[Samba] XP and Excel with Samba 2.2.7a
Hi, I've a strange problem, when a user create a xls file on the server, he can save without any problem. But when he re-open and change the file and save it, windows tell : 'the file as been saved, but it cannot re-open due to a sharing violation' On the Linux file server, the permission for this file are not good ( after the second step : re-open, make a change and save): -r--rwx--- (and before -rw-rwx---) I've called the Microsoft support to obtain the q328170 patch referenced on Microsoft site : http://support.microsoft.com/?id=328170 I've applied this patch but the problem still occur. On the samba side, I've disable all thing in relation with oplocks but the still occur. Is any body already expiremented the same problem ? Thank you for your help ! Raphaeël -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How to transfer roaming profiles ...
Hi, How to transfer roaming profiles from win2k users: I change samba 2.2 PDC from solaris to linux (i change also the domain name) ? A simple copy of the profiles is not enough unfortunately... an even manual solution would be appropriate to me (I have about thirty profiles win2k). Thanks. -- Guy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error connecton to ldap server
Hello, I try to connect on ldap server (IPlanet product) with samba version 2.2.7a and I recive the following error message: [2003/03/28 08:43:54, 0] passdb/pdb_ldap.c:ldap_connect_system(246) Bind failed: No such object My smb.conf is like this. May be it's wrong. [global] log file = /usr/local/samba/log.%m security = user encrypt passwords = yes ldap admin dn = cn=Directory Manager,o=xxx.xxx ldap server = nameserverldap.x.ch ldap ssl = off ldap port = 389 [homes] comment = Home Directories browseable = no create mode = 0750 writable = yes [printers] comment = All Printers browseable = no printable = yes public = no writable = no create mode = 0700 [toto] path = /mgr Some body can help me, please. Thanks /Olivier -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.8 is failing on change machine account password
Hi, I have the sampe problem with security=domain but it occurs with older samba versions to. (Solaris 8, NT4 PDC) I have tried serveral setting (upper/lowercase of Domainname (in workgroup and smbpasswd command), adding it via smbpasswd with/without creating the machine account at the NT4 domain before. It works for one week after adding the Samba server to the domain With machine password timeout = 900 you can decrease the time until the problem occurs from one week to eg. 15 min for testing purposes. It is not a real problem, it still works, but it produces strange messages (even on the NT PDC). Greetings Hansjörg /var/log/samba/log.rmts1-[2003/03/27 16:54:34, 0] rpc_client/cli_netlogon.c:cli_net_req_chal(246) /var/log/samba/log.rmts1-[2003/03/27 16:54:34, 0] rpc_client/cli_login.c:cli_nt_setup_creds(47) /var/log/samba/log.rmts1-[2003/03/27 16:54:34, 0] rpc_client/cli_trust.c:modify_trust_password(142) /var/log/samba/log.rmts1-[2003/03/27 16:54:34, 0] rpc_client/cli_trust.c:change_trust_account_password(248) /var/log/samba/log.rmts1: 2003/03/27 16:54:34 : change_trust_account_password: Failed to change password for domain NTROBOTIC. -- _ Dr. Hansjoerg Maurer | LAN- System-Manager | Deutsches Zentrum | DLR Oberpfaffenhofen f. Luft- und Raumfahrt e.V. | Institut f. Robotik | Postfach 1116 | Muenchner Strasse 20 82230 Wessling | 82234 Wessling Germany | | Tel: 08153/28-2431 | E-mail: [EMAIL PROTECTED] Fax: 08153/28-1134 | WWW: http://www.robotic.dlr.de/ __ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP and Excel with Samba 2.2.7a
Hi, I've found that if my create mask is set to 0664 the excel problem doesn't occur ! Anyone could tell me why ? Thank you, Raphaël En réponse à [EMAIL PROTECTED]: Hi, I've a strange problem, when a user create a xls file on the server, he can save without any problem. But when he re-open and change the file and save it, windows tell : 'the file as been saved, but it cannot re-open due to a sharing violation' On the Linux file server, the permission for this file are not good ( after the second step : re-open, make a change and save): -r--rwx--- (and before -rw-rwx---) I've called the Microsoft support to obtain the q328170 patch referenced on Microsoft site : http://support.microsoft.com/?id=328170 I've applied this patch but the problem still occur. On the samba side, I've disable all thing in relation with oplocks but the still occur. Is any body already expiremented the same problem ? Thank you for your help ! Raphaeël -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] hide files problem
Hi ! I want to hide files with names beginning with . So I have added following lines to my smb.conf (2.2.8): hide dot files = yes hide files = /.* veto files = /.* When user changes options in folder options to show hide files and folders, he can see all files/folders beginning with . greetz boka -- Opatom bankowym mwimy NIE! Za eKONTO w mBanku! http://pasazfin.wp.pl/mbank.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.8 is failing on change machine accountpassword
On Fri, 2003-03-28 at 19:44, Hansjoerg Maurer wrote: Hi, I have the sampe problem with security=domain but it occurs with older samba versions to. (Solaris 8, NT4 PDC) I have tried serveral setting (upper/lowercase of Domainname (in workgroup and smbpasswd command), adding it via smbpasswd with/without creating the machine account at the NT4 domain before. It works for one week after adding the Samba server to the domain With machine password timeout = 900 you can decrease the time until the problem occurs from one week to eg. 15 min for testing purposes. If you run 'smbpasswd -t' it should do it on demand. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.8 is failing on change machine account password
On Fri, Mar 28, 2003 at 10:00:47PM +1100, Andrew Bartlett wrote: Andrew == Andrew Bartlett [EMAIL PROTECTED] writes: Andrew On Fri, 2003-03-28 at 19:44, Hansjoerg Maurer wrote: Andrew If you run 'smbpasswd -t' it should do it on demand. That doesn't seem to work smbpasswd -t AMERICASE 2003/03/28 07:40:32 : change_trust_account_password: Failed to change password for domain AMERICASE. I do have a debug level 10 log of the attempt but there really isn't much more information in it. I really do think this might be a bug. If anyone has been able to get this to work, I would appreciate hearing about it. If there are other steps I can take to help debug/fix this, I am willing to take those steps. Doesn't this present a potential security issue if the machine password never changes? [2003/03/27 15:33:15, 5, pid=25400] lib/util.c:(291) smb_bcc=0 [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(518) write_socket(10,39) [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(521) write_socket(10,39) wrote 39 [2003/03/27 15:34:15, 3, pid=25400] smbd/sec_ctx.c:(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2003/03/27 15:34:15, 5, pid=25400] smbd/uid.c:(217) change_to_root_user: now uid=(0,0) gid=(0,0) [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1137) timeout_processing: checking to see if machine account password need changing. [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1167) timeout_processing: machine account password last change time = (1046645657) Sun, 02 Mar 2003 17:54:17 EST. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(46) domain_client_validate: unable to fetch domain sid. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(46) domain_client_validate: unable to fetch domain sid. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(46) domain_client_validate: unable to fetch domain sid. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(248) 2003/03/27 15:34:15 : change_trust_account_password: Failed to change password for domain AMERICASE. [2003/03/27 15:34:20, 10, pid=25400] lib/util_sock.c:(559) got smb length of 35 [2003/03/27 15:34:20, 6, pid=25400] smbd/process.c:(845) got message type 0x0 of len 0x23 [2003/03/27 15:34:20, 3, pid=25400] smbd/process.c:(846) Transaction 15 of length 39 [2003/03/27 15:34:20, 5, pid=25400] lib/util.c:(275) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=18439 -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.8 is failing on change machine accountpassword
On Fri, 2003-03-28 at 23:44, Eric Boehm wrote: On Fri, Mar 28, 2003 at 10:00:47PM +1100, Andrew Bartlett wrote: Andrew == Andrew Bartlett [EMAIL PROTECTED] writes: Andrew On Fri, 2003-03-28 at 19:44, Hansjoerg Maurer wrote: Andrew If you run 'smbpasswd -t' it should do it on demand. That doesn't seem to work I didn't say it would work, just that it would be easier to debug :-) smbpasswd -t AMERICASE 2003/03/28 07:40:32 : change_trust_account_password: Failed to change password for domain AMERICASE. I do have a debug level 10 log of the attempt but there really isn't much more information in it. I really do think this might be a bug. If anyone has been able to get this to work, I would appreciate hearing about it. If there are other steps I can take to help debug/fix this, I am willing to take those steps. Doesn't this present a potential security issue if the machine password never changes? Small - basically if the 'bad guy' can figure out the password by cryptographic or network brute force before you change it, yes. If he is listening on the connection always anyway, then they will observe the password change. In short - keep it secret, and it's not too bad. [2003/03/27 15:33:15, 5, pid=25400] lib/util.c:(291) smb_bcc=0 [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(518) write_socket(10,39) [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(521) write_socket(10,39) wrote 39 [2003/03/27 15:34:15, 3, pid=25400] smbd/sec_ctx.c:(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2003/03/27 15:34:15, 5, pid=25400] smbd/uid.c:(217) change_to_root_user: now uid=(0,0) gid=(0,0) [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1137) timeout_processing: checking to see if machine account password need changing. [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1167) timeout_processing: machine account password last change time = (1046645657) Sun, 02 Mar 2003 17:54:17 EST. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(46) domain_client_validate: unable to fetch domain sid. This certainly looks like an issue. Have you tried rejoining the domain? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] disabling multiple PDC logins from same user
I have a Samba 2.2.7 set up as a PDC, users login into the domain from their Win2k workstations (user takes a computer that is free and logs on). But some users are sloppy, and they login into domain from multiple computers at once. How can I disable this, so that one user can login into a domain only once? Some kind of locking? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.8 is failing on change machine account password
On Fri, Mar 28, 2003 at 11:50:34PM +1100, Andrew Bartlett wrote: Andrew == Andrew Bartlett [EMAIL PROTECTED] writes: Andrew If you run 'smbpasswd -t' it should do it on demand. Eric That doesn't seem to work Andrew I didn't say it would work, just that it would be easier Andrew to debug :-) True enough :-( Eric Doesn't this present a potential security issue if the machine Eric password never changes? Andrew Small - basically if the 'bad guy' can figure out the Andrew password by cryptographic or network brute force before Andrew you change it, yes. If he is listening on the connection Andrew always anyway, then they will observe the password change. Andrew In short - keep it secret, and it's not too bad. [2003/03/27 15:33:15, 5, pid=25400] lib/util.c:(291) smb_bcc=0 [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(518) write_socket(10,39) [2003/03/27 15:33:15, 6, pid=25400] lib/util_sock.c:(521) write_socket(10,39) wrote 39 [2003/03/27 15:34:15, 3, pid=25400] smbd/sec_ctx.c:(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2003/03/27 15:34:15, 5, pid=25400] smbd/uid.c:(217) change_to_root_user: now uid=(0,0) gid=(0,0) [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1137) timeout_processing: checking to see if machine account password need changing. [2003/03/27 15:34:15, 10, pid=25400] smbd/process.c:(1167) timeout_processing: machine account password last change time = (1046645657) Sun, 02 Mar 2003 17:54:17 EST. [2003/03/27 15:34:15, 0, pid=25400] rpc_client/cli_trust.c:(46) domain_client_validate: unable to fetch domain sid. Andrew This certainly looks like an issue. Andrew Have you tried rejoining the domain? No, I was hoping to avoid that as I don't control the domain and don't have domain admin rights. I have to open a ticket and have the machine account refreshed or deleted/recreated -- that can take time. I have several servers I have to upgrade and rejoining the domain would complicate the process and make it take longer. I don't believe it was necessary to rejoin for 2.2.5. However, if you think that rejoining the domain is the next logical step in debugging this, I'll give it a try. Would it be best to have the account refreshed or deleted/recreated? Alternatively, would it be better to try earlier 2.2.x versions and use smbpasswd -t in an attempt to find out which version broke it? -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] migrating samba installation to another machine
Hi, when migrating a samba installation (PDC) to another machine, what files do I have to backup so that I don't have to rejoin the Domain with every single workstation on the network? Is that possible at all? Thanks for your help, Robert -- Robert Szentmihalyi, Entracom GmbH Enter and start communication. - http://www.entracom.de solidBITS - The Server On CD Solution - http://www.solidbits.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: New Files in Samba
On 27 Mar 2003 09:37:22 -0500, Eric Halverson wrote: share. If you want rwx access for the creator and primary group, create mask would be 0770, if you want full access for everyone to have full access to the files, create mask would reflect 0777. Just make sure Shouldn't this be force create mode, instead of create mask? -- Ciao, Marco. ...The Lamb Lies Down on Broadway, Genesis 1974 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] who to copy a registry file between users?
Hi, I wounder if someone else had this same problem that I have, and solved it. So here it goes... I have 15 WinXP Pro workstations, on a Domain controlled by a Samba 2.2.8. The domain has 36 users, each with an independent roaming profile, on the PDC. Every machine have Adobe Premiere installed. However Premiere's configuration is saved on each user's registry HKEY_CURRENT_USER hive. So I have to find a way to get the correspondent registry tree in each ntuser.dat file. The question is how? I have tried copying a configured ntuser.dat and overwriting the ones on every other profile. It didn't work, and I guess it's because of the SIDs, right? 6 months ago, I got around the problem, by configuring a profile, logging on a test BOX, and copying the profile to the default user's one. Them erasing all the users' roaming profiles, on the PDC and logging on each of them on the test box. It solved the problem then, but right now, most of the user's have changed passwords, and sooner or later, I'll have to add more users, and that kind of task would be mindless. So I'm striving to find another way to work around this problem. I have Microsoft's TechNet software collection, but don't know how to find a usefull app. It looks like trying to find a needle on a hay stack :). So I'm wondering if someone else had the same problem, or has any ideias. I would really appreciate any help or thoughts. Thanks in advance, Ricardo Cordeiro This mail was sent by UebiMiau 2.5 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: hide files problem
On Fri, 28 Mar 2003 11:48:18 +0100, [EMAIL PROTECTED] wrote: hide dot files = yes This is the default, so you don't need to specify it. hide files = /.* This is the same as the previous option, so it only adds some useless overhead. And, judging on the man smb.conf examples, I suppose it should be: hide files = /.*/ veto files = /.* This is the same as before, with the only difference that the invisible files are also not accessible. When user changes options in folder options to show hide files and folders, he can see all files/folders beginning with . This is a normal behaviour for hidden files on Windows. And also on Linux, after all: a ls -a shows everything. You cannot make a file _totally_ invisible. -- Ciao, Marco. ...Grace, Jeff Buckley 1994 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] why user nobody
Hello, today i deleted the user nobody (entry nobody:x:99:99:Nobody:/:/sbin/nologin in /etc/passwd) on my samba-server. As result, no user could log in to domain anymore. Does anybody know, what the user nobody plays for a role in samba? Gerd Müller, St. Petersburg -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] why user nobody
The default configuration of samba should try to map the guest account to user nobody. The guest account is important for various smb functions, is is probably *always* used by smbd and nmbd. One of this is probably crashing if it cannot find the guest account user. Check your logs to see if any information is being printed there. As someone already pointed out, noboby is an important conceptual user in Unix/Linux. Don't worry, it isn't a security risk. It should not be possible to login as nobody. However, processes that are running as root can drop their permissions to nobody to make their operation more secure on the system. On Fri, 28 Mar 2003, [iso-8859-15] Gerd Müller wrote: Hello, today i deleted the user nobody (entry nobody:x:99:99:Nobody:/:/sbin/nologin in /etc/passwd) on my samba-server. As result, no user could log in to domain anymore. Does anybody know, what the user nobody plays for a role in samba? Gerd Müller, St. Petersburg -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2.4.x smbfs patches - installation?
I am running Samba 2.2.8-1 installed from rpm on RedHat 8.0, Kernel 2.4.20 I have been experiencing the same issues with Samba/smbfs regarding directory listing errors that I have seen much conversation about on many lists. smb_proc_readdir_long: name=, result=-2, rcls=1, err=123 I am aware of and have downloaded the following patches from http://www.hojdpunkten.ac.se/054/samba/ 00-smbfs-2.3.18-codepage.patch 01-smbfs-2.4.18-lfs.patch 02-smbfs-2.4.18-unicode.patch smbfs-2.4.18-uid32.patch smbmount-2.2.3a-negotiate.patch To this point I have had no luck installing the patches as I have never actually installed a patch in this manner. Does anyone have a set of instructions on installing these patches and any necessary recompiling afterward. Thank you, Doug Watson -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] who to copy a registry file between users?
Ricardo, Do you think that it is possible to export that registry entry and then add a line or two to a new users login.bat file that will import that registry entry into their profile? I am far from an expert with the Windows registry, but I do believe that there is a command line application that will import registry entries and with the right flag, it will take care of the prompts. At the very worst, I think that you would have to give the new user instructions to click on the yes button, once the exported registry is run. You could work the user's login.bat script to be automatically changed to a script that no longer contains that registry import line, or you could make sure that you manually edit that line out after creating the user account. I believe that will fix your issue. Beyond that, I would definitely like to know any other ideas on working through this issue. Regards, Robert Adkins II IT Manager/Buyer Impel Industries, Inc. 586-254-5800 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ricardo Cordeiro Sent: Friday, March 28, 2003 9:28 AM To: [EMAIL PROTECTED] Subject: [Samba] who to copy a registry file between users? Hi, I wounder if someone else had this same problem that I have, and solved it. So here it goes... I have 15 WinXP Pro workstations, on a Domain controlled by a Samba 2.2.8. The domain has 36 users, each with an independent roaming profile, on the PDC. Every machine have Adobe Premiere installed. However Premiere's configuration is saved on each user's registry HKEY_CURRENT_USER hive. So I have to find a way to get the correspondent registry tree in each ntuser.dat file. The question is how? I have tried copying a configured ntuser.dat and overwriting the ones on every other profile. It didn't work, and I guess it's because of the SIDs, right? 6 months ago, I got around the problem, by configuring a profile, logging on a test BOX, and copying the profile to the default user's one. Them erasing all the users' roaming profiles, on the PDC and logging on each of them on the test box. It solved the problem then, but right now, most of the user's have changed passwords, and sooner or later, I'll have to add more users, and that kind of task would be mindless. So I'm striving to find another way to work around this problem. I have Microsoft's TechNet software collection, but don't know how to find a usefull app. It looks like trying to find a needle on a hay stack :). So I'm wondering if someone else had the same problem, or has any ideias. I would really appreciate any help or thoughts. Thanks in advance, Ricardo Cordeiro This mail was sent by UebiMiau 2.5 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0alpha22 machine password usage
Hello, I have installed the latest alpha of samba 3.0. I Have nearly all of the Active Directory queries working after joining the domain and running kinit. My question for you is this. How is it intended for a linux machine to stay joined to an Active Directory domain indefinately? By this I mean, how come kerberos tickets expire so quickly and are not renewed automatically? Is there some service I am not runner that does this for me? Do the smbd and winbindd services use machine passwords? Basically I want to run AD queries about users and groups and the like. How is staying joined to the domain help me do this and what am I doing wrong? -s -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Security =Domain problems
Hey all, Posted this about a week ago, have received no response, so I¹ll try again: I¹m currently trying to setup my box (samba 2.2.3a) to authenticate to a win2k AD PDC. I am currently importing users via LDAP, AD user authentication is working like a champ, however, SMB authentication is not. I can get it to work if I take out security=domain and change encrypt passwords to NO. The following configuration works perfectly (albeit with plaintext passwords) : Security = USER Encrypt passwords = NO Password server = ADPDC1 However, if I change it to this, it¹s broken: Security = DOMAIN Encrypt passwords = YES Password server = ADPDC1 When trying to log in, authentication is broken. I¹ve succesfully joined the domain from my box using: Smbpasswd j domain r ADPDC1 u Administrator The problem is that there are a ton of 98 boxes logging on to this machine, including remote users, and it¹s impossible to set them all up to use clear text. My guess is that this is a setting on my Active directory machine, but I haven¹t been able to find it. Does anyone have any suggestions? All help is appreciated greatly. -- Beau Hunter Technical Consultant Wedgetail Consulting 206-632-7228 www.wedgetailtechs.com -- The only thing necessary for evil to triumph is for good men to do nothing. - Edmund Burke (Cheers, Eric) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Security =Domain problems
Beau, You might want to consider updating to the latest version of Samba and then give your configuration another go. It is possible that a component relating to what your issue is has been updated and could fix your issue. If after updating to the latest release and the problem still exists, then repost to the list. (I have seen a few issues rectified with a simple Samba update. So, it might work in your case too.) Regards, Robert Adkins II IT Manager/Buyer Impel Industries, Inc. 586-254-5800 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Beau Hunter Sent: Friday, March 28, 2003 12:36 PM To: [EMAIL PROTECTED] Subject: [Samba] Security =Domain problems Hey all, Posted this about a week ago, have received no response, so I¹ll try again: I¹m currently trying to setup my box (samba 2.2.3a) to authenticate to a win2k AD PDC. I am currently importing users via LDAP, AD user authentication is working like a champ, however, SMB authentication is not. I can get it to work if I take out security=domain and change encrypt passwords to NO. The following configuration works perfectly (albeit with plaintext passwords) : Security = USER Encrypt passwords = NO Password server = ADPDC1 However, if I change it to this, it¹s broken: Security = DOMAIN Encrypt passwords = YES Password server = ADPDC1 When trying to log in, authentication is broken. I¹ve succesfully joined the domain from my box using: Smbpasswd j domain r ADPDC1 u Administrator The problem is that there are a ton of 98 boxes logging on to this machine, including remote users, and it¹s impossible to set them all up to use clear text. My guess is that this is a setting on my Active directory machine, but I haven¹t been able to find it. Does anyone have any suggestions? All help is appreciated greatly. -- Beau Hunter Technical Consultant Wedgetail Consulting 206-632-7228 www.wedgetailtechs.com -- The only thing necessary for evil to triumph is for good men to do nothing. - Edmund Burke (Cheers, Eric) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP Pro / Redhat / Samba Printer Suggestions
I am looking at buying a new home office printer and wondered what you all might suggest. My current printer is a very inexpensive Canon BubbleJet, and I find it clogs frequently, has very small ink tanks, and the Maintenance functions from my XP clients does not work with samba, requiring I switch the printer cable to an XP machine for maintenance. My config is this: - XP Professional workstations (printing via samba) - RedHat 8 Workstations (printing via lpd) - Redhat 7.3 Server (wanting to upgrade to 8.0 ASAP) - Samba 2.2.7a -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] XP Pro / Redhat / Samba Printer Suggestions
I think it's time hp put on the logo samba certified !!! Raj -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Randy Millis Sent: Friday, March 28, 2003 9:58 AM To: [EMAIL PROTECTED] Subject: [Samba] XP Pro / Redhat / Samba Printer Suggestions I am looking at buying a new home office printer and wondered what you all might suggest. My current printer is a very inexpensive Canon BubbleJet, and I find it clogs frequently, has very small ink tanks, and the Maintenance functions from my XP clients does not work with samba, requiring I switch the printer cable to an XP machine for maintenance. My config is this: - XP Professional workstations (printing via samba) - RedHat 8 Workstations (printing via lpd) - Redhat 7.3 Server (wanting to upgrade to 8.0 ASAP) - Samba 2.2.7a -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.465 / Virus Database: 263 - Release Date: 3/25/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.465 / Virus Database: 263 - Release Date: 3/25/2003 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
FW: [Samba] who to copy a registry file between users?
-Original Message- From: Jim Shaffer Sent: Friday, March 28, 2003 10:41 AM To: 'Ricardo Cordeiro' Subject: RE: [Samba] who to copy a registry file between users? I think the only way to accomplish this correctly is to copy the user profile to the Default User profile. Then, delete all of the profiles on each machine and on the servers and have them rebuilt when the users log back in. You can export the regisrty information and add it in the login.bat script but that only copies the registry entries and not the program icons, etc. Of course, you can copy those over too but this can get messy. To import the registry information (and make sure you have it ALL) just put a line in the login script that calls the correct reg file. eg.: net use f: \\server\share map share drive export.reg calls reg file from script folder if you want to store it in a different place, be sure to use the full path I hope this helps. Again, the cleanest way is to copy to the default user profile. Jim Shaffer -Original Message- From: Ricardo Cordeiro [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 8:28 AM To: [EMAIL PROTECTED] Subject: [Samba] who to copy a registry file between users? Hi, I wounder if someone else had this same problem that I have, and solved it. So here it goes... I have 15 WinXP Pro workstations, on a Domain controlled by a Samba 2.2.8. The domain has 36 users, each with an independent roaming profile, on the PDC. Every machine have Adobe Premiere installed. However Premiere's configuration is saved on each user's registry HKEY_CURRENT_USER hive. So I have to find a way to get the correspondent registry tree in each ntuser.dat file. The question is how? I have tried copying a configured ntuser.dat and overwriting the ones on every other profile. It didn't work, and I guess it's because of the SIDs, right? 6 months ago, I got around the problem, by configuring a profile, logging on a test BOX, and copying the profile to the default user's one. Them erasing all the users' roaming profiles, on the PDC and logging on each of them on the test box. It solved the problem then, but right now, most of the user's have changed passwords, and sooner or later, I'll have to add more users, and that kind of task would be mindless. So I'm striving to find another way to work around this problem. I have Microsoft's TechNet software collection, but don't know how to find a usefull app. It looks like trying to find a needle on a hay stack :). So I'm wondering if someone else had the same problem, or has any ideias. I would really appreciate any help or thoughts. Thanks in advance, Ricardo Cordeiro This mail was sent by UebiMiau 2.5 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and CCC
Don't think any one on the team has access to a machine with compaq's compiler. Compaq, from pre-merger, has a testdrive program you can register for. They provide a pretty wide range of Compaq/HP machines with various OS'es available via telnet from the Internet. More info, for anyone who's interested, here:http://www.testdrive.compaq.com/ cheers, jerry -Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP Pro / Redhat / Samba Printer Suggestions
I have a lexmark Z53. Lexmark supplies linux drivers for this machine. So, all you have to do is send postscript files to the queue and all prints nicely. You can do maintenance functions from linux. It gives very nice photo quality prints, too. This is so simple that I simply don't know why everyone just doesn't buy this lexmark model and forget all the aggravation. The only problem I had was printing from windows clients using the lexmark windows drivers. You have to turn off two-way communication in the lexmark driver configuration. I don't use lexmark windows drivers anymore. I just use a fairly generic postscript driver (HP Laserjet III + or something similar.) You could leave the printer attached to the windows box all the time and use smbclient to send print jobs to the printer. Joel I am looking at buying a new home office printer and wondered what you all might suggest. My current printer is a very inexpensive Canon BubbleJet, and I find it clogs frequently, has very small ink tanks, and the Maintenance functions from my XP clients does not work with samba, requiring I switch the printer cable to an XP machine for maintenance. My config is this: - XP Professional workstations (printing via samba) - RedHat 8 Workstations (printing via lpd) - Redhat 7.3 Server (wanting to upgrade to 8.0 ASAP) - Samba 2.2.7a -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: solaris swat problem
ok guys, figured it out. this says its all. 1198: execve(/usr/local/sbin/swat, 0x0002C408, 0xFFBEFDE8) argc = 1 21198: chdir(/opt/samba/2.2.7a/swat) Err#2 ENOENT we are using 2.2.8 going to fix. :) Ronald [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] To All, ok. now i have problem and dont know why swats not loading up. It used to work but now its not loading up at all. we upgrade to 2.2.8 and it worked fine for about a week. and then one day i went to check it out and nothing. rebooted the box the other day and still nothing. even though wouldnt have been the solution. i looked in /etc/services and /etc/inetd.conf. and everything is setup fine. i can do a netstat -an and it shows port 901 is listening. swat is in its right path i just dont have a clue where else to look. i check the logs but there really isnt much in there either. Any help would be much helpful. if anyone needs more .nfo please drop me a email. Thanks everyone and anyone for there help. Ronald [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, email, LDAP and password integration and management
I set up a test server about a year ago to try this and gave up since it didn't seem that the processes were quite yet in place to do it .. I am evaluating the potential for Samba and Linux accounts (including postfix email accounts) to share the same passwords and have a process in place to encourage users to change their passwords and try to prevent esay to crack passwords Could someone please confirm whether they have such a system working and how difficult it was to set up? When I looked at it before, it seemed that although Samba could use LDAP, it used a different schema from the standard system accounts and therefore there was not really any sharing of password data If it matters, my server I'd like to do this on is a Redhat 7.3 system -- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Installing Samba on AIX
Hi, I'm installing Samba version 2.2.7.0 using smit install. Smit installs everything but doesn't create a /usr/local/samba dir. All the samba files are located in /usr/local/bin. But when I try to test my setup and so smbpasswd, it wants to look for everything in /usr/local/samba dir. Should I just create a /usr/local/samba dir and copy all the samba files from bin to the respective samba dir? Samba 2.2.8 compiles and installs pretty easily from source for me on AIX 5.1 You can get a gcc RPM from the IBM AIX toolbox, http://www-1.ibm.com/servers/aix/products/aixos/linux/download.html. Thanks...Bobby -Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with Windows XP SP1 Client
I've tried now this patch, but the problem is the same! Other solution? -Messaggio originale- Da: Sascha Bieler [mailto:[EMAIL PROTECTED] Inviato: venerdì 28 marzo 2003 15.09 A: Andrea Durante Oggetto: Re: [Samba] Problem with Windows XP SP1 Client Execute the Sign Or Seal Registry Patch for Windows XP, you can find it in the samba tarball in doc/Registry... Sascha Am Freitag, 28. März 2003 15:08 schrieb Andrea Durante: Hi, i've tried to configure samba 2.2.7 + winbind on a Mandrake 9.0 linux system, and all work fine, but i've only a problem: when i connect with any Windows XP Client the system ask to me the Username/password (the computer is in a NT 4 domain) and in the syslog i can see this line: rpc_client/cli_netlogon.c:cli_net_sam_logon_internal(406) cli_net_sam_logon_internal: NT_STATUS_WRONG_PASSWORD smbd/password.c:domain_client_validate(1621) domain_client_validate: unable to validate password for user Admin in domain METRO_MILANO to Domain controller *. Error was NT_STATUS_WRONG_PASSWORD. but my password is correct otherwise i can't connect to the server! Here is my smb.conf: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2003/03/28 14:54:54 # Global parameters [global] client code page = 852 workgroup = EDIZIONI_METRO netbios name = SUPPORT server string = Support Server for IT security = DOMAIN encrypt passwords = Yes update encrypted = Yes password server = * ssl CA certDir = /etc/ssl/certs log file = /var/log/samba.%m max log size = 50 domain admin group = Administrators preferred master = No dns proxy = No wins server = 192.168.10.1 winbind uid = 1-2 winbind gid = 1-2 winbind separator = + winbind use default domain = Yes [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No I think that is too simple configuration, and the Win NT4 and Win 2000 client appears work good! Thanks for the attention and sorry for my English. Andrea Durante Addetto ai Sistemi Informativi Edizioni Metro Srl Via della Lega Lombarda 32 00162 Roma Phone +39 06 49241215 Fax +39 06 49241271 Mob. +39 348 0169405 email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbpasswd and shadow passwords
Hi everyone, I'm still debuging my installation of samba. in /textdocs/DIAGNOSIS.txt under test 7, it suggested that - you have shadow passords (or some other password system) but didn't compile in support for them in smbd How do I check if my shadow passwords isn't compiled in support for them in smbd, if they are not, how do I go about compiling them? - you enabled password encryption but didn't create the SMB encrypted password file Again how do I check for this and how do I create the SMB encrypted password file? If it's talking about the /etc/samba/private/smbpasswd file, then I have it. is this all I need or is there something else I'm missing? Thank you. _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbmount of Windows 2000/XP disregards uid option
What are you trying to accomplish? Can you explain what you are trying to do exactly? Regards, -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com -Original Message- From: Bertil Askelid [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:59 PM To: [EMAIL PROTECTED] Subject: [Samba] smbmount of Windows 2000/XP disregards uid option Hello! I'm mounting Windows 2000/XP disk drives from Linux RedHat 7.3 using smbmount. No problems, the disks are mounted. However, it disregards the uid and gid options and leaves the smbfs owned by root giving the uid user read-only access and not read-write as expected. Adding the rw doesn't help either. What am I doing wrong? -- Bertil Askelid Anaheim Hills, California -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba not accepting new connections after a few hours
Hi, I just installed Samba 2.2.8 on a Solaris 2.7 server. Soon after I had people start using the shares on the server, I'd get calls telling me that the shares were inaccessible. I went on the server, did a ps -ef | grep samba| wc and got about 25 lines. I restarted Samba and the problem cleared up. This started happening every couple hours so I started changing some parameters. I started decreasing the deadtime until it got down to 5. This made the problem get less frequent but I still have to restart Samba a couple times a day. I also added SO_KEEPALIVE to the socket options but that didn't have an noticeable effect. Is there some other parameter to add or modify that will permit more than a couple dozen connections? I check the manuals but I wasn't able to find anything. Thanks in advance! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Access to shares for authenticated domain users only
You could setup shorewall (iptables) to only allow authorized mac addresses to access the server. This would prevent a valid user from accessing the data from an unauthorized machine. Regards, -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 2:18 AM To: Kevin Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Access to shares for authenticated domain users only On Thu, 2003-03-27 at 23:45, Kevin wrote: On Thu, 27 Mar 2003 07:11:55 +, Andrew wrote: While 'hacks' might be possible, shares are authenticated seperatly to the domain logon, and there is no linkage apart from the fact that the domain logon sets up the default username/pw pair. Fundementally, any restriction imposed by logon script/.pol files can be avoided - you must never trust the client to actually follow their directions... Thanks Andrew. Point taken. Where would you go for more info on this sort of security? In particular I'm trying to avoid unauthorised notebooks etc. connecting to the network and then disappearing off home with sensitive data from the server on their drives. Really, the best you can do is per-user passwords, strong passwords, correctly set permissions, and policies (human policies, not computer ones :-). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Access to shares for authenticated domain users only
I have about 120 users who have need to have access to these shares. Only about 30-40 of them will be accessing them at any one time. It's not a matter of unauthorized access. It seems like when I get too many (valid) requests for the shares, Samba won't let any more valid requests in. Thanks. -Original Message- From: Barry, Christopher [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 4:58 PM To: Andrew Bartlett; Kevin Cc: [EMAIL PROTECTED] Subject: RE: [Samba] Access to shares for authenticated domain users only You could setup shorewall (iptables) to only allow authorized mac addresses to access the server. This would prevent a valid user from accessing the data from an unauthorized machine. Regards, -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 2:18 AM To: Kevin Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Access to shares for authenticated domain users only On Thu, 2003-03-27 at 23:45, Kevin wrote: On Thu, 27 Mar 2003 07:11:55 +, Andrew wrote: While 'hacks' might be possible, shares are authenticated seperatly to the domain logon, and there is no linkage apart from the fact that the domain logon sets up the default username/pw pair. Fundementally, any restriction imposed by logon script/.pol files can be avoided - you must never trust the client to actually follow their directions... Thanks Andrew. Point taken. Where would you go for more info on this sort of security? In particular I'm trying to avoid unauthorised notebooks etc. connecting to the network and then disappearing off home with sensitive data from the server on their drives. Really, the best you can do is per-user passwords, strong passwords, correctly set permissions, and policies (human policies, not computer ones :-). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Access to shares for authenticated domain users only
On Sat, 2003-03-29 at 09:57, Barry, Christopher wrote: You could setup shorewall (iptables) to only allow authorized mac addresses to access the server. This would prevent a valid user from accessing the data from an unauthorized machine. MAC addresses, like IP addresses, are easily changed... The only secure computer is turned off, disconnected from the world, under 5 feet of concrete with an armed guard standing on top. And then somebody will probably just bribe the guard... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Access to shares for authenticated domain users only
well said... -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 6:07 PM To: Barry, Christopher Cc: Andrew Bartlett; Kevin; [EMAIL PROTECTED] Subject: RE: [Samba] Access to shares for authenticated domain users only On Sat, 2003-03-29 at 09:57, Barry, Christopher wrote: You could setup shorewall (iptables) to only allow authorized mac addresses to access the server. This would prevent a valid user from accessing the data from an unauthorized machine. MAC addresses, like IP addresses, are easily changed... The only secure computer is turned off, disconnected from the world, under 5 feet of concrete with an armed guard standing on top. And then somebody will probably just bribe the guard... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing with CUPS and PDF
Trying to get one Samba server to serve several printers through CUPS and host a virtual PDF printer at the same time. I've gotten them working separately, but not together, and I think I know why. In the smb.conf man page under print command: With printing = cups, and if SAMBA is compiled against libcups, any manually set print command will be ignored. My PDF printer relies on a print command field (print command = /usr/bin/printpdf %s) as recommended in the PDF printer howto here: http://www.linuxgazette.com/issue72/bright.html So is it possible to use CUPS and a print command in the same Samba server? Why are print commands ignored anyway? Thanks in advance for any responses. -Tom -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba joins win2k domain but can't authenticate
All I got my samba server to join my win2k domain without any problems. But if I change the config to read security=domain it prompts the user for a username and password. If I change it to security=server it does not prompt for user names. I did some searching in the list came up with a few emails and this website http://www.sugoi.org/bits/index.php?bit_id=10 but still no change. In the /etc/host file I put the pdc name and address and made sure I could ping it by name. Using Freebsd 4.7 and Samba 2.2.6. I have rebooted the client and the PDC and also stopped and started samba a few times. Any help would be appreciated, and thank you for even taking the time to read my post. # Samba config file created using SWAT # from dad (192.168.11.5) # Date: 2003/03/28 18:25:30 # Global parameters [global] workgroup = DIGITALRAGE netbios name = SKYWALKER server string = Samba security = DOMAIN encrypt passwords = Yes password server = cartman socket options = TCP_NODELAY SO_RCVBUF=4096 SO_SNDBUF=4096 IPTOS_LOWDELAY preferred master = False local master = No domain master = False wins server = 192.168.11.1 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba joins win2k domain but can't authenticate
Yes the users do have accounts on the box just not smb accounts, but looks like I might have to create them seems to be the only way I can get it to work. -Original Message- From: Elijah Savage Sent: Friday, March 28, 2003 6:37 PM To: [EMAIL PROTECTED] Subject: [Samba] Samba joins win2k domain but can't authenticate All I got my samba server to join my win2k domain without any problems. But if I change the config to read security=domain it prompts the user for a username and password. If I change it to security=server it does not prompt for user names. I did some searching in the list came up with a few emails and this website http://www.sugoi.org/bits/index.php?bit_id=10 but still no change. In the /etc/host file I put the pdc name and address and made sure I could ping it by name. Using Freebsd 4.7 and Samba 2.2.6. I have rebooted the client and the PDC and also stopped and started samba a few times. Any help would be appreciated, and thank you for even taking the time to read my post. # Samba config file created using SWAT # from dad (192.168.11.5) # Date: 2003/03/28 18:25:30 # Global parameters [global] workgroup = DIGITALRAGE netbios name = SKYWALKER server string = Samba security = DOMAIN encrypt passwords = Yes password server = cartman socket options = TCP_NODELAY SO_RCVBUF=4096 SO_SNDBUF=4096 IPTOS_LOWDELAY preferred master = False local master = No domain master = False wins server = 192.168.11.1 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, email, LDAP and password integration andmanagement
I've finally got samba working with LDAP and keeping the password attributes in LDAP synchronized no matter where the password change comes from. I think this is what you mean. I intend to write a more thorough howto for this sometime in the near future, but if you'd like I could prolly get you up and running sooner. Ross Patterson Programmer/Analyst 831-459-2792 [EMAIL PROTECTED] 1156 High St, Barn G, PPC Santa Cruz, CA 95064 On Fri, 28 Mar 2003, Brian Johnson wrote: I set up a test server about a year ago to try this and gave up since it didn't seem that the processes were quite yet in place to do it .. I am evaluating the potential for Samba and Linux accounts (including postfix email accounts) to share the same passwords and have a process in place to encourage users to change their passwords and try to prevent esay to crack passwords Could someone please confirm whether they have such a system working and how difficult it was to set up? When I looked at it before, it seemed that although Samba could use LDAP, it used a different schema from the standard system accounts and therefore there was not really any sharing of password data If it matters, my server I'd like to do this on is a Redhat 7.3 system -- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, email, LDAP and password integration andmanagement
Sounds like what I'm looking for .. please post the url to this list when done .. I can wait .. I want to see what's coming in Redhat 9 and it may affect my plans [EMAIL PROTECTED] wrote: I've finally got samba working with LDAP and keeping the password attributes in LDAP synchronized no matter where the password change comes from. I think this is what you mean. I intend to write a more thorough howto for this sometime in the near future, but if you'd like I could prolly get you up and running sooner. Ross Patterson Programmer/Analyst 831-459-2792 [EMAIL PROTECTED] 1156 High St, Barn G, PPC Santa Cruz, CA 95064 On Fri, 28 Mar 2003, Brian Johnson wrote: I set up a test server about a year ago to try this and gave up since it didn't seem that the processes were quite yet in place to do it .. I am evaluating the potential for Samba and Linux accounts (including postfix email accounts) to share the same passwords and have a process in place to encourage users to change their passwords and try to prevent esay to crack passwords Could someone please confirm whether they have such a system working and how difficult it was to set up? When I looked at it before, it seemed that although Samba could use LDAP, it used a different schema from the standard system accounts and therefore there was not really any sharing of password data If it matters, my server I'd like to do this on is a Redhat 7.3 system -- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Forgot to mention
Sorry all, I forgot to mention I'm running a newly installed version of redhat 8.0 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount of Windows 2000/XP disregards uid option
Hello, Christopher! You have to run smbmount as root, which means that the Windows harddrives are mounted with all files owned by root. Unless you have a umask 0, another user, beside root, cannot write access the files. According to the smbmount man page, a -o uid=bertil gid=staff should mount the file system with bertil:staff as owner. And I would have write access. And only me, no one else on my system. The umask 0 trick is dangerous in that you let everybody change the mounted file system. Thanks for helping me out! With Kindest Regards Bertil SMBMOUNT(8) SMBMOUNT(8) NAME smbmount - mount an smbfs filesystem [ ... ] OPTIONS [ ... ] uid=arg sets the uid that will own all files on the mounted filesystem. It may be specified as either a username or a numeric uid. gid=arg sets the gid that will own all files on the mounted filesystem. It may be specified as either a groupname or a numeric gid. [ ... ] Subject: RE: [Samba] smbmount of Windows 2000/XP disregards uid option Date: Fri, 28 Mar 2003 16:45:55 -0500 From: Barry, Christopher [EMAIL PROTECTED] What are you trying to accomplish? Can you explain what you are trying to do exactly? Regards, -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com -Original Message- From: Bertil Askelid [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:59 PM To: [EMAIL PROTECTED] Subject: [Samba] smbmount of Windows 2000/XP disregards uid option Hello! I'm mounting Windows 2000/XP disk drives from Linux RedHat 7.3 using smbmount. No problems, the disks are mounted. However, it disregards the uid and gid options and leaves the smbfs owned by root giving the uid user read-only access and not read-write as expected. Adding the rw doesn't help either. What am I doing wrong? -- Bertil Askelid Anaheim Hills, California -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and CCC
On Sat, 2003-03-29 at 03:41, Roylance, Stephen D. wrote: Don't think any one on the team has access to a machine with compaq's compiler. Compaq, from pre-merger, has a testdrive program you can register for. They provide a pretty wide range of Compaq/HP machines with various OS'es available via telnet from the Internet. More info, for anyone who's interested, here:http://www.testdrive.compaq.com/ We have a number of testdrive machines already participating on the 'build farm' (build.samba.org). It's on my list to expand this, but it's a long list :-) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing with CUPS and PDF
http://www.linuxgazette.com/issue72/bright.html So is it possible to use CUPS and a print command in the same Samba server? Why are print commands ignored anyway? Thanks in advance for any responses. -Tom The political correct way in this case is to create a pdf-backend for cups. Doing that, both linux and windows boxes can print pdfs and samba can handle that with no probs. Sorry for not having a link, but i guess if you google something like cups pdf backend, you'll get some results. cya jk -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I want to add to your maillist!
But I know little about maillist -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and shadow passwords
On Fri, 28 Mar 2003, Allen Smith wrote: Hi everyone, I'm still debuging my installation of samba. in /textdocs/DIAGNOSIS.txt under test 7, it suggested that - you have shadow passords (or some other password system) but didn't compile in support for them in smbd How do I check if my shadow passwords isn't compiled in support for them in smbd, if they are not, how do I go about compiling them? You did not state what your platform is. Our crystal balls are so badly worn out that guessing is painful! :) Anyhow: In Linux shadow passwords are hidden behind PAM (Pluggable Authentication Modules) so you do not need to worry about it. - you enabled password encryption but didn't create the SMB encrypted password file Yep. All you need to do then is: smbpasswd -a root then for each user: smbpasswd -a 'username' That puts them into smbpasswd. Again how do I check for this and how do I create the SMB encrypted password file? If it's talking about the /etc/samba/private/smbpasswd file, then I have it. is this all I need or is there something else I'm missing? It is talking about /etc/samba/private/smbpasswd - but you do need to make sure that all your MS Windows users have an antry in it per the above. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[PATCH]SAMR_LOOKUP_DOMAIN functionality in rpcclient
Hi All,
I wanted to test the server SAMR_LOOOKUP_DOMAIN functionality in samba3.0 which made
me add the client functionality for the same in rpcclient which was not present(also I
cudnt think abt any scenarios where it wud be genearted ). This is a _trivial_ patch
to adding the client side functioning using two functions :
cli_samr_lookup_domain
cmd_samr_lookup_domain
Could u pls comment( /apply it :-) ?
Cheers,
Amber.
P.S. Use: patch -p0
_
free webspace email - http://www.nu3.net
_
Select your own custom email address for FREE! Get [EMAIL PROTECTED] w/No Ads, 6MB,
POP more! http://www.everyone.net/selectmail?campaign=tag
*** /home/apalekar/tmp/source/rpc_client/cli_samr.c Thu Mar 6 13:59:58 2003
--- rpc_client/cli_samr.c Fri Mar 28 00:47:56 2003
***
*** 1449,1451
--- 1449,1498
return result;
}
+
+ /* Lookup Domain Name */
+
+ NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *user_pol, fstring domain_name,
+ DOM_SID *sid)
+ {
+ prs_struct qbuf, rbuf;
+ SAMR_Q_LOOKUP_DOMAIN q;
+ SAMR_R_LOOKUP_DOMAIN r;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_lookup_domain(q, user_pol, domain_name);
+
+ if (!samr_io_q_lookup_domain(, q, qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_LOOKUP_DOMAIN, qbuf, rbuf))
+ goto done;
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_lookup_domain(, r, rbuf, 0))
+ goto done;
+
+ /* Return output parameters */
+
+ result = r.status;
+ sid_copy(sid,(r.dom_sid.sid));
+
+ done:
+ prs_mem_free(qbuf);
+ prs_mem_free(rbuf);
+
+ return result;
+ }
+
+ /* Lookup Domain Name */
+
*** /home/apalekar/tmp/source/rpcclient/cmd_samr.c Thu Mar 6 13:59:58 2003
--- rpcclient/cmd_samr.cFri Mar 28 00:49:04 2003
***
*** 1399,1404
--- 1399,1454
return result;
}
+ /**
+ *
+ */
+ static NTSTATUS cmd_samr_lookup_domain(struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, char **argv)
+ {
+ POLICY_HND connect_pol, domain_pol, user_pol;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ fstring domain_name,sid_string;
+ DOM_SID sid;
+
+ #if 0
+ if ((argc 2) || (argc 4)) {
+ printf(Usage: %s rid [info level] [access mask] \n, argv[0]);
+ return NT_STATUS_OK;
+ }
+ #endif
+
+ sscanf(argv[1], %s, domain_name);
+
+
+ result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
+ connect_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_samr_open_domain(cli, mem_ctx, connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ domain_sid, domain_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_samr_lookup_domain(cli,mem_ctx,connect_pol,domain_name,sid);
+
+ sid_to_string(sid_string,sid);
+
+ if (NT_STATUS_IS_OK(result)) {
+ DEBUG(0,(SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID:
%s\n,domain_name,sid_string));
+ goto done;
+ }
+
+
+ done:
+ return result;
+ }
+
/* List of commands exported by this module */
***
*** 1424,1428
--- 1474,1479
{ samquerysecobj, cmd_samr_query_sec_obj, PI_SAMR, Query SAMR
security object,},
{ getdompwinfo, cmd_samr_get_dom_pwinfo,PI_SAMR, Retrieve
domain password info, },
+ { lookupdomain, cmd_samr_lookup_domain, PI_SAMR, Lookup
Domain Name, },
{ NULL }
};
Re: [PATCH]SAMR_LOOKUP_DOMAIN functionality in rpcclient
Ooops, wrong patch in the earlier mail.
Please find the correct patch here.
Cheers,
Amber.
--- message from amber palekar [EMAIL PROTECTED] attached:
_
free webspace email - http://www.nu3.net
_
Select your own custom email address for FREE! Get [EMAIL PROTECTED] w/No Ads, 6MB,
POP more! http://www.everyone.net/selectmail?campaign=tag
*** /home/apalekar/tmp/source/rpcclient/cmd_samr.c Thu Mar 6 13:59:58 2003
--- rpcclient/cmd_samr.cFri Mar 28 01:21:08 2003
***
*** 1399,1404
--- 1399,1450
return result;
}
+ /**
+ *
+ */
+ static NTSTATUS cmd_samr_lookup_domain(struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, char **argv)
+ {
+ POLICY_HND connect_pol, domain_pol, user_pol;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ fstring domain_name,sid_string;
+ DOM_SID sid;
+
+
+ if (argc != 2) {
+ printf(Usage: %s domain_name\n, argv[0]);
+ return NT_STATUS_OK;
+ }
+
+ sscanf(argv[1], %s, domain_name);
+
+ result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
+ connect_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_samr_open_domain(cli, mem_ctx, connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ domain_sid, domain_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_samr_lookup_domain(cli,mem_ctx,connect_pol,domain_name,sid);
+
+ sid_to_string(sid_string,sid);
+
+ if (NT_STATUS_IS_OK(result))
+ printf(SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID:
%s\n,domain_name,sid_string);
+
+
+ done:
+ return result;
+ }
+
/* List of commands exported by this module */
***
*** 1424,1428
--- 1470,1475
{ samquerysecobj, cmd_samr_query_sec_obj, PI_SAMR, Query SAMR
security object,},
{ getdompwinfo, cmd_samr_get_dom_pwinfo,PI_SAMR, Retrieve
domain password info, },
+ { lookupdomain, cmd_samr_lookup_domain, PI_SAMR, Lookup
Domain Name, },
{ NULL }
};
*** /home/apalekar/tmp/source/rpc_client/cli_samr.c Thu Mar 6 13:59:58 2003
--- rpc_client/cli_samr.c Fri Mar 28 00:52:55 2003
***
*** 1449,1451
--- 1449,1498
return result;
}
+
+ /* Lookup Domain Name */
+
+ NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *user_pol, fstring domain_name,
+ DOM_SID *sid)
+ {
+ prs_struct qbuf, rbuf;
+ SAMR_Q_LOOKUP_DOMAIN q;
+ SAMR_R_LOOKUP_DOMAIN r;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_lookup_domain(q, user_pol, domain_name);
+
+ if (!samr_io_q_lookup_domain(, q, qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_LOOKUP_DOMAIN, qbuf, rbuf))
+ goto done;
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_lookup_domain(, r, rbuf, 0))
+ goto done;
+
+ /* Return output parameters */
+
+ result = r.status;
+ sid_copy(sid,(r.dom_sid.sid));
+
+ done:
+ prs_mem_free(qbuf);
+ prs_mem_free(rbuf);
+
+ return result;
+ }
+
+ /* Lookup Domain Name */
+
---BeginMessage---
Hi All,
I wanted to test the server SAMR_LOOOKUP_DOMAIN functionality in samba3.0 which made
me add the client functionality for the same in rpcclient which was not present(also I
cudnt think abt any scenarios where it wud be genearted ). This is a _trivial_ patch
to adding the client side functioning using two functions :
cli_samr_lookup_domain
cmd_samr_lookup_domain
Could u pls comment( /apply it :-) ?
Cheers,
Amber.
P.S. Use: patch -p0
_
free webspace email - http://www.nu3.net
_
Select your own custom email address for FREE! Get [EMAIL PROTECTED] w/No Ads, 6MB,
POP more! http://www.everyone.net/selectmail?campaign=tag
*** /home/apalekar/tmp/source/rpc_client/cli_samr.c Thu Mar 6 13:59:58
W2K Explorer security propagation prob in 2.2.8 and Samba-3's andHEAD
I've have an NT4 PDC with Samba-2.2.8 joined as a domain member. When using Explorer in W2K to change security settings on Samba shares, the security settings are not propagted down the the directory tree - yes I have ticked the Reset perms on all child.. I also see CREATOR OWNER and CREATOR GROUP as accounts defined to all directories. 2.2.7a exhibits none of these issues, but 3 (Alpha 21) and HEAD both do. BTW, I've tested on different Linux distribs (RedHat, SuSE and Debian) on s390 and I686 arcs. One important point is that Samba is running with-acl-support enabled on POSIX ACL enabled Kernels at 2.4.19 and 2.4.20. Any help would be greatly appreciated. Cheers, Grant
Re: Patch for Bad Password Attempt Lockout, samba3.0a22.
On Fri, 2003-03-28 at 23:55, Jianliang Lu wrote: Now the users of admin users will not be locked. admin users not the appropriate choice here. Better would be the members of the 'domain admins' group. The interesting bit is finding this out at the right point in time... In attach is the new patch file. About lockout duration, I will implement next time. I think that we should extend another attribute to record the lockout time. We also need to check that the account policy has been set, and that it's not 0 (which I assume is the 'don't lock out' value). Also, I'm worried about the writes this will cause on the backend. An LDAP write can be quite expensive, and for the LDAP case this means that the master ldap server will be hit for every logon attempt. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part
NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
Hi all,
I've been having a problem with nmbd crashing multiple times per day.
I suspect that the problem is caused by a shell script that tries to
lookup the name for ws to ws4000 to build a DNS reverse table.
It look something like this:
#!/bin/ksh
typeset -Z4 i=0
while (( $i 4000 )); do
host=ws$i
nmblookup $host | awk -v host=$host '
/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ {
printf(%s IN A %s\n, host, $1)
}
'
(( i = i + 1 ))
done
I have a level 10 debug log which I could send if it would be useful.
Let me know if there is any more information I can provide.
Bob
[EMAIL PROTECTED]:16]- uname -a
SunOS salt 5.7 Generic_106541-19 sun4u sparc SUNW,Ultra-60
[EMAIL PROTECTED]:02]- gdb /usr/local/samba/bin/nmbd 5051
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type show copying to see the conditions.
There is absolutely no warranty for GDB. Type show warranty for details.
This GDB was configured as sparc-sun-solaris2.7...(no debugging symbols
found)...
/usr/proc/bin/5051: No such file or directory.
Attaching to program `/usr/local/samba/bin/nmbd', process 5051
Reading symbols from /usr/lib/libsec.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libsec.so.1
Reading symbols from /usr/lib/libgen.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libgen.so.1
Reading symbols from /usr/lib/libsocket.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libdl.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/dt/lib/libpam.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/dt/lib/libpam.so.1
Reading symbols from /usr/lib/libc.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1...(no
debugging symbols found)...done.
Loaded symbols for /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
Retry #1:
Retry #2:
Retry #3:
Retry #4:
[New LWP 1]
Symbols already loaded for /usr/lib/libsec.so.1
Symbols already loaded for /usr/lib/libgen.so.1
Symbols already loaded for /usr/lib/libsocket.so.1
Symbols already loaded for /usr/lib/libnsl.so.1
Symbols already loaded for /usr/lib/libdl.so.1
Symbols already loaded for /usr/dt/lib/libpam.so.1
Symbols already loaded for /usr/lib/libc.so.1
Symbols already loaded for /usr/lib/libmp.so.2
Symbols already loaded for /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
0xff21a374 in _waitid () from /usr/lib/libc.so.1
(gdb) bt
#0 0xff21a374 in _waitid () from /usr/lib/libc.so.1
#1 0xff1d8374 in _waitpid () from /usr/lib/libc.so.1
#2 0xff20ffd0 in system () from /usr/lib/libc.so.1
#3 0x7d1d0 in smb_panic ()
#4 0x641ac in fault_report ()
#5 signal handler called
#6 0xff1506bc in memcpy () from
/usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
#7 0x2bc10 in query_name_response ()
#8 0x30ac0 in process_nmb_response ()
#9 0x30b44 in run_packet_queue ()
#10 0x21b0c in process ()
#11 0x22c10 in main ()
(gdb)
[EMAIL PROTECTED]:55]- ./pstack 5051
5051: /usr/local/sbin/nmbd -d 10 -D
ff21a374 waitid (0, 268, ffbeebc8, 103)
ff1d836c _waitpid (268, ffbeecb0, 100, 0, c, 0) + 54
ff20ffc8 system (112690, da000, 70d98, 7, d3db0, d3dc4) + 230
0007d1c8 smb_panic (d3e0c, d3db0, d3dc4, 29, 0, ee800) + 28
000641a4 fault_report (b, 0, ffbeefa8, 0, 0, 0) + 164
ff219650 sigacthandler (b, 0, ffbeefa8, 68, 0, ffbef2dc) + 28
--- called from signal handler with signal 11 (SIGSEGV) ---
ff1506bc memcpy (1122f0, 33f8d8, 33d618, 89, 0, ee800) + 1c
00030ab8 process_nmb_response (33d618, 33d618, 9fc00, 0, ffbef320,
ffbef328) + d0
00030b3c run_packet_queue (0, 0, 0, 7, ff235e10, 69e24) + 74
00021b04 process (1, f, bb8dc, 370, 9fc00, ee800) + 54
00022c08 main (4, d8c00, 9fc00, a6800, 0, 0) + 8e8
00020920 _start (0, 0, 0, 0, 0, 0) + 108
[EMAIL PROTECTED]:56]- ./pmap 5051
5051: /usr/local/sbin/nmbd -d 10 -D
0001512K read/exec /usr/local/samba/bin/nmbd
0009E000240K read/write/exec /usr/local/samba/bin/nmbd
000DA000 2528K read/write/exec [ heap ]
FF14 8K read/write/shared dev:85,2 ino:115369
FF15 16K read/exec /usr/platform/sun4u/lib/libc_psr.so.1
FF16 16K read/exec /usr/lib/libmp.so.2
FF172000 8K read/write/exec /usr/lib/libmp.so.2
FF18664K read/exec /usr/lib/libc.so.1
FF234000 40K read/write/exec /usr/lib/libc.so.1
FF25 24K
RE: NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
Sorry, I forgot to include smb.conf. I am building the 2.2.8 release now
and will install it in the next couple of hours (assuming all builds
cleanly)
so any testing can be done against that release.
The current (2.2.7a) release we built with the following:
CC=/opt/SUNWspro/bin/cc ../../configure \
--with-automount \
--with-msdfs \
--with-nisplus-home \
--with-readline \
--with-pam \
--with-syslog \
--with-utmp \
--with-tdbsam \
--with-libsmbclient \
--with-configdir=/etc/samba \
--with-privatedir=/etc/samba/private \
--with-codepagedir='${prefix}/codepages' \
--with-lockdir=/var/samba/locks \
--localstatedir=/var/samba \
--mandir=/usr/local/share/man
#
# Global parameters
#
[global]
comment = %h.fra.ib.commerzbank.com
server string = Spicenet administrative server
max log size = 51200
debug timestamp = Yes
debug uid = Yes
debuglevel = 1
panic action = /bin/sleep 9
# When nmbd dies you will find a sleep process left on the machine.
# Using ps, find the parent of this process (it will be an nmbd
process),
# then attach to it using gdb.
# Type 'bt' to get a backtrace of the problem and mail it to the list
# [EMAIL PROTECTED]
workgroup = FRAIB
security = DOMAIN
encrypt passwords = Yes
#
# password server= * works but broke when the network melted down.
#
password server = pdcfraib dfsfraib sms1fraib
name resolve order = host, wins
load printers = No
printcap name = /etc/printcap
character set = ISO8859-1
wins proxy = Yes
wins server = pdcfraib.fra.ib.commerzbank.com
valid chars = 159 176 177 178 179 180 185 186 187 188 191 192 193 194 \
195 196 197 200 201 202 203 204 205 206 217 218 219 220 223 242 254
remote announce = pdclonib
NIS homedir = Yes
print command = /usr/bin/lp -c -s -d %p -o nobanner %s; rm %s
lpq command = /usr/bin/lpstat -o %p
lprm command = /usr/bin/cancel %p-%j
lppause command = /usr/bin/lp -H hold %p-%j
lpresume command = /usr/bin/lp -H resume %p-%j
oplocks = No
kernel oplocks = No
level2 oplocks = No
case sensitive = No
preserve case = Yes
username map = /etc/samba/username.map
[homes]
admin users = edgarb
comment = Home Directory
path = %H
writeable = Yes
create mask = 0755
browseable = No
[Clearcase]
comment = Clearcase software
path = /export/share/clearcase/v4.1
force user = root
force group = root
writeable = Yes
create mask = 0755
directory mask = 0755
[Clearcase42]
comment = Clearcase software
path = /export/share/clearcase/v4.2
force user = root
force group = root
writeable = Yes
create mask = 0755
directory mask = 0755
[CCData]
comment = Clearcase Data Store
path = /export/var/clearcase
write list = @ccaccess
create mask = 0775
directory mask = 0775
read only = yes
-Original Message-
From: Edgar, Bob [mailto:[EMAIL PROTECTED]
Sent: Freitag, 28. März 2003 14:20
To: '[EMAIL PROTECTED]'
Subject: NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
Hi all,
I've been having a problem with nmbd crashing multiple times per day.
I suspect that the problem is caused by a shell script that tries to
lookup the name for ws to ws4000 to build a DNS reverse table.
It look something like this:
#!/bin/ksh
typeset -Z4 i=0
while (( $i 4000 )); do
host=ws$i
nmblookup $host | awk -v host=$host '
/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ {
printf(%s IN A %s\n, host, $1)
}
'
(( i = i + 1 ))
done
I have a level 10 debug log which I could send if it would be useful.
Let me know if there is any more information I can provide.
Bob
[EMAIL PROTECTED]:16]- uname -a
SunOS salt 5.7 Generic_106541-19 sun4u sparc SUNW,Ultra-60
[EMAIL PROTECTED]:02]- gdb /usr/local/samba/bin/nmbd 5051
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type show copying to see the conditions.
There is absolutely no warranty for GDB. Type show warranty for details.
This GDB was configured as sparc-sun-solaris2.7...(no debugging symbols
found)...
/usr/proc/bin/5051: No such file or directory.
Attaching to program `/usr/local/samba/bin/nmbd', process 5051
Reading symbols from /usr/lib/libsec.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libsec.so.1
Reading symbols from /usr/lib/libgen.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libgen.so.1
Reading symbols from /usr/lib/libsocket.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libnsl.so.1
2.2.8 fcntl F_SETLKW64 failing on Solaris 8
Hi! I am running into a problem with Samba 2.2.8 on Solaris 8. I didn't have this problem with 2.2.7a and my config file didn't change. What I notice is smbd process running iwth a high CPU usage. Normally they are below 1%. PID USERNAME THR PRI NICE SIZE RES STATETIMECPU COMMAND 11193 root 1 200 4800K 3256K cpu/3 929:36 23.25% smbd Sometimes I see two to three smbd process - each chewing up 20-25% each of the CPU, when I kill them they reappear after 2-3 days. If I do a truss on the process ID I see the following: fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 going on forever and ever. I saw similar posting on samba-technical and the fix was for Samaba 2.2.3a was an updated brlock.c Here are the details: SunOS 5.8 Generic_108528-18 sun4u sparc SUNW,Ultra-4 and our smb.conf file ; CS Samba Configuration ; (run though testparm after changing to verify no errors) [global] dfree command = /cs/local/lib/samba/dfree netbios name = xxx netbios aliases = xxx xxx username map = /cs/local/share/samba/usermap debug level = 1 max log size = 0 max connections = 0 server string = CS Samba %v Server workgroup = CSYORKUCA encrypt passwords = yes security = user hosts allow = guest account = nobody invalid users = root printing = bsd printcap name = /cs/local/share/LPRng/printcap load printers = yes interfaces = wins support = yes domain master = yes local master = yes nt acl support = yes preferred master = yes os level = 65 domain logons = yes print command = /cs/local/bin/lpr -b -P%p %s ; rm -f %s lpq command = /cs/local/bin/lpq -P%p lprm command = /cs/local/bin/lprm -P%p %j ; create mask = 0700 unix password sync = true passwd chat = . %n\n passwd program = /cs/local/lib/udb/smbchange %u logon script = default.bat ; disable roaming profiles ; win2k clients didn't run default.bat when it was in a directory below netlogon. ; default.bat now is in netlogon directory. ;logon script = scripts/default.bat ;logon path = \\%N\profiles\%U ;logon drive = h: ;logon home = \\%L\%U logon path = logon drive = logon home = inherit permissions = yes ;use client driver = yes ;disable spoolss = yes [netlogon] path = /cs/local/share/samba/netlogon writeable = no guest ok = no mangle case = yes ; The 'valid users' line means that users can only access their own ; home directory and not the home directories of others. [homes] comment = Home Directories browseable = yes read only = no valid users = %S [printers] comment = All Printers browseable = yes printable = yes public = no writable = no create mode = 0700 path = /tmp
bug in masked_match function
Tomoki
I think the right solution is to revert the patch - i've knocked up
the following test program.
testbox$ ./a.out
255.255.254.0 == addr/23
1110
Reverting old change - correct
(ALLONES atoi(slash + 1)) ^ ALLONES
1110
changing XOR to AND is incorrect
(ALLONES atoi(slash + 1)) ALLONES
1000
Best Regards
Andrew Bird (Unix Consultant)
#define ALLONES ((uint32)0x)
typedef unsigned int uint32;
print_uint32(uint32 val) {
int i;
for (i = 31 ; i = 0 ;i--) {
printf(%c, val (1 i) ? '1' : '0');
if( (i % 4) == 0 )
printf( );
}
printf(\n\n);
}
int main() {
char *string=10.0.0.0/23;
char *slash=/23;
uint32 mask;
mask =(25524) + (25516) + (2548) + 0;
printf(255.255.254.0 == addr/23\n);
print_uint32(mask);
mask = (uint32)((ALLONES atoi(slash + 1)) ^ ALLONES);
printf(Reverting old change - correct\n);
printf((ALLONES atoi(slash + 1)) ^ ALLONES\n);
print_uint32(mask);
mask = (uint32)((ALLONES atoi(slash + 1)) ALLONES);
printf(changing XOR to AND is incorrect\n);
printf((ALLONES atoi(slash + 1)) ALLONES\n);
print_uint32(mask);
}
Re: 2.2.8 fcntl F_SETLKW64 failing on Solaris 8
Here are the details: SunOS 5.8 Generic_108528-18 sun4u sparc SUNW,Ultra-4 I have noticed some additional F_SETLKW64 problems with Solaris 8 and 2.2.8. I still think that this problem is more closely related to the Sun implementation of fcntl. I would recommend taking your system up to kernel patch 108528-19. In 19 Sun released a patch that is supposed to help the scaling problems of fcntl. Joe Meslovich
Re: NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
On Fri, Mar 28, 2003 at 02:19:48PM +0100, Edgar, Bob wrote:
Hi all,
I've been having a problem with nmbd crashing multiple times per day.
I suspect that the problem is caused by a shell script that tries to
lookup the name for ws to ws4000 to build a DNS reverse table.
It look something like this:
#!/bin/ksh
typeset -Z4 i=0
while (( $i 4000 )); do
host=ws$i
nmblookup $host | awk -v host=$host '
/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ {
printf(%s IN A %s\n, host, $1)
}
'
(( i = i + 1 ))
done
I have a level 10 debug log which I could send if it would be useful.
Let me know if there is any more information I can provide.
I think this is a bug we fixed for 2.2.8. Can you please
try with the updated version.
Thanks,
Jeremy.
RE: encrypt passwords=no, security=yes, samba 2.2.8, W2K user aut h fails
Hi Tony, Can't make it happen here on my HP-UX system, and I don't have a Solaris system to test on. But if you want to get me a log level 10 debug of the issue, and the output of testparm, I'll see if I can spot anything. Send the log and testparm off list, and compressed, ok? Don -Original Message- From: tony shepherd [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 23:31 To: MCCALL,DON (HP-USA,ex1); [EMAIL PROTECTED] Subject: RE: encrypt passwords=no, security=yes, samba 2.2.8, W2K user aut h fails --On Thursday, March 27, 2003 10:06:08 AM -0500 MCCALL,DON (HP-USA,ex1) [EMAIL PROTECTED] wrote: Hi tony, based on your log file, it sure does APPEAR that you have NOT turned off encrypted passwords, as samba is trying to open /usr/local/samba/private/smbpasswd. It should only do that if it negotiated encrypted passwords in the negot prot call, which it should only be able to do if encrypted passwords is set to yes. I note that you are including ANOTHER smb.conf file at the end of your global section; please check there and see if you have an encrypt passwords = yes, and/or include the contents of that smb.conf file as well in your next message to the list, ok? include=/etc/sfw/local-smb.conf local-smb.conf is an empty file. I don't have another encrypt passwords = yes anywhere in the config file. What is weird is that I can eventually authenticate after I change the username I try to authenticate with and then change back again. So, this looks like a bug? I wonder whether it only effects Solaris systems. I would have thought others would have fallen across it. I can't code, but I can provide logs and testing. Please let me know if I can help at all. tony -Original Message- From: tony shepherd [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 25, 2003 21:31 To: [EMAIL PROTECTED] Cc: tony.shepherd Subject: BUG: encrypt passwords=no, security=yes, samba 2.2.8, W2K user auth fails folks ** I am not on this mail list. Can all replied please be Cc'ed to me as well. ** I have come across the following bug using samba 2.2.8 (in the throws of upgrading from 2.0.10 to fix security vul). I discovered this bug using a W2K system; it was not present when testing with win98. I am running the samba server on a solaris 9 system. I am using encrypt passwords = no and security=user and using the Unix passwords for authentication. Registry modification have been made to the windows system. To replicate the bug, I do the following: * log onto w2k system as user ts74081, passwd: fred * try and open the share: \\huey\ts74081. As my password is different between the windows system and the samba server, it prompts me for a username/password pair. I give the correct values but I still get rejected. * I then try to access the share as a different user (one that does not exist on the system): username fred, passwd fred. Naturally it fails. * I then try again with the proper username/password pair and I get authenticated correctly and the share is made available. If I do not try and authenticate as a different user before retrying with the proper username, it will continue to fail to authenticate. I have attached debug 3 logs of the above scenario as well as the smb.conf I am using. If I change the security parameter to security=share, the above bug does not show itself. thanks tony
Re: use sendfile problems with Windows 95
Richard Sharpe wrote: On Thu, 27 Mar 2003, Pierre Belanger wrote: Can you get us a sniff? I sent a captured file directly to Richard. On this Friday, I wanted to share the following... While doing the capture for Richard, I was able to try to open different files a few times... here's what Windows 95 complained about, enjoy! Word cannot open the document. Try one or more of the following: - On the file menu, click Open to open the document - Make sure the document has a .DOC extension. (\\ALKONOST\...\CONFIG-SAVE-PROCDURE.DOC) While trying to open another file... - Word failed reading from this file (CV-belanger-EN). Please restore the network connection or replace the floppy disk and retry. (I clicked OK and then ...) - Word has lost data due to a bad network connection or missing floppy. Documents relying on this data are going to be saved and then closed. (I clicked OK and then ...) - Word cannot complete the save due to a file permission error: C:\RESCUED DOCUMENT.TXT Notes: 1) 4 out of 5 times Windows 95 just hanged when trying to open the 1st file... this time it did not hang?!?!?! 2) After doing the above tests, I mapped another drive from another Samba server not compiled with sendfile support. I was able to open the files properly... Cheers, Pierre B.
RE: NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
Thanks, I've built and installed the 2.2.8 version. I'll give feedback on
Monday.
bob
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Freitag, 28. März 2003 18:25
To: Edgar, Bob
Cc: '[EMAIL PROTECTED]'
Subject: Re: NMBD crashing in 2.2.7a (and 2.2.6, 2.2.5)
On Fri, Mar 28, 2003 at 02:19:48PM +0100, Edgar, Bob wrote:
Hi all,
I've been having a problem with nmbd crashing multiple times per day.
I suspect that the problem is caused by a shell script that tries to
lookup the name for ws to ws4000 to build a DNS reverse table.
It look something like this:
#!/bin/ksh
typeset -Z4 i=0
while (( $i 4000 )); do
host=ws$i
nmblookup $host | awk -v host=$host '
/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ {
printf(%s IN A %s\n, host, $1)
}
'
(( i = i + 1 ))
done
I have a level 10 debug log which I could send if it would be useful.
Let me know if there is any more information I can provide.
I think this is a bug we fixed for 2.2.8. Can you please
try with the updated version.
Thanks,
Jeremy.
tmp files hanging around too long.
I recently upgraded my a21 system to a22 runaway smbds seem to have disappeared. A new, less serious problem, has emerged. When a user keeps a word document open for a very long time i see a proliferation of locked temporary files (87 since yesterday) I'd like to help track down this problem but I'm not sure where to start... The logs show the the tmp files are opened and opened closed opened closed opened closed opened closed opened opened closed closed opened closed opened opened closed note that the last closed does not happen... this file is never used again - it just hangs around in the locked files is left on the disk until the program is closed. I know this looks like a word bug... but the client computers have not changed and I've only observed this phenomena since upgrading to alpha22. How can i help debug this? brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: Next alpha of 3.0 planned for Friday
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is just a heads up for everyone. I'm planning the 3.0alpha23 release for this Friday. If you have code that needs to be merged of commited to the SAMBA_3_0 cvs tree, please get in checked in by 8am EST on Friday of the week. I've hit a few small bugs (one in RH packaging and one in smbpasswd). As soon as I get those cleaned up, 3.0alpha23 will be on its way. Hopefully tomorrow. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+hNGSIR7qMdg1EfYRAlv+AKDWJbF5ZBK5IPE104O/ZPmD6nFwIgCfckUG 6oCiLf1R6SKsDsu4FkgS+PI= =A0L2 -END PGP SIGNATURE-
Spooler retrieves driver files hundreds times during Point andPrint install or driver property update.
I have detected significant performance slow down when I use PnP driver with versions 2.2.7A and 2.2.8. It happened with all kinds of Windows OS (exclude 9x) when user has administrative rights to Samba based printers. In Windows system event viewer I see that spooler retrieves printer driver files from Samba server to Window machine a lot of times. It happened each time when I try to update driver properties, change paper size or print .. Sometimes Windows's spooler retrieves driver files hundreds times and it take all CPU's and network resources. It newer happened before with SAMBA 2.2.2 we used. Thanks Arcady
Re: Next alpha of 3.0 planned for Friday
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 27 Mar 2003, Tomoki AONO wrote: In [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: This is just a heads up for everyone. I'm planning the 3.0alpha23 release for this Friday. If you have code that needs to be merged of commited to the SAMBA_3_0 cvs tree, please get in checked in by 8am EST on Friday of the week. Would someone take a look at CIDR-like notation problem by Mr. Takeda (and following mail by me) ? If this is right, example config described in securing-samba.sgml will not work as expected. (http://lists.samba.org/pipermail/samba-technical/2003-March/042993.html) Fixed. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+hG2DIR7qMdg1EfYRAv+ZAJ446QsKK2fNTJQMUaEanz0rbJoCCACeNcuH Mxs352anoxclJKqT4TwrrLI= =JAQm -END PGP SIGNATURE-
RE : Problem with VMS_SUPPORT.C
B. Z. Ledermman wrote: DISK$STORAGE:[SAMBA-2_2_7A-SRC.SOURCE.VMS]VMS_SUPPORT.C;262:(394) vms_statfs: $GETDVI ERROR for disk$lederman^:^[lederman^].: sts= 0144, iosb = 0144 The error is in what ever routine is converting UNIX filenames to VMS. It is setting the : as a filename character, and not as a device delimiter. And unless the SAMBA panic handler has been disabled, calling LIB$SIGNAL on fatal errors can really lead to some interesting and useless tracebacks. -John [EMAIL PROTECTED] Personal Opinion Only PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Compiling SAMBA with better options
From: B. Z. Lederman wrote: I've been looking more at the source code and the way it's compiled. /STANDARD=VAXC is really not a good choice. It covers up too many real and potential problems in the code. Use /STANDARD=PORTABLE. Do not use /STANDARD=VAXC Use /WARN=ENABLE=(LEVEL4, QUESTCODE) for the diagnostic level. You can use more strict /STANDARD or /warn and other checking if you wish, but the two settings above are the minimum needed to both find common bugs, and to be compatable with common programming practices. If the /warn=enable=(LEVEL4, QUESTCODE) and /STANDARD=PORTABLE does not compile a UNIX samba module, try it again by adding /ACCEPT=NOVAXC If that does not fix it, then update the source and send a explanation of the bug fix allong with a submit a gdiff -u output of the change to the SAMBA-TECHNICAL list so it can be fixed in the source for all platforms. If you have not submitted patches to the SAMBA-TECHNICAL list before, I recommend posting just the lines that you think needing fixing both old and new to this list for review. Please be brief. There is also a question of what to do with names that are longer than 31 characters. I put #define statements in the config.h or equivalent. Having the names truncated will cause duplicate symbol errors in SAMBA. The only thing that I can find in the standard is that only 8 characters for external names are guaranteed to be available on all platforms, and obviously most code needs more than that. The other option is to allow the compiler to mangle names. I prefer not to do that as then I can not always predict what name will show up in the debugger. Particularly if the demangle database is cleared. [SAMBA-2_2_7A-SRC.SOURCE.SMBD] CLOSE.C because it calls sys$open, sys$close, etc. without the functions being defined. Modules that call these functions are better off if they #include starlet.h to define the function prototypes. There are a couple of other modules where this should be done. I personally find that the #include files for the system service modules to not be accurate because they do not use the const modifier where they should and they tend to use void *, which will accept anything with out a complaint. So I usually prototype the system services manually, like I did in Frontport. That way the compiler is more likely to find bugs. The use of the const modifier on variables passed by address also allows the compiler to optimize more effienciently, which means faster and smaller code. It's use should be greatly encouraged. An unknown person wrote: (post is not in the digest) | I quite agree with your remarks, but I fear that you seem to forget a very | important point : Samba/VMS is a port from a quite complicated software that | comes from Unix, and is quite often updated. If you multiply the #ifdef | for VMS specifics, you begin to have a lot of work each time a new release | comes in, if you want to follow the Unix updates. So I tend to limit the VMS | specific changes to truly functional ones, not for the intellectual benefit | of removing warning or informational messages. That is why I did the SAMBA 2.0.6 port the way I did. Amost no #ifdef __VMS is in the code. Carl Perkins has supplied me with a fix to Frontport that probably eliminates all but one of the #ifdef __VMS. Use of the compiler options that I listed earlier should allows SAMBA to compile unless there is a real bug in the source code. I add a /DEFINE=(MOD_modulename) to the MMS C compiler rule so that I can put things that are specific to a module in the config.h or equivalent. That way I can override a local routine with out having to edit any source code. The MMS definition is below, and it is easy to do this with DCL command procedures. MODN =MOD_'f$element(0,-,f$parse($*,,,NAME))' So in the config.h or equivalent, (Since I am now generating the config.h from a command procedure that knows how to read the config.h.in and configure.in files, and search the DECC images and libraries, I now put all the manual edits in config_vms.h) #ifdef MOD_LOADPARM /* Change the name for a VMS specific wrapper */ /**/ #define lp_load samba_lp_load #endif This allows me to scan the VMS specific SAMBA logical names every time that SAMBA scans the smb.conf file for changes. And if a module informational diagnostics that I do not want to submit a fix for, I can supress those on a per module basis. #ifdef MOD_IPC /* suppress messages about using -1 as third arg to SSVALS() macro */ #pragma message disable intconstsign #endif This is a case where they are using a -1 instead of 0xFFF. The problem with fixing this is that the size of an unsigned int is platform specific, so it really should be ~0 instead. However if I remember correclty that also generates a diagnostic. So I just supress the diagnostic for now. An unknown person wrote: (post is not in
RE : Problem with VMS_SUPPORT.C
The error is in what ever routine is converting UNIX filenames to VMS. It is setting the : as a filename character, and not as a device delimiter. It's the sort of thing that decc$to_vms might be provoked into if DECC$FILENAME_UNIX_ONLY were set. I suspect folks will be in for a whole heap of grief, if these things start getting set system wide, however backwards compatible the defaults are. This is only speculation though; I haven't got a convenient test install, and I've kind of lost track on the name mangling algorithms in Samba/VMS. It would help to know what the settings of DECC* are on the system in question, as Bernard noted. Richard Brodie PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: smbfs reads Variable files incorrectly from VMS Samba 2.2.8
- Original Message - From: Ben Armstrong [EMAIL PROTECTED] To: COLLOT Jean-Yves [EMAIL PROTECTED] Cc: Samba VMS [EMAIL PROTECTED] Sent: Friday, March 28, 2003 6:40 PM Subject: smbfs reads Variable files incorrectly from VMS Samba 2.2.8 On Thu, 2003-03-27 at 13:45, COLLOT Jean-Yves wrote: The 2.2.8 version for VMS is available at http://www.pi-net.dyndns.org/anonymous/jyc/ It includes the Unix version 2.2.8, and some specific VMS fixes : - Unexpected changes of file structure (VARIABLE to STREAM) and modification date Thanks! While this does fix the file attribute corruption problem both with Linux smbfs access and Windows XP Attributes access, it unfortunately leaves Variable record format files unreadable under Linux. That is, when you view or copy the file over smbfs, you can see the word line-lengths in it, and you don't get any line terminators. Oddly enough, under Windows XP text files look just fine, so I don't know why Samba 2.2.8 is discriminating against Linux smbfs. Did you try seting SYSGEN parameter RMS_HEURISTIC to 1? On pathworks this can make a difference when interpreting text files. Regards, Gorazd Kikelj PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
CVS update: samba/source/passdb
Date: Fri Mar 28 10:02:43 2003 Author: abartlet Update of /data/cvs/samba/source/passdb In directory dp.samba.org:/tmp/cvs-serv24389/passdb Modified Files: pdb_ldap.c Log Message: Merge from HEAD - get better error strings from the ldap server in pdb_ldap. Andrew Bartlett Revisions: pdb_ldap.c 1.95 = 1.96 http://www.samba.org/cgi-bin/cvsweb/samba/source/passdb/pdb_ldap.c?r1=1.95r2=1.96
CVS update: samba/source/libsmb
Date: Fri Mar 28 21:07:44 2003 Author: sharpe Update of /data/cvs/samba/source/libsmb In directory dp.samba.org:/tmp/cvs-serv25489/libsmb Modified Files: libsmbclient.c Log Message: Some fixes to URL syntax from coolo. Revisions: libsmbclient.c 1.64 = 1.65 http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/libsmbclient.c?r1=1.64r2=1.65
CVS update: samba/examples/libsmbclient
Date: Fri Mar 28 21:12:11 2003 Author: sharpe Update of /data/cvs/samba/examples/libsmbclient In directory dp.samba.org:/tmp/cvs-serv25973 Modified Files: testsmbc.c Log Message: Fix some uncleanness with testsmbc.c Revisions: testsmbc.c 1.4 = 1.5 http://www.samba.org/cgi-bin/cvsweb/samba/examples/libsmbclient/testsmbc.c?r1=1.4r2=1.5
CVS update: samba/source/libsmb
Date: Fri Mar 28 21:41:27 2003 Author: sharpe Update of /data/cvs/samba/source/libsmb In directory dp.samba.org:/tmp/cvs-serv28476/libsmb Modified Files: libsmbclient.c Log Message: More patches from coolo. One of these functions needs to be moved elsewhere so other code can use it. Revisions: libsmbclient.c 1.65 = 1.66 http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/libsmbclient.c?r1=1.65r2=1.66
CVS update: samba/packaging/Mandrake
Date: Fri Mar 28 23:13:51 2003 Author: jerry Update of /data/cvs/samba/packaging/Mandrake In directory dp.samba.org:/tmp/cvs-serv4553/Mandrake Modified Files: Tag: SAMBA_3_0 samba-print-pdf.sh samba2.spec.tmpl smb.conf smb.init Log Message: packaging updates from Buchan Revisions: samba-print-pdf.sh 1.3.2.1 = 1.3.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/packaging/Mandrake/samba-print-pdf.sh?r1=1.3.2.1r2=1.3.2.2 samba2.spec.tmpl1.3.2.1 = 1.3.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/packaging/Mandrake/samba2.spec.tmpl?r1=1.3.2.1r2=1.3.2.2 smb.conf1.3.2.1 = 1.3.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/packaging/Mandrake/smb.conf?r1=1.3.2.1r2=1.3.2.2 smb.init1.3.2.1 = 1.3.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/packaging/Mandrake/smb.init?r1=1.3.2.1r2=1.3.2.2
Re: CVS update: samba/source/smbd
NT4 as well as W2k respond with IPC regardless of what service type the client requested in the TCONX when connecting to IPC$. No they don't If you specify a service type (ie. you don't send '?' as the service type) then windows will check that this service type matches the service you are connecting to and will return NT_STATUS_BAD_DEVICE_TYPE if it doesn't match. It is very well possible that this also applies to the DISK and PRINTER share types, not only IPC. no, it doesn't apply to any of them We're definately handling this incorrectly in Samba at the moment.
CVS update: samba/source/lib
Date: Fri Mar 28 15:42:36 2003 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv26949/lib Modified Files: Tag: SAMBA_3_0 access.c Log Message: fix CIDR hosts allow/deny notation Revisions: access.c1.31.2.3 = 1.31.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/access.c?r1=1.31.2.3r2=1.31.2.4
CVS update: samba/source/lib
Date: Fri Mar 28 15:42:57 2003 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv27048/lib Modified Files: access.c Log Message: fix CIDR hosts allow/deny notation Revisions: access.c1.35 = 1.36 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/access.c?r1=1.35r2=1.36
CVS update: samba/source/lib
Date: Fri Mar 28 15:43:18 2003 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv27096/lib Modified Files: Tag: SAMBA_2_2 access.c Log Message: fix CIDR hosts allow/deny notation Revisions: access.c1.19.4.14 = 1.19.4.15 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/access.c?r1=1.19.4.14r2=1.19.4.15
