Leopard Server 10.5.4 + SMB + Windows XP Clients

Hello!
I got quite some interesting problems with my Xserv under Leopard Server 10.5.4 with Windows XP Clients.
The server runs as an open directory master and a standalone server for smb.
Shares are setup for AFP and SMB clients, ACLs are set up with read+write access for the user's group. So far everything works, users can connect from their Macs (OS X 10.3.x - 10.5.4) without problems.
My problem are the windows clients.
Connecting works fine, and apart from one permission bug (more on that later) they can access all files and do everything the macs can do.
Problem 1:
Users cannot rename files if they don't have write permission at the POSIX-level as either owner or group on the enclosing folder. ACLs do not matter at this point, if the user connects through SMB he cannot rename files or folders.
No big problem, I just put all users into one group and set this group as the POSIX-group and do a chmod -R g+w on all shares.
Inheritate this settings for SMB-connections works.
But not for AFP-connections. Every new folder a mac-client creates comes with permissions 755. So I changed UMasks on the clients to 002, and at least folders created by the finder now have the right permissions of 775.
Folders created by "new folder" on most applications load/save dialogs still come as 755 which screws up renaming for windows-clients.
Folders created when expanding a zip-file also behave this way.
The only solution I found for this was to make a cronjob that does a chmod -R g+w on the shares. Not that great.
Another "fun" feature with POSIX-permissions and SMB:
Files inside a folder. Files+Folder have an ACL set up that specifically denies deleting files+folders for a user. This users group has POSIX-permissions with write access to the enclosing folder. Window's explorer will let that user delete files and folders without any complaint about missing permissions to do so. They even disappear from the explorer-window, but are not actually deleted.
If you refresh the view, the files+folders are there again.
If the user instead has no POSIX-permission that grants him write-access, but an ACL that grants him delete, explorer happily deletes the files the user wishes to. And these files actually get deleted.
If the user has no write POSIX-permission and no ACL-permission to delete files, explorer complains about missing rights to delete files/folders.
I tried adding "acl check permissions = no" to smb.conf, but that didn't change this behaviour.
Problem 2:
Sometimes, when copying "large" files to a server share with windows explorer (from 50 MB upto 3 GB), the user immidiately gets an error message: "Cannot copy. The specified network name is no longer available."
The copied file shows up at once in the destination directory and has the correct file size, but only contains "garbage". Half a second later the same copy works and the file is actually copied successfully.
Sometimes this error shows up while a large file is copied and if you browse through other shared folders while the copy takes place.
Most often it will show up when you copy&paste with explorer.
I am stomped and have no idea where to search for a solution to this one.
I tried changing ethernet cables (premade and selfmade), the network switch, ethernet port of the Xserv ... connected a workstation directly to the Xserv - no change.
DNS works, all clients+Xserv have static IPs and the same settings for DNS-Server. Name resolution works, as does reverse resolution.
I even tried using a windows server 2003 as a WINS-Server without success for this problem.
There are no event log entries on the clients when this happens, and smbd.log on the server shows
read failure for 4 bytes to client 192.168.1.137. Error Connection reset by peer
I used wireshark to monitor what exactly happens when this shows up, but it just happens out of nowhere ... the clients just sends a TCP_RST. No unusual things before or after the TCP_RST.
I ran some tests with samba 3.0.32 and samba 3.2.x under linux 2.6.x - no such errors at all.
I tried installing Leopard Server on my Mac Pro, same behaviour.
I ran some batch-scripts that would copy large and small files in excess from/to the server from 4 different windows xp clients for a whole weekend 24 hours - not a single error. As soon as I use windows explorer to copy a file this error has a chance of showing itself.
Problem 3, more of an application bug:
Adobe InDesign CS2 (Windows again ;)) cannot export a PDF to a shared folder if the filename is longer than 8 characters. It starts exporting and after reaching 100% it just stops with the error "PDF cannot be exported." If the filename is shorter than 8 characters, all works fine. Exporting locally or to other samba servers (linux) or windows servers (2003) works fine. Copying this files to the share works, too.
Exporting any other filetype from IDCS2 (eps, inx, jpeg ...) works regardless of filename length. So does saving InDesign-files.
InDesign CS1 and CS3 do not show this, so I guess it's safe to assume this one is Adobe's problem
Did anyone experience similar problems or even better has a solution to some of these?
The real showstopper is problem #2, at least for us.
Thanks in advance and excuse my poor english skills!

I tried several new approaches, but nothing worked so far.
The update to 10.5.5 made things worse. Connections are dropping all over the place, when saving from Adobe programs in particular.
Printing from clients to a Xerox Phaser 5500 works, but choosing a different paper size than the default chosen in the cups admin interface goes all wrong and either prints on the default paper size, but down/upscaled to the chosen paper size or prints on the chosen paper size and down/upscaled as if you were printing to the default paper size. (e.g. default paper size is A4, you choose A3 with an A3 document. Document prints on A4 and is downscaled to A4, or prints on A3 and is downscaled to A4.)
There is no way I can keep this thing in production much longer. I tried reinstalling again, but that did not change any behaviour. Another nice "feature": InDesign disables "edit original" when the path to the linked file contains any directoryname with more than 8 characters in length.
Coupled with a sometimes disappearing "dirserv" (it just stops working until I reboot the whole computer) the decision stands to move away from the Xserve.
Leopard Server 10.5.x just does not seem to work well with windows clients.
We will migrate to a windows server 2003 running ExtremZ-IP for the macintosh clients this weekend. Too bad that Apple does not allow Bootcamp to work on Xserves, at least the hardware would have been useful then.
(As a nice finishing touch, the harddisk partition where all data resides did become corrupt over the weekend. "The volume Daten could not be repaired."
Disk Utility and first aid did show nothing on friday ... saturday after no work being done on the partition this error shows up. The only solution I could find was to reformat the partition and restore from a previous backup. Another weekend down the drain. Sorry for the rant, but 6 weekends in a row is enough.)

Similar Messages

  • Can I use Leopard Server with Samba instead of Windows Box?

    I need to add an admin setup to a clients studio, basically to run a separate network with 4 win XP 32bit clients and a basic file sharing server that has roaming profiles.
    So my question is would a Mac Pro with 10.5 server running as a PDC via SMB be OK?
    I would much prefer to stay in the OS X world and seeing as its a basic setup it should be fine?
    I have read about serious issues with 10.5 and SMB on 64Bit clients (which we will not be using)
    Any tips etc really would be much appreciated

    Yes, CIFS/SMB services do generally work fine. (Some folks have had some problems here, yes.)
    There are various wrinkles with Vista NLTM authentication that are discussed around the forums.
    Providing Open Directory (the Mac OS X Server analog to Microsoft Active Directory) is more involved than providing disk services.
    You're going to want to read file and disk services and Open Directory materials in the manual set as a start.
    And if you're headed down this path, first get RAID configured and working, then get DNS working, DHCP and related, and then get OD working, and then add CIFS / SMB services and other such. Order how you install and configure your services here, as there are dependencies on what (other) services are available.

  • Snow Leopard Server iCal push not working on iMac clients

    Hello,
    I have a new installed mac mini snow leopard server and updated osx with all the latest updates.
    I am running the iCal server and the Push service and everything seems to run OK.
    I have 4 brand new iMac clients which share calendars between the different users,but the iCal Push function doesn't work at all. Even when I change the update method in the iCal client to interval of 1 minute, it doensn't update.
    The only way the calendar updates is to choose "Refresh" from the Calendar menu in iCal client.
    The push function for the mail clients do work which is strange.
    I already tried the following actions:
    1. I have stopped and restarted the Push-service on the server
    2. I have removed the push server settings in the iCal server settings on the server and added them again
    3. I followed the iCal log file to see if an action of a client is immediatly visible on the server = OK
    4. I've updated all the clients to the newest software
    5. I have restarted the server completely
    Does anybody have tips or advise to help me looking to find the cause of the iCal Push problems?

    FYI:
    Installing Snow Leopard Server into Parallels for DUMMIES!
    http://forums.macrumors.com/showpost.php?p=17285039&postcount=564

  • Windows Server 2012 R2 Fax Service - Windows 7 Client "You do not have permissions to complete this operation. Contact your fax administrator for more assistance"

    First I have tried all sorts of searches and and all I come up with is things related to Windows Server 2008.
    1. I have Fax Service running on my 2012 R2 File and Print Server.
    a. It can send faxes from the logged in domain user
    b. It does not need to receive faxes because we have another machine for that
    2. I have added the domain user I am using on the Windows 7 machine to the Accounts List in Fax Manager
    3. I can not seem to find any logging saying that there is a security problem (Event Log, etc...)
    Please point me in the correct direction as I need to have my staff use Print to Fax from our Practice Management Application.

    Hi Shawn,
    à
    You do not have permissions to complete this operation. Contact your fax administrator for more assistance
    From the error message, please check if share the Fax on the server. Meanwhile, please also check if assign
    correct permissions in Security tab under Fax properties.
    If any update, please feel free to let me know.
    Hope this helps.
    Best regards,
    Justin Gu
    1. Fax Sharing is enabled and can see the Shared Fax Printer on other machines.
    2. At least 2 domain groups that the Windows 7 user is in are in the Security Section, set to be able to fax. One othem can manage fax.

  • OS X 10.5.8 Leopard Server & SMB authentication problems

    Hi all,
    I am in charge of a OSX Leopard server. The platform has Windows XP /Windows Vista / OSX computers and as the server has a high capacity NAS it seemed logical to share it using SMB.
    The initial set up was done having in mind just the MACs, and they have no issues connecting to the SMB shares. The problem is on Windows side.
    Windows machines are supposed to use the SMB shares with Open Directory Accounts. But whenever we create an SMB share, there is a strange behaviour: files could be uploaded to the server, but once copied, they can't be copied back to windows machines, triggering the error (more or less, as the error text is in spanish): "File operation could not be completed, source file could not be found"
    For debugging purposes, we have just created a share, step by step , identify which the problem is:
    1 - Create a user from Workgroup manager, no admin capabilities.
    2 - Create a folder under "Shared Items" Folder.
    3 - Disable "Enable Spotlight Search"
    4 - Disable AFP, FTP, NFS (leaving just SMB as sharing protocol)
    5 - SMB protocol options: Disable "Allow guest access", Asign permmissions as follows: Owner: RW, Group R, Everyone R.
    6 - We then go to permissions and choose user created at step 1, set him ACL permissions as RW.
    7 - Save changes.
    After that, we reboot our Windows test machine, flushing its dns cache previously.
    Then when trying to connect to the share,an error message on our XP box says that we have no permissions to connect to the sahre (using our test user credentials). SMB log displays the following:
    +setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.+
    +[2009/10/23 12:05:20, 2, pid=29029] /SourceCache/samba/samba-187.9/samba/source/auth/auth.c:checkntlmpassword(319)+
    +checkntlmpassword: Authentication for user [] -> [] FAILED with error NTSTATUS_NO_SUCHUSER+
    Thanks in advance and best regards.
    Message was edited by: javierspn

    Edit:
    I can now connect with the new user. Something to do with DNS cache and opened sessions on the SMB server that I manually closed.
    However, same problem: I can upload files but whenever I try to copy one from the server to any XP workstation:
    http://yfrog.com/3oerrorjkj
    Basically meaning in plain English that the source file could not be found.
    Regards.

  • Error configuring services from Snow Leopard Server to Mountain Lion Server

    I am trying to upgrade a Snow Leopard Server Mac Mini to Mountain Lion Server.
    We have two Mac Mini servers at our office (production and backup) so I migrated the everything from our production server to the backup using the migration assistant when setting up the backup computer.
    I now have the backup at home trying to upgrade it to Mountain Lion Server.  I have downloaded and installed Mountain Lion as well as the Server App version 2.2.  I basically followed the simple directions found in the Apple documentation.
    I started the server app and it got to the part where it said "Upgrading services".  After running for a few minutes, I get a window that states "An error occurred while configuring your server."  It also sayd "The following actions failed or were not attempted:" with a red dot next to "Upgrading services".  The other three items:  "Authenticating to local directory", "Reading directory configuration" and "Authenticating to local directory services" have gray dots so I'm sure they were not even attempted.
    Our Snow Leopard server is setup for SMB file sharing, LDAP services, FTP, Web, DNS, DHCP.
    Can someone point me to where I can figure out what exactly is failing?  Are there specific log files I need to look into?
    Thanks

    Have EXACTLY the same issue - also tried reinstalling mountain lion server fresh and still had the same problem...

  • Are there any problems with Snow Leopard Server (Xserve) and PPC Clients

    Hi,
    are there any problems identified yet with Snow Leopard Server, installed on a Xserve and PPC Clients running Mac OS X Tiger and Leopard?
    Currently I have a Xserve Intel running Leopard Server and about 12 Mac Minis PPC running Mac OS X Tiger and Mac OS X Leopard. The Xserve serves services like DNS, OpenDirectory, Software Update Server, NetBoot, etc. All users have Home Directories stored on the Xserve.
    Now I want to install Snow Leoaprd Server on the Xserve, but I wonder if there are any problems using the PPC Clients? I have read something like this on a german website.
    Thanks!

    We've actually found that the Server 10.6.3 DVD does an amazingly smooth job of upgrading 10.5.8. We've been upgrading our production servers and nothing has gone wrong yet. Snow Leopard employs an archive and install method of upgrading which results in an install which is very close to a clean install. So it's been very convenient for us because our servers are used as Windows PDCs and it's a pain in the *** to have to re-join all PCs to the domain if we start from scratch.

  • Can Leopard Server update Tiger clients?

    Can anyone tell me if Leopard server can update the OS of Tiger clients? I know Tiger server can't update Leopard clients, but the other way around?

    Hi
    Not true. I have a 10.4 OD Master with a managed group using the SUS Service on a 10.5 Server. The 10.5 Server is connected to the 10.4 Directory. DNS Services for both servers are on the 10.4 Server as is the DHCP Service. 10.4 and 10.5 Clients that bind to the 10.4 Server are updated using the 10.5 SUS with no problems at all. The only issue I've seen is 10.5 clients occasionally can't use the 10.5.2 Combo Update on the SUS Server. There is the 'cant expand package properly' error message. At first I thought this was because the latest Intel iMacs were able to update but not Leopard installed PPC models. One solution was to keep a manually downloaded .dmg of the 10.5.2 update on the Server and push it out using ARD or copying it locally and installing it that way. However earlier Intel models - occasionally - are also not updating - pre-dominantly first generation macbooks and macminis but every now and again some of the later Aluminium model iMacs.
    This is an intermittent problem though and may be due to the small bandwidth that the SUS server is having to use to access apple's downloads server (1MB). When the SUS was on the 10.4 Server with a higher bandwidth connection (4-5MB) there was never any problems with the downloads but quite a few with the Service stopping itself and having to be restarted using the command line.
    The amount downloaded for 10.5 SUS is greater (approx 13-16GB) than 10.4 SUS (approx 10-11GB) - obviously. It took 4-5 days for the 10.5 SUS to make available all the downloaded updates - obviously due to the 1MB connection but also there were problems with accessing the updates server at that time. I think this was because Leopard Server had not long been made available and like a lot others it was in a testing environment where all the services were being tried to see what was worked and what did not.
    Tony

  • TLS and Snow Leopard server issues

    I have a customer with Snow Leopard server running mail services. A few clients cannot email them due to what we think is a TLS related issue. Their host has TLS enabled for the mail server and they receive the below error message when sending to my customer:
    15:27:41.044 3 SMTP-406902(domain.com) failed to establish a secure connection with [xx.xx.xx.xx]:25. Error Code=X509: signature algorithms do not match.
    The host that cannot send seems to think it's a Postfix configuration issue but I don't know where to begin. It's not a firewall issue as we've tried that with no success.
    Any ideas would be appreciated. Thanks.

    You are in the Leopard Server section, better to direct your question to the +Snow Leopard+ Section.

  • Windows 2008 Terminal Server "user must change password at next logon" problem with Windows 7 client.

    Hi,
    I have a fully patched Windows 2008 SP2 Terminal Server and a fully patched Windows 7 client.
    I have logged into the Windows 2008 SP2 Terminal Server server with a test account via RDC before.
    When I try to log in via RDC to the 2008 TS with a test account which has been marked with the setting "User must change password at next logon" I get the RDC message "You must change your password before logging on the first time.  For assistance, contact your system administrator or technical support."  I need to force the user to change their password once it has been issued, any ideas on how this can be done?
    Thanks,
    Dan

    This does not resolve my issue all the way. I'm having the same problem; When i'm "deploying" users, i always want the users to set their own passwords. Ok, so I then set the auth mode to "RDP Security layer". It seemed to work fine, and it does for that
    special purpose.
    Just like Daniel, my clients are connecting to our terminal server from several/different "customer-domains" So, they can't logon locally(on their local computer) and change their password, it has to be done THROUGH the terminal server.
    But if I turn on RDP Security Layer, users can't use remoteapp through tsgw they only get: "Your Remote Desktop Connection Failed because the remote computer cannot be authenticated" Any ideas?
    Also, our terminal servers is round robin based in a farm. So users connect to: tsfarm.domain.com(yes, public a-record which resolves to two internal adresses) This is because, we're using a wilcard *.domain.com as SSL certificate.
    But, when i'm using this, our clients sometimes get double auth when they login. I only get the double auth when tsfarm.domain.com resolves to server A, but the session broker wants the user to be on server B.(load balancing)
    This does not occur when SSL is enforced, any ideas?

  • Does the Built-in Windows FTP Client Support a Secure Connection?

    I have set up Server 2008 IIS w/ FTP. I set the SSL setting to require a secure connection. However, I can't connect to the FTP server from the built-in Windows FTP client. I CAN get it to work in FileZilla after modifying my connection properties.
    Does the built-in Windows FTP client support secure connections? I received a request to set this up so our internal employees can share files with external customers. Many times our customers are unable to install any kind of third party software on their
    computers.
    Thanks in advance for the help.

    Hi,
    Based on my known, the built-in FTP client does not support secure connections.
    Similar thread:
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/9500d7c2-cf18-4ab1-a0cb-1e277deab33c/is-it-possible-to-connect-to-iis-75-sslrequired-ftp-site-via-windows-explorer-or-ie-?forum=winserverNIS
    If it does not help, you could ask in IIS forums as Meinolf Weber mentioned.
    Hope this helps.
    Regards.
    Vivian Wang

  • You have no Oracle clients installed: Windows XP client to Oracle Linux ser

    Hallo! I have Oracle 10g Db running on Redhat Enterprise Linux server.Moreover, I have a windows XP client having Toad 9.06 in the XP client. The client does not have any Oracle Db or Apps installed.
    I would like to connect to the Oracle Db sever via Toad. I have placed the server IP on the the IP text box. I placed port 22 (SSH port).I am not sure which port to place.
    Unfortunately, I get the error no Oracle clients installed.
    How do I resolve this?
    Thanks.

    You need to install oracle database 10g client on your PC using windows XP.
    http://www.oracle.com/technetwork/database/10201winsoft-095341.html
    Go to this link , download and install the client on Windows XP box. Then edit the tnsnames.ora file and add the TNS entry of your database which you want to connect.
    Regards
    Asif Kabir

  • The Windows SMB feature has file locking if multiple users are accessing the same file.  Does Snow Leopard Server File Sharing (AFP) provide similar features?

    The Windows SMB feature has file locking if multiple users are accessing the same file.  Does File Sharing (AFP) on Snow Leopard Server provide similar services?

    Were you ever able to solve this problem. I'm having similar issues since upgrading to snow leopard. Four macs connect to a Windows Server 2003 for shared files. Each user has full permissions & when we "get info" it shows read & write permissions. Two of the computers were running 10.4, two were running 10.5. Everything worked properly until upgrading to snow leopard. Some files let me copy, move, delete. Others either just hang up or we get a "no permission" error. Also getting a "pdf is in use" error, even when the file/folder doesn't contain a pdf. We had our IT rep check the server who said everything is in working order. They don't represent macs any longer but feel that it's a mac problem. I would have to agree since this problem only started after the upgrade, and the one machine that was not upgraded (still running 10.5.8) is not dealing with these problems.
    Lastly, I would install 10.5 back on all of the computers if I could, but the leopard disk that came with one of the computers wouldn't work with the 2 machines running 10.4 and I didn't see it available at the apple store. I'll buy it if it's still available, but why wouldn't the disks that I have work?
    Thanks for any help

  • Windows 7 (Client) map a network drive VPN Snow Leopard Server

    Hi,
    I have a Mac Mini Snow Leopard Server and are using a VPN service.
    My services on the mac os x sls server are: AFP, DNS, Firewall, Open Directory, SMB and VPN.
    I can connect the VPN from Mac clients and Windows 7 clients, but I can only map a network drive/share point on Mac´s.
    On Windows 7 I get an error: path or name not found ( I am sure using the correct path, same from Mac client that works).
    When I am using my internal network LAN I can map a network drive using Windows 7 and Mac but outside over a VPN not (only Mac works).
    The only service, at this moment,  that I need is File Sharing outside my network LAN using a VPN.
    How can I map a network drive from a Windows 7 client using a VPN, is there any Firewall rules / SMB rules / File Sharing rules that I missed on the server side?
    Thank You.

    I really don't know what are going wrong with my settings. As you said/write it must be an easy setup.
    I'm using a Time Capsule and used the Server app to add VPN to the port forwarding also.
    When I am connected thru the VPN I tried to ping the Server IP and got no answer from it, from W7 client!?
    My Mac's are just working fine with AFP and SMB share points thru the VPN.
    I think I have missed some settings from the SMB or Firewall services for VPN with W7 client's or it is a Windows issue.....

  • File Sharing Speed with Leopard Server/ Windows XP

    Went from Panther Server to Leopard Server. Panther worked fine. Leopard Server we've had a lot of problems with Windows XP clients. We run data files from the server. Using Panther the file sharing speed was comparable to putting the data file on the PC itself. When we moved to Leopard the speed went through the floor. 8 seconds on the PC and 4.5 minutes on the Server. The server is a substantially stronger machine with a lot more resources - but we've had to stop using it for it's intended purpose.
    Help?

    Same problem but almost the reverse. 10.5.2 server, windows clients file browsing, opening and saving speed is great, but our 4 iMac clients (Leopard also) really, really slow to generate thumbnail views of files and open them. Happens across several shares, seems to be a problem with AFP, although now after disabling AFP on some of the shares, it is happening on SMB as well. I have read several other discussions on this forum that attempt to deal with AFP performance issues, but none provide a real solution. Now that it is also happening with the SMB protocol as well I am getting a bit concerned.
    Any advice or even a link to more info would be greatly appreciated.

Maybe you are looking for