Samba4

My test server is:

FreeBSD testbox.fsklaw.com 7.0-RELEASE FreeBSD 7.0-RELEASE #1:

smb.conf:

[globals]
        netbios name    = testbox
        workgroup       = FSKLAW
        realm           = FSKLAW.COM
        server role     = domain controller
        ntvfs handler   = posix


[netlogon]
        path = /home
        read only = no

[open]
        path = /home/test
        read only = no

I can ping by host name.  I can map a share.

However, WinXP gets an error saying can't find domain.  Specifically:
T h e   f o l l o w i n g   e r r o r   o c c u r r e d   w h e n   D N S
 w a s   q u e r i e d   f o r   t h e   s e r v i c e   l o c a t i o n  
( S R V )   r e s o u r c e   r e c o r d   u s e d   t o   l o c a t e  
a   d o m a i n   c o n t r o l l e r   f o r   d o m a i n   f s k l a w
. c o m :



 T h e   e r r o r   w a s :   " D N S   n a m e   d o e s   n o t   e x i
s t . "

 ( e r r o r   c o d e   0 x 0 0 0 0 2 3 2 B   R C O D E _ N A M E _ E R R
O R )



 T h e   q u e r y   w a s   f o r   t h e   S R V   r e c o r d   f o r  
_ l d a p . _ t c p . d c . _ m s d c s . f s k l a w . c o m



 C o m m o n   c a u s e s   o f   t h i s   e r r o r   i n c l u d e   t
h e   f o l l o w i n g :



 -   T h e   D N S   S R V   r e c o r d   i s   n o t   r e g i s t e r e
d   i n   D N S .



 -   O n e   o r   m o r e   o f   t h e   f o l l o w i n g   z o n e s  
d o   n o t   i n c l u d e   d e l e g a t i o n   t o   i t s   c h i l
d   z o n e :



 f s k l a w . c o m

 c o m

 .   ( t h e   r o o t   z o n e )



 F o r   i n f o r m a t i o n   a b o u t   c o r r e c t i n g   t h i s
  p r o b l e m ,   c l i c k   H e l p .

I'm also curious, what's running the name service.  I see nothing in
netstat listening on port 53.

Any pointers would be appreciated.

Cheers,

Hi,

This looks like DSN configuration troubles, you need to setup and configure
Bind9 and test with nslookup, then you should be able to join your domain
Without errors :

I found these links that helped me :
http://www.linux16.net/node/316
see "Setting up DNS Server for samba 4 in Ubuntu 7.04"

On the other hand, there is no reverse DNS configuration, try also this link
: http://ubuntuforums.org/showthread.php?t=236093

Here are my config files in /etc/bind, my domain is "bureau.local",
My Samba server is "srvinfra" and I have 2 XP clients xpprosp2  and xpsp2fr.

named.conf.local
8<-------------------------------------------------------------------
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

// Forward zone
zone "bureau.local" {
        type master;
        file "/etc/bind/bureau.local.zone";
};

// Reverse zone
zone "0.168.192.in-addr.arpa" {
        type master;
        notify no;
        file "/etc/bind/db.192.168.0";
};
8<-------------------------------------------------------------------


bureau.local.zone (generated by Samba, copied and manually edited)
8<-------------------------------------------------------------------
; -*- zone -*-
; generated by provision.pl
$ORIGIN bureau.local.
$TTL 1W
@               IN SOA  @   hostmaster (
                                2008050714   ; serial
                                2D              ; refresh
                                4H              ; retry
                                6W              ; expiry
                                1W )            ; minimum
                        IN NS srvinfra
                        IN A 192.168.0.50
;
srvinfra IN A 192.168.0.50
b1c20c8b-fd3b-4a13-842e-0589bba869e6._msdcs IN CNAME srvinfra

xpprosp2 IN A 192.168.0.100
xpsp2fr IN A 192.168.0.101

;
; global catalog servers
_gc._tcp IN SRV 0 100 3268 srvinfra
_ldap._tcp.gc._msdcs IN SRV 0 100 389 srvinfra
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389
srvinfra
;
; ldap servers
_ldap._tcp IN SRV 0 100 389 srvinfra
_ldap._tcp.dc._msdcs IN SRV 0 100 389 srvinfra
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 srvinfra
_ldap._tcp.ce48573f-4b52-4d77-a8b8-54701e4e3c6a.domains._msdcs IN
SRV 0 100 389 srvinfra
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389
srvinfra
;
; krb5 servers
_kerberos._tcp IN SRV 0 100 88 srvinfra
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 srvinfra
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88
srvinfra
_kerberos._udp IN SRV 0 100 88 srvinfra
; MIT kpasswd likes to lookup this name on password change
_kerberos-master._tcp IN SRV 0 100 88 srvinfra
_kerberos-master._udp IN SRV 0 100 88 srvinfra
;
; kpasswd
_kpasswd._tcp IN SRV 0 100 464 srvinfra
_kpasswd._udp IN SRV 0 100 464 srvinfra
;
; heimdal 'find realm for host' hack
_kerberos IN TXT BUREAU.LOCAL
8<-------------------------------------------------------------------

db.192.168.0 finally, the reverse DNS
8<-------------------------------------------------------------------
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA bureau.local. hostmaster.bureau.local. (
                        2008050917 ; Serial
                        604800 ; Refresh
                        86400 ; Retry
                        2419200 ; Expire
                        604800 ) ; Negative Cache TTL
;
@ IN NS srvinfra.
50 IN PTR srvinfra.bureau.local.
100 IN PTR xpprosp2.bureau.local.
101 IN PTR xpsp2fr.bureau.local.
8<-------------------------------------------------------------------

You need also to edit /etc/resolv.conf

This works under Ubuntu Server, you'll have to adapt to your system,
Good luck ;)

Bye,
Manu.

-----Message d'origine-----
De : samba-technical-bounces+manu.b2007=gmail.com@...
[mailto:samba-technical-bounces+manu.b2007=gmail.com@...] De la
part de zaphod@...
Envoyé : mardi 13 mai 2008 21:58
À : samba-technical@...
Objet : Samba4

My test server is:

FreeBSD testbox.fsklaw.com 7.0-RELEASE FreeBSD 7.0-RELEASE #1:

smb.conf:

[globals]
        netbios name    = testbox
        workgroup       = FSKLAW
        realm           = FSKLAW.COM
        server role     = domain controller
        ntvfs handler   = posix


[netlogon]
        path = /home
        read only = no

[open]
        path = /home/test
        read only = no

I can ping by host name.  I can map a share.

However, WinXP gets an error saying can't find domain.  Specifically:
T h e   f o l l o w i n g   e r r o r   o c c u r r e d   w h e n   D N S
 w a s   q u e r i e d   f o r   t h e   s e r v i c e   l o c a t i o n  
( S R V )   r e s o u r c e   r e c o r d   u s e d   t o   l o c a t e  
a   d o m a i n   c o n t r o l l e r   f o r   d o m a i n   f s k l a w
. c o m :



 T h e   e r r o r   w a s :   " D N S   n a m e   d o e s   n o t   e x i
s t . "

 ( e r r o r   c o d e   0 x 0 0 0 0 2 3 2 B   R C O D E _ N A M E _ E R R
O R )



 T h e   q u e r y   w a s   f o r   t h e   S R V   r e c o r d   f o r  
_ l d a p . _ t c p . d c . _ m s d c s . f s k l a w . c o m



 C o m m o n   c a u s e s   o f   t h i s   e r r o r   i n c l u d e   t
h e   f o l l o w i n g :



 -   T h e   D N S   S R V   r e c o r d   i s   n o t   r e g i s t e r e
d   i n   D N S .



 -   O n e   o r   m o r e   o f   t h e   f o l l o w i n g   z o n e s  
d o   n o t   i n c l u d e   d e l e g a t i o n   t o   i t s   c h i l
d   z o n e :



 f s k l a w . c o m

 c o m

 .   ( t h e   r o o t   z o n e )



 F o r   i n f o r m a t i o n   a b o u t   c o r r e c t i n g   t h i s
  p r o b l e m ,   c l i c k   H e l p .

I'm also curious, what's running the name service.  I see nothing in
netstat listening on port 53.

Any pointers would be appreciated.

Cheers,

On Tue, 2008-05-13 at 12:58 -0700, zaphod@... wrote:
Per the final output of the provision script and the HOWTO, you need to
copy the zone file into your BIND server.  An example configuration
snippit has been generated in the private dir for you.

Once you start BIND, this should work.  I'm happy to improve the wording
in the provision script, if you give me some ideas.

Thanks,

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

On Tue, 2008-05-13 at 23:36 +0200, Manu wrote:
> Hi,
>
> This looks like DSN configuration troubles, you need to setup and configure
> Bind9 and test with nslookup, then you should be able to join your domain
> Without errors :
>
> I found these links that helped me :
> http://www.linux16.net/node/316
> see "Setting up DNS Server for samba 4 in Ubuntu 7.04"

It is unfortunate that this site copied, rather than referenced our
HOWTO.  We had to clean that document up - the version in our wiki is
much more up to date.

http://wiki.samba.org/index.php/Samba4/HOWTO

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

Hi,

and thanks for the link, the samba 4 official howto was my first reading
but I forgot to mention it along with my DNS links... oups...

About the samba 4 howto, it describes how to link unix group to samba groups
with Swat, is there another way to do this ? Since Swat is no longer
available.

Thanks,
Manu

-----Message d'origine-----
De : Andrew Bartlett [mailto:abartlet@...]
Envoyé : mercredi 14 mai 2008 00:22
À : Manu
Cc : samba-technical@...
Objet : RE: Samba4

On Tue, 2008-05-13 at 23:36 +0200, Manu wrote:
> Hi,
>
> This looks like DSN configuration troubles, you need to setup and
configure
> Bind9 and test with nslookup, then you should be able to join your domain
> Without errors :
>
> I found these links that helped me :
> http://www.linux16.net/node/316
> see "Setting up DNS Server for samba 4 in Ubuntu 7.04"

It is unfortunate that this site copied, rather than referenced our
HOWTO.  We had to clean that document up - the version in our wiki is
much more up to date.

http://wiki.samba.org/index.php/Samba4/HOWTO

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

Hello,

Samba 3.0.25b

I have a big problem on my samba fileserver and i don't know to resolve it !

A user open excel document
A second user open the same document
This second user sometimes can open the files in RW mode !!!
Or the system lost user rights "rwx rwx ---" becomes "r-- rwx ---"

I don't understand what happen,

Please help !
Thanks,
Alain

On Fri, May 16, 2008 at 03:25:08PM +0200, Alain Siani wrote:
Known bug with ACL management. Please upgrade to 3.0.28a.

Jeremy.

Thanks for your fast answer, i'm in CentOS release 5 (Final).
Yum don't find any update for samba ...? what can i do ?

i try : yum install samba

thks,
Alain


Jeremy Allison a écrit :



---
Antivirus avast! : message Sortant sain.
Base de donnees virale (VPS) : 080516-2, 16/05/2008
Analyse le : 17/05/2008 11:14:31
avast! - copyright (c) 1988-2008 ALWIL Software.
http://www.avast.com

Dear all,
I am Unable to create Domain Controller using Samba and How to Use
Authentication in Samba .i.e LDAP or PAM
any help will be appriciated
thanks


On 17/05/2008, Alain Siani <asiani@...> wrote:

--
Neeraj Suriyal
09718307773