Borrione Aldo
1999-Nov-09 15:38 UTC
2nd trial: Browsing problems with Samba 2.0.5 on HP-UX and WinNT4 .0SP4
We're *****very happy***** samba users in an environment where: 3 HP-UX 10.20 9000/700 ws act as servers for about 35 Win95/NT clients. Just upgraded to 2-0-5a: much performance for clients with very very low ws load. Great. There is one ws acting as main server offering disks via NFS to the other two, and there is a central samba configuration area where we use the machine name to differentiate machine specific configuration(s). We run samba in server mode, but request autentication from the company-wide PDC, an NT machine. All goes smooth this way, with some help from user maps we allow people without unix account to connect and work. There is only one company wide NT Domain, which I call NTLAN. NOW, I have moved NT4.0 build 1381 srvp 4, and some troubles appeared: browsing shares on the 3 HP ws has become, let's say, quite unstable and unpredictable. This is what happens: 1. Boot & wait for the desktop to appear, then logon to NT as <myname> <mypasswd><NTLAN domain>. Microsoft SMS starts and checks, all is fine as far as logon to company-wide domain is concerned 2. Start the network browser: at this point, I look for my servers, which appear as expected in the net tree. 3. I double click on one of the servers' icon, and as expected ALL the shares I have defined in my personal smb.conf.<myname> appear together with globally available shares. Please note, all the shares are personal except two, that are public. These are defined in the main smb.conf file at machine level and access is granted on a unix-group basis enclosing all the users in my department. The personal smb.conf file is included in the smb.conf file, and its name is generated using the %U macro. 4. I double click on one of my PERSONAL shares and I can access its contents as desired. If I go back to the share list, all my personal shares just DISAPPEAR from the browse list, including my home directory. The list shows the two public shares plus the personal share I accessed previously. Its comment shows that it is NOW assumed to be my home directory: it looks like I have changed my name to the share name, which is the same of the regular unix username owning all the dirs in the share. The share definition forces the user to be equal to that username. Please note that: - access to public shares is ALWAYS OK - I can open network drives to "invisible shares" without problems, but the "force user" share paameter does not work properly. Sometimes files are created with my NT domain username (wrong!) sometimes these are created following the "force user" parameter value. 5. Trying to refresh the browse window, the situation remains unchanged. After some minutes (> 10-15), all becomes OK in that I see again the full list of shares: my home dir, the public shares, all my personal shares. It is interesting to say that now the browse list remains always coherent until the next PC reboot. That is I can double click to a share, look at its contents, exit and see again ALL the shares with the right comments. WHAT I HAVE DONE SO FAR --------------------------------------------- 1. Scanned all the docs and faqs, ran testparms on each possible config file without getting problem reports. 2. Restarted samba at a higher debug level to have richer logs to look inside, nothing appared as relevant 3. Activated the smbpasswd file for remapping passwords WHAT I SUSPECT: --------------------------------------------- For some reasons, my NTLAN username does not fall through the chain, so that the %U macro cannot work. But then it is not clear why I can open my personal shares - even though invisible in the browse list - without problems. No ideas about the odd behaviour of the force user parameter. For convenience I enclose our smb.conf file and an excerpt of my personal smb.conf.<myname> file. Are there any suggestions on how to solve the problem ? Thanks in advance ! Aldo Borrione --------------- GLOBAL SMB.CONF ----------- #======================= Global Settings ====================================[global] lock directory = /usr/local/samba/%h/var/locks oplocks = no # workgroup = NT-Domain-Name or Workgroup-Name workgroup = DSS- SIST. ELT. # server string is the equivalent of the NT Description field server string = Samba Server %v on %h # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page hosts deny = ALL hosts allow = XXX.YYY. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this ; load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd printing = hpux # Skip the banner page print command = lp -onb -d%p %s # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used guest account = smbguest # this tells Samba to use a separate log file for each machine # that connects ; log file = /usr/local/samba/var/log.%m log file = /usr/local/samba/%h/var/log.%U # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = server # Use password server option only with security = server ; password server = <NT-Server-Name> password server = scrf01, scrf02 # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smbpasswd file = /usr/local/samba/private/smbpasswd # Unix users can map to different SMB User names ; username map = /etc/smbusers username map = /usr/local/samba/lib/smb.users ; domain user map = /usr/local/samba/lib/domain.user.map # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /usr/local/samba/lib/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = <NT-Domain-Controller-SMBName> ; domain controller = primary_domain_controller # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z wins server = XXX.YYY.ZZZ.KKK # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = yes # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis preserve case = yes short preserve case = yes # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no #============================ Share Definitions =============================[homes] ; comment = %u home directory browseable = no writable = yes ; create mode = 0750 ; valid users = @dss [smbguest] path = /tmp browseable = no guest ok = yes writable = no valid users = @dss @guests smbguest [pctools] comment = Utility e documentazione path = /usr/services/pctools valid users = @dss @guests smbguest public = no writable = yes printable = no create mask = 0775 force create mode = 775 [dsscom] comment = Area common DSS path = /usr/services/dsscom valid users = @dss mario smbguest public = no writable = yes printable = no create mask = 770 force create mode = 770 directory mask = 770 force directory mode = 770 [sparedisk] comment = Area spare DSS path = /sparedisk valid users = @dss mario smbguest public = no writable = yes printable = no create mask = 700 directory mask = 700 #============================ Share Definitions =============================# Customise configuration on a per user basis. # The %U gets replaced with the NTLAN name of the user that is connecting include = /usr/local/samba/%h/lib/smb.conf.%U While this is an excerpt of each users' smb.conf.<username> file: #============================ Personal Share Definitions =============================[vmbd] comment = Area di sviluppo VMBD path = /home/vmbd valid users = <myname> public = no writable = yes printable = no create mode = 0770 security mask = 0777 force security mode = 0777 directory security mask = 0777 force directory security mode = 0777 force user = vmbd force group = dss [webroot] comment = Web Server Root path = /usr/local/etc/httpd/htdocs valid users = <myname> public = no writable = yes printable = no create mask = 0750 force user = www force group = wwwadmin q -------------------------------------------- Aldo BORRIONE Centro Ricerche FIAT Direzione Sistemi Elettronici DSS-Progettazione Software Tel: +39.011.9083.945 Fax: +39.011.9083.083 Email: a.borrione@crf.it -------------------------------------------- -------------------------------------------- Aldo BORRIONE Centro Ricerche FIAT Direzione Sistemi Elettronici DSS-Progettazione Software Tel: +39.011.9083.945 Fax: +39.011.9083.083 Email: a.borrione@crf.it --------------------------------------------
Giulio Orsero
1999-Nov-09 16:34 UTC
2nd trial: Browsing problems with Samba 2.0.5 on HP-UX and WinNT4 .0SP4
On Wed, 10 Nov 1999 02:42:25 +1100, hai scritto: I'd try commenting out that part in the personal smb.conf which defines your homeshare. Your homeshare is already defined in the main smb.conf, and maybe this causes some browsing (but not access) problems. What's the reason for not using the standard [homes] to define homeshare? -- giulioo@tiscalinet.it
Seemingly Similar Threads
- Browsing problems with Samba 2.0.5 on HP-UX and WinNT4.0SP4
- Trust WinNT4 and Samba 2.2.8
- WinNT4 and Win2000 different behaviour authenticating to printer shares ?
- SAMBA on Solaris combined with WinNT4 Domain
- WinNT4 reports "Network path not found" when accessing share over certain length