bill.allison@bsw.co.uk
2004-Mar-05 12:57 UTC
[Samba] Errors related to Samba in httpd log!
Hello list First and foremost to any developers listening - thank you for Samba - it is just brilliant. Apologies - this is a long post... I am not getting complaints about logon problems from users but I have noticed in /var/log/httpd/error_log, entries like the following for a few users when their logon scripts map drives to shares. Looking back I can see that it has been happening, since we installed samba some months ago. I suspect that the mappings are being accomplished ok, and that the below is some sort of side effect, because at least the netlogon share must be getting mapped successfully otherwise the other mappings would not be attempted, since they are applied by a login script located within the netlogon share. Also, for a given user logging on, not all their mappings produce an entry in the httpd log. For example between the two I have separated out below, several other mappings will have been done. Attached is smb.conf and kix login script. You will see that although there is a share intranet (= /disk1/data/intranet), the login script does not use it. Some more info is below - please ask for anything else that might help. This seems weird to me and I haven't a clue where to start looking. Has anyone come across this before or know where I should look to resolve it? TIA Bill A. [Thu Mar 4 18:36:17 2004] [error] [client 192.0.1.29] File does not exist: /disk1/data/intranet/data [Thu Mar 4 19:43:22 2004] [error] [client 192.0.1.37] File does not exist: /disk1/data/intranet/jmckb [Fri Mar 5 08:23:17 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/netlogon [Fri Mar 5 08:23:24 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/antivirus [Fri Mar 5 08:29:09 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/aileen [Fri Mar 5 08:33:27 2004] [error] [client 192.0.1.34] File does not exist: /disk1/data/intranet/netlogon [Fri Mar 5 08:33:35 2004] [error] [client 192.0.1.34] File does not exist: /disk1/data/intranet/antivirus [Fri Mar 5 09:10:20 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/aileen [Fri Mar 5 09:50:16 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/aileen [Fri Mar 5 09:57:57 2004] [error] [client 192.0.30.27] File does not exist: /disk1/data/intranet/netlogon [Fri Mar 5 09:57:59 2004] [error] [client 192.0.30.27] File does not exist: /disk1/data/intranet/NETLOGON [Fri Mar 5 10:19:14 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/aileen [Fri Mar 5 10:21:04 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/personnel [Fri Mar 5 10:22:41 2004] [error] [client 192.0.1.34] File does not exist: /disk1/data/intranet/accounts [Fri Mar 5 10:26:45 2004] [error] [client 192.0.20.184] File does not exist: /disk1/data/intranet/netlogon [Fri Mar 5 10:26:52 2004] [error] [client 192.0.20.184] File does not exist: /disk1/data/intranet/antivirus [Fri Mar 5 10:28:05 2004] [error] [client 192.0.30.27] File does not exist: /disk1/data/intranet/data [Fri Mar 5 10:43:55 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/data [Fri Mar 5 11:09:45 2004] [error] [client 192.0.1.35] File does not exist: /disk1/data/intranet/aileen My environment: linux SuSE SLES 8.0 kernel 2.4.19 samba 2.2.8 compiled from source apache 1.3.26 installed with distro clients Win XP Pro SP1a up-to-date with MS critical patches Further info: Apache document root is /disk1/data/intranet Mappings are applied by a kix login script with one exception (antivirus share) which is applied by /usr/local/samba/var/login.bat after it runs kix There are no corresponding entries in log.?mbd nor in log.<clienthostname> smb.conf: ========[global] workgroup = BSWHQ netbios name = FILESERVER-E1 server string = HQ File Server and PDC add user script = "cd /usr/local/sbin;smbldap-useradd.pl -w %u" passwd program = "/usr/local/sbin/smbldap-passwd.pl %u" guest account = guest log file = /usr/local/samba/var/log.%m max log size = 50 security = user socket options = TCP_NODELAY interfaces = 192.0.1.102/24 127.0.0.1/8 domain admin group = "@DomainAdmins" enhanced browsing = no local master = yes os level = 64 domain master = yes preferred master = yes wins support = yes wins proxy = yes dns proxy = no name resolve order = wins bcast hosts remote announce = 192.0.110.101 192.0.30.101 192.0.20.101 192.0.40.101 remote browse sync = 192.0.110.101 192.0.30.101 192.0.20.101 192.0.40.101 encrypt passwords = yes unix password sync = yes passwd chat = *New*password* %n\n *new*password* %n\n *changed* ldap server = fileserver-e1 ldap ssl = off ldap port = 389 ssl CA certFile = /usr/local/openssl/BSW_CA/CA.crt ssl client cert = /usr/local/openssl/certs/fileserver-e1.crt ssl client key = /usr/local/openssl/private/fileserver-e1.key ssl hosts = 192.0.1.102 ssl hosts resign = 192.0. ldap suffix = "dc=earlston,dc=bsw" ldap filter = "(&(uid=%u) (objectclass=sambaAccount))" domain logons = yes logon script = login.bat logon path logon home printcap name = cups printing = cups printer admin = root, @DomainAdmins [homes] comment = Home Directories browseable = no writable = yes ; valid users = %S,%u guest ok = yes create mask = 0700 [netlogon] comment = Network Logon Service path = /usr/local/samba/var/netlogon browseable = no read only = yes guest ok = no share modes = no write list = ldapmgr, administrator, root [antivirus] comment = Antivirus update needed by login script path = /usr/local/antivirus public = yes browseable = no read only = no guest ok = no [printers] comment = All Printers path = /var/spool/samba browseable = no public = yes guest ok = yes read only = yes printable = yes printer admin = root, @DomainAdmins [print$] comment = Printer Drivers path=/usr/local/samba/printers guest ok = yes browseable = yes read only = no write list = root [data] comment = Data Volume path = /disk1/data public = no guest ok = no read only = no [common] comment = Public Shared Files path = /disk1/data/usrgrps/common public = yes guest ok = no read only = no inherit permissions = yes force group = root [itdept] comment = IT Dept Data path = /disk1/data/usrgrps/itdept public = yes guest ok = no read only = no inherit permissions = yes force group = itdept [intranet] comment = BSW Intranet path = /disk1/data/intranet public = yes guest ok = no read only = no inherit permissions = yes force group = root [msmail_data] comment = MSMail Data path = /disk1/data/msmail/DATA public = yes guest ok = no read only = no browseable = no create mask = 0777 [msmail_programs] comment = MSMail Programs path = /disk1/data/msmail/programs public = no guest ok = no read only = yes create mask = 0755 [accounts] comment = Accounts Data path = /disk1/data/usrgrps/accounts public = yes guest ok = no read only = no force create mode = 0770 force group = accounts write list = @accounts, @DomainAdmins [personnel] comment = Personnel Data path = /disk1/data/usrgrps/personnel public = yes guest ok = no read only = no force create mode = 0770 force group = hr write list = @hr, @DomainAdmins [fleet] comment = Fleet Data path = /disk1/data/usrgrps/fleet public = yes guest ok = no read only = no inherit permissions = yes force group = fleetmgr [gmshare] comment = Goldmine Linked Files path = /disk1/data/usrgrps/gmshare public = yes guest ok = no read only = no inherit permissions = yes force group = goldmine kix script =========; Kixtart login script BSW/WBA 8/5/2003 ; Derived from BSW Netware logon script ; Set some Windows environment variables SETM "NAME=@USERID" SETM "TZ=GMT0BST" SETM "SITEID=E" ; ****************** DELETE EXISTING MAPPINGS ******************** ; This is required to avoid errors when mappings already ; exist but have "disconnected" status USE * /DELETE ; *********************** USER MAPPINGS ************************** ; When a user logs on, Samba creates a share named after the ; user to his home directory. Map it to H: USE H: "\\fileserver-e1\" + @USERID USE K: "\\fileserver-e1\common" USE M: "\\fileserver-e1\msmail_data" USE J: "\\fileserver-e1\data" ; ********************** GROUP MAPPINGS *************************** IF ISINGROUP("itdept") USE P: "\\fileserver-e1\itdept" ; USE I: "\\swserver-e1\software\install" ENDIF IF ISINGROUP("accounts") USE S: "\\fileserver-e1\accounts" ENDIF IF ISINGROUP("taxgrp") USE S: "\\fileserver-e1\accounts" ENDIF IF ISINGROUP("hr") USE P: "\\fileserver-e1\personnel" ENDIF IF ISINGROUP("fleetmgr") USE Q: "\\fileserver-e1\fleet" ENDIF IF ISINGROUP("goldmine") USE X: "\\fileserver-e1\gmshare" ENDIF ; ********************* OTHER ACTIVITIES ************************** ;IF ISINGROUP("SAWN_SW") ; CALL SAWN_UPG.BAT ;ENDIF ; Replace Novell login bmp with BSW equiv ; In Samba login scripts do this to NT / Win2000 / XP bitmap instead ; CALL BSWBMP.BAT ; Synchronise time RUN "NET TIME \\fileserver-e1 /SET /YES" ; Run F-Secure antivirus update SETCONSOLE("MINIMISED") USE Z: "\\fileserver-e1\antivirus" RUN "Z:\Update.bat " + @MDAYNO + "/" + @MONTHNO + "/" + @YEAR + " " + @TIME ; Next line won't work until we upgrade kix32, until then we do it in antivirus script. ;USE Z: /DELETE MESSAGEBOX("Welcome, " + @USERID + ", to the " + @LDOMAIN + " network domain, from " + LCASE(SUBSTR(@LSERVER,3)), "Logon complete...") ;************************************************************************* *********** ;**************************** USER DEFINED FUNCTIONS ******************************** ;************************************************************************* *********** FUNCTION ISINGROUP($strGroup) ; Quick, surefire way of testing if user is member of a group ; Avoids use of untested possible alternative of LDAP via RPC ; Needs a directory named after each group under netlogon directory, ; with chmod 750, owner root, group = name of dir and withn each dir ; a file called dummy, owner root, group root, chmod 644 IF EXIST("\\fileserver-e1\netlogon\" + $strGroup + "\dummy") $ISINGROUP = 1 ELSE $ISINGROUP = 0 ENDIF ENDFUNCTION
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi This although strange it seems to be the manifestation of the lot discussed webclient, which appeared in XP, and caused a lot of trouble to many people. If you would disable it on all of your clients, maybe that strange error messages should disappear. Cheers Geza -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFASJbo/PxuIn+i1pIRAhqgAKCy4omZ5O3LFeaoH2t2uYhMMz55kQCdG5+A 778FBxe0wi1qojY5F8TJIZA=9Zir -----END PGP SIGNATURE-----