[Samba] Printer migration problem
Hi, I'm using Samba 3.0.14a I'm trying to migrate printers from a Windows server to my samba one. So I tried to use the following command : /net rpc printer migrate all Myprinter -S SERVER1 --destination=SAMBAMIGR -U Administrator%mypasswd/ And I received the following message : /Could not connect to server SAMBAMIGR The username or password was not correct. /How can I provide the username/password for SAMBAMIGR? -- Davy HUBERT CRIT - Réseaux Université Paul-Valéry, Montpellier 3 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with Too many open files
On Sun, 12 Feb 2006 14:31:47 +0100 Hans B. Randgaard [EMAIL PROTECTED] wrote: HBR the error message: HBR Too many open files HBR each time drives are not mapped. HBR In the log files I can see that it has happened even when we ran version HBR 3.0.10. HBR We run Samba on Solaris and have previously increased both rlim_fd_cur HBR and HBR rlim_fd_max to 1024. Do we need to increase these values further ? Build samba in 64bit mode! The Too many open files problem will go far away :-) Don't ask me why or where the limitation lays but that solved our problem. -- Jean-Jacques Moulis Tel: (013) 281684 ISYFax: (013) 139282 Linköping UniversityE-mail: [EMAIL PROTECTED] 581 83 Linköping -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming Profile won't upload to workstation that didn't create it
Hi, I believe I've had a 'hidden' roaming profiles problem with Samba for a while (I have no idea when it first manifested itself - sometime between 3.0.2 and 3.0.21a). When I create a new user, their client workstation creates and updates the profile without any problems. Existing profiles used by existing client workstations are also fine. However, when I try to logon as an existing user to a new workstation client, the existing saved profile will not upload - the client hangs for about fifteen! minutes before loading a minimal profile. The only log file clue I have is: [2006/02/13 09:27:27, 0] lib/util_sock.c:read_data(526) read_data: read failure for 4 bytes to client 192.168.200.6. Error = Operation timed out [2006/02/13 09:27:27, 1] smbd/service.c:close_cnum(839) To summarise: === New User + New Workstation = OK New User + Existing Workstation = OK Exisitng User + Existng Workstation = OK Existing User + New Workstation= NO LOAD ??? smb.conf: # Global parameters [global] workgroup = BSDBOX netbios name = SERVER server string = BSDBox socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=16384 SO_RCVBUF=16384 hosts allow = 192.168.200., 127.0.0.1 passdb backend = tdbsam passwd program = /usr/local/bin/passchange.sh %u passwd chat = *Password* %n\n *Password* %n\n *Changed*\n unix password sync = Yes username map = /usr/local/etc/samba/smbusers log level = 1 log file = /var/log/samba/%m.log max log size = 100 printing = cups printcap name = cups logon script = netlogon.cmd logon path = \\%L\profiles\%U logon drive = Z: logon home = \\%L\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes remote announce = 192.168.200.8 time server = yes admin users = root hide unreadable = Yes create mask = 0644 add group script = /usr/local/etc/samba/smbgrpadd.sh %g delete group script = /usr/local/etc/samba/smbgrpdel.sh %g veto oplock files = /*.doc/*.xls/*.mdb/ [profiles] path = /usr/local/profiles read only = No browseable = No profile acls = yes csc policy = disable hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @ntuser @wheel create mask = 0600 directory mask = 0700 [netlogon] path = /home/netlogon write list = root browseable = No read only = Yes locking = No [homes] comment = Home Directories read only = No create mask = 0600 directory mask = 0700 browseable = No [tmp] comment = Temporary file space path = /tmp read only = No directory mask = 0775 guest ok = Yes browseable = No [backup] comment = BSDBox backup path = /usr/local/backup valid users = masonr write list = masonr [PDF] comment = PDF Spool Directory path = /var/spool/cups-pdf write list = masonr guest ok = yes [printers] comment = All Printers path = /var/spool/samba #printer admin = root, masonr guest ok = yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /usr/local/share/cups/drivers write list = root, masonr guest ok = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Accessing Samba home directories across 2 different NT/AD domains
We've begun a network migration project to migrate from an old and pretty broken NT 4.0 domain (Lots of settings are just wrong and we wanted to rename the domain at the same time) to a Windows 2003 based AD domain. One of the issues we need to resolve is that all our users' My Documents are mapped to their home share on a Samba server I've been pondering how I can easily get both domain looking at exactly the same files - can anyone suggest any way other than running two different Samba instances on the same box? And if not is there a definitive guide to how to run Samba twice? Matthew Thompson Software Developer -- Lloyd's Register - Fairplay Ltd, 3 Princess Way, Redhill, Surrey, RH1 1UP, UK Tel: +44 1737 379758 (Direct), Fax: +44 1737 379001, [EMAIL PROTECTED] Web: http://www.lrfairplay.com Registered in England No. 338580 -- The information contained in this email and any files attached to it are strictly confidential, may be legally privileged and are intended solely for the addressee. Liability cannot be accepted for statements made which are the sender's own and not made on behalf of Lloyd's Register-Fairplay Limited. If you are not the named addressee, you may not use, copy or disclose this information to any other person or take any action in reliance of this transmission. If you have received this message in error, please notify the sender or [EMAIL PROTECTED] immediately and delete the message from your system. Although this message has been subjected to virus checks utilising software developed by Sophos, Clearswift and Network Associates, no guarantee is given that it is totally virus free. http://www.lrfairplay.com/ [EMAIL PROTECTED] -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Roaming Profile won't upload to workstation that didn'tcreate it
Hi, I´ve had this problem to. put a # in front of profile acls = yes I think the behavior of this changed from 3.0.14 to 3.0.20 Von: [EMAIL PROTECTED] im Auftrag von Rob Mason Gesendet: Mo 13.02.2006 11:16 An: samba@lists.samba.org Betreff: [Samba] Roaming Profile won't upload to workstation that didn'tcreate it Hi, I believe I've had a 'hidden' roaming profiles problem with Samba for a while (I have no idea when it first manifested itself - sometime between 3.0.2 and 3.0.21a). When I create a new user, their client workstation creates and updates the profile without any problems. Existing profiles used by existing client workstations are also fine. However, when I try to logon as an existing user to a new workstation client, the existing saved profile will not upload - the client hangs for about fifteen! minutes before loading a minimal profile. The only log file clue I have is: [2006/02/13 09:27:27, 0] lib/util_sock.c:read_data(526) read_data: read failure for 4 bytes to client 192.168.200.6. Error = Operation timed out [2006/02/13 09:27:27, 1] smbd/service.c:close_cnum(839) To summarise: === New User + New Workstation = OK New User + Existing Workstation = OK Exisitng User + Existng Workstation = OK Existing User + New Workstation= NO LOAD ??? smb.conf: # Global parameters [global] workgroup = BSDBOX netbios name = SERVER server string = BSDBox socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=16384 SO_RCVBUF=16384 hosts allow = 192.168.200., 127.0.0.1 passdb backend = tdbsam passwd program = /usr/local/bin/passchange.sh %u passwd chat = *Password* %n\n *Password* %n\n *Changed*\n unix password sync = Yes username map = /usr/local/etc/samba/smbusers log level = 1 log file = /var/log/samba/%m.log max log size = 100 printing = cups printcap name = cups logon script = netlogon.cmd logon path = \\%L\profiles\%U logon drive = Z: logon home = \\%L\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes remote announce = 192.168.200.8 time server = yes admin users = root hide unreadable = Yes create mask = 0644 add group script = /usr/local/etc/samba/smbgrpadd.sh %g delete group script = /usr/local/etc/samba/smbgrpdel.sh %g veto oplock files = /*.doc/*.xls/*.mdb/ [profiles] path = /usr/local/profiles read only = No browseable = No profile acls = yes csc policy = disable hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @ntuser @wheel create mask = 0600 directory mask = 0700 [netlogon] path = /home/netlogon write list = root browseable = No read only = Yes locking = No [homes] comment = Home Directories read only = No create mask = 0600 directory mask = 0700 browseable = No [tmp] comment = Temporary file space path = /tmp read only = No directory mask = 0775 guest ok = Yes browseable = No [backup] comment = BSDBox backup path = /usr/local/backup valid users = masonr write list = masonr [PDF] comment = PDF Spool Directory path = /var/spool/cups-pdf write list = masonr guest ok = yes [printers] comment = All Printers path = /var/spool/samba #printer admin = root, masonr guest ok = yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /usr/local/share/cups/drivers write list = root, masonr guest ok = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba https://pdbvpn1.fujitsu-siemens.com/https/0/lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Roaming Profile won't upload to workstation that didn'tcreate it
Many thanks - I've made the change and the profile now loads ...but the profile will not permit changes. e.g. Recycle Bin is inaccessible, and desktop wallpapers/themes are not saveable??? Any ideas what might be causing this new problem? Oeltze, Benjamin wrote: Hi, I´ve had this problem to. put a # in front of profile acls = yes I think the behavior of this changed from 3.0.14 to 3.0.20 *Von:* [EMAIL PROTECTED] im Auftrag von Rob Mason *Gesendet:* Mo 13.02.2006 11:16 *An:* samba@lists.samba.org *Betreff:* [Samba] Roaming Profile won't upload to workstation that didn'tcreate it Hi, I believe I've had a 'hidden' roaming profiles problem with Samba for a while (I have no idea when it first manifested itself - sometime between 3.0.2 and 3.0.21a). When I create a new user, their client workstation creates and updates the profile without any problems. Existing profiles used by existing client workstations are also fine. However, when I try to logon as an existing user to a new workstation client, the existing saved profile will not upload - the client hangs for about fifteen! minutes before loading a minimal profile. The only log file clue I have is: [2006/02/13 09:27:27, 0] lib/util_sock.c:read_data(526) read_data: read failure for 4 bytes to client 192.168.200.6. Error = Operation timed out [2006/02/13 09:27:27, 1] smbd/service.c:close_cnum(839) To summarise: === New User + New Workstation = OK New User + Existing Workstation = OK Exisitng User + Existng Workstation = OK Existing User + New Workstation= NO LOAD ??? smb.conf: # Global parameters [global] workgroup = BSDBOX netbios name = SERVER server string = BSDBox socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=16384 SO_RCVBUF=16384 hosts allow = 192.168.200., 127.0.0.1 passdb backend = tdbsam passwd program = /usr/local/bin/passchange.sh %u passwd chat = *Password* %n\n *Password* %n\n *Changed*\n unix password sync = Yes username map = /usr/local/etc/samba/smbusers log level = 1 log file = /var/log/samba/%m.log max log size = 100 printing = cups printcap name = cups logon script = netlogon.cmd logon path = \\%L\profiles\%U logon drive = Z: logon home = \\%L\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes remote announce = 192.168.200.8 time server = yes admin users = root hide unreadable = Yes create mask = 0644 add group script = /usr/local/etc/samba/smbgrpadd.sh %g delete group script = /usr/local/etc/samba/smbgrpdel.sh %g veto oplock files = /*.doc/*.xls/*.mdb/ [profiles] path = /usr/local/profiles read only = No browseable = No profile acls = yes csc policy = disable hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @ntuser @wheel create mask = 0600 directory mask = 0700 [netlogon] path = /home/netlogon write list = root browseable = No read only = Yes locking = No [homes] comment = Home Directories read only = No create mask = 0600 directory mask = 0700 browseable = No [tmp] comment = Temporary file space path = /tmp read only = No directory mask = 0775 guest ok = Yes browseable = No [backup] comment = BSDBox backup path = /usr/local/backup valid users = masonr write list = masonr [PDF] comment = PDF Spool Directory path = /var/spool/cups-pdf write list = masonr guest ok = yes [printers] comment = All Printers path = /var/spool/samba #printer admin = root, masonr guest ok = yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /usr/local/share/cups/drivers write list = root, masonr guest ok = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba https://pdbvpn1.fujitsu-siemens.com/https/0/lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] New 3.0.21b-1 Samba does not respect system Groups
Hi all, I am running ii samba 3.0.21b-1 a LanManager-like file and printer server fo ii samba-common 3.0.21b-1 Samba common files used by both the server a on Debian 3.1 (Sarge) Linux 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux I have noticed that the Samba software does not recognize newly created groups with the groupadd commands. I'll demonstrate the following. I am running the Samba Server with security = user I have a share defined like this [grtest] comment = Intersight Website path = /var/www/grtest read only = no read list = @phpprogrammers valid users = @grtest force group = grtest force create mode = 0775 force directory mode = 0775 The Unix permissions for this folder is # ls -l /var/www |grep grtest drwxrwxr-x 2 root grtest48 2006-02-13 14:27 grtest The members of the group grtest are # cat /etc/group |grep grtest grtest:x:1029:administrator The group was created using the groupadd command. Now the Samba user administrator has the same password as the user administrator on the Windows 2003 Small business server I am sitting. When I try to access the [grtest] share from the Win2k3 SBS I am asked for a user name and password for which I enter sambaworkgroup\administrator and password But I am not able to connect. But if I just change the Share description to have valid users set to any group that was created earlier I can access the share with no problems. I'll demonstrate it again The group # cat /etc/group |grep maverick maverick:x:1004:administrator,mvarghese was create long back. And If I put that group in the valid users list as shown below [grtest] comment = Intersight Website path = /var/www/grtest read only = no read list = @phpprogrammers valid users = @maverick force group = grtest force create mode = 0775 force directory mode = 0775 and restart the Samba Server, I can go to the Win2k3 SBS and click on the share and I can access the share without giving a user name and password. ( Password for administrator is same on both Systems) I found that this problem is only for Groups created recently and not for groups created earlier. I find it really puzzling :-( Could Someone please explain what could have gone wrong? Thankyou so much Kind Regards Siju -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Antwort: Re: [Samba] Primary Group ID (Well-Known RIDs)
Hello Jerry, thanks for your response. Gerald (Jerry) Carter [EMAIL PROTECTED] schrieb am 11.02.2006 18:48:32: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Billerbeck wrote: Hello all, I have following situation: There are users that don't have the well-known RID 513, so groupmapping like Domain Users (S-1-5-21-domain SID part-513) - users doesn't have any effect. There are users that have the primary group RID 545, 2001 and 1201. That's somehow messy. Is there any chance to get the Domain Users into the well-known primary group rid 513? Does it then also make sense to give machines the well known group rid 515? Or is it better to change mapping by giving the rid explicitly? The primary group SID must be in the same domain as the user's SID. So you cannot specify a group from the BUILTIN domain to be the primary group. There's a lot of work going on in this area right now for the 3.0.22 release. The SIDs only differ from the RID part. So the domain part of the SID is always the same and they are in the domain. So what I was focussing on was the primary rid. If I understand you question correctly, you want to force all user's primary group SID to be S-1-5--513 regardless of the primary Unix group? No, I wouldn't say regardless of the primary Unix group. I would say regarding to what makes sense, which might be the correspondent. For example the correspondent of the Unix group 'users' might have the SID with the well-known RID 513 (just a suggestion). I remarked that there are already default values initially set, which I didn't knew firstly. There are at least these initially existing domain groups by default: Domain Users Domain Guests Domain Admins These groups are already associated to the SID with their appropriate well known RID. There is a Unix group ntadmin which I also didn't knew of firstly. (Well they are mentioned in the How-to and the Samba 3 by example but I had the impression that these groups name were just example group names. I wasn't thinking of that they already exist) But this all is a good idea (these default groups or predefined groups, the existing default group mapping and their associated well know sids) and makes things easier. You at least don't have to create these groups explicitly. Before I wasn't aware of these settings/values I had the wish to create groups in my language. Now I was wondering why the RIDs are so 'messy'. Maybe one source of failure was the use of webmin where the value on the synchronization configuration website (sync Unix groups to Samba groups) for the primary group SID or RID wasn't set (it was set to 'default'). And here I don't know which SID or RID is been taken if the vaulue is set to 'default'. Now I set it to 513 explicitly. It's pretty easy to mod the code to do this. But I seriously doubt it would be a change that will go into the samba source tree. I would say that setting things to correspondents, well known or as convention is a good idea if people can change these settings later in case they would like to use group names in their language or in case they just have another reasons. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New 3.0.21b-1 Samba does not respect system Groups
Hi, at default smb does not honor linux groups, use ldap , map your systemgroup via the net command to a smb group read the smb faqs to this Regards Siju George schrieb: Hi all, I am running ii samba 3.0.21b-1 a LanManager-like file and printer server fo ii samba-common 3.0.21b-1 Samba common files used by both the server a on Debian 3.1 (Sarge) Linux 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux I have noticed that the Samba software does not recognize newly created groups with the groupadd commands. I'll demonstrate the following. I am running the Samba Server with security = user I have a share defined like this [grtest] comment = Intersight Website path = /var/www/grtest read only = no read list = @phpprogrammers valid users = @grtest force group = grtest force create mode = 0775 force directory mode = 0775 The Unix permissions for this folder is # ls -l /var/www |grep grtest drwxrwxr-x 2 root grtest48 2006-02-13 14:27 grtest The members of the group grtest are # cat /etc/group |grep grtest grtest:x:1029:administrator The group was created using the groupadd command. Now the Samba user administrator has the same password as the user administrator on the Windows 2003 Small business server I am sitting. When I try to access the [grtest] share from the Win2k3 SBS I am asked for a user name and password for which I enter sambaworkgroup\administrator and password But I am not able to connect. But if I just change the Share description to have valid users set to any group that was created earlier I can access the share with no problems. I'll demonstrate it again The group # cat /etc/group |grep maverick maverick:x:1004:administrator,mvarghese was create long back. And If I put that group in the valid users list as shown below [grtest] comment = Intersight Website path = /var/www/grtest read only = no read list = @phpprogrammers valid users = @maverick force group = grtest force create mode = 0775 force directory mode = 0775 and restart the Samba Server, I can go to the Win2k3 SBS and click on the share and I can access the share without giving a user name and password. ( Password for administrator is same on both Systems) I found that this problem is only for Groups created recently and not for groups created earlier. I find it really puzzling :-( Could Someone please explain what could have gone wrong? Thankyou so much Kind Regards Siju -- Mit freundlichen Gruessen Best Regards Robert Schetterer robert_at_schetterer_dot_org Munich / Bavaria / Germany https://www.schetterer.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New 3.0.21b-1 Samba does not respect system Groups
On 2/13/06, Robert Schetterer [EMAIL PROTECTED] wrote: Hi, at default smb does not honor linux groups, use ldap , map your systemgroup via the net command to a smb group read the smb faqs to this Regards Thankyou so much Robert for your reply But I used to do this till now without ldap. And even now it works with groups that were created earlier Kind Regards Siju -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can't connect to shared printer
I carried out a Unix/Samba upgrade at the weekend, and upgraded Samba from 2.2.8 to 3.0.10. The server is acting as a PDC, and WINS server. Our PCs are running Windows XP Pro SP1. I didn't make any changes to the PCs. One PC has an old LaserJet4 attached to a parallel port, and it shares this printer so that four other users can print to it. This morning, no-one can print to this printer (apart from the PC it's connected to). It looks to be a password issue, or possibly some sort of SMB thing. If I try NET VIEW XPPC038 (that's the name of the PC that's sharing the printer) from another PC, it says System Error 5 has occurred - Access denied. If I type NET PRINT \\XPPC038\HPLJ4PLUS it says System Error 1326 has occurred - Logon failure unknown username or bad password. I ran NET STATISTICS SERVER on the 'serving' PC, and it says there are 634 password violations. The Guest account seems to be enabled, and I've checked the permissions on the printer share so that Everyone has print access. I've re-booted the PC, and I've stopped/enabled the printer share. I'm not sure what to do... Could it be something like WINS or Winbindd in Samba config? i.e. Is it likely to be a server-side problem, or something that's happened to the PC that's sharing the printer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New 3.0.21b-1 Samba does not respect system Groups
Siju George wrote: On 2/13/06, Robert Schetterer [EMAIL PROTECTED] wrote: Hi, at default smb does not honor linux groups, use ldap , map your systemgroup via the net command to a smb group read the smb faqs to this Regards Thankyou so much Robert for your reply But I used to do this till now without ldap. And even now it works with groups that were created earlier It's because you have them in /etc/group (and this is how it's done without LDAP). -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New 3.0.21b-1 Samba does not respect system Groups
On 2/13/06, Tomasz Chmielewski [EMAIL PROTECTED] wrote: Siju George wrote: On 2/13/06, Robert Schetterer [EMAIL PROTECTED] wrote: Hi, at default smb does not honor linux groups, use ldap , map your systemgroup via the net command to a smb group read the smb faqs to this Regards Thankyou so much Robert for your reply But I used to do this till now without ldap. And even now it works with groups that were created earlier It's because you have them in /etc/group (and this is how it's done without LDAP). Thankyou so much Tomasz for your reply. Any Idea why it is that the new groups I create donot work that way then? Kind Regards Siju -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] checking password strength issue
Hello all Using Debian sarge, samba 3.0.14a. Workstation I tested on was Win2000 pro. I have put the check password strength option in smb.conf, using the crackcheck program that I compiled (was in /usr/share/doc/samba-doc/auth/examples), which uses the cracklib library. Whenever a user must change its password, samba and crackcheck react as designed. The log entries in samba are correct, defining why the passwd was not accepted. (too short, too simplistic, etc..) The problem comes at the user end. The message the user sees is always the same, no matter what the problem with the password was. Message is: Your password must be at least 5 characters and cannot repeat any of the previous 0 passwords. Please type a different password. Type a password which meets these requirements in both text boxes Is there a way I can show the right message, or change the message to a custom one? Any help greatly appreciated. Thanks for your time. Best, fred -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question about Samba 2.2.2 and Active directory.
Hello all, I am new to the list so please bear with me. I know this has probably been asked before but I am not able to find a search function to search the lists archives. I need to know if this version of SAMBA is able to work with active directory or not. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New 3.0.21b-1 Samba does not respect system Groups
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Siju George wrote: On 2/13/06, Tomasz Chmielewski [EMAIL PROTECTED] wrote: Siju George wrote: On 2/13/06, Robert Schetterer [EMAIL PROTECTED] wrote: Hi, at default smb does not honor linux groups, use ldap , map your systemgroup via the net command to a smb group read the smb faqs to this Regards Thankyou so much Robert for your reply But I used to do this till now without ldap. And even now it works with groups that were created earlier It's because you have them in /etc/group (and this is how it's done without LDAP). Thankyou so much Tomasz for your reply. Any Idea why it is that the new groups I create donot work that way then? The token for the user is created a login time (i.e. when smbd authenticates the user). You don't say but I'm guessing you are testing with groups after the token was created. Logout from the windows client and log back in to refresh the user's token. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD8J1cIR7qMdg1EfYRAkzJAKC0JDGj9617MI1YwfB1lfjqWDbVnwCePU6r 9Lzl4X5Ma2HIujmQuMhbpuE= =KdDw -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to delete NON-EMPTY directories through a Samba share?
Hi all, I have setup a Samba server as file and print server. Everything works perfectly, I can print, I can write, delete files through Samba. But, the only thing that does not work is to delete a NON-EMPTY directory. No error message received, just don't want to delete it. As soon as I delete all files from the directory, then the directory can be deleted too. The problem is recursive for subdirectories. Just think how awful is to delete a directory with lots of subdirectories. I don't think it's a permission problem (it can't be) and I could't find any posts on this problem over the internet. Thanks for help, Sandor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba User Authentication
Installing SuSE 10 and see that there is now a Samba user authentication method. Have been using local up to now and would like more info on the Samba method. Have searched but have yet to find anything that spells out how it works. Parker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Computers changing names in DOMAIN
Hi, Is it possible to let a computer change names on the domain with a samba PDC ? The only way I have been able to is by removing it from the domain and adding it with a different name.. ?? Samba 2.2.2 Thanks Pat -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba slowdown under load.
System: AIX 5.2 ML-07, Samba 3.0.21a 3.0.21b, Workstations: Win XP Pro SP2. (OpenLDAP 2.3.11, BDB 4.3) Users are in LDAP pdb. Stand alone DC, no winbindd. This system was upgraded from 3.0.20 to 3.0.21a (and later 3.0.21b). I'm looking for a scenario where under heavy load there could be locking contention within Samba Under heavy load, context switches go through the roof and we get hardly any work done. Trussing shows a lot of locks against what appear to be tdb files. (I'm still narrowing down which ones). Now this could be an AIX problem, ML-08 was just released, but stopping smbd and restarting clears the problem for awhile (read the next day). I'm recompiling 3.0.20b and 3.0.20 to see if the problem goes away. This system is production and never showed any symptoms like this in development. The other thing is all the WS's hitting this server are SP2. We have another server with *exact* same setup and XP boxes with only SP1 hitting it and not quite the same degree of load - no problems. I'm hoping this blurb will shake loose any thoughts on changes since 3.0.20 since a log level 10 is practically impossible with the number of machines hitting it at once. I do have a PMR open with IBM and so far they've only suggested APARs for GPFS (which we're not using). Cheers, Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] libldap not found
Can anybody clue me in on why this build script is failing? checking for ldap.h... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... no checking for ldap_set_rebind_proc... no checking whether ldap_set_rebind_proc takes 3 arguments... 3 configure: error: libldap is needed for LDAP support + [ 1 != 0 ] #!/bin/ksh -x env CC=gcc \ CFLAGS=-DPAM_AUTHTOK_RECOVER_ERR=PAM_AUTHTOK_RECOVERY_ERR -DPAM_EXTERN=extern -D_LINUX_SOURCE_COMPAT \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/ssl/include -I/usr/local/openldap/include \ LDFLAGS=-L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -L/usr/local/openldap/lib -L/usr/local/ssl/lib \ ../configure --prefix=/usr/local/samba --with-shared-modules=idmap_ad,idmap_rid \ --with-ads --with-ldap --with-ldapsam --with-pam --with-krb5=/usr/local/kerberos --with-winbind \ --with-acl-support --with-utmp --with-quotas --with-sendfile-support \ --with-aio-support --enable-shared=no --enable-static=yes if [ $? != 0 ]; then echo Configure failed so exiting... exit 1 fi /usr/local/bin/gmake /usr/local/bin/gmake install if [ $? != 0 ]; then echo Build failed so exiting... exit 1 fi for i in WINBIND pam_winbind.so; do if [ -f /usr/lib/security/$i ]; then mv /usr/lib/security/$i /usr/lib/security/$i.old chmod 555 nsswitch/$i cp nsswitch/$i /usr/lib/security rm /usr/lib/security/$i.old else cp nsswitch/$i /usr/lib/security fi done David Shapiro Unix Team Lead 919-765-2011 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] libldap not found
I believe samba is looking for the libldap shared library. Are you able to find that on your system? Also, check the config.log to find out more detailed information about the error output. -Rob -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Shapiro Sent: Monday, February 13, 2006 1:01 PM To: samba@lists.samba.org Subject: [Samba] libldap not found Can anybody clue me in on why this build script is failing? checking for ldap.h... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... no checking for ldap_set_rebind_proc... no checking whether ldap_set_rebind_proc takes 3 arguments... 3 configure: error: libldap is needed for LDAP support + [ 1 != 0 ] #!/bin/ksh -x env CC=gcc \ CFLAGS=-DPAM_AUTHTOK_RECOVER_ERR=PAM_AUTHTOK_RECOVERY_ERR -DPAM_EXTERN=extern -D_LINUX_SOURCE_COMPAT \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/ssl/include -I/usr/local/openldap/include \ LDFLAGS=-L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -L/usr/local/openldap/lib -L/usr/local/ssl/lib \ ../configure --prefix=/usr/local/samba --with-shared-modules=idmap_ad,idmap_rid \ --with-ads --with-ldap --with-ldapsam --with-pam --with-krb5=/usr/local/kerberos --with-winbind \ --with-acl-support --with-utmp --with-quotas --with-sendfile-support \ --with-aio-support --enable-shared=no --enable-static=yes if [ $? != 0 ]; then echo Configure failed so exiting... exit 1 fi /usr/local/bin/gmake /usr/local/bin/gmake install if [ $? != 0 ]; then echo Build failed so exiting... exit 1 fi for i in WINBIND pam_winbind.so; do if [ -f /usr/lib/security/$i ]; then mv /usr/lib/security/$i /usr/lib/security/$i.old chmod 555 nsswitch/$i cp nsswitch/$i /usr/lib/security rm /usr/lib/security/$i.old else cp nsswitch/$i /usr/lib/security fi done David Shapiro Unix Team Lead 919-765-2011 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] libldap not found
It sounds like it can not find your libldap library in any of the paths you specified. Do you have a locate program such that you could try locate libldap and see if/where it shows up? David Shapiro wrote: Can anybody clue me in on why this build script is failing? checking for ldap.h... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... no checking for ldap_set_rebind_proc... no checking whether ldap_set_rebind_proc takes 3 arguments... 3 configure: error: libldap is needed for LDAP support + [ 1 != 0 ] #!/bin/ksh -x env CC=gcc \ CFLAGS=-DPAM_AUTHTOK_RECOVER_ERR=PAM_AUTHTOK_RECOVERY_ERR -DPAM_EXTERN=extern -D_LINUX_SOURCE_COMPAT \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/ssl/include -I/usr/local/openldap/include \ LDFLAGS=-L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -L/usr/local/openldap/lib -L/usr/local/ssl/lib \ ../configure --prefix=/usr/local/samba --with-shared-modules=idmap_ad,idmap_rid \ --with-ads --with-ldap --with-ldapsam --with-pam --with-krb5=/usr/local/kerberos --with-winbind \ --with-acl-support --with-utmp --with-quotas --with-sendfile-support \ --with-aio-support --enable-shared=no --enable-static=yes if [ $? != 0 ]; then echo Configure failed so exiting... exit 1 fi /usr/local/bin/gmake /usr/local/bin/gmake install if [ $? != 0 ]; then echo Build failed so exiting... exit 1 fi for i in WINBIND pam_winbind.so; do if [ -f /usr/lib/security/$i ]; then mv /usr/lib/security/$i /usr/lib/security/$i.old chmod 555 nsswitch/$i cp nsswitch/$i /usr/lib/security rm /usr/lib/security/$i.old else cp nsswitch/$i /usr/lib/security fi done David Shapiro Unix Team Lead 919-765-2011 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] libldap not found
Why does it need a shared library? Can't it use static? David I see in /usr/local/openldap/lib: drwxr-sr-x 10 root system 512 Feb 7 15:22 .. -rw-r--r-- 1 root system 293847 Feb 8 14:58 liblber-2.3.a lrwxrwxrwx 1 root system 13 Feb 12 23:01 liblber.a - liblber-2.3.a -rw-r--r-- 1 root system 868 Feb 8 14:58 liblber.la -rw-r--r-- 1 root system 3909639 Feb 8 14:58 libldap-2.3.a lrwxrwxrwx 1 root system 13 Feb 12 23:01 libldap.a - libldap-2.3.a -rw-r--r-- 1 root system 952 Feb 8 14:58 libldap.la -rw-r--r-- 1 root system 4247339 Feb 8 14:58 libldap_r-2.3.a lrwxrwxrwx 1 root system 15 Feb 12 23:01 libldap_r.a - libldap_r-2.3.a -rw-r--r-- 1 root system 962 Feb 8 14:58 libldap_r.la openldap was buildt with: env CC=gcc -D_LINUX_SOURCE_COMPAT -D_THREAD_SAFE \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/cyrus-sasl/include -I/usr/local/ssl/include \ LDFLAGS=-L/usr/local/ssl/lib -L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -lpthread \ ../configure --enable-dynamic --enable-spasswd \ --enable-bdb --enable-crypt --enable-slapd --enable-slurpd \ --with-cyrus-sasl=yes --with-tls=openssl --enable-rlookups \ --with-threads=posix --prefix=/usr/local/openldap \ --enable-shared=no --enable-static=yes \ --with-ssl=/usr/local/ssl --with-tls gmake depend gmake gmake install David Shapiro Unix Team Lead 919-765-2011 Dan [EMAIL PROTECTED] 2/13/2006 1:12 PM It sounds like it can not find your libldap library in any of the paths you specified. Do you have a locate program such that you could try locate libldap and see if/where it shows up? David Shapiro wrote: Can anybody clue me in on why this build script is failing? checking for ldap.h... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... no checking for ldap_set_rebind_proc... no checking whether ldap_set_rebind_proc takes 3 arguments... 3 configure: error: libldap is needed for LDAP support + [ 1 != 0 ] #!/bin/ksh -x env CC=gcc \ CFLAGS=-DPAM_AUTHTOK_RECOVER_ERR=PAM_AUTHTOK_RECOVERY_ERR -DPAM_EXTERN=extern -D_LINUX_SOURCE_COMPAT \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/ssl/include -I/usr/local/openldap/include \ LDFLAGS=-L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -L/usr/local/openldap/lib -L/usr/local/ssl/lib \ ../configure --prefix=/usr/local/samba --with-shared-modules=idmap_ad,idmap_rid \ --with-ads --with-ldap --with-ldapsam --with-pam --with-krb5=/usr/local/kerberos --with-winbind \ --with-acl-support --with-utmp --with-quotas --with-sendfile-support \ --with-aio-support --enable-shared=no --enable-static=yes if [ $? != 0 ]; then echo Configure failed so exiting... exit 1 fi /usr/local/bin/gmake /usr/local/bin/gmake install if [ $? != 0 ]; then echo Build failed so exiting... exit 1 fi for i in WINBIND pam_winbind.so; do if [ -f /usr/lib/security/$i ]; then mv /usr/lib/security/$i /usr/lib/security/$i.old chmod 555 nsswitch/$i cp nsswitch/$i /usr/lib/security rm /usr/lib/security/$i.old else cp nsswitch/$i /usr/lib/security fi done David Shapiro Unix Team Lead 919-765-2011 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] lilesystem size limit samba on 64bit 2.6 kernel vs. clients win2k/winxp ?
I had an incredibly hard time finding any documentation on filesystem size limits for samba on 64bit linux with 2.6 kernel exporting to 32bit windows 2003 and windows-xp by googling. The closest I could get to was that cifs filesystem size correlates to ntfs filesystem size and therefore there would be a 64TB limit. Are there additional limits within the software stack that I should be aware of? We are considering exporting a 40TB xfs filesystem striped over 20 2TB luns on a fibre channel SAN via LVM2 on SLES9-SP3, and will be falling back to 16TB filesystems if necessary. Anything below that would be cumbersome because of the amount of mountpoints. Can the 32bit windows clients keep up with that size as long as the files on the filesystem are not larger than 4GB? Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba User Authentication
Installing SuSE 10 and see that there is now a Samba user authentication method. Have been using local up to now and would like more info on the Samba method. Have searched but have yet to find anything that spells out how it works. Parker Graham -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] recycle bin
Want to implement recycle bin for samba 3.0.14a under aix and solaris 2.8. What are the steps required. Went through some docs but did not help. 1. Do i need to compile samba with VFS module then how ? configure --with-vfs or what ? 2. Example of how smb.conf should look like. Thanks _ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] libldap not found
David Shapiro wrote: Why does it need a shared library? Can't it use static? David I see in /usr/local/openldap/lib: drwxr-sr-x 10 root system 512 Feb 7 15:22 .. -rw-r--r-- 1 root system 293847 Feb 8 14:58 liblber-2.3.a lrwxrwxrwx 1 root system 13 Feb 12 23:01 liblber.a - liblber-2.3.a -rw-r--r-- 1 root system 868 Feb 8 14:58 liblber.la -rw-r--r-- 1 root system 3909639 Feb 8 14:58 libldap-2.3.a lrwxrwxrwx 1 root system 13 Feb 12 23:01 libldap.a - libldap-2.3.a -rw-r--r-- 1 root system 952 Feb 8 14:58 libldap.la -rw-r--r-- 1 root system 4247339 Feb 8 14:58 libldap_r-2.3.a lrwxrwxrwx 1 root system 15 Feb 12 23:01 libldap_r.a - libldap_r-2.3.a -rw-r--r-- 1 root system 962 Feb 8 14:58 libldap_r.la openldap was buildt with: env CC=gcc -D_LINUX_SOURCE_COMPAT -D_THREAD_SAFE \ CPPFLAGS=-I/usr/local/bdb/include -I/usr/local/cyrus-sasl/include -I/usr/local/ssl/include \ LDFLAGS=-L/usr/local/ssl/lib -L/usr/local/bdb/lib -L/usr/local/cyrus-sasl/lib -lpthread \ try adding -L/usr/local/openldap/lib Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba not listening on 127.0.0.1... hua???
rantEvery time I set up a new test Samba server, the step to net rpc rights grant... ALWAYS fights me tooth and nail... ALWAYS with a different error message. I've even created little scripts to run so I am not typing commands incorrectly... but NNNOO, the script to grand rights to one stink'n account always has to complain!/rant OK, this time it is... Could not connect to server 127.0.0.1 HUA?!?!? ldslnx03:/var/log/samba# netstat -taupen | grep mbd tcp0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 4786 3973/smbd tcp0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 4785 3973/smbd udp0 0 10.10.10.14:137 0.0.0.0:* 0 4767 3970/nmbd udp0 0 0.0.0.0:137 0.0.0.0:* 0 4764 3970/nmbd udp0 0 10.10.10.14:138 0.0.0.0:* 0 4768 3970/nmbd udp0 0 0.0.0.0:138 0.0.0.0:* 0 4765 3970/nmbd This is on a 10.10.10.xx Class C network. Am I missing something obvious? Is it REALLY dinner time? I have a stock smb.conf file, change the server / workgroup name, that's it. Running on Debian Sarge. Simo's deb packages from samba.org, trying 3.0.21b packages this time. Backed down to 3.0.21a just to make sure it was not a new bug in the (b) version. Running 3.0.21a on all of the other servers. TIA! -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba not listening on 127.0.0.1... hua???
Someone asked what interfaces I have configured on this box... ldslnx03:/var/log/samba# ifconfig eth0 Link encap:Ethernet HWaddr 00:00:86:5A:42:5C inet addr:10.10.10.14 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::200:86ff:fe5a:425c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6944 errors:0 dropped:0 overruns:0 frame:0 TX packets:7175 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5282606 (5.0 MiB) TX bytes:790309 (771.7 KiB) Interrupt:11 Base address:0x4800 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:980 errors:0 dropped:0 overruns:0 frame:0 TX packets:980 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:81788 (79.8 KiB) TX bytes:81788 (79.8 KiB) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] lilesystem size limit samba on 64bit 2.6 kernel vs. clients win2k/winxp ?
On 2/14/06, Michael Will [EMAIL PROTECTED] wrote: I had an incredibly hard time finding any documentation on filesystem size limits for samba on 64bit linux with 2.6 kernel exporting to 32bit windows 2003 and windows-xp by googling. The closest I could get to was that cifs filesystem size correlates to ntfs filesystem size and therefore there would be a 64TB limit. Are there additional limits within the software stack that I should be aware of? Possibly. I've exported a virtual 1PB filesystem to windows clients and they appeared to handle it ok. We are considering exporting a 40TB xfs filesystem striped over 20 2TB luns on a fibre channel SAN via LVM2 on SLES9-SP3, and will be falling back to 16TB filesystems if necessary. Anything below that would be cumbersome because of the amount of mountpoints. XFS will handle this just fine. Be aware that xfs_repair may take a fair amount of time and memory on very large filesystems. IIRC there was some scaling work done recently, but I'm not sure if it made SP3. Can the 32bit windows clients keep up with that size as long as the files on the filesystem are not larger than 4GB? I've never seen modern windows clients have problems with large files of filesystems. I don't expect you will have problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba not listening on 127.0.0.1... hua???
Next I am going to tell dselect to purge (yes deb PURGE) the whole bloody thing away and go back to 3.0.21a... get a load of this... [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: [2006/02/13 21:13:15, 0] lib/util_sock.c:read_socket_with_timeout(492) read_socket_with_timeout: timeout read. read error = Connection reset by peer. Could not connect to server 127.0.0.1 [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: [2006/02/13 21:13:19, 0] lib/util_sock.c:read_socket_with_timeout(492) read_socket_with_timeout: timeout read. read error = Connection reset by peer. Could not connect to server 127.0.0.1 [EMAIL PROTECTED]:/srv/samba$ su Password: ldslnx03:/srv/samba# /etc/init.d/samba restart Stopping Samba daemons: nmbd smbd. Starting Samba daemons: nmbd smbd. ldslnx03:/srv/samba# exit exit [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: Failed to grant privileges for LDS-DEMO\ldsinst (NT_STATUS_ACCESS_DENIED) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba not listening on 127.0.0.1... hua???
Idunnaknow Think I am going to start over on my documentation / procedure on how to set up a Samba 3 PDC. This go around I was forced to smbpasswd -a root and have root be the user running the net command (-user=root) NEVER had to go to that extreme before. We do not ever have root listed in our smbpasswd file. Always rely on a group mapping back to a group in /etc/group to promote/demote Samba PDC admins. Then use the new net rpc stuff to allow a special account to join workstations to the domain... granting that is what always fights. Duct tape solution for this test / demo box (I hope, find out as I put it through its paces.) I don't see why the initial boot strap of setting up security on a fresh install has to be such a pain, and so different each time I build a box from the same Debian Sarge CD, install the latest Samba (that being THE variable), and run through the docs / scripts I have saved / prepared. Seems to me the results would be more consistent. l8r! -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem cooperating with Windows and AD
Hi, I'm having a problem getting my Windows machines to access shares in Samba. When they browse to the Samba box it sometimes gives them an error saying that they don't have permission or that the server is unavailable. However this doesn't always happen and other times it lists the shares. When I try to access the shares it just prompts for the username/password over and over. I've tried Google and browsing around the Samba doc and have spent hours and hours trying to fix this. I'm at my wits end. Can anyone help? I'm running Fedora Core 3 on the Samba server and upgraded Samba to 3.0.21b. Before I upgraded it was working most of the time; however, not all the time, and there was an error in one of the logs. I researched the error and found that it was resolved in a newer version of Samba, so I upgraded. I'm running Windows Server 2003 SP1 using Active Directory for domain authentication and running Samba in ADS security mode. All Windows clients run XP Pro SP2. I'm using Webmin for remote administration, but I also just login to the machine at times. I do use Webmin to join the domain though. Here are some of my configuration files: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2006/02/11 21:49:19 [global] workgroup = CHU realm = CHU.PARADISENT.COM netbios aliases = Zeus, zeus server string = Samba Server security = ADS client schannel = Yes server schannel = Yes null passwords = Yes password server = paradise.paradisent.com log file = /usr/local/samba/var/%m.log max log size = 50 client signing = Yes server signing = Yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No preferred master = No local master = No domain master = No dns proxy = No ldap ssl = no preload = shared website socket address = 192.168.0.20 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/tcsh winbind separator = | cups options = raw [shared] comment = Shared Folder path = /shared valid users = CHU|administrator, CHU|annie, CHU|jacob, @CHU|Household read only = No [jacob] comment = Jacob's Home Dir path = /home/jacob valid users = CHU|jacob read only = No [root] comment = Root's Home Dir path = /root valid users = CHU|administrator, CHU|annie, CHU|jacob, @BUILTIN|Administrators, @CHU|Domain Admins, @CHU|Enterprise Admins read only = No [annie] comment = Annie's Home Dir path = /home/annie valid users = CHU|annie read only = No [website] comment = Main Website path = /var/www/html valid users = CHU|administrator, CHU|annie, CHU|jacob, @CHU|Household read only = No # # /etc/nsswitch.conf # passwd: files winbind shadow: files group:files winbind #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc:nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: files publickey: nisplus automount: files aliases:files nisplus #krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = CHU.PARADISENT.COM dns_lookup_realm = false dns_lookup_kdc = false [realms] CHU.PARADISENT.COM = { kdc = paradise.paradisent.com admin_server = paradise.paradisent.com default_domain = chu.paradisent.com } [domain_realm] .example.com = CHU.PARADISENT.COM example.com = CHU.PARADISENT.COM [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } Here are some items of interest from the logs: 192.168.0.5.log (similar errors in other logs) [2006/02/11 21:06:59, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /usr/local/samba/var/paradise.log: Permission denied [2006/02/11 21:07:00, 1] smbd/sesssetup.c:reply_spnego_kerberos(286) Username CHU|PARADISE$ is invalid on this system [2006/02/11 21:07:00, 1] smbd/sesssetup.c:reply_spnego_kerberos(286) Username CHU|PARADISE$ is invalid on this system [2006/02/11 21:07:01, 1] smbd/sesssetup.c:reply_spnego_kerberos(286) Username
[Samba] Winbind problem w/ ADS domain local group and other-domain members
This one is probably going off into the esoteric side of things, but Samba/winbind doesn't seem to be working quite as expected in one particular area -- domain local groups having members from other trusted domains. I've searched extensively (google and elsewhere...), and have found little/no mention of this particular problem: domain local group members from other trusted domains are not showing up in group lists as enumerated via winbind. Yet group members from the same domain as the domain local group are enumerated/listed properly. In a rather complex ADS arrangement (described below), I have several RHEL4 systems with Samba/Winbind installed and configured. Everything appears to be working properly thus far: users groups from the default domain are properly enumerated and resource permissions are mapping correctly. Users and groups from 2-way trusted domains are also enumerated. (This was evaluated with wbinfo -u|g getent passwd|group.) The domain structure relationships are a bit hairy though, and need to be spelled out: Three independent ADS domains in separate forests:A,B,C A B have an established 2-way trust. A has a 1-way trust: trusting C There is also a single NT4 domain: Z A Z have an established 2-way trust. For simplicity, we will only deal with A B here. The RHEL4 systems are member servers in domain A. This is tested under Samba versions 3.0.10-1.4E2 3.0.21b-3. I can see groups from domain B just fine in the output, and their membership of users from domain B -- these should be the global|universal groups from domain B. Also, both A\g-wiz and B\j-bogus show up properly in output from: wbinfo -u getent passwd The PROBLEM: There are domain local groups defined in A that have members from these other domains. (E.g. domain local group A\dl_grp is defined on the Win2K3 DCs as consisting of two users: A\g-wiz and B\j-bogus.) On the linux systems, the command: getent group shows a group membership for A\dl_grp of only one user: A\g-wiz. Now, when I run the command: net rpc group members dl_grp -S A -U:A\\admin%passwd I receive the full and proper list of users: A\g-wiz B\j-bogus Furthermore, testing user account group membership: net ads user info g-wiz -S A -U:admin%passwd yields the single response: dl_grp net ads user info A\\g-wiz -S A -U:admin%passwd yields an empty list. net ads user info B\\j-bogus -S A -U:admin%passwd yields an empty list. Now, to get more interesting: net rpc user info g-wiz -S A -U:admin%passwd yields the more complete response: dl_grp Domain Users **NOTE the difference between ads rpc methods...** As above with ads, both of the following commands: net rpc user info A\\g-wiz -S A -U:admin%passwd net rpc user info B\\j-bogus -S A -U:admin%passwd ... still yield an empty list. When I test group membership from a Windows-based member server, we get the proper list of both A\g-wiz B\j-bogus. I have tested these scenarios under both versions of Samba mentioned above, as well as with the option winbind use default domain both yes no. I've tested independently with the winbind separator set to \\ and to /. Results were identical under all variations tested. My suspicion is that winbind is somehow limiting its enumeration of group membership to users from the same domain to which the group belongs.I believe this to be incorrect behavior, given that a windows server reports the full list, and that at least one command on the linux system can properly obtain the full list from the W2K3 DCs. (That said, I remain open to the thought that it might be a misconfiguration on my part - despite the apparent normal operation of all other aspects on the linux/samba system.) I am more than willing to work in- or out-of-band to try to narrow down the problem/answer questions/test patches/etc. smb.conf (testparm output) follows: [global] workgroup = ACES realm = COLLEGE.ACESNET.UIUC.EDU netbios name = X-ACES-LBE-2 server string = %L (Samba v%v) security = ADS password server = college.acesnet.uiuc.edu username map = /etc/samba/smbusers log file = /var/log/samba/%m.log max log size = 50 name resolve order = host lmhosts wins bcast deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = No dns proxy = No wins server = 128.###.#.#0, 128.###.#.#1 idmap uid = 1-1 idmap gid = 1-1 template homedir = /home/gaol winbind separator = \ winbind
Re: [Samba] how to set valid allowed workstation logins
On Sunday 12 February 2006 13:36, Chris wrote: I'm having trouble setting the Workstations value on a tdbsam backend using pdbedit. I can't seem to find the correct syntax to accomplish this. I have always used the NT4 Domain User Manager to configure the allowed workstation setting. The pdbedit utility does not permit setting this constraint. I found some references in an older version of the HOWTO where there existed Chapter 10. Account Information Databases. This whole chapter is missing from the current HOWTO even though it is referenced in the newest version (a link in chapter 33 under Passdb Backends and Authentication). In fact, it seems that there is very little information on pdbedit and these backends in the version I'm now viewing. Thanks for pointing me to this breakage. I just fixed it in SVN. Expect the next update of the Samba3-HOWTO to again include this documentation. Also, virtually every link in the HOWTO points to the TOC instead of directly to the section in question. Is this by design? Nope. It has been fixed. In the version where there exists an Account Information Databases chapter there is this example: === The following is an example of the user account information that is stored in a tdbsam password backend. This listing was produced by running: $ pdbedit -Lv met UNIX username:met NT username: Account Flags:[UX ] User SID: S-1-5-21-1449123459-1407424037-3116680435-2004 Primary Group SID:S-1-5-21-1449123459-1407424037-3116680435-1201 Full Name:Melissa E Terpstra Home Directory: \\frodo\met\Win9Profile HomeDir Drive:H: Logon Script: scripts\logon.bat Profile Path: \\frodo\Profiles\met Domain: MIDEARTH Account desc: Workstations: melbelle Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 20:14:07 GMT Kickoff time: Mon, 18 Jan 2038 20:14:07 GMT Password last set:Sat, 14 Dec 2002 14:37:03 GMT Password can change: Sat, 14 Dec 2002 14:37:03 GMT Password must change: Mon, 18 Jan 2038 20:14:07 GMT === Which clearly shows a non-null Workstations value in a tdbsam backend. But there is no specific pdbedit syntax provided for changing it, nor does the man page make it clear. Assistance appreciated. Chris - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] vfs audit logs
Dear all I have samba 3.0.21 with openldap , i have created a share for which i have enabled vfs objects. i have given the following in the share [myshare] comment = my project path = /project writeable = yes printable = no force create mode = 0660 force directory mode = 0770 inherit permissions = yes vfs objects = audit and in global section of smb.conf i have give the following log level = 2 vfs:1 log file = /usr/local/samba/var/%U.%m.log syslog = 0 but still i get the vfs audit in syslog ie in /var/log/messages i would like to get the audit in logfile = /usr/local/samba/var/%U.%m.log please guide me Regards Niranajn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] usrmgr not functioning
I'd really appreciate any ideas on this problem that I've been working on for a few days now. Any hints on how I can diagnose or resolve the problem please. Whenever I try to run the User Manager (usrmgr.exe) on a Windows machine (usually as root) it brings up the domain users, but selecting any name I get the error: The device attached to the system is not functioning My searches have not revealed a similar problem and I've checked the configuration against all the documentation I can find. So I think I must be doing something obviously wrong, but just can't see it. The following is my config file. I also captured a trace with ethereal, which did not reveal much, but then I'm not all that familiar with Samba protocols. The only odd thing that appears in the trace is a SamrQueryInformationUserhas a null response in the profile field. $ cat smb.conf # Global parameters [global] workgroup = NA3R1 netbios name = FEDORA passdb backend = tdbsam enable privileges = Yes passwd program = /usr/bin/passwd %u username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/%m.log max log size = 50 add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u' logon script = logon.cmd logon path = \\%L\profiles\%U logon drive = h: logon home = \\%L\%U domain logons = Yes admin users = root, @domadm [homes] comment = Home Directories read only = No browseable = No [netlogon] path = /usr/local/samba/lib/netlogon write list = ntadmin read only = No guest ok = Yes locking = No [profiles] path = /usr/local/samba/ntprofile read only = No create mask = 0600 directory mask = 0700 profile acls = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [windows] path = /windows force group = windows read only = No create mask = 0775 directory mask = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba not listening on 127.0.0.1... hua???
1) Do you have the user pianoman in your passdb? 2) Is pianoman a member of the Domain Admins group? On P , 2006-02-13 at 21:13 -0500, Michael Lueck wrote: Next I am going to tell dselect to purge (yes deb PURGE) the whole bloody thing away and go back to 3.0.21a... get a load of this... [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: [2006/02/13 21:13:15, 0] lib/util_sock.c:read_socket_with_timeout(492) read_socket_with_timeout: timeout read. read error = Connection reset by peer. Could not connect to server 127.0.0.1 [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: [2006/02/13 21:13:19, 0] lib/util_sock.c:read_socket_with_timeout(492) read_socket_with_timeout: timeout read. read error = Connection reset by peer. Could not connect to server 127.0.0.1 [EMAIL PROTECTED]:/srv/samba$ su Password: ldslnx03:/srv/samba# /etc/init.d/samba restart Stopping Samba daemons: nmbd smbd. Starting Samba daemons: nmbd smbd. ldslnx03:/srv/samba# exit exit [EMAIL PROTECTED]:/srv/samba$ ./initLDSInst.sh Password: Failed to grant privileges for LDS-DEMO\ldsinst (NT_STATUS_ACCESS_DENIED) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] usrmgr not functioning
Hi, we had this rroblem because of a wrong setting in the user. The primary group was set to 0. So samba could not find the primary group. Try to chek your users for wrong entries. Von: [EMAIL PROTECTED] im Auftrag von Chris S Gesendet: Di 14.02.2006 06:34 An: samba@lists.samba.org Betreff: [Samba] usrmgr not functioning I'd really appreciate any ideas on this problem that I've been working on for a few days now. Any hints on how I can diagnose or resolve the problem please. Whenever I try to run the User Manager (usrmgr.exe) on a Windows machine (usually as root) it brings up the domain users, but selecting any name I get the error: The device attached to the system is not functioning My searches have not revealed a similar problem and I've checked the configuration against all the documentation I can find. So I think I must be doing something obviously wrong, but just can't see it. The following is my config file. I also captured a trace with ethereal, which did not reveal much, but then I'm not all that familiar with Samba protocols. The only odd thing that appears in the trace is a SamrQueryInformationUserhas a null response in the profile field. $ cat smb.conf # Global parameters [global] workgroup = NA3R1 netbios name = FEDORA passdb backend = tdbsam enable privileges = Yes passwd program = /usr/bin/passwd %u username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/%m.log max log size = 50 add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u' logon script = logon.cmd logon path = \\%L\profiles\%U logon drive = h: logon home = \\%L\%U domain logons = Yes admin users = root, @domadm [homes] comment = Home Directories read only = No browseable = No [netlogon] path = /usr/local/samba/lib/netlogon write list = ntadmin read only = No guest ok = Yes locking = No [profiles] path = /usr/local/samba/ntprofile read only = No create mask = 0600 directory mask = 0700 profile acls = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [windows] path = /windows force group = windows read only = No create mask = 0775 directory mask = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba https://pdbvpn1.fujitsu-siemens.com/https/0/lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r13487 - in trunk/source: auth groupdb include passdb rpc_server
Author: vlendec Date: 2006-02-13 09:45:23 + (Mon, 13 Feb 2006) New Revision: 13487 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13487 Log: Push group membership handling through passdb. Two reasons: Make srv_samr_nt.c as slim as possible to ease importing auto-generated stuff. Make it possible that ldapsam can live without the idealx scripts. Volker Modified: trunk/source/auth/auth_util.c trunk/source/groupdb/mapping.c trunk/source/include/passdb.h trunk/source/passdb/pdb_interface.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (664 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13487
svn commit: samba r13488 - in trunk/source/libsmb: .
Author: jra Date: 2006-02-13 13:25:34 + (Mon, 13 Feb 2006) New Revision: 13488 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13488 Log: Fix #3496 from [EMAIL PROTECTED] Variable set but never used. Jeremy. Modified: trunk/source/libsmb/ntlmssp_sign.c Changeset: Modified: trunk/source/libsmb/ntlmssp_sign.c === --- trunk/source/libsmb/ntlmssp_sign.c 2006-02-13 09:45:23 UTC (rev 13487) +++ trunk/source/libsmb/ntlmssp_sign.c 2006-02-13 13:25:34 UTC (rev 13488) @@ -236,8 +236,6 @@ uchar *whole_pdu, size_t pdu_length, DATA_BLOB *sig) { - NTSTATUS nt_status; - if (!(ntlmssp_state-neg_flags NTLMSSP_NEGOTIATE_SEAL)) { DEBUG(3, (NTLMSSP Sealing not negotiated - cannot seal packet!\n)); return NT_STATUS_INVALID_PARAMETER; @@ -254,10 +252,14 @@ /* The order of these two operations matters - we must first seal the packet, then seal the sequence number - this is becouse the send_seal_hash is not constant, but is is rather updated with each iteration */ - nt_status = ntlmssp_make_packet_signature(ntlmssp_state, + NTSTATUS nt_status = ntlmssp_make_packet_signature(ntlmssp_state, data, length, whole_pdu, pdu_length, NTLMSSP_SEND, sig, False); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + smb_arc4_crypt(ntlmssp_state-send_seal_arc4_state, data, length); if (ntlmssp_state-neg_flags NTLMSSP_NEGOTIATE_KEY_EXCH) { smb_arc4_crypt(ntlmssp_state-send_seal_arc4_state, sig-data+4, 8); @@ -283,8 +285,6 @@ smb_arc4_crypt(ntlmssp_state-ntlmv1_arc4_state, sig-data+4, sig-length-4); ntlmssp_state-ntlmv1_seq_num++; - - nt_status = NT_STATUS_OK; } dump_data_pw(ntlmssp signature\n, sig-data, sig-length); dump_data_pw(ntlmssp sealed data\n, data, length);
svn commit: samba r13489 - in branches/SAMBA_3_0/source/libsmb: .
Author: jra Date: 2006-02-13 13:25:36 + (Mon, 13 Feb 2006) New Revision: 13489 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13489 Log: Fix #3496 from [EMAIL PROTECTED] Variable set but never used. Jeremy. Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp_sign.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp_sign.c === --- branches/SAMBA_3_0/source/libsmb/ntlmssp_sign.c 2006-02-13 13:25:34 UTC (rev 13488) +++ branches/SAMBA_3_0/source/libsmb/ntlmssp_sign.c 2006-02-13 13:25:36 UTC (rev 13489) @@ -236,8 +236,6 @@ uchar *whole_pdu, size_t pdu_length, DATA_BLOB *sig) { - NTSTATUS nt_status; - if (!(ntlmssp_state-neg_flags NTLMSSP_NEGOTIATE_SEAL)) { DEBUG(3, (NTLMSSP Sealing not negotiated - cannot seal packet!\n)); return NT_STATUS_INVALID_PARAMETER; @@ -254,10 +252,14 @@ /* The order of these two operations matters - we must first seal the packet, then seal the sequence number - this is becouse the send_seal_hash is not constant, but is is rather updated with each iteration */ - nt_status = ntlmssp_make_packet_signature(ntlmssp_state, + NTSTATUS nt_status = ntlmssp_make_packet_signature(ntlmssp_state, data, length, whole_pdu, pdu_length, NTLMSSP_SEND, sig, False); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + smb_arc4_crypt(ntlmssp_state-send_seal_arc4_state, data, length); if (ntlmssp_state-neg_flags NTLMSSP_NEGOTIATE_KEY_EXCH) { smb_arc4_crypt(ntlmssp_state-send_seal_arc4_state, sig-data+4, 8); @@ -283,8 +285,6 @@ smb_arc4_crypt(ntlmssp_state-ntlmv1_arc4_state, sig-data+4, sig-length-4); ntlmssp_state-ntlmv1_seq_num++; - - nt_status = NT_STATUS_OK; } dump_data_pw(ntlmssp signature\n, sig-data, sig-length); dump_data_pw(ntlmssp sealed data\n, data, length);
svn commit: samba r13490 - in trunk/source/libmsrpc: .
Author: jra Date: 2006-02-13 13:36:20 + (Mon, 13 Feb 2006) New Revision: 13490 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13490 Log: Fix bug # 3498 from [EMAIL PROTECTED] Unsigned comparison with 0. Jeremy. Modified: trunk/source/libmsrpc/cac_samr.c Changeset: Modified: trunk/source/libmsrpc/cac_samr.c === --- trunk/source/libmsrpc/cac_samr.c2006-02-13 13:25:36 UTC (rev 13489) +++ trunk/source/libmsrpc/cac_samr.c2006-02-13 13:36:20 UTC (rev 13490) @@ -891,7 +891,7 @@ int result = CAC_SUCCESS; - uint32 i = 0; + int i = 0; uint32 num_mem = 0; uint32 *rid= NULL; @@ -1389,7 +1389,7 @@ int result = CAC_SUCCESS; - uint32 i = 0; + int i = 0; uint32 num_mem = 0; DOM_SID *sid = NULL;
svn commit: samba r13491 - in branches/SAMBA_3_0/source/libmsrpc: .
Author: jra Date: 2006-02-13 13:36:22 + (Mon, 13 Feb 2006) New Revision: 13491 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13491 Log: Fix bug # 3498 from [EMAIL PROTECTED] Unsigned comparison with 0. Jeremy. Modified: branches/SAMBA_3_0/source/libmsrpc/cac_samr.c Changeset: Modified: branches/SAMBA_3_0/source/libmsrpc/cac_samr.c === --- branches/SAMBA_3_0/source/libmsrpc/cac_samr.c 2006-02-13 13:36:20 UTC (rev 13490) +++ branches/SAMBA_3_0/source/libmsrpc/cac_samr.c 2006-02-13 13:36:22 UTC (rev 13491) @@ -891,7 +891,7 @@ int result = CAC_SUCCESS; - uint32 i = 0; + int i = 0; uint32 num_mem = 0; uint32 *rid= NULL; @@ -1389,7 +1389,7 @@ int result = CAC_SUCCESS; - uint32 i = 0; + int i = 0; uint32 num_mem = 0; DOM_SID *sid = NULL;
svn commit: samba r13492 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: gd Date: 2006-02-13 15:12:22 + (Mon, 13 Feb 2006) New Revision: 13492 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13492 Log: As noone objected on the mailing-list: Fix parse_domain_user to fail when splitting a full name like DOM\user when winbind use default domain and winbind trusted domains only are not enabled. This allows pam_winbind to behave correctly when more modules are stacked in the account or password PAM facility. pam_winbindd calls WINBINDD_GETPWNAM which can decide whether or not a user is a winbind user and return correct PAM error codes. Guenther Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0/source/nsswitch/winbindd_group.c branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c branches/SAMBA_3_0/source/nsswitch/winbindd_user.c branches/SAMBA_3_0/source/nsswitch/winbindd_util.c trunk/source/nsswitch/pam_winbind.c trunk/source/nsswitch/winbindd_group.c trunk/source/nsswitch/winbindd_pam.c trunk/source/nsswitch/winbindd_user.c trunk/source/nsswitch/winbindd_util.c Changeset: Sorry, the patch is too large (311 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13492
svn commit: samba r13493 - branches/SAMBA_3_0/source/passdb trunk/source/passdb
Author: vlendec Date: 2006-02-13 16:48:24 + (Mon, 13 Feb 2006) New Revision: 13493 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13493 Log: module_name and module_location are the same string. Fix a valgrind error. Volker Modified: branches/SAMBA_3_0/source/passdb/pdb_interface.c trunk/source/passdb/pdb_interface.c Changeset: Modified: branches/SAMBA_3_0/source/passdb/pdb_interface.c === --- branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-02-13 15:12:22 UTC (rev 13492) +++ branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-02-13 16:48:24 UTC (rev 13493) @@ -173,14 +173,16 @@ } DEBUG(5,(Found pdb backend %s\n, module_name)); - SAFE_FREE(module_name); if ( !NT_STATUS_IS_OK( nt_status = entry-init(methods, module_location) ) ) { DEBUG(0,(pdb backend %s did not correctly init (error was %s)\n, selected, nt_errstr(nt_status))); + SAFE_FREE(module_name); return nt_status; } + SAFE_FREE(module_name); + DEBUG(5,(pdb backend %s has a valid init\n, selected)); return nt_status; Modified: trunk/source/passdb/pdb_interface.c === --- trunk/source/passdb/pdb_interface.c 2006-02-13 15:12:22 UTC (rev 13492) +++ trunk/source/passdb/pdb_interface.c 2006-02-13 16:48:24 UTC (rev 13493) @@ -174,14 +174,16 @@ } DEBUG(5,(Found pdb backend %s\n, module_name)); - SAFE_FREE(module_name); if ( !NT_STATUS_IS_OK( nt_status = entry-init(methods, module_location) ) ) { DEBUG(0,(pdb backend %s did not correctly init (error was %s)\n, selected, nt_errstr(nt_status))); + SAFE_FREE(module_name); return nt_status; } + SAFE_FREE(module_name); + DEBUG(5,(pdb backend %s has a valid init\n, selected)); return nt_status;
svn commit: samba r13494 - in branches/SAMBA_3_0/source: . auth groupdb include lib passdb rpc_server smbd utils
Author: vlendec Date: 2006-02-13 17:08:25 + (Mon, 13 Feb 2006) New Revision: 13494 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13494 Log: Merge the stuff I've done in head the last days. Volker Added: branches/SAMBA_3_0/source/smbd/map_username.c Removed: branches/SAMBA_3_0/source/lib/util_getent.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/auth/auth_util.c branches/SAMBA_3_0/source/groupdb/mapping.c branches/SAMBA_3_0/source/include/passdb.h branches/SAMBA_3_0/source/lib/system_smbd.c branches/SAMBA_3_0/source/lib/username.c branches/SAMBA_3_0/source/passdb/passdb.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/smbd/chgpasswd.c branches/SAMBA_3_0/source/smbd/password.c branches/SAMBA_3_0/source/smbd/posix_acls.c branches/SAMBA_3_0/source/smbd/service.c branches/SAMBA_3_0/source/utils/net_groupmap.c branches/SAMBA_3_0/source/utils/net_rpc_samsync.c Changeset: Sorry, the patch is too large (3161 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13494
Build status as of Tue Feb 14 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-02-13 00:00:34.0 + +++ /home/build/master/cache/broken_results.txt 2006-02-14 00:00:22.0 + @@ -1,17 +1,17 @@ -Build status as of Mon Feb 13 00:00:02 2006 +Build status as of Tue Feb 14 00:00:02 2006 Build counts: Tree Total Broken Panic ccache 6 2 0 -distcc 8 2 0 -lorikeet-heimdal 15 15 0 -ppp 15 0 0 -rsync31 4 0 +distcc 7 2 0 +lorikeet-heimdal 13 13 0 +ppp 16 0 0 +rsync31 3 0 samba2 0 0 samba-docs 0 0 0 -samba4 32 21 2 -samba_3_032 10 0 -smb-build20 3 0 -talloc 29 11 0 -tdb 4 1 0 +samba4 33 19 2 +samba_3_032 9 0 +smb-build22 4 0 +talloc 9 5 0 +tdb 5 1 0
svn commit: samba-docs r915 - in trunk/Samba3-HOWTO: .
Author: jht Date: 2006-02-14 04:00:21 + (Tue, 14 Feb 2006) New Revision: 915 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=915 Log: Removal of remains of old xmlsam info. Had to do this to fix breakage caused by partial delete. Modified: trunk/Samba3-HOWTO/TOSHARG-Passdb.xml Changeset: Modified: trunk/Samba3-HOWTO/TOSHARG-Passdb.xml === --- trunk/Samba3-HOWTO/TOSHARG-Passdb.xml 2006-02-06 22:47:59 UTC (rev 914) +++ trunk/Samba3-HOWTO/TOSHARG-Passdb.xml 2006-02-14 04:00:21 UTC (rev 915) @@ -223,17 +223,6 @@ /listitem /varlistentry - para -indextermprimaryaccount migration/primary/indexterm -indextermprimarydatabase backends/primary/indexterm -indextermprimarybackend format/primary/indexterm - The parameterxmlsam/parameter option can be useful for account migration between database - backends or backups. Use of this tool allows the data to be edited before migration - into another backend format. - /para - /listitem - /varlistentry - /variablelist /sect2
svn commit: samba-docs r916 - in trunk/Samba3-HOWTO: .
Author: jht Date: 2006-02-14 04:13:18 + (Tue, 14 Feb 2006) New Revision: 916 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=916 Log: Remove one more reference to xmlsam. Modified: trunk/Samba3-HOWTO/TOSHARG-Passdb.xml Changeset: Modified: trunk/Samba3-HOWTO/TOSHARG-Passdb.xml === --- trunk/Samba3-HOWTO/TOSHARG-Passdb.xml 2006-02-14 04:00:21 UTC (rev 915) +++ trunk/Samba3-HOWTO/TOSHARG-Passdb.xml 2006-02-14 04:13:18 UTC (rev 916) @@ -1791,10 +1791,9 @@ indextermprimarysmbpasswd plaintext database/primary/indexterm indextermprimarytdbsam/primary/indexterm indextermprimaryldapsam/primary/indexterm -indextermprimaryxmlsam/primary/indexterm indextermprimaryenterprise/primary/indexterm Samba provides an enhanced set of passdb backends that overcome the deficiencies - of the smbpasswd plaintext database. These are tdbsam, ldapsam, and xmlsam. + of the smbpasswd plaintext database. These are tdbsam and ldapsam. Of these, ldapsam will be of most interest to large corporate or enterprise sites. /para