Re: [Samba] The Recycled PIDs Fix
On Tue, Feb 14, 2012 at 03:59:09AM -0700, Manoj Dahal wrote: ** Low Priority ** Hi, I have made the changes suggested by Stefan. The patch is available at https://bugzilla.samba.org/show_bug.cgi?id=8760#c6. Please send your review comments. Please see my further comment patch there. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 ldbmodify Unwilling to perform error 53
On Tue, 2012-02-14 at 16:56 +0100, steve wrote: Hi everyone samba --version Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 If I do this: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount - replace: primarygroupid primarygroupid: 1134 I get an error something like: ERR: (Unwilling to perform) error 53 If however I do the ldbmodify in 2 stages: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount and then: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify replace: primarygroupid primarygroupid: 1134 It works. primaryGroupID is special, but you may have found a bug in the handler for it. We have to confirm that the value being selected does not conflict with the existing group memberships. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba domain member server using only nss ldap
I have NT4 domain on samba-3.x integrated with LDAP. I need to use domain users in the shares permissions On the domain member server I have the following smb.conf [global] workgroup = W3 server string = File server netbios name = FS1 security = domain load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes log file = /var/log/samba/samba.log max log size = 5 encrypt passwords = yes winbind trusted domains only = yes idmap backend = ldap:ldap://pdc.w3.lan/; ldap idmap suffix = ou=idmap idmap uid = 5-50 idmap gid = 5-50 ldapsam:trusted = yes ldapsam:editposix = yes ldap suffix = dc=w3,dc=lan ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap admin dn = cn=root,dc=w3,dc=lan ldap ssl = no socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 enable privileges = yes os level = 8 local master = no domain master = no preferred master = no domain logons = no wins server = 192.168.210.104 dns proxy = yes client ntlmv2 auth = yes client plaintext auth = no lanman auth = no lm announce = no deadtime = 15 display charset = utf8 unix charset = utf8 dos charset = cp866 log level = 3 host msdfs = no [Test] comment = Test path = /data/production/Test/ public = yes guest ok = no valid users = @W3\w3-nssldap write list = @W3\w3-nssldap browseable = yes force create mode = 0770 create mode = 0770 force directory mode = 0770 directory mode = 0770 create mask = 0660 directory mask = 0770 force group = @W3\w3-nssldap # cat /etc/nsswitch.conf | grep ldap passwd: files ldap shadow: files ldap group: files ldap When I create any folder in the share Test I get the following uid/gid # ls -l total 4 drwxrwx--- 2 nssldap 321909 4096 Feb 15 17:00 test # ls -ln total 4 drwxrwx--- 2 1890 321909 4096 Feb 15 17:00 test # getent group | grep ^w3-nssldap w3-nssldap:*:1354:nssldap # id nssldap uid=1890(nssldap) gid=1354(w3-nssldap) groups=1354(w3-nssldap),513(Domain Users) # wbinfo --name-to-sid=nssldap S-1-5-21-250625134-237382211-2379110221-4780 SID_USER (1) # wbinfo --sid-to-uid=S-1-5-21-250625134-237382211-2379110221-4780 50290 It's seems that samba get uid from LDAP and gid from winbind. So my question is - Is it possible to use only nss ldap on domain member server to mapping uid/gid? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 ldbmodify Unwilling to perform error 53
On 15/02/12 14:35, Andrew Bartlett wrote: On Tue, 2012-02-14 at 16:56 +0100, steve wrote: Hi everyone samba --version Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 If I do this: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount - replace: primarygroupid primarygroupid: 1134 I get an error something like: ERR: (Unwilling to perform) error 53 If however I do the ldbmodify in 2 stages: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount and then: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify replace: primarygroupid primarygroupid: 1134 It works. primaryGroupID is special, but you may have found a bug in the handler for it. We have to confirm that the value being selected does not conflict with the existing group memberships. Andrew Bartlett Hi Andrew I chopped the 1134 from the end of the group SID: samba-tool group add suseusers wbinfo --group-info=suseusers suseusers:*:328: wbinfo --gid-to-sid 328 S-1-5-21-2395500911-3560017633-4088823418-1134 Previous to this it was 513 (Domain Users I think) Here is the script we made to POSIX-ify the group: e.g. ./s4group suseusers #!/bin/sh echo Creating s4 posix group $1 samba-tool group add $1 strgid=$(wbinfo --group-info=$1) gid=$(echo $strgid | cut -d : -f 3) echo dn: cn=$1,cn=Users,dc=hh3,dc=site changetype: modify add: objectclass objectclass: posixaccount - add:objectclass objectclass: posixGroup - add: gidnumber gidnumber: $gid /tmp/$1 ldapmodify -h 192.168.1.3 -D cn=Administrator,cn=Users,dc=hh3,dc=site -f /tmp/$1 -Y GSSAPI rm /tmp/$1 echo $1 rfc2307-ified and here is the script to POSIX-ify the user and add him to the group: e.g. ./s4user steve6 suseusers #!/bin/sh echo Creating s4 posix user $1 echo Pls enter pwd for $1 samba-tool user add $1 sleep 2 #get the uid struid=$(wbinfo -i $1) uid=$(echo $struid | cut -d : -f 3) #get the gid strgid=$(wbinfo --group-info=$2) gid=$(echo $strgid | cut -d : -f 3) #get the group from the sid strsid=$(wbinfo --gid-to-sid=$gid) primarygid=$(echo $strsid | cut -d - -f 8) strwg=$(echo $struid | cut -d \\ -f 1) #add the posix attributes to the user echo dn: CN=$1,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount - add: uidnumber uidnumber: $uid - add: gidnumber gidnumber: $gid - add:unixhomedirectory unixhomedirectory: /home/CACTUS/$1 - add: loginshell loginshell: /bin/bash /tmp/$1 ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site /tmp/$1 samba-tool group addmembers $2 $1 #set the user to the posix group echo dn: CN=$1,CN=Users,DC=hh3,DC=site changetype: modify replace: primarygroupid primarygroupid: $primarygid /tmp/$1 echo sleeping. . . sleep 5 ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site /tmp/$1 mkdir /home/$strwg/$1 chown -R $1:$2 /home/$strwg/$1 rm /tmp/$1 echo New user: $1 POSIX-ified It works OK. The users have SSO to Linux (nss-pam-ldapd/kerberized NFS4) and Windows. It's difficult to find documentation for ldbmodify. I worked this out from ldbmodify --help. I just wondered why we had to do the ldbmodify in 2 stages. In particular, why we have to 'sleep 5' before going ahead with the primaryGroupID. BTW, it doesn't matter which way round you do it. You can do the primaryGroupID first if you like, but you still then have to wait to add the POSIX stuff. If the scripts may be in anyway useful, I could try to idiot proof them up a bit. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba domain member server using only nss ldap
On a member server, the ldap backend should not be needed for user and group look up. You do need some sort of idmapping for the unix level to see the UID's and GID's assigned to the samba users, and use those uid's and gid's to set file permissions. I haven't had much luck with member servers either.it does get trickier when you have ldap used for both unix accounts and samba accounts. I found it easier to configure my primary machines as domain controllers. I think generally your nsswitch.conf file should include entries to allow unix to retrieve uid's and gid's from winbind. passwd: files ldap winbind shadow: files ldap winbind group: files ldap winbind This means that you would be able to type getent user1 and getent MYDOMAIN\user1. I I think it appears you are getting group information from winbind since have the force group entry in smb.conf. You should look at the man page for idmap_nss. In theory, this should let you use a local backend to store the idmap entries, and the idmap system should use map the SID's to the existing unix uid and gid. Never worked for me in practice. Alternately, you may want to manually edit the idmap entries in ldap. The domain controller should have automatically created them. On 02/15/12 10:21, Alex Domoradov wrote: I have NT4 domain on samba-3.x integrated with LDAP. I need to use domain users in the shares permissions On the domain member server I have the following smb.conf [global] workgroup = W3 server string = File server netbios name = FS1 security = domain load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes log file = /var/log/samba/samba.log max log size = 5 encrypt passwords = yes winbind trusted domains only = yes idmap backend = ldap:ldap://pdc.w3.lan/; ldap idmap suffix = ou=idmap idmap uid = 5-50 idmap gid = 5-50 ldapsam:trusted = yes ldapsam:editposix = yes ldap suffix = dc=w3,dc=lan ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap admin dn = cn=root,dc=w3,dc=lan ldap ssl = no socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 enable privileges = yes os level = 8 local master = no domain master = no preferred master = no domain logons = no wins server = 192.168.210.104 dns proxy = yes client ntlmv2 auth = yes client plaintext auth = no lanman auth = no lm announce = no deadtime = 15 display charset = utf8 unix charset = utf8 dos charset = cp866 log level = 3 host msdfs = no [Test] comment = Test path = /data/production/Test/ public = yes guest ok = no valid users = @W3\w3-nssldap write list = @W3\w3-nssldap browseable = yes force create mode = 0770 create mode = 0770 force directory mode = 0770 directory mode = 0770 create mask = 0660 directory mask = 0770 force group = @W3\w3-nssldap # cat /etc/nsswitch.conf | grep ldap passwd: files ldap shadow: files ldap group: files ldap When I create any folder in the share Test I get the following uid/gid # ls -l total 4 drwxrwx--- 2 nssldap 321909 4096 Feb 15 17:00 test # ls -ln total 4 drwxrwx--- 2 1890 321909 4096 Feb 15 17:00 test # getent group | grep ^w3-nssldap w3-nssldap:*:1354:nssldap # id nssldap uid=1890(nssldap) gid=1354(w3-nssldap) groups=1354(w3-nssldap),513(Domain Users) # wbinfo --name-to-sid=nssldap S-1-5-21-250625134-237382211-2379110221-4780 SID_USER (1) # wbinfo --sid-to-uid=S-1-5-21-250625134-237382211-2379110221-4780 50290 It's seems that samba get uid from LDAP and gid from winbind. So my question is - Is it possible to use only nss ldap on domain member server to mapping uid/gid? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] mount.cifs gives error 13 after changing servers -- hidden cache??
A sysadmin moved a share from one Windows server to another. I am now getting error 13 when trying to mount the share from the new server. The following worked before the server was replaced: mount.cifs //ipaddress1/share1$ /mnt/share1 -o credientials/home/whatever/.smbcredentials,rw mount.cifs //ipaddress2/share2$ /mnt/share2 -o credientials/home/whatever/.smbcredentials,ro Change: server ipaddress2 was replaced with server ipaddress3 and share2$ was created on that server. mount.cifs //ipaddress1/share1$ /mnt/share1 -o credientials/home/whatever/.smbcredentials,rw Still works! mount.cifs //ipaddress3/share2$ /mnt/share2 -o credientials/home/whatever/.smbcredentials,ro FAILS with mount error(13): Permission denied However, I can browse to //ipaddress3/share2$ using nautilus, and it is also accessible from any Windows box on the network! This problem looks similar to lists.samba.org/archive/samba/2011-June/162704.html. Clearly, mount.cifs seems to cache information somewhere. I have looked through /etc, /lib, /var and /proc for any evidence that ipaddress2 was cached, but cannot find anything. Any tips on how to solve this problem? Thanks! -- Digit Ijit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] pam_smbldap problem
Have samba pdc using smbldap etc. In my test setup the samba is a bdc as the pdc is a crucial service. Running debian squeeze with samba 3.5.6 Working on getting pam to keep ldap and windows passsword in sync. have been using smbldap-passwd with some added password tests to change passwords. smbldap-passwd works smbpasswd works in auth part of pam the migrate works with pam_smbldap smbclient -L localhost authenticates OK. If I use no ssl or tls for ldap connections in smb.conf passwd will change the windows password. If the connection to the master ldap server uses ssl or tls I get this error in auth.log. Feb 15 13:21:51 nfondy passwd[30090]: pam_smbpass(passwd:chauthtok): Cannot access samba password database, not running as root. Again it works with out tsl or ssl. common-passwd: # here are the per-package modules (the Primary block) passwordrequisite pam_passwdqc.so password[success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 password[success=1 default=ignore] pam_ldap.so minimum_uid=1000 try_first_pass # here's the fallback if no module succeeds passwordrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around passwordrequiredpam_permit.so # and here are more per-package modules (the Additional block) passwordoptionalpam_smbpass.so nullok use_authtok use_first_pass debug # end of pam-auth-update config smb.conf: [global] # I clearly do not know what to put in for ldap debug ldap debug level = 280 ldap debug threshold = 280 # ldap ssl = start tls ldap ssl = off ldap follow referral = auto ldap ssl ads = no # next to avoid nss ldapsam:trusted = Yes guest account = winguest #For Windows7 #client lanman auth = no client ntlmv2 auth = yes guest account = nobody # workgroup = NT-Domain-Name or Workgroup-Name workgroup = ADVOCAP netbios name = NFONDY # server string is the equivalent of the NT Description field server string = Fondulac Server #normaly will use second line. just using one to debug passdb backend = ldapsam:ldaps://mstldap.advocap.org #passdb backend = ldapsam:ldap://fonldap.advocap.org ldap://mstldap.advocap.org; #log level = 9 syslog = 0 log file = /var/log/samba/log.%m max log size = 50 # next changes 4/4/2011 #smb ports = 139 445 smb ports = 139 time server = Yes # block from examples show add printer wizard = No add user script = /usr/sbin/smbldap-useradd -a -m '%u' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' # shutdown script = /var/lib/samba/scripts/shutdown.sh # abort shutdown script = /sbin/shutdown -c logon path = \\%L\profiles\%U logon drive = X: preferred master = No wins support = Yes ldap suffix = dc=advocap,dc=org ldap machine suffix = ou=machines ldap user suffix = ou=People ldap group suffix = ou=Group # not running winbind # ldap idmap suffix = ou=Idmap ldap admin dn = cn=samba,ou=DSA,dc=advocap,dc=org # idmap backend = ldap://mstldap.advocap.org # idmap uid = 1-2 # idmap gid = 1-2 map acl inherit = Yes printing = cups load printers = yes log file = /var/log/samba/smbd.log # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user encrypt passwords = yes unix password sync = No socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.2.239 127.0.0.1 domain master = no preferred master = no domain logons = yes logon script = %U.bat name resolve order = wins bcast hosts dns proxy = no preserve case = yes ...shares etc... smb.conf is a bit of a mess as it's evolved over about 10 years :-( I had been debugging by watch the ldap traffic with wireshark. As it works with out tls and it's hard to debug with tls on :-( It does the same if I connect through the local ldap server when it gets refered to an ldaps connection. To test I changed the referal in slapd.conf to ldap:/./ and it
Re: [Samba] Samba domain member server using only nss ldap
On a member server, the ldap backend should not be needed for user and group look up. You do need some sort of idmapping for the unix level to see the UID's and GID's assigned to the samba users, and use those uid's and gid's to set file permissions. I need to do idmapping via winbind or something else? I haven't had much luck with member servers either. it does get trickier when you have ldap used for both unix accounts and samba accounts. I found it easier to configure my primary machines as domain controllers. I need to use LDAP only for samba accounts, not local (unix) I think generally your nsswitch.conf file should include entries to allow unix to retrieve uid's and gid's from winbind. passwd: files ldap winbind shadow: files ldap winbind group: files ldap winbind but according to http://www.samba.org/samba/docs/man/Samba-Guide/unixclients.html#sdcsdmldapIf I have one domain and all server are the member of this domain there is no need to use winbind at all. Did I miss something? This means that you would be able to type getent user1 and getent MYDOMAIN\user1. I I don't need such case, in my case local and domain users always unique I think it appears you are getting group information from winbind since have the force group entry in smb.conf. It's strange. When I added force user to the share description, samba set uid of the new file from ldap You should look at the man page for idmap_nss. In theory, this should let you use a local backend to store the idmap entries, and the idmap system should use map the SID's to the existing unix uid and gid. Never worked for me in practice. I read the man http://www.samba.org/samba/docs/man/manpages-3/idmap_nss.8.html but didn't get clear understanding Alternately, you may want to manually edit the idmap entries in ldap. The domain controller should have automatically created them. there are a 10-15 entries in the ou Idmap -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 provision error
git checkout dd5868d when I try to provision I get the following: Populating ForestDnsZones partition bin/tdbbackup: /home/samba-master/bin/shared/private/libtdb.so: version `SAMBA_4.0.0ALPHA18_DEVELOPERBUILD' not found (required by bin/tdbbackup) Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File ./source4/setup/provision, line 262, in module useeadb=eadb, next_rid=opts.next_rid, lp=lp) File bin/python/samba/provision/__init__.py, line 1757, in provision am_rodc=am_rodc, lp=lp) File bin/python/samba/provision/__init__.py, line 1491, in provision_fill targetdir=targetdir, site=DEFAULTSITE) File bin/python/samba/provision/sambadns.py, line 990, in setup_ad_dns create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid) File bin/python/samba/provision/sambadns.py, line 751, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File bin/python/samba/provision/sambadns.py, line 688, in tdb_copy raise Exception(Error copying %s % file1) Exception: Error copying /usr/local/samba/private/sam.ldb -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 provision error
On 02/15/2012 11:30 PM, fe...@epepm.cupet.cu wrote: git checkout dd5868d when I try to provision I get the following: Populating ForestDnsZones partition bin/tdbbackup: /home/samba-master/bin/shared/private/libtdb.so: version `SAMBA_4.0.0ALPHA18_DEVELOPERBUILD' not found (required by bin/tdbbackup) Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File ./source4/setup/provision, line 262, inmodule useeadb=eadb, next_rid=opts.next_rid, lp=lp) File bin/python/samba/provision/__init__.py, line 1757, in provision am_rodc=am_rodc, lp=lp) File bin/python/samba/provision/__init__.py, line 1491, in provision_fill targetdir=targetdir, site=DEFAULTSITE) File bin/python/samba/provision/sambadns.py, line 990, in setup_ad_dns create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid) File bin/python/samba/provision/sambadns.py, line 751, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File bin/python/samba/provision/sambadns.py, line 688, in tdb_copy raise Exception(Error copying %s % file1) Exception: Error copying /usr/local/samba/private/sam.ldb Run make again and then it should provision OK. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 gid-to-sid question
Hi. We used info from a SID created using samba-tool group add to posix-ify it and then add a posix-ifed domain user to it. The AD doco defines two sorts of SID. Ones that change, and ones that don't. Here is a search on our posix-ified group: ldbsearch --url=/usr/local/samba/private/idmap.ldb 'xidnumber=312' objectSid: S-1-5-21-980186919-4150830324-975011627-1121 We set the primaryGroupID of the user to 1121, his gidNumber to 312 and his uidNumber from wbinfo. He becomes visible to Linux via nss-ldapd, whilst retaing his Domain User status on the windows side:-) My question is, to which category of SID does S-1-5-21-980186919-4150830324-975011627-1121 belong? Can we assume that this is fixed for the life of the domain? Under what circustances could s4 change it, and if id did, would we be given warning? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba PDC with Windows 7 support request
Dear Samba support team, I have a question on Samba 3.5.8 please, which is not solved by searching the forums. I tried all suggested solutions, but nothing take effect. Situation: - small public school - We have Ubuntu Server 11.04 64-bit - Samba 3.5.8 as PDC - Windows XP and Windows 7 Pro SP1 clients - On Windows XP everything works. Login is quick and reliable there. Problem: But our problem is with Windows 7 domain clients, where login and logout takes more than 1,5 minute with clear user profile. Yes, we have only 100 Mbit LAN, but why XP can operate so much faster? We are using Aero with background images, but logon locally is very fast. Only using travel profiles is very slow. I have tried: - Disable IPv6, - Disabled UAC - set policies time to wait on server, - I applied all performace recommended settings suggested at samba.org for Windows 7 (http://wiki.samba.org/index.php/Windows7) Very similar post I have found here: https://bugzilla.samba.org/show_bug.cgi?id=8300 Domain users experience a slow login performance on Windows 7 clients that are joined into a samba domain (Samba version 3.5.4). The Windows 7 client was joined successfully into the domain with the Windows 7 registry settings adjusted according to http://wiki.samba.org/index.php/Windows7 (DomainCompatibilityMode = 0 and DNSNameResolutionRequired = 0). We need solve this bug, in other case we can’t use Samba as PDC and we must change the platform. Please put this request on free support boards or send me an offer for paid support. Can help adding this to GLOBAL section? domain master = yes local master = yes preffered master = yes os level = 64 Thanks a lot, I hope I’m not disturbing main Samba developers, With best regards, Jiri Prochazka Teacher from Waldorf high school in Prague Czech and English only :-) # # Sample configuration file for the Samba suite for Debian GNU/Linux. # # # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options most of which # are not shown in this example # # Some options that are often worth tuning have been included as # commented-out examples in this file. # - When such options are commented with ;, the proposed setting #differs from the default Samba behaviour # - When commented with #, the proposed setting is the default #behaviour of Samba but the option is considered important #enough to be mentioned here # # NOTE: Whenever you modify this file you should run the command # testparm to check that you have not made any basic syntactic # errors. # A well-established practice is to name the original file # smb.conf.master and create the real config file with # testparm -s smb.conf.master smb.conf # This minimizes the size of the really used smb.conf file # which, according to the Samba Team, impacts performance # However, use this with caution if your smb.conf file contains nested # include statements. See Debian bug #483187 for a case # where using a master file is not a good idea. # #=== Global Settings === [global] ## Browsing/Identification ### # Change this to the workgroup/NT-domain name your Samba server will part of workgroup = LYCEUM # server string is the equivalent of the NT Description field server string = %h server (Samba, Ubuntu) # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable its WINS Server # wins support = no # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # This will prevent nmbd to search for NetBIOS names through DNS. dns proxy = no # What naming service and in what order should we use to resolve host names # to IP addresses ; name resolve order = lmhosts host wins bcast Networking # The specific set of interfaces / networks to bind to # This can be either the interface name or an IP address/netmask; # interface names are normally preferred ; interfaces = 127.0.0.0/8 eth0 # Only bind to the named interfaces and/or networks; you must use the # 'interfaces' option above to use this. # It is recommended that you enable this feature if your Samba machine is # not protected by a firewall or is a firewall itself. However, this # option cannot handle dynamic or non-broadcast interfaces correctly. ; bind interfaces only = yes Debugging/Accounting # This tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Cap the size of the individual log files (in KiB). max log size = 1000 # If you want Samba to only log through syslog then set the following # parameter to 'yes'. # syslog only = no
[Samba] Samba 4 Cannot contact any KDC for requested realm
Version 4.0.0alpha18-GIT-957ec28 After starting samba -i -d3, wbinfo -i someuser gives this: ldb_wrap open of secrets.ldb using SPNEGO Selected protocol [8][NT LANMAN 1.0] Cannot reach a KDC we require to contact cifs/hh3.site@SITE : kinit for HH3$@SITE failed (Cannot contact any KDC for requested realm) SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS ldb_wrap open of secrets.ldb schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/HH3 Cannot reach a KDC we require to contact host/hh3.site@SITE : kinit for HH3$@SITE failed (Cannot contact any KDC for requested realm) SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS wbinfo -u works fine however and shows a list of users. Subsequent calls to wbinfo do not produce this error. It only happens the first time after you start samba. dare not mention This may coincide with yesterday's bind 9 update from openSUSE /dare not mention This however, seems OK: Calling DNS name update script Calling SPN name update script Completed SPN update check OK Completed DNS update check OK and all the dns and kerberos stuff on the wiki checks out too. Is this OK? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba CTDB with data coming via pNFS?
Greetings, Does anyone know whether I'll encounter problems serving out CIFS using Samba/CTDB where the servers are pNFS clients? Specifically I'm thinking that I'll have a number of RHEL 6.2 boxes connecting to netapp storage using pNFS. These boxes will then serve a variety of CIFS clients. JR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind craps out, NT_STATUS_PIPE_BROKEN
Hi Jay/Samba peeps, Emailing in reference to http://lists.samba.org/archive/samba/2011-April/162277.html I have seen a very similar issue with a similar setup. Users fail to be verified with: getent passwd username Entry in the log at same time is: [2012/01/23 16:58:53.159761, 3] winbindd/winbindd_misc.c:352(winbindd_interface_version) [18510]: request interface version [2012/01/23 16:58:53.159966, 3] winbindd/winbindd_misc.c:385(winbindd_priv_pipe_dir) [18510]: request location of privileged pipe [2012/01/23 16:58:53.160214, 3] winbindd/winbindd_getpwnam.c:55(winbindd_getpwnam_send) getpwnam username [2012/01/23 16:58:53.162493, 5] winbindd/winbindd_getpwnam.c:138(winbindd_getpwnam_recv) Could not convert sid S-1-5-21-1117850145-1682116191-196506527-126617: NT_STATUS_PIPE_BROKEN Restarting winbindd solves the problem temporarily. I've attached a copy of the smb.conf. OS: Debian Squeeze 6.0.3 Kernel: 2.6.32-5-686-bigmem samba 2:3.5.6~dfsg-3squeeze5 winbind 2:3.5.6~dfsg-3squeeze5 Jay did you find a solution to your problem? Has anyone else on the list seen similar issues or have any ideas of what might be happening? Any advice or pointers would be very much appreciated. Thanks, Matt -- Matthew Baker :: Senior Systems Administrator :: University of Bristol [global] workgroup = WORKGROUP server string = %h server (Samba %v) netbios name = ou-hostname hosts allow = 192.168.1.0/255.255.255.0, 127.0.0.1 dns proxy = no log file = /var/log/samba/log.%m log level = 1 winbind:5 idmap:5 auth:5 sam:5 max log size = 1 ; syslog only = no syslog = 0 panic action = /usr/share/samba/panic-action %d security = ADS realm = KERBEROS.EXAMPLE.ORG kerberos method = secrets and keytab password server = * local master = no restrict anonymous = 1 encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes invalid users = root passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 winbind enum users = no winbind enum groups = no winbind separator = . winbind nested groups = Yes winbind use default domain = Yes template shell = /bin/bash template homedir = /home/%U ; store the idmap for local non-AD accounts idmap backend = tdb idmap uid = 10-100 idmap gid = 10-100 ; use the readonly stored version in AD (I1110-4800) idmap config UOB : backend = ad idmap config UOB : range = 100-9 idmap config UOB : schema_mode = rfc2307 [homes] comment = Home Directories browseable = no writable = yes create mask = 0700 directory mask = 0700 include = /etc/samba/shares.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] winbind and group membership
Hi. FreeBSD 8.2 Samba 3.5.11 from ports I have an issue with group membership. id shows only small part of the groups a user is member of. I'm aware about UNIX max group issue, but this isn't related to it - for example for a user which is member of the 6 griups id shows only 3. Although wbinfo -r shows correct number of groups and wbinfo -G is able to successfully translate UNIX group to a domain SID. Can this be solved somehow ? I tried the 3.6.1 from ports, but using it's nss_winbind.so id only shows primary group for mapped users and none for system users existing in the domain. For example: [emz@witchdoctor:/var/db/samba]# id emz uid=1001(emz) gid=0(wheel) groups=0(wheel),20007(администраторы домена),20100(warez-rw),20248(internet users - panicbox),20413(internet users - samara),20456(internet users - crystal) [emz@witchdoctor:/var/db/samba]# wbinfo -r emz 20002 20459 20456 20100 20547 20413 20007 20248 20009 20692 20587 20695 20693 20694 20585 20652 20584 20621 20613 20649 20590 20654 20664 20657 20612 20586 20001 2 [emz@witchdoctor:/var/db/samba]# wbinfo -r emz | xargs wbinfo -G S-1-5-21-3780126066-798514342-2262872178-513 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20002 S-1-5-21-3780126066-798514342-2262872178-513 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20459 S-1-5-21-3780126066-798514342-2262872178-17960 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20456 S-1-5-21-3780126066-798514342-2262872178-17956 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20100 S-1-5-21-3780126066-798514342-2262872178-11860 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20547 S-1-5-21-3780126066-798514342-2262872178-20184 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20413 S-1-5-21-3780126066-798514342-2262872178-17662 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20007 S-1-5-21-3780126066-798514342-2262872178-512 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20248 S-1-5-21-3780126066-798514342-2262872178-15792 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20009 S-1-5-21-3780126066-798514342-2262872178-5934 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20692 S-1-5-21-3780126066-798514342-2262872178-19463 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20587 S-1-5-21-3780126066-798514342-2262872178-13813 [emz@witchdoctor:/var/db/samba]# wbinfo -G 20695 S-1-5-21-3780126066-798514342-2262872178-19466 Thanks. Eugene. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Auth based on user + host
Hello - I feel like hosts equiv could have solved this scenario, but as that's been removed I'm looking for options. What I want to do is have an account without a password that is only allowed to access shares when connecting from a specific host. In this case, localhost. Is that possible anymore? The only solution I've been able to come up with would involve duplicating each share, with the passwordless account as an invalid user in the public share and hosts allow in the duplicated share the account is allowed to access - which I can only see becoming extremely cumbersome. I realise the danger in passwordless accounts, this is a very secluded system (private network). Thanks for any assistance you can offer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Error in provisioning Samba4 Alpha 18 from git
Hi, I have a problem. The prerequisites are: * Vanilla Ubuntu 10.04 install * Followed the http://wiki.samba.org/index.php/Samba4/HOWTO In step 4, after running the command: ./source4/setup/provision --realm=samdom.example.com --domain=SAMDOM --adminpass=SOMEPASSWORD --server-role='domain controller' i get the following error when the provisioning run tdbbackup from the script bin/python/samba/provision/sambadns.py: Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Adding DomainDN: DC=samdom,DC=example,DC=com Adding configuration container Setting up sam.ldb schema Setting up sam.ldb configuration data Setting up display specifiers Adding users container Modifying users container Adding computers container Modifying computers container Setting up sam.ldb data Setting up well known security principals Setting up sam.ldb users and groups Setting up self join Adding DNS accounts Populating CN=MicrosoftDNS,CN=System,DC=samdom,DC=example,DC=com Creating DomainDnsZones and ForestDnsZones partitions Populating DomainDnsZones partition Populating ForestDnsZones partition bin/tdbbackup: /home/administrator/source/samba-master/bin/shared/private/libtdb.so: version `SAMBA_4.0.0ALPHA18_DEVELOPERBUILD' not found (required by bin/tdbbackup) Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File ./source4/setup/provision, line 256, in module useeadb=eadb, next_rid=opts.next_rid, lp=lp) File bin/python/samba/provision/__init__.py, line 1757, in provision am_rodc=am_rodc, lp=lp) File bin/python/samba/provision/__init__.py, line 1491, in provision_fill targetdir=targetdir, site=DEFAULTSITE) File bin/python/samba/provision/sambadns.py, line 990, in setup_ad_dns create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid) File bin/python/samba/provision/sambadns.py, line 751, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File bin/python/samba/provision/sambadns.py, line 688, in tdb_copy raise Exception(Error copying %s % file1) Exception: Error copying /usr/local/samba/private/sam.ldb The file /home/administrator/source/samba-master/bin/shared/private/libtdb.so does exist. What can/should I do? I tried this on Ubuntu 11.10 desktop as well, with the exact same result. Kindest regards, Mathias PS. I'm not part of the samba mailinglist. DS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Error in provisioning Samba4 Alpha 18 from git
Hi, I have a problem. The prerequisites are: * Vanilla Ubuntu 10.04 install * Followed the http://wiki.samba.org/index.php/Samba4/HOWTO In step 4, after running the command: ./source4/setup/provision --realm=samdom.example.com --domain=SAMDOM --adminpass=SOMEPASSWORD --server-role='domain controller' i get the following error when the provisioning run tdbbackup from the script bin/python/samba/provision/sambadns.py: Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Adding DomainDN: DC=samdom,DC=example,DC=com Adding configuration container Setting up sam.ldb schema Setting up sam.ldb configuration data Setting up display specifiers Adding users container Modifying users container Adding computers container Modifying computers container Setting up sam.ldb data Setting up well known security principals Setting up sam.ldb users and groups Setting up self join Adding DNS accounts Populating CN=MicrosoftDNS,CN=System,DC=samdom,DC=example,DC=com Creating DomainDnsZones and ForestDnsZones partitions Populating DomainDnsZones partition Populating ForestDnsZones partition bin/tdbbackup: /home/administrator/source/samba-master/bin/shared/private/libtdb.so: version `SAMBA_4.0.0ALPHA18_DEVELOPERBUILD' not found (required by bin/tdbbackup) Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File ./source4/setup/provision, line 256, in module useeadb=eadb, next_rid=opts.next_rid, lp=lp) File bin/python/samba/provision/__init__.py, line 1757, in provision am_rodc=am_rodc, lp=lp) File bin/python/samba/provision/__init__.py, line 1491, in provision_fill targetdir=targetdir, site=DEFAULTSITE) File bin/python/samba/provision/sambadns.py, line 990, in setup_ad_dns create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid) File bin/python/samba/provision/sambadns.py, line 751, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File bin/python/samba/provision/sambadns.py, line 688, in tdb_copy raise Exception(Error copying %s % file1) Exception: Error copying /usr/local/samba/private/sam.ldb The file /home/administrator/source/samba-master/bin/shared/private/libtdb.so does exist. What can/should I do? I tried this on Ubuntu 11.10 desktop as well, with the exact same result. Kindest regards, Mathias PS. I'm not part of the samba mailinglist. DS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba winbind and nfsv4 krb5
Hi All, I'm struggling since weeks to get samba winbind and a kerberized nfs mount running. We have a Netapp SAN exporting the nfs share with sec=krb5 and a Linux Client Ubuntu 10.04 Server trying to access the exported share. Accessing the share without krb5 (sec=sys) works fine. The linux machine is joined to an Windows 2008R2 domain and user/group lookups login via ssh etc. work fine. I have read many articles about using winbind to aquire the Kerberos tickets on login. What I have done so far is join the linux machine to our AD: net ads join -U Administrator After this my krb5.keytab file is filled with the following: root@ubuntu100432:~# klist -kte Keytab name: WRFILE:/etc/krb5.keytab KVNO Timestamp Principal - 2 02/13/12 09:34:59 host/ubuntu100432.a.space.c...@a.space.corp (DES cbc mode with CRC-32) 2 02/13/12 09:34:59 host/ubuntu100432.a.space.c...@a.space.corp (DES cbc mode with RSA-MD5) 2 02/13/12 09:34:59 host/ubuntu100432.a.space.c...@a.space.corp (ArcFour with HMAC/md5) 2 02/13/12 09:34:59 host/ubuntu100...@a.space.corp (DES cbc mode with CRC-32) 2 02/13/12 09:34:59 host/ubuntu100...@a.space.corp (DES cbc mode with RSA-MD5) 2 02/13/12 09:34:59 host/ubuntu100...@a.space.corp (ArcFour with HMAC/md5) 2 02/13/12 09:34:59 UBUNTU100432$@A.SPACE.CORP (DES cbc mode with CRC-32) 2 02/13/12 09:34:59 UBUNTU100432$@A.SPACE.CORP (DES cbc mode with RSA-MD5) 2 02/13/12 09:34:59 UBUNTU100432$@A.SPACE.CORP (ArcFour with HMAC/md5) Then I add the nfs principal: net ads keytab add nfs -U Administrator This adds the princ to the keytab file: 2 02/13/12 09:36:11 nfs/ubuntu100432.a.space.c...@a.space.corp (DES cbc mode with CRC-32) 2 02/13/12 09:36:11 nfs/ubuntu100432.a.space.c...@a.space.corp (DES cbc mode with RSA-MD5) 2 02/13/12 09:36:11 nfs/ubuntu100432.a.space.c...@a.space.corp (ArcFour with HMAC/md5) 2 02/13/12 09:36:11 nfs/ubuntu100...@a.space.corp (DES cbc mode with CRC-32) 2 02/13/12 09:36:11 nfs/ubuntu100...@a.space.corp (DES cbc mode with RSA-MD5) 2 02/13/12 09:36:11 nfs/ubuntu100...@a.space.corp (ArcFour with HMAC/md5) I restart the portmap service (this restarts statd idmapd and gssd) Service portmap restart Now when I try to mount the share I always get an access denied: Looking at /var/log/daemon.log reveals: handling krb5 upcall Full hostname for 'ds-san-02.a.space.corp' is 'ds-san-02.a.space.corp' Full hostname for 'ubuntu100432.a.space.corp' is 'ubuntu100432.a.space.corp' Key table entry not found while getting keytab entry for 'root/ubuntu100432.a.space.c...@a.space.corp' Success getting keytab entry for 'nfs/ubuntu100432.a.space.c...@a.space.corp' WARNING: Client not found in Kerberos database while getting initial ticket for principal 'nfs/ubuntu100432.a.space.c...@a.space.corp' using keytab 'WRFILE:/etc/krb5.keytab' ERROR: No credentials found for connection to server ds-san-02.a.space.corp doing error downcall destroying client clnt13 destroying client clnt12 I checked the host in AD with setspn -L and this lists the following: Registered ServicePrincipalNames for CN=ubuntu100432 ace,DC=corp: NFS/ubuntu100432.a.space.corp NFS/ubuntu100432 HOST/ubuntu100432.a.space.corp HOST/UBUNTU100432 So there is no principal 'nfs/ubuntu100432.a.space.c...@a.space.corp'. Is there something special about Windows 2008 R2? Regards, Oliver -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Prevent smbd from consulting winbindd
Harry Jede wrote: I am running smbd in a setup described in http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.h tml#id2604553 under Winbind is not used; users and groups are local. Samba is running in the security=domain mode, Do you have a PDC with the same setup? The PDC is a Windows 2000 (sic!) server. I cannot change that. Are you syncing uid/gid manually? I keep Unix uid/gid on Unix and don't want any Winbind-generated uids or gids. All I want is a Windows user MYDOMAIN\johndoe to be mapped to the unix user johndoe whose Unix uid is 2000 in /etc/passwd. This is exactly what happens when winbinnd is not started. [dd] Now I need to run winbindd for Squid authentication. The problem is, as soon as I start winbindd, smbd begins consulting it so you are running smbd and winbind an squid on the same machine Yes. and all Windows users start receiving uids/gids different from those in /etc/passwd. Thats quite normal. Thats undesirable. How do I prevent smbd from consulting winbindd and make it use the old /etc/passwd mechanism for uids? I do not know. I believe it's not possible. Run smbd on one machine with NIS or LDAP, winbind for squid on an other machine. This is an obvious solution, I will do that if I find no other way. But how does smbd communicate with winbindd? Can I hide them from each other? is auth methods = ntdomain or auth methods = trustdomain not what I want? Which of the auth methods does smbd use when it cannot find a functional winbindd? Alternatively you may try to run winbind with an own smb.conf This may be a good idea but how do I hide winbindd (even running with its own smb.conf) from smbd? How does it communicate with smbd? if you wish to try this, you may start with a new setup. I have done this tree times with LDAP as backend, it works. If you need more details, I can write a step-by-step guide, maybe next week. I don't need a step-by-step guide but I would appreciate an explanation how to hide smbd and winbindd from each other other than running them on different hosts. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Build Active Directory with Samba
Hello, Please, which release of Samba can one build Active Directory Domain with. I know that with 3.0 one can have a PDC but I want to build AD with Samba. Your help will be appreciated. Ehiedu Agharinma -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP issues
To follow up and finalize, this is now SOLVED. Thank you for your feedback on how you solved your issue. Without feedback, we wouldn't be able to learn all that we can learn and we wouldn't fully benefit from the experience of others. First of all, I am using the IDEALX scripts (renamed now to smbldap-tools, but the IDEALX names sticks for backwards compatibility, apparently; they're located at http://sourceforge.net/projects/smbldap-tools/). As indicated on the page you just quoted, the new home of the smbldap-tools project is now: https://gna.org/projects/smbldap-tools/ The most recent packages, smbldap-tools-0.9.7-1, date from 26-Sep-2011. Thank you -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 PAM and xscreensaver
On 01/09/2012 08:42 AM, steve wrote: Hi I have a Linux client running XFCE and authenticating against Samba 4. When trying to return to the session after xscreensaver has kicked in, authentication fails. Sorry to bump, but I've just seen this in the xscreensaver doco: XScreenSaver Dependencies Required snip Optional libjpeg-8c, libgnome-2.32.1, GLE, Netpbm, XDaliClock, Linux-PAM-1.1.5, _MIT Kerberos V5-1.6 (built with Kerberos V4 backwards compatibility), and krb4 and Heimdal-1.4 (Kerberos authentication requires having Kerberos V4 and V5 on the system)_ Does Samba 4 have this? Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] error with provisionsing
I found the samba4 HOW-TO on the wiki and I have followed it to using Ubuntu server versions 11.10 and 10.04. I have been unsuccessful at step 4 running the provision script. I have run the following commands to get to get to this point: $ sudo git clone git://git.samba.org/samba.git samba-master; cd samba-master $ sudo apt-get install build-essential libattr1-dev libblkid-dev libgnutls-dev libreadline5-dev python-dev autoconf python-dnspython gdb pkg-config bind9utils libpopt-dev When this command was run on 11.10 I received an error that the package libreadline5-dev was not found. As an alternative the libreadline-gplv2-dev or lib64readline-gplv2-dev were suggested, I chose the libreadline-gplv2-dev, because it was a 32 bit install, as the replacement. $ sudo ./configure.developer $ sudo make $ sudo make install $ sudo ./source4/setup/provision --realm=home.com --domain=HOME --adminpass=P@ssw0rd --server-role='domain controller' The following is the output of I am receiving on both editions. bin/tdbbackup: /home/administrator/samba-master/bin/shared/private/libtdb.so: version `SAMBA_4.0.0ALPHA18_DEVELOPERBUILD' not found (required by bin/tdbbackup) Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File ./source4/setup/provision, line 256, in module useeadb=eadb, next_rid=opts.next_rid, lp=lp) File bin/python/samba/provision/__init__.py, line 1757, in provision am_rodc=am_rodc, lp=lp) File bin/python/samba/provision/__init__.py, line 1491, in provision_fill targetdir=targetdir, site=DEFAULTSITE) File bin/python/samba/provision/sambadns.py, line 990, in setup_ad_dns create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid) File bin/python/samba/provision/sambadns.py, line 751, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File bin/python/samba/provision/sambadns.py, line 688, in tdb_copy raise Exception(Error copying %s % file1) Exception: Error copying /usr/local/samba/private/sam.ldb I am fairly new to working with samba and I do not know where to look to get this working and any suggestions would be greatly appreciated. Eric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Error compiling Samba 3.6.3
Hi all, I am running slackware 8.0, 2.4.20 with GCC 2.95.3. Old but it works J I am trying to compile Samba 3.6.3 but get the following: Compiling lib/sharesec.c lib/sharesec.c: In function `delete_share_security': lib/sharesec.c:382: incompatible types in return The following command failed: gcc -I../lib/zlib -O -I. -I/home/steve/samba-3.6.3/source3 -I/home/steve/samba-3.6.3/source3/../lib/popt -I/home/steve/samba-3.6.3/source3/../lib/iniparser/src -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/tevent -I./librpc -I./.. -I./../lib/talloc -I../lib/tdb/include -DHAVE_CONFIG_H -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/tevent -I./libaddns-I./librpc -I./.. -I./../lib/popt -I/home/steve/samba-3.6.3/source3/lib -I.. -D_SAMBA_BUILD_=3 -D_SAMBA_BUILD_=3 -fPIC -c lib/sharesec.c -o lib/sharesec.o make: *** [lib/sharesec.o] Error 1 I had to make some modifications in the Makefile (attached) to even get it go this far. Many Thanks Stephen Elliott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] slow creating files
We tried to migrate from old Windows fileserver (p4, single HDD) to
Samba (FedoraCore15, Samba 3.5.12-72.fc15, ext4 volume, xeon, raid5).
Our pipeline is so, that some special software generates files on that
fileserver.
The typical filesize ~50 mbytes.
On the old hardware, software (win2k3 server) the time of single file
creation was about 10 seconds. On the new configuration it takes 20-25
seconds.
Copying of large files to\from samba server is ok (more than 80 mbytes\sec).
It was default Samba installation.
The usual tuning doesn't help at all (TCPNODELAY etc...)
Is there any idea for tuning?
Also, I wrote easy test that confused me:
#include stdio.h
#include stdlib.h
#include time.h
void main(int argc, char *argv[])
{
int fsize=4000;
int i=0;
FILE *to;
char
str[]=0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890;
time_t start, end;
double diff;
time(start);
to=fopen(argv[1], w+);
for(i=0; i fsize/100; i++)
{
fprintf(to, \n%7d-%s,i, str);
/fflush(to); // makes it slow!/
}
fclose(to);
time(end);
diff=difftime(end,start);
printf(\n \t time_diff = %.2lf, diff);
}
This was started on Win7 client PC, It creates about 40 mbytes size file
in pointed path.
Comparing timings on our samba share and win2k3 share gives: ~40 seconds
on Samba and on 3-4 seconds win2k3!
That means that fflush cause dramatically slow down of fileshare.
Alexey
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] nmbd process and winbindd process can't start in multi network interface environement
Hello, Our OS is AIX 6100-06-05-1115 and SAMBA version is 3.3.12.0 We have two network interfaces with different IPs. Now we restrict SAMBA active in onf of the interface. SWAT and smbd can start. But nmbd and winbindd processes can't start. And there is below warning info in log.nmbd and log.winbindd. Please give your suggestions and thx. pekwj42a- # cat /usr/lib/smb.conf # Samba config file created using SWAT # from UNKNOWN (140.231.210.142) # Date: 2012/02/09 12:45:34 [global] interfaces = eth6 [sap_capps] comment = sap AP1 interface path = /export/capps/AP1 valid users = cn1wj026 read only = No [sap_interface] comment = sap AP1 interface path = /export/capps/AP1/Interface read only = No [sap_edi] comment = sap AP1 edi path = /export/capps/AP1/edi read only = No [sap_capps] comment = sap AP1 interface path = /export/capps/AP1 valid users = cn1wj026 read only = No pekwj42a- # [2012/02/09 11:27:55, 0] nmbd/nmbd.c:main(850) nmbd version 3.3.12 started. Copyright Andrew Tridgell and the Samba Team 1992-2009 [2012/02/09 11:27:55, 0] lib/interface.c:load_interfaces(546) WARNING: no network interfaces found [2012/02/09 11:27:55, 0] nmbd/nmbd_subnetdb.c:create_subnets(206) create_subnets: No local IPv4 non-loopback interfaces ! [2012/02/09 11:27:55, 0] nmbd/nmbd_subnetdb.c:create_subnets(207) create_subnets: Waiting for an interface to appear ... [2012/02/09 11:28:00, 0] lib/fault.c:fault_report(40) === [2012/02/09 11:28:00, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 7865238 (3.3.12) Please read the Trouble-Shooting section of the Samba3-HOWTO [2012/02/09 11:28:00, 0] lib/fault.c:fault_report(43) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2012/02/09 11:28:00, 0] lib/fault.c:fault_report(44) === [2012/02/09 11:28:00, 0] lib/util.c:smb_panic(1673) PANIC (pid 7865238): internal error [2012/02/09 11:28:00, 0] lib/util.c:log_stack_trace(1827) unable to produce a stack trace on this platform [2012/02/09 11:28:00, 0] lib/fault.c:dump_core(231) dumping core in /var/cores/nmbd [2012/02/09 12:42:59, 0] winbindd/winbindd.c:main(1130) winbindd version 3.3.12 started. Copyright Andrew Tridgell and the Samba Team 1992-2009 [2012/02/09 12:42:59, 0] lib/interface.c:load_interfaces(546) WARNING: no network interfaces found [2012/02/09 12:42:59, 0] lib/fault.c:fault_report(40) === [2012/02/09 12:42:59, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 8127146 (3.3.12) Please read the Trouble-Shooting section of the Samba3-HOWTO [2012/02/09 12:42:59, 0] lib/fault.c:fault_report(43) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2012/02/09 12:42:59, 0] lib/fault.c:fault_report(44) === [2012/02/09 12:42:59, 0] lib/util.c:smb_panic(1673) PANIC (pid 8127146): internal error [2012/02/09 12:42:59, 0] lib/util.c:log_stack_trace(1827) unable to produce a stack trace on this platform [2012/02/09 12:42:59, 0] lib/fault.c:dump_core(231) dumping core in /var/cores/winbindd Best Regards Huang Hai Qing No. 500 Dalian Road, Yangpu, Shanghai 200082, P.R. China Softhandy: +86 21 38893546 Business E-mail: haiqing.hu...@siemens.comblocked::blocked::mailto:haiqing.hu...@siemens.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 build progress error for gpo_reg.c (explained)
Hello,
there is an error when building samba with current samba-4.0.0alpha17
shipped with the sogo/openchange source. The error message is shown below.
lsquo;struct registry_valuersquo; has no member named
lsquo;typersquo; is caused by gpo_reg.c
in samba4/source3/libgpo/gpo_reg.c line:
174: reg_val.type = REG_SZ;...
192: reg_val.type = REG_DWORD;
213: if (reg_val-type != REG_SZ) {...
238: if (reg_val-type != REG_DWORD) {...
whereas samba4/source4/lib/registry/registry.h line 264-269 has:
struct registry_value
{
const char *name;
unsigned int data_type; /* - this member is
called data_type, not type
DATA_BLOB data;
};
Here is my output of samba build progress (stripped):
__
root@server:~/openchange/sogo-good# make samba
...
...
[2232/3330] Compiling source3/librpc/rpc/rpc_common.c
[2233/3330] Compiling source3/rpc_client/rpc_transport_np.c
[2234/3330] Compiling source3/rpc_client/rpc_transport_sock.c
[2235/3330] Compiling source3/rpc_client/rpc_transport_tstream.c
[2236/3330] Compiling source3/librpc/rpc/dcerpc_helpers.c
[2237/3330] Compiling libgpo/gpo_ldap.c
[2238/3330] Compiling libgpo/gpo_ini.c
[2239/3330] Compiling libgpo/gpo_util.c
[2240/3330] Compiling libgpo/gpo_fetch.c
[2241/3330] Compiling source3/libgpo/gpo_filesync.c
[2242/3330] Compiling libgpo/gpo_sec.c
[2243/3330] Compiling source3/libgpo/gpo_reg.c
In file included from ../source3/libgpo/gpo_reg.c:26:
../source3/registry/reg_backend_db.h:35: warning: lsquo;struct
regsubkey_ctrrsquo; declared inside parameter list
../source3/registry/reg_backend_db.h:35: warning: its scope is only this
definition or declaration, which is probably not what you want
../source3/registry/reg_backend_db.h:36: warning: lsquo;struct
regsubkey_ctrrsquo; declared inside parameter list
../source3/registry/reg_backend_db.h:37: warning: lsquo;struct
regval_ctrrsquo; declared inside parameter list
../source3/registry/reg_backend_db.h:38: warning: lsquo;struct
regval_ctrrsquo; declared inside parameter list
../source3/registry/reg_backend_db.h:39: warning: lsquo;struct
regsubkey_ctrrsquo; declared inside parameter list
../source3/registry/reg_backend_db.h:40: warning: lsquo;struct
regval_ctrrsquo; declared inside parameter list
../source3/libgpo/gpo_reg.c: In function lsquo;gp_store_reg_val_szrsquo;:
../source3/libgpo/gpo_reg.c:174: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c: In function
lsquo;gp_store_reg_val_dwordrsquo;:
../source3/libgpo/gpo_reg.c:192: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c: In function lsquo;gp_read_reg_val_szrsquo;:
../source3/libgpo/gpo_reg.c:213: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c: In function
lsquo;gp_read_reg_val_dwordrsquo;:
../source3/libgpo/gpo_reg.c:238: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c: In function lsquo;gp_reg_state_storersquo;:
../source3/libgpo/gpo_reg.c:471: error: lsquo;KEY_GROUP_POLICYrsquo;
undeclared (first use in this function)
../source3/libgpo/gpo_reg.c:471: error: (Each undeclared identifier is
reported only once
../source3/libgpo/gpo_reg.c:471: error: for each function it appears in.)
../source3/libgpo/gpo_reg.c: In function lsquo;gp_reg_state_readrsquo;:
../source3/libgpo/gpo_reg.c:646: error: lsquo;KEY_GROUP_POLICYrsquo;
undeclared (first use in this function)
../source3/libgpo/gpo_reg.c: In function lsquo;dump_reg_valrsquo;:
../source3/libgpo/gpo_reg.c:799: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c:804: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c:857: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
../source3/libgpo/gpo_reg.c: In function
lsquo;reg_apply_registry_entryrsquo;:
../source3/libgpo/gpo_reg.c:967: error: lsquo;struct registry_valuersquo;
has no member named lsquo;typersquo;
Waf: Leaving directory `/root/openchange/sogo-good/samba4/bin'
Build failed: - task failed (err #1):
{task: cc gpo_reg.c - gpo_reg_22.o}
make[1]: *** [all] Error 1
make[1]: Leaving directory `/root/openchange/sogo-good/samba4'
Error in samba4 make (error code 2)
make: *** [samba] Error 1
root@server:~/openchange/sogo-good#
__
after changing above lines, I could build samba without any errors.
fyi.
Thank you.
regards
Hasan Pekdemir
--
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
--
To unsubscribe from this list go to the following URL and read the
instructions:
Re: [Samba] slow creating files
Hello,
Have you checked the hardware ?
Tools like dmesg, atop and iostat can be very helpful here.
On Wed, Feb 8, 2012 at 17:10, Алексей Ганков a.v.gan...@gmail.com wrote:
We tried to migrate from old Windows fileserver (p4, single HDD) to Samba
(FedoraCore15, Samba 3.5.12-72.fc15, ext4 volume, xeon, raid5).
Our pipeline is so, that some special software generates files on that
fileserver.
The typical filesize ~50 mbytes.
On the old hardware, software (win2k3 server) the time of single file
creation was about 10 seconds. On the new configuration it takes 20-25
seconds.
Copying of large files to\from samba server is ok (more than 80 mbytes\sec).
It was default Samba installation.
The usual tuning doesn't help at all (TCPNODELAY etc...)
Is there any idea for tuning?
Also, I wrote easy test that confused me:
#include stdio.h
#include stdlib.h
#include time.h
void main(int argc, char *argv[])
{
int fsize=4000;
int i=0;
FILE *to;
char
str[]=0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890;
time_t start, end;
double diff;
time(start);
to=fopen(argv[1], w+);
for(i=0; i fsize/100; i++)
{
fprintf(to, \n%7d-%s,i, str);
/ fflush(to); // makes it slow!/
}
fclose(to);
time(end);
diff=difftime(end,start);
printf(\n \t time_diff = %.2lf, diff);
}
This was started on Win7 client PC, It creates about 40 mbytes size file in
pointed path.
Comparing timings on our samba share and win2k3 share gives: ~40 seconds on
Samba and on 3-4 seconds win2k3!
That means that fflush cause dramatically slow down of fileshare.
Alexey
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
Pavel Plesov
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help!!!! Gettting samba core dumps
I transferred a Xen vm that was running on centos 5.7 with samba 3.6.3 to a centos 6.2 bare metal server with one E5502 and 16gig of memory. I have been running Centos for 6 years on different servers for 6 years on several different upgrades. This new server has a dual network card in it. I have samba 3.6.3 on it and here is the smb.conf below: [global] workgroup = workwhatever server string = interfaces = eth0 bind interfaces only = Yes username map = /etc/samba/smbusers log file = /var/log/samba/%m name resolve order = wins lmhosts hosts bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No os level = 125 preferred master = Yes domain master = Yes wins support = Yes idmap config * : backend = tdb strict locking = No dos filetime resolution = Yes fake directory create times = Yes [home] path = /data/main/home/%u read only = No create mask = 0660 directory mask = 0770 [sbt] path = /data/main/sbt valid users = @sbt read only = No create mask = 0660 directory mask = 0770 [act] path = /data/act valid users = @act read only = No create mask = 0660 directory mask = 0770 [sharedir] path = /data/main/shareddir valid users = @shared read only = No create mask = 0660 directory mask = 0770 [everyuser] path = /data/home valid users = mainuser read only = No create mask = 0660 directory mask = 0770 [graphics] path = /data/main/graphics valid users = @graphics read only = No create mask = 0660 directory mask = 0770 [ghost] path = /data/ghost/%u read only = No create mask = 0660 directory mask = 0770 [ghostdata] path = /data/ghost valid users = mainuser read only = No create mask = 0660 directory mask = 0770 I am getting the below dumps in my messages log. I have cheked and rechecked my dns. This is the only win server on the network. Anyone has any ideas whatsoever. PLEASE!!! Feb 16 00:42:25 mainserver smbd[3513]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf Feb 16 00:42:25 mainserver smbd[3513]: [2012/02/16 00:42:25.751443, 0] lib/fault.c:51(fault_report) Feb 16 00:42:25 mainserver smbd[3513]: === Feb 16 00:42:25 mainserver smbd[3513]: [2012/02/16 00:42:25.751487, 0] lib/util.c:1117(smb_panic) Feb 16 00:42:25 mainserver smbd[3513]: PANIC (pid 3513): internal error Feb 16 00:42:25 mainserver smbd[3513]: [2012/02/16 00:42:25.756568, 0] lib/util.c:1221(log_stack_trace) Feb 16 00:42:25 mainserver smbd[3513]: BACKTRACE: 27 stack frames: Feb 16 00:42:25 mainserver smbd[3513]:#0 smbd(log_stack_trace+0x1c) [0x7f8a8f0f276c] Feb 16 00:42:25 mainserver smbd[3513]:#1 smbd(smb_panic+0x55) [0x7f8a8f0f286e] Feb 16 00:42:25 mainserver smbd[3513]:#2 smbd(+0x3e7867) [0x7f8a8f0e4867] Feb 16 00:42:25 mainserver smbd[3513]:#3 /lib64/libc.so.6(+0x3668032900) [0x7f8a8c0b6900] Feb 16 00:42:25 mainserver smbd[3513]:#4 smbd(copy_serverinfo+0x1a) [0x7f8a8f141685] Feb 16 00:42:25 mainserver smbd[3513]:#5 smbd(make_server_info_guest+0x10) [0x7f8a8f141821] Feb 16 00:42:25 mainserver smbd[3513]:#6 smbd(+0x443d89) [0x7f8a8f140d89] Feb 16 00:42:25 mainserver smbd[3513]:#7 smbd(+0x43ed40) [0x7f8a8f13bd40] Feb 16 00:42:25 mainserver smbd[3513]:#8 smbd(+0x44ac42) [0x7f8a8f147c42] Feb 16 00:42:25 mainserver smbd[3513]:#9 smbd(ntlmssp_server_auth+0xb37) [0x7f8a8eed72e0] Feb 16 00:42:25 mainserver smbd[3513]:#10 smbd(ntlmssp_update+0x220) [0x7f8a8eecd8ef] Feb 16 00:42:25 mainserver smbd[3513]:#11 smbd(auth_ntlmssp_update+0x16) [0x7f8a8eecea87] Feb 16 00:42:25 mainserver smbd[3513]:#12 smbd(+0x1377b2) [0x7f8a8ee347b2] Feb 16 00:42:25 mainserver smbd[3513]:#13 smbd(reply_sesssetup_and_X+0x183) [0x7f8a8ee34afe] Feb 16 00:42:25 mainserver smbd[3513]:#14 smbd(+0x16d6a3) [0x7f8a8ee6a6a3] Feb 16 00:42:25 mainserver smbd[3513]:#15 smbd(+0x170c46) [0x7f8a8ee6dc46] Feb 16 00:42:25 mainserver smbd[3513]:#16 smbd(+0x170f0c) [0x7f8a8ee6df0c] Feb 16 00:42:25 mainserver smbd[3513]:#17 smbd(+0x170f4e) [0x7f8a8ee6df4e] Feb 16 00:42:25 mainserver smbd[3513]:#18 smbd(run_events_poll+0x3e1) [0x7f8a8f100a5f] Feb 16 00:42:25 mainserver smbd[3513]:#19 smbd(smbd_process+0xbbf) [0x7f8a8ee6d993] Feb 16 00:42:25 mainserver smbd[3513]:#20 smbd(+0x651904) [0x7f8a8f34e904] Feb 16 00:42:25 mainserver smbd[3513]:#21 smbd(run_events_poll+0x3e1) [0x7f8a8f100a5f] Feb 16 00:42:25 mainserver smbd[3513]:#22 smbd(+0x403e7a) [0x7f8a8f100e7a] Feb 16 00:42:25 mainserver smbd[3513]:#23 smbd(_tevent_loop_once+0x82)
Re: [Samba] Samba4 gid-to-sid question
2012-02-16 02:01 keltezéssel, steve írta: Hi. We used info from a SID created using samba-tool group add to posix-ify it and then add a posix-ifed domain user to it. The AD doco defines two sorts of SID. Ones that change, and ones that don't. Here is a search on our posix-ified group: ldbsearch --url=/usr/local/samba/private/idmap.ldb 'xidnumber=312' objectSid: S-1-5-21-980186919-4150830324-975011627-1121 We set the primaryGroupID of the user to 1121, his gidNumber to 312 and his uidNumber from wbinfo. He becomes visible to Linux via nss-ldapd, whilst retaing his Domain User status on the windows side:-) My question is, to which category of SID does S-1-5-21-980186919-4150830324-975011627-1121 belong? Can we assume that this is fixed for the life of the domain? Under what circustances could s4 change it, and if id did, would we be given warning? Thanks, Steve Hi SIDs over S-1-5-21-.-1000 are ordinary SIDs used by windows for users and groups. The M$ docs describe modifying the SID as a very dangerous, unsupported operation with unpredictable consequences, so yes SIDs can be considered as something carved in stone. Regards Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help!!!! Gettting samba core dumps
On 16 February 2012 07:53, Rich rhd...@gmail.com wrote: I transferred a Xen vm that was running on centos 5.7 with samba 3.6.3 to a centos 6.2 bare metal server with one E5502 and 16gig of memory. I have been running Centos for 6 years on different servers for 6 years on several different upgrades. This new server has a dual network card in it. I have samba 3.6.3 on it and here is the smb.conf below: [global] [...] socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [...] Remove the socket options. It won't fix your crashes, though. I am getting the below dumps in my messages log. I have cheked and rechecked my dns. This is the only win server on the network. Anyone has any ideas whatsoever. PLEASE!!! If there's a samba package with debug symbols, installing that might make more sense of the backtrace. Or if you compiled from source, try compiling with debug symbols enabled. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help!!!! Gettting samba core dumps
On Thu, Feb 16, 2012 at 08:17:31AM +0200, Michael Wood wrote: On 16 February 2012 07:53, Rich rhd...@gmail.com wrote: I transferred a Xen vm that was running on centos 5.7 with samba 3.6.3 to a centos 6.2 bare metal server with one E5502 and 16gig of memory. I have been running Centos for 6 years on different servers for 6 years on several different upgrades. This new server has a dual network card in it. I have samba 3.6.3 on it and here is the smb.conf below: [global] [...] socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [...] Remove the socket options. It won't fix your crashes, though. I am getting the below dumps in my messages log. I have cheked and rechecked my dns. This is the only win server on the network. Anyone has any ideas whatsoever. PLEASE!!! If there's a samba package with debug symbols, installing that might make more sense of the backtrace. Or if you compiled from source, try compiling with debug symbols enabled. Also, a debug level 10 log leading to that crash would be very helpful. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-02-15-1329/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-02-15-1329/samba3.stderr http://git.samba.org/autobuild.flakey/2012-02-15-1329/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-02-15-1329/samba4.stderr http://git.samba.org/autobuild.flakey/2012-02-15-1329/samba4.stdout The top commit at the time of the failure was: commit 740d4d75500ac1ac224deb67cb3f20a21addb64b Author: Volker Lendecke v...@samba.org Date: Tue Feb 14 17:37:09 2012 +0100 s3: files_struct-mode is only written, remove it Autobuild-User: Volker Lendecke v...@samba.org Autobuild-Date: Tue Feb 14 19:14:29 CET 2012 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9e25361 tevent_signal: Fix a valgrind error
from 740d4d7 s3: files_struct-mode is only written, remove it
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9e25361203155c25d5deee4acd1fce638808cdbf
Author: Volker Lendecke v...@samba.org
Date: Wed Feb 15 16:17:34 2012 +0100
tevent_signal: Fix a valgrind error
This fixes an uninitialized read introduced by my fix for the tevent_signal
destructors. From looking at the code you might believe that this kicks in
only
when talloc failed. But with -O3 I do see it in normal operations.
Sorry for that.
Autobuild-User: Volker Lendecke v...@samba.org
Autobuild-Date: Wed Feb 15 17:58:37 CET 2012 on sn-devel-104
---
Summary of changes:
lib/tevent/tevent_signal.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/tevent_signal.c b/lib/tevent/tevent_signal.c
index 248dd35..77ef7b0 100644
--- a/lib/tevent/tevent_signal.c
+++ b/lib/tevent/tevent_signal.c
@@ -346,6 +346,8 @@ int tevent_common_check_signal(struct tevent_context *ev)
struct tevent_signal *se = sl-se;
struct tevent_se_exists *exists;
+ next = sl-next;
+
/*
* We have to be careful to not touch se
* after it was deleted in its handler. Thus
@@ -361,7 +363,6 @@ int tevent_common_check_signal(struct tevent_context *ev)
talloc_set_destructor(
exists, tevent_se_exists_destructor);
- next = sl-next;
#ifdef SA_SIGINFO
if (se-sa_flags SA_SIGINFO) {
uint32_t j;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a6bd7f3 s3-printing: fix crash in printer_list_set_printer() from 9e25361 tevent_signal: Fix a valgrind error http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a6bd7f3d574998419cac01b1f7b4fa2e1067bb7c Author: David Disseldorp dd...@samba.org Date: Wed Feb 15 16:30:27 2012 +0100 s3-printing: fix crash in printer_list_set_printer() The printer list database format was recently changed to accommodate for the printcap location field. One of the tdb_pack calls is not provided with a location string argument, this causes a crash on some platforms. https://bugzilla.samba.org/show_bug.cgi?id=8762 Signed-off-by: Günther Deschner g...@samba.org Signed-off-by: Jim McDonough j...@samba.org Signed-off-by: Lars Müller l...@samba.org Autobuild-User: David Disseldorp dd...@samba.org Autobuild-Date: Wed Feb 15 19:34:38 CET 2012 on sn-devel-104 --- Summary of changes: source3/printing/printer_list.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/printer_list.c b/source3/printing/printer_list.c index d9e8737..7079ddc 100644 --- a/source3/printing/printer_list.c +++ b/source3/printing/printer_list.c @@ -191,7 +191,7 @@ NTSTATUS printer_list_set_printer(TALLOC_CTX *mem_ctx, data.dsize = len; len = tdb_pack(data.dptr, data.dsize, - PL_DATA_FORMAT, time_h, time_l, name, str); + PL_DATA_FORMAT, time_h, time_l, name, str, str2); status = dbwrap_store_bystring_upper(db, key, data, TDB_REPLACE); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via dd5868d s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760
from a6bd7f3 s3-printing: fix crash in printer_list_set_printer()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit dd5868d41eeaa304a471822d7783526d9f4c37f5
Author: Volker Lendecke v...@samba.org
Date: Wed Feb 15 11:22:45 2012 +0100
s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Wed Feb 15 21:10:22 CET 2012 on sn-devel-104
---
Summary of changes:
source3/include/serverid.h |9 +
source3/lib/ctdbd_conn.c | 11 +--
source3/lib/serverid.c | 20
source3/smbd/server.c |6 ++
4 files changed, 40 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/serverid.h b/source3/include/serverid.h
index babb21b..8fc06a1 100644
--- a/source3/include/serverid.h
+++ b/source3/include/serverid.h
@@ -22,6 +22,9 @@
#include includes.h
+/** Don't verify this unique id */
+#define SERVERID_UNIQUE_ID_NOT_TO_VERIFY 0xULL
+
/*
* Register a server with its unique id
*/
@@ -69,4 +72,10 @@ bool serverid_traverse_read(int (*fn)(const struct server_id
*id,
*/
bool serverid_parent_init(TALLOC_CTX *mem_ctx);
+/*
+ * Get a random unique_id and make sure that it is not
+ * SERVERID_UNIQUE_ID_NOT_TO_VERIFY
+ */
+uint64_t serverid_get_random_unique_id(void);
+
#endif
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 12b736d..9c73002 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -20,6 +20,7 @@
#include includes.h
#include util_tdb.h
+#include serverid.h
#ifdef CLUSTER_SUPPORT
@@ -1228,8 +1229,14 @@ bool ctdb_serverids_exist(struct ctdbd_connection *conn,
}
for (i=0; ivnn-num_srvids; i++) {
- results[vnn-pid_indexes[i]] =
- ((reply-data[i/8] (1(i%8))) != 0);
+ int idx = vnn-pid_indexes[i];
+
+ if (pids[i].unique_id ==
+ SERVERID_UNIQUE_ID_NOT_TO_VERIFY) {
+ results[idx] = true;
+ continue;
+ }
+ results[idx] = ((reply-data[i/8] (1(i%8))) != 0);
}
TALLOC_FREE(reply);
diff --git a/source3/lib/serverid.c b/source3/lib/serverid.c
index 6a8083a..02de2b4 100644
--- a/source3/lib/serverid.c
+++ b/source3/lib/serverid.c
@@ -265,6 +265,10 @@ bool serverid_exists(const struct server_id *id)
return false;
}
+ if (id-unique_id == SERVERID_UNIQUE_ID_NOT_TO_VERIFY) {
+ return true;
+ }
+
db = serverid_db();
if (db == NULL) {
return false;
@@ -308,6 +312,10 @@ bool serverids_exist(const struct server_id *ids, int
num_ids, bool *results)
struct serverid_key key;
TDB_DATA tdbkey;
+ if (ids[i].unique_id == SERVERID_UNIQUE_ID_NOT_TO_VERIFY) {
+ results[i] = true;
+ continue;
+ }
if (!results[i]) {
continue;
}
@@ -433,3 +441,15 @@ bool serverid_traverse(int (*fn)(struct db_record *rec,
status = dbwrap_traverse(db, serverid_traverse_fn, state, NULL);
return NT_STATUS_IS_OK(status);
}
+
+uint64_t serverid_get_random_unique_id(void)
+{
+ uint64_t unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY;
+
+ while (unique_id == SERVERID_UNIQUE_ID_NOT_TO_VERIFY) {
+ generate_random_buffer((uint8_t *)unique_id,
+ sizeof(unique_id));
+ }
+
+ return unique_id;
+}
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 10d59ad..182b346 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -481,7 +481,7 @@ static void smbd_accept_connection(struct tevent_context
*ev,
* Generate a unique id in the parent process so that we use
* the global random state in the parent.
*/
- generate_random_buffer((uint8_t *)unique_id, sizeof(unique_id));
+ unique_id = serverid_get_random_unique_id();
pid = sys_fork();
if (pid == 0) {
@@ -973,7 +973,6 @@ extern void build_options(bool screen);
struct smbd_parent_context *parent = NULL;
TALLOC_CTX *frame;
NTSTATUS status;
- uint64_t unique_id;
struct tevent_context *ev_ctx;
struct messaging_context *msg_ctx;
struct tevent_signal *se;
@@ -1191,8 +1190,7 @@ extern void build_options(bool screen);
become_daemon(Fork, no_process_group, log_stdout);
[SCM] CTDB repository - branch 1.2.39 updated - ctdb-1.9.1-493-g2f73114
The branch, 1.2.39 has been updated
via 2f73114265b6523d6ceed54e70fd042c3738c6a2 (commit)
via 91028144aa281a8f2ee915048c7c35d6c8a1d8df (commit)
via d9579c2971659f1ebc218a339d28f15132dd5718 (commit)
from 0a626cef2547bbd3ea5c80da5ee2fb65691e0d88 (commit)
http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.2.39
- Log -
commit 2f73114265b6523d6ceed54e70fd042c3738c6a2
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Tue Feb 14 12:21:09 2012 +1100
New version 1.2.39-2
This version contains one single change:
Fix ip reallocation for LCP2 where it sometimes resulted
in poor balancing of the addresses across the nodes.
S1032414
commit 91028144aa281a8f2ee915048c7c35d6c8a1d8df
Author: Martin Schwenke mar...@meltin.net
Date: Tue Nov 1 20:52:57 2011 +1100
LCP IP allocation algorithm - try harder to find a candidate source node
There's a bug in LCP2. Selecting the node with the highest imbalance
doesn't always work. Some nodes can have a high imbalance metric
because they have a lot of IPs. However, these nodes can be part of a
group that is perfectly balanced. Nodes in another group with less
IPs might actually be imbalanced.
Instead of just trying the source node with the highest imbalance this
tries them in descending order of imbalance until it finds one where
an IP can be moved to another node.
Signed-off-by: Martin Schwenke mar...@meltin.net
commit d9579c2971659f1ebc218a339d28f15132dd5718
Author: Martin Schwenke mar...@meltin.net
Date: Tue Nov 1 19:49:38 2011 +1100
LCP IP allocation algorithm - new function lcp2_failback_candidate()
There's a bug in LCP2. Selecting the node with the highest imbalance
doesn't always work. Some nodes can have a high imbalance metric
because they have a lot of IPs. However, these nodes can be part of a
group that is perfectly balanced. Nodes in another group with less
IPs might actually be imbalanced.
Factor out the code from lcp2_failback() that actually takes a node
and decides which address should be moved to which node.
This is the first step in fixing the above bug.
Signed-off-by: Martin Schwenke mar...@meltin.net
---
Summary of changes:
packaging/RPM/ctdb.spec.in |4 +-
server/ctdb_takeover.c | 150 ++--
2 files changed, 106 insertions(+), 48 deletions(-)
Changeset truncated at 500 lines:
diff --git a/packaging/RPM/ctdb.spec.in b/packaging/RPM/ctdb.spec.in
index 08719d0..7dd61bf 100644
--- a/packaging/RPM/ctdb.spec.in
+++ b/packaging/RPM/ctdb.spec.in
@@ -4,7 +4,7 @@ Summary: Clustered TDB
Vendor: Samba Team
Packager: Samba Team sa...@samba.org
Version: 1.2.39
-Release: 1GITHASH
+Release: 2GITHASH
Epoch: 0
License: GNU GPL version 3
Group: System Environment/Daemons
@@ -144,6 +144,8 @@ development libraries for ctdb
%{_libdir}/libctdb.a
%changelog
+* Tue Feb 14 2012 : Version 1.2.39-2
+ - Fix for ip reallocation bug resulting in poor istribution of addresses
* Thu Nov 17 2011 : Version 1.2.39
- Handle canceled monitor events better, dont assume they are always
status==OK
* Mon Oct 17 2011 : Version 1.2.38
diff --git a/server/ctdb_takeover.c b/server/ctdb_takeover.c
index 5865a17..b2e1a8d 100644
--- a/server/ctdb_takeover.c
+++ b/server/ctdb_takeover.c
@@ -1607,57 +1607,26 @@ void lcp2_allocate_unassigned(struct ctdb_context *ctdb,
}
}
-/* LCP2 algorithm for rebalancing the cluster. This finds the source
- * node with the highest LCP2 imbalance, and then determines the best
- * IP/destination node combination to move from the source node.
+/* LCP2 algorithm for rebalancing the cluster. Given a candidate node
+ * to move IPs from, determines the best IP/destination node
+ * combination to move from the source node.
*
* Not static, so we can easily link it into a unit test.
*/
-bool lcp2_failback(struct ctdb_context *ctdb,
- struct ctdb_node_map *nodemap,
- uint32_t mask,
- struct ctdb_public_ip_list *all_ips,
- uint32_t *lcp2_imbalances,
- bool *newly_healthy)
-{
- int srcnode, dstnode, mindstnode, i, num_newly_healthy;
- uint32_t srcimbl, srcdsum, maximbl, dstimbl, dstdsum;
- uint32_t minsrcimbl, mindstimbl, b;
+bool lcp2_failback_candidate(struct ctdb_context *ctdb,
+struct ctdb_node_map *nodemap,
+struct ctdb_public_ip_list *all_ips,
+int srcnode,
+uint32_t candimbl,
+uint32_t *lcp2_imbalances,
+bool *newly_healthy)
+{
+ int dstnode, mindstnode;
+ uint32_t srcimbl, srcdsum, dstimbl,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95d3096 s3-selftest: Remove .posix_s3 from s3 test names via 7e0e713 selftest: Remove 'if have_ads_support:' from tests.py via 3cf091c s3-smbd: Avoid starting log lines with the word 'error' via 6917575 selftest: skip plugin_s4_dc if we do not have ADS via 8ea068d selftest: Run nsstest against more environments via c006b9b selftest: skip targets that are not compiled in if we do not have ADS via 212b3ec s3-selftest: Require SMB signing for ktest environment via 22a2c46f selftest: Do not start up an already-running test environment via e1f9fb7 selftest: Make plugin_s4_dc set the cached environment correctly via a8a8361 wintest: update WinXP-1 snapshot via 8f6ddb3 wintest: Change Windows 7 VM via 61ccb46 wintest: Give the Windows VM a little more time to start back up via de2bb2a wintest: Samba is now all version 4.0 via 98e438d wintest: Cope with nc not timing out even when -w 1 is specified via 97859d1 wintest: s3 moved smb.conf to /etc via 81ddb83 wintest: Update VM used for W2K8R2A via 15a0de6 wintest: Allow access denied when turning off the firewall via 2ba57f4 wintest: Retry joining the domain a few times via 032a2c4 wintest: connect to correct hostname in test_net_use via 00f86a3 s3-nmbd: Initialise newly non-static variables from dd5868d s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95d3096f9881fcf7717c55d6f6281b799236fff7 Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 14 21:42:16 2012 +1100 s3-selftest: Remove .posix_s3 from s3 test names As far as I can tell, this simply referred to the posix_s3.sh script that originally ran these tests. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Thu Feb 16 06:57:09 CET 2012 on sn-devel-104 commit 7e0e71340625942bc11b87ab3e4fdf71a7c7de86 Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 14 09:05:21 2012 +1100 selftest: Remove 'if have_ads_support:' from tests.py The selftest system now skips launching these if the environment is not available. Andrew Bartlett commit 3cf091cf68023eeea9ebd0f2cadb14e658c98421 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 13 17:44:34 2012 +1100 s3-smbd: Avoid starting log lines with the word 'error' commit 6917575fe3d0e34acae0d4a14a407a80c11daf99 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 16 15:12:49 2012 +1100 selftest: skip plugin_s4_dc if we do not have ADS commit 8ea068d70291db1d06334a2211056d7902d6fe29 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 16 15:10:00 2012 +1100 selftest: Run nsstest against more environments commit c006b9b898e93149f83969d0b1d8e4dafc6fbfeb Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 14 09:04:16 2012 +1100 selftest: skip targets that are not compiled in if we do not have ADS commit 212b3ec1a0a593a5684dfe9cbefc4f3b728f120b Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 14 19:22:14 2012 +1100 s3-selftest: Require SMB signing for ktest environment This will help weed out session key errors in the krb5 code. Andrew Bartlett commit 22a2c46f844f8c0897bc3d3ef2f613bfc885873a Author: Andrew Bartlett abart...@samba.org Date: Wed Feb 15 08:55:05 2012 +1100 selftest: Do not start up an already-running test environment Otherwise we may re-provision the dc just because we started it via s3member or s4member first. Andrew Bartlett commit e1f9fb79c79e6a1ef72b07c8df6256caa291e957 Author: Andrew Bartlett abart...@samba.org Date: Wed Feb 15 16:08:05 2012 +1100 selftest: Make plugin_s4_dc set the cached environment correctly commit a8a83611f01cf9d27b4dae7efa94f97aa7868e58 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 16 13:51:10 2012 +1100 wintest: update WinXP-1 snapshot commit 8f6ddb3c0295029e76432d9a5db8a1fa696d3071 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 16 11:34:49 2012 +1100 wintest: Change Windows 7 VM commit 61ccb465dbdae0f64ff93fe678721a9f954718b0 Author: Andrew Bartlett abart...@samba.org Date: Wed Feb 15 14:44:24 2012 +1100 wintest: Give the Windows VM a little more time to start back up commit de2bb2a7f85cc75c37372cda38eb6b9741b77a15 Author: Andrew Bartlett abart...@samba.org Date: Wed Feb 15 10:08:07 2012 +1100 wintest: Samba is now all version 4.0 commit 98e438df00111541958b54543b3056c06783fd73 Author: Andrew Bartlett abart...@samba.org Date: Wed Feb 15 09:29:27 2012 +1100 wintest: Cope with nc not timing out even when -w 1 is specified commit 97859d1ce809bab0cd3b6a4235a6cc09efea458f Author: Andrew Bartlett
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b5b2041 Rename obscure defined constants.
from 95d3096 s3-selftest: Remove .posix_s3 from s3 test names
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b5b204184aa6d0f14e7d3bd08322a98dc4f432e6
Author: Christopher R. Hertel (crh) c...@samba.org
Date: Tue Feb 14 21:51:35 2012 -0600
Rename obscure defined constants.
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants
with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT.
Also replaced several hard-coded references to the well-known port
numbers (139 and 445, respectively) as appropriate.
Small changes to clarify some comments regarding the two transport
types.
Signed-off-by: Simo Sorce i...@samba.org
Autobuild-User: Simo Sorce i...@samba.org
Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
---
Summary of changes:
source3/auth/auth_ntlmssp.c |4 ++--
source3/client/client.c |9 +
source3/include/smb.h|4 ++--
source3/lib/util_sock.c |5 +++--
source3/libsmb/libsmb_server.c |2 +-
source3/libsmb/smbsock_connect.c | 14 +++---
source3/nmbd/nmbd_synclists.c|2 +-
source3/smbd/reply.c |4 ++--
source3/torture/torture.c|2 +-
source3/utils/smbfilter.c|4 ++--
source3/winbindd/winbindd_cm.c |2 +-
11 files changed, 27 insertions(+), 25 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 00a99c3..b5935e6 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -143,8 +143,8 @@ static NTSTATUS auth_ntlmssp_check_password(struct
ntlmssp_state *ntlmssp_state,
NTSTATUS nt_status;
bool username_was_mapped;
- /* the client has given us its machine name (which we otherwise would
not get on port 445).
- we need to possibly reload smb.conf if smb.conf includes depend on
the machine name */
+ /* The client has given us its machine name (which we only get over NBT
transport).
+ We need to possibly reload smb.conf if smb.conf includes depend on
the machine name. */
set_remote_machine_name(gensec_ntlmssp-ntlmssp_state-client.netbios_name,
True);
diff --git a/source3/client/client.c b/source3/client/client.c
index 89fd1d4..9d4ef15 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -5168,7 +5168,7 @@ static int do_host_query(const char *query_host)
}
}
- if (port != 139) {
+ if (port != NBT_SMB_PORT) {
/* Workgroups simply don't make sense over anything
else but port 139... */
@@ -5177,7 +5177,8 @@ static int do_host_query(const char *query_host)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : query_host,
IPC$, auth_info, true, smb_encrypt,
-max_protocol, 139, name_type, cli);
+max_protocol, NBT_SMB_PORT, name_type,
+cli);
if (!NT_STATUS_IS_OK(status)) {
cli = NULL;
}
@@ -5242,7 +5243,7 @@ static int do_message_op(struct user_auth_info *a_info)
NTSTATUS status;
status = cli_connect_nb(desthost, have_ip ? dest_ss : NULL,
- port ? port : 139, name_type,
+ port ? port : NBT_SMB_PORT, name_type,
lp_netbios_name(), SMB_SIGNING_DEFAULT, 0,
cli);
if (!NT_STATUS_IS_OK(status)) {
d_printf(Connection to %s failed. Error %s\n, desthost,
nt_errstr(status));
@@ -5354,7 +5355,7 @@ static int do_message_op(struct user_auth_info *a_info)
exit(ENOMEM);
}
if( !port )
- port = 139;
+ port = NBT_SMB_PORT;
message = true;
break;
case 'I':
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 22653cd..7dd77ec 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -44,8 +44,8 @@
#define NMB_PORT 137
#define DGRAM_PORT 138
-#define SMB_PORT1 445
-#define SMB_PORT2 139
+#define NBT_SMB_PORT 139 /* Port for SMB over NBT transport (IETF STD#19).
*/
+#define TCP_SMB_PORT 445 /* Port for SMB over naked TCP transport.
*/
#define SMB_PORTS 445 139
#define Undefined (-1)
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index 9ade23c..dcc41bb 100644
---
