Hi folks I'm new to this list, fresh into linux and samba. Simply love it :-) I have a customer that have about 10 XP pro machines connected to a linux samba server. Since there are a quite few documents that only two of the users are going to see, I use groups and different shares. This setup have been working for a while. Today everyone got access to everything - not good. Actualy very very very bad. I have tried to reboot the smbd service, reboot the whole server and I even tried to delete users and groups, and make new ones. No go. This is what the log.smbd shows: [2003/10/31 10:11:51, 0] rpc_server/srv_netlog.c:api_net_sam_logon(206) api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. [2003/10/31 10:11:51, 0] rpc_server/srv_pipe.c:api_rpcTNP(1200) api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. Any suggestions? mvh/regards Erlend ITC Consultant (Linux, novell, Notes and windows) Composer, producer, arranger, leader and a trumpet player Video editor +47 90630620
Hi, you should upgrade to samba 3 , to use advanced features, group mapping etc, in version 2.2.3a the unix permissions are valid for related files and shares check and change them to you needs. study man smb.conf to create shares with permissons for creating files to your needs Best Regards ----- Original Message ----- From: "Erlend Sannerud" <sannerud@jdata.no> To: <samba@lists.samba.org> Sent: Friday, October 31, 2003 12:01 PM Subject: [Samba] samba sam problem [version 2.2.3a on RH 8]> Hi folks > > I'm new to this list, fresh into linux and samba. Simply love it :-) > > I have a customer that have about 10 XP pro machines connected to a > linux samba server. Since there are a quite few documents that only two > of the users are going to see, I use groups and different shares. > > This setup have been working for a while. Today everyone got access to > everything - not good. Actualy very very very bad. I have tried to > reboot the smbd service, reboot the whole server and I even tried to > delete users and groups, and make new ones. No go. > > This is what the log.smbd shows: > > [2003/10/31 10:11:51, 0] rpc_server/srv_netlog.c:api_net_sam_logon(206) > api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. > [2003/10/31 10:11:51, 0] rpc_server/srv_pipe.c:api_rpcTNP(1200) > api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. > > Any suggestions? > > > mvh/regards > Erlend > > ITC Consultant (Linux, novell, Notes and windows) > Composer, producer, arranger, leader and a trumpet player > Video editor > +47 90630620 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Erlend Sannerud wrote:> Hi folks > > I'm new to this list, fresh into linux and samba. Simply love it :-) > > I have a customer that have about 10 XP pro machines connected to a > linux samba server. Since there are a quite few documents that only two > of the users are going to see, I use groups and different shares. > > This setup have been working for a while. Today everyone got access to > everything - not good. Actualy very very very bad. I have tried to > reboot the smbd service, reboot the whole server and I even tried to > delete users and groups, and make new ones. No go. >1. it's time to go for upgrade - I suggest 2.2.8a if you do not want to go to 3.0. 2. when configuring access permissions, its better if you do it not just rely on smb.conf parameters (as valid users, read list ...), but on filesystem level perms too. Filesystem level perms might be a second level block - in case Samba (e.g. because of bug or misconfig) fails. See - when user wants to access a certain share, Samba daemon (running uner root privileges) forks a process running with priviliges of that user. (only in case you do not use "force user/group" parameter for share). If you set filesystem perms properly, he cannot simly go to wrong dirs/files. Dan P.S. in case rwx access rights params are limiting to you, then go for ACL -> I suggest XFS filesystem (patch and recompile kernel)+ recompile Samba with "--with-acl-support" switch.