Martyn Hill
2003-Apr-29 16:08 UTC
[Samba] Errors in browsing and authentication on a FreeBSD dual samba/samba-tng installation
Dear list I haven't been able to track down the cause of the following problems and hope someone can shed some light... We have been running samba-tng successfully on our school FreeBSD 4.5RELENG server for 18 months or so, but now need the facility of downloadable printer drivers for our W2k clients. I have installed samba 2.2.7a alongside our running samba-tng (2.6.1cvs) in a dual head configuration. After some fiddling to get the log and pid files separated and adjusting the two independent smb.confs more or less according to the now legendary, but out of date, dual-samba FAQ, the two sambas are running together. Samba has been successfully joined to the TNG domain. The "new" samba is given the same netbios name and IP address as the original, while samba-tng is assigned a new name and (aliased) IP. The WINS server address has been updated on the test clients to point to the new IP address (i.e. TNG.) TNG reports no problems and ticks along, logging in users as before. However, samba is making itself heard in the system log file and, rather more irritatingly, repeating itself multiple times on the console. I've replaced the real server and client names in the following messages with *server* and *client* because I'm paranoid... 1) How to persuade samba to leave the console alone? 2) Whenever samba is started 2 similar messages appear in the system log file, like the one below. Apr 28 21:42:01 *server* nmbd[14279]: [2003/04/28 21:42:01, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) Apr 28 21:42:01 *server* nmbd[14279]: find_response_record: response packet id 4034 received with no matching record. 3) When browsing through Network Neighbourhood on W2k, slow refresh of browse list, then slow to display contents of a shared folder. Normal connections through mapped drives are fine. The following message appears (when browsing the share "office"): Apr 28 21:22:48 *server* smbd[14167]: [2003/04/28 21:22:48, 0] smbd/service.c:make_connection(252) Apr 28 21:22:48 *server* smbd[14167]: *client* (10.x.x.x) couldn't find service office.dll 4) When (successfully) logged on with an alias of Unix account "root" (mapped in the samba-tng "Domain users map" file), access to any share is prohibited with the following message: Apr 28 21:42:18 *server* smbd[14280]: [2003/04/28 21:42:18, 0] smbd/password.c:authorise_login(863) Apr 28 21:42:18 *server* smbd[14280]: authorise_login: rejected invalid user nobody 5) I haven't attempted to manipulate any machine/domain SIDs. Bearing in mind that server netbios names have been changed, should this be necessary? Any help would be welcome, including flames/polite pointers to existing postings... Martyn Hill Network Administrator St James Independent School London
John H Terpstra
2003-Apr-29 16:28 UTC
[Samba] Errors in browsing and authentication on a FreeBSD dual samba/samba-tng installation
On Tue, 29 Apr 2003, Martyn Hill wrote:> Dear list > > I haven't been able to track down the cause of the following problems and > hope someone can shed some light... > > We have been running samba-tng successfully on our school FreeBSD 4.5RELENG > server for 18 months or so, but now need the facility of downloadable > printer drivers for our W2k clients. > > I have installed samba 2.2.7a alongside our running samba-tng (2.6.1cvs) in > a dual head configuration. After some fiddling to get the log and pid files > separated and adjusting the two independent smb.confs more or less according > to the now legendary, but out of date, dual-samba FAQ, the two sambas are > running together. Samba has been successfully joined to the TNG domain. > > The "new" samba is given the same netbios name and IP address as the > original, while samba-tng is assigned a new name and (aliased) IP. The WINS > server address has been updated on the test clients to point to the new IP > address (i.e. TNG.) > > TNG reports no problems and ticks along, logging in users as before. > However, samba is making itself heard in the system log file and, rather > more irritatingly, repeating itself multiple times on the console.Have you checked to see what are your settings in smb.conf [globals] for "syslog =", if this is not '0' and your syslog control file (on Linux it is /etc/syslog.conf) directs certain system messages to the console, and samba issues those messages to syslog, then you would expect to see such messages on the console. That is not a Samba problem but a basic system administration issue.> > I've replaced the real server and client names in the following messages > with *server* and *client* because I'm paranoid... > > 1) How to persuade samba to leave the console alone?In smb.conf [globals], set: syslog = 0 In /etc/syslog.conf make sure no messages go to /dev/console.> > 2) Whenever samba is started 2 similar messages appear in the system log > file, like the one below. > > Apr 28 21:42:01 *server* nmbd[14279]: [2003/04/28 21:42:01, 0] > nmbd/nmbd_responserecordsdb.c:find_response_record(235) > Apr 28 21:42:01 *server* nmbd[14279]: find_response_record: response > packet id 4034 received with no matching record. > > 3) When browsing through Network Neighbourhood on W2k, slow refresh of > browse list, then slow to display contents of a shared folder. Normal > connections through mapped drives are fine. > The following message appears (when browsing the share "office"):Where is your WINS server? If samba, does it have in smb.conf [globals]: wins support = Yes If so, do ALL you MS Windows client have the TCP/IP address of your WINS server in their IP configs?> > Apr 28 21:22:48 *server* smbd[14167]: [2003/04/28 21:22:48, 0] > smbd/service.c:make_connection(252) > Apr 28 21:22:48 *server* smbd[14167]: *client* (10.x.x.x) couldn't find > service office.dll > > 4) When (successfully) logged on with an alias of Unix account "root" > (mapped in the samba-tng "Domain users map" file), access to any share is > prohibited with the following message: > > Apr 28 21:42:18 *server* smbd[14280]: [2003/04/28 21:42:18, 0] > smbd/password.c:authorise_login(863) > Apr 28 21:42:18 *server* smbd[14280]: authorise_login: rejected invalid > user nobodyDo you have an account on your samba server called 'nobody'? If not, then you should allocate a unix account in smb.conf [globals] as: guest account = 'account_name'> > 5) I haven't attempted to manipulate any machine/domain SIDs. Bearing in > mind that server netbios names have been changed, should this be necessary?If you change the samba machine name then a new SID will be generated automatically. You can recover the old sid using the smbpasswd command (as root).> > Any help would be welcome, including flames/polite pointers to existing > postings... > > Martyn Hill > Network Administrator > St James Independent School > London > >-John T. -- John H Terpstra Email: jht@samba.org