: Re: [Samba] Unable to validate owner sid.
On Wed, 15 May 2002, Mead, Tom wrote:
> This is a problem that i have reported previously and from what i gather
> it is a known bug that is being worked on. The error message has changed
> slightly since previous samba 2.2.X versions. The following log extract
> is taken from the same problem with samba 2.2.3a -
>
> > [2002/02/21 11:15:44, 3] smbd/posix_acls.c:unpack_nt_owners(443)
> > unpack_nt_owners: unable to validate owner sid.
> Note the missing "for
S-1-5-21-1456024563-1430335328-122644288-2355" that
i> now get with 2.2.4
>
> This application has worked fine with samba 2.0.X with WINNT clients for
> a couple of years but this problem is now preventing me from upgrading
> not only samba 2.0.X to 2.2.X but WINNT to 2000 and Solaris2.6 to
> Solaris 8. If anyone can give me an idea of why this is happening, if
> there is a way around it, and if there is likely to be a fix for it soon
> it would be appreciated.
OK. You are not running winbindd correct? Is this a domain SID
or the SID of the local Samba box?
cheers, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN
0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--