[Samba] adding function to filesystem (ext2)
Hi, I am new to this field, so please be patient with me. I wanted to add function to existing filesystem (say ext2), where do I add the declaration of function where do I put my function definition ? - Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] news.samba.org Accepting Story Submissions
The Samba Team is pleased to announce that news.samba.org, the recently added news and information portal for samba.org, is now accepting story submissions. Please visit http://news.samba.org/ and follow the link to Submit A Story. So what is a story exactly? From news.samba.org: A story may be an actual news piece about Samba, or a link to a news piece from another site, or a story could be an article someone has written that relates to Samba. Stories could also be announcements of related technologies, conferences, etc. that users, developers, and vendors of Samba might find interesting and/or useful. And in practical terms, we will also be publishing release announcements and Samba Team announcements as stories on news.samba.org. If you have something, or have seen something online, that you think may be of interest to others in the Samba community, please submit a story via the submission form on http://news.samba.org/. The Samba news site is, like the Samba community itself, dependent on contributors. Whether or not news.samba.org grows and proves useful is completely up to you, the dedicated users and developers of Samba. I'll look forward to all the great stories you have to tell. Cheers, --deryck -- Deryck Hodge http://www.devurandom.org/ Cataloging Department http://www.lib.auburn.edu/ Web Editor, Samba Team http://www.samba.org/ GnuPG Keyhttp://www.devurandom.org/gpg_pubkey.asc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] possible bug with passwd programm = ...
Hi all, I'm using Samba 3.0.5 with openldap as pdc smb.conf: unix password sync = yes passwd program = /usr/bin/passwd %U log says: Aug 10 09:17:58 juwidc01 smbd[4720]: chgpasswd: Running as root the 'passwd program' parameter *MUST* contain the string %u, and the given string /usr/bin/passwd helberga does not. Looks like a bug to me - anyone else had prolblems like this? Andre -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] adding users to smb pdc smb3 backend
hi guys,
wondering if someone could point me in the right direction.
im wanting to setup a smb3 PDC with an LDAP backend. both LDAP and SMB
are now operating correctly (I have copied the conf file at end).
I have been able to set up account containers as per 'the offical samba3
howto reference guide' and i am able to search via ldapsearch. my
problem comes when i try to add users via smbpasswd. first i am
creating a local linux user and assigning it a group then when i use
smbpasswd -a to create a smb user i get the following error even though
as seen the entry appears to have been copied to the LDAP backend.
I am pretty sure this has something to do with linking linux and smb
groups via the net groupmap command. but i cant seem to get net group
ADD to add a group in the first place to map?
anyway any help would be appreciated
shaun
[EMAIL PROTECTED] openldap-2.2.13]# smbpasswd -a ian
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user ian:
Internal (implementation specific) error
entry modify failed
ldapsam_add_sam_account: failed to modify/add user with uid = ian (dn =
uid=ian,ou=employees,dc=cytopia,dc=com)
Failed to add entry for user ian.
Failed to modify password entry for user ian
entry created in ldap
dn: uid=ian,ou=employees,dc=cytopia,dc=com
uid: ian
sambaSID: S-1-5-21-3995496493-1773488642-876406942-2012
sambaPrimaryGroupSID: S-1-5-21-3995496493-1773488642-876406942-2013
displayName: ian phillips
sambaPwdCanChange: 1092123003
sambaPwdMustChange: 2147483647
sambaLMPassword: C50858A30F319CA193E28745B8BF4BA6
sambaNTPassword: 566A42297505E082A6FF6F8BC037C947
sambaPwdLastSet: 1092123003
sambaAcctFlags: [U ]
objectClass: sambaSamAccount
objectClass: account
structuralObjectClass: account
entryUUID: d6f27818-7eea-1028-91bb-dd2331af51ac
creatorsName: cn=Manager,dc=cytopia,dc=com
createTimestamp: 20040810073003Z
entryCSN: 2004081007:30:03Z#0x0001#0#
modifiersName: cn=Manager,dc=cytopia,dc=com
modifyTimestamp: 20040810073003Z
###smb.conf exert#
# Scripts for file (passwd, smbpasswd) backend:
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add user to group script = /usr/sbin/usermod -G %g %u
#delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
; set primary group script = /usr/sbin/usermod -g '%g' '%u'
#add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
# Scripts for LDAP backend (assumes nss_ldap is in use on the domain
controller,
# and needs configuration in smbldap_conf.pm
;add user script = /usr/share/samba/scripts/smbldap-useradd.pl '%u'
; delete user script = /usr/share/samba/scripts/smbldap-userdel.pl '%u'
; add user to group script =
/usr/share/samba/scripts/smbldap-groupmod.pl -m '%u' '%g'
; delete user from group script =
/usr/share/samba/scripts/smbldap-groupmod.pl -x '%u' '%g'
; set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl
-g '%g' '%u'
add group script = /usr/share/samba/scripts/smbldap-groupadd.pl '%g'
/usr/share/samba/scripts/smbldap-groupshow.pl %g|awk '/^gidNumber:/
{print $2}'
; delete group script = /usr/share/samba/scripts/smbldap-userdel.pl '%g'
# The add machine script is use by a samba server configured as a domain
# controller to add local machine accounts when adding machines to the
domain.
# The script must work from the command line when replacing the macros,
# or the operation will fail. Check that groups exist if forcing a
group.
# Script for domain controller for adding machines:
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null \ -g
machines %u
# Script for domain controller for adding machines:
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null \ -g
machines %u
# Script for domain controller with LDAP backend for adding machines
(please
# configure in /etc/samba/smbldap_conf.pm first):
; add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d
/dev/null -g machines -c 'Machine Account' -s /bin/false %u
# Domain groups:
# Domain groups are now configured by using the 'net groupmap' tool
# Samba Password Database configuration:
# Samba now has runtime-configurable password database backends.
Multiple
# passdb backends may be used, but users will only be added to the first
one
# Default:
passdb backend = ldapsam:ldap://localhost
# TDB backen with fallback to smbpasswd and guest
; passdb backend = tdbsam smbpasswd guest
# LDAP with fallback to smbpasswd guest
# Enable SSL by using an ldaps url, or enable tls with 'ldap ssl' below.
; passdb backend = ldapsam:ldaps://ldap.mydomain.com smbpasswd guest
# Use the samba2 LDAP schema:
; passdb backend = ldapsam_compat:ldaps://ldap.mydomain.com smbpasswd
guest
# Idmap settings:
# Idmap backend to use:
idmap backend = ldap:ldap://ldap.localhost
# This is a range of unix user-id's that samba will map non-unix RIDs
to,
# such as when using Winbind
; idmap uid =
[Samba] DOS error 58 is back
Hi all, yesterday i switched from Samba 3.0.5 to 3.0.6 RC2 because we want to upgrade our Windows XP clients to SP2 which seems to cause printing problems with all older versions of Samba. Unfortunately this reintroduced a problem regarding DOS ( please see http://lists.samba.org/archive/samba/2004-July/089609.html ) which i already had experienced when i switched from Samba 3.0.4 to 3.0.5RC1. After the next update to Samba 3.0.5 DOS was working fine again. Is there something special to consider when using LanMan with Samba 3.0.6 ? regards, Ulf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Issues solved with samba-3.0.6.RC2
We've had the following problem with samba-3.0.4 - samba.3.0.5: Very strange behavior on mapped shares when the user is a member of Domain Admins, Unix group domadm. samba-3.0.0 - samba-3.0.5: Setting hide unreadable on a share hides everything when security=DOMAIN. These problems disappeared from our test environment after upgrading to samba-3.0.6.RC2. Anyways, many thanks to the Samba Team for their great efforts. We've successfully been running a pure samba server environment with about 2000 XP- and W98-clients and 150 printers for a couple of years now. :-) Regards, Sten Sletbak IT dept. Oslo University College -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] gui win2k interface for managing ACL or quota ?
On Mon, 2004-08-09 at 12:58, xavier wrote: hi, I have a question here: May I use the win2k gui interface for adding a user rights to a file (I mean with ACL, equivalent to setfacl -m u:test:rwx myfile for example) OR May I use the setfacl command or another tool like acl tool into webmin (I use it and it works good) ? Cause I have tryed to add rights for a user onto a file into gui windows, but the logs say that I don' t have permission (I'M memeber of admin users) and an error message is displayed to me into my win2k box! hey, I have the same question with quotas ! (but not problematic for me) it works good managing the quotas under webmin. What filesystem are you using? Are you adding the acl support on the mount options? -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Bug 1580, any ideas if it has been looked at?
Submitted on 2004-08-02. I foolishly attached my stuff to 364 which is an exact duplicate of my experiences. Except I have 6 ADS domains I am supposed to have sequence numbers for. It almost seems like a timeout or lack of comm issue. Usually it happens over night. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Smbldap tools blocks when using net rpc vampire to migrate accounts from the NT4 PDC to the SambaLdap BDC
Hello, I am trying to migrate a NT4 PDC server to a linux PDC Samba3.0+openLDAP backend I have followed all the instructions in the Samba manual The Linux Samba-openLDAP How to V.1.6. However my efforts are in vain when I have to use net rpc. It hangs up and I' m trying to find out why... So.. Here is what I did: [EMAIL PROTECTED] smbldap-tools]# net rpc vampire -l -d 4 -S servpdc -U Administrateur%-- [2004/08/06 17:17:05, 3] param/loadparm.c:lp_load(3926) lp_load: refreshing parameters [2004/08/06 17:17:05, 3] param/loadparm.c:init_globals(1303) Initialising global parameters [2004/08/06 17:17:05, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2004/08/06 17:17:05, 3] param/loadparm.c:do_section(3429) Processing section [global] doing parameter name resolve order = wins lmhosts bcast doing parameter delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g doing parameter hosts allow = 127. 172. doing parameter netbios name = srvrhas [2004/08/06 17:17:05, 4] param/loadparm.c:handle_netbios_name(2721) handle_netbios_name: set global_myname to: SRVRHAS doing parameter ldap passwd sync = Yes doing parameter printing = bsd doing parameter dos charset = ISO8859-1 doing parameter display charset = ISO8859-1 doing parameter remote announce = 192.168.1.255 192.168.2.44 172.2.0.2 doing parameter local master = no doing parameter workgroup = domaine doing parameter os level = 40 doing parameter ldap admin dn = cn=manager,dc=mediteranee,dc=com doing parameter printcap name = /etc/printcap doing parameter add machine script = /usr/local/sbin/smbldap-useradd -w %u doing parameter max log size = 500 doing parameter log file = /var/log/samba/%m.log doing parameter load printers = yes doing parameter guest account = pcguest doing parameter ldap user suffix = ou=Users doing parameter add group script = /usr/local/sbin/smbldap-groupadd -p %g doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g doing parameter domain master = no doing parameter passdb backend = ldapsam:ldap://127.0.0.1 doing parameter wins support = true doing parameter ldap delete dn = Yes doing parameter server string = Red Hat AS Server Samba-Ldap Server doing parameter ldap group suffix = ou=Groups doing parameter ldap machine suffix = ou=Computers doing parameter ldap suffix = dc=mediteranee,dc=com doing parameter logon path = \\%L\Profiles\%U doing parameter add user script = /usr/local/sbin/smbldap-useradd -m %u doing parameter set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u doing parameter unix charset = ISO8859-1 doing parameter preferred master = no [2004/08/06 17:17:05, 4] param/loadparm.c:lp_load(3958) pm_process() returned Yes [2004/08/06 17:17:05, 2] lib/interface.c:add_interface(79) added interface ip=172.2.0.5 bcast=172.2.255.255 nmask=255.255.0.0 [2004/08/06 17:17:05, 3] libsmb/cliconnect.c:cli_start_connection(1290) Connecting to host=servpdc [2004/08/06 17:17:05, 3] lib/util_sock.c:open_socket_out(690) Connecting to 172.2.0.2 at port 445 [2004/08/06 17:17:05, 2] lib/util_sock.c:open_socket_out(726) error connecting to 172.2.0.2:445 (Connexion refusée) [2004/08/06 17:17:05, 3] lib/util_sock.c:open_socket_out(690) Connecting to 172.2.0.2 at port 139 [2004/08/06 17:17:05, 4] lib/time.c:get_serverzone(122) Serverzone is -7200 [2004/08/06 17:17:05, 4] passdb/secrets.c:secrets_fetch_trust_account_password(255) Using cleartext machine password [2004/08/06 17:17:05, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45) cli_net_req_chal: LSA Request Challenge from SRVRHAS to servpdc: F8F60FC15E8B943C [2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_session_key(59) cred_session_key [2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/08/06 17:17:05, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102) cli_net_auth2: srv:\\SERVPDC acct:SRVRHAS$ sc:6 mc: SRVRHAS chal F944E654EF209FCA neg: 400701ff [2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_assert(121) cred_assert Fetching DOMAIN database [2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/08/06 17:17:06, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/08/06 17:17:06, 4] libsmb/credentials.c:cred_assert(121) cred_assert SAM_DELTA_DOMAIN_INFO not handled [2004/08/06 17:17:06, 2] lib/smbldap.c:smbldap_search_domain_info(1295) Searching for:[((objectClass=sambaDomain)(sambaDomainName=SRVRHAS))] [2004/08/06 17:17:06, 2] lib/smbldap.c:smbldap_search_suffix(1066) smbldap_search_suffix: searching
[Samba] samba Digest, Vol 20, Issue 13
I am out of the office on vacation from Tuesday August 10th until Monday August 23rd. Regards, Ray Moroney This e-mail message may contain proprietary and/or confidential information, and is intended only for the use of the individual or entity named above. RF Integration Inc. retains all legal rights to the dispersement of company related material, and does not imply any transfer of rights by this e-mail. If you received this communication in error, please notify us immediately by e-mail [EMAIL PROTECTED] and delete or discard this message. Thank you. *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] passdb requires /etc/passwd entry?
Apologies if this has already been answered, but I'd like to share my understanding, in too many words. The reason that the user must exist in a user database (such as /etc/passwd) accessible to the underlying system (such as Linux) is that in order to read and set permissions on the files, Linux -- and any other file sharing protocols, such as SMB, AppleTalk, XFS, NFS, NDS, etc., must know the user's login ID. Because the permissions are set in the filesystem, not an abstract access control list by the second-level software (such as Samba), the user must be identifiable to any software which may request access. Therefore, it is up to the kernel to control this access, and it needs to have a way to veryify that the user is indeed a valid user. With Samba, traditionally there have been two user databases: the Samba password database (smbpasswd) which Samba uses for authentication, and the unix password database (/etc/passwd and its brothers, /etc/shadow and /etc/group). The reason that Samba can't use /etc/passwd is because /etc/passwd has no facility for storing SIDs and GIDs. This however does not prevent the unix kernel from using an authentication facility that does store this information. It is very possible now to configure both Samba and unix to authenticate against the same LDAP directory server, along with your mail server, your secure web server, your virtual private network, your building security system, your telephone, and your photocopier, achieving the holy grail of single sign-on. I will leave the implementation of this as an exercise for the reader. --Jon Johnson Sutinen Consulting, Inc. [EMAIL PROTECTED] (360) 270-9317 cell On Tue, 27 Jul 2004, Cal Heldenbrand wrote: Greetings everyone, I have a question about the smbpasswd encrypted database and /etc/passwd -- why does the passdb backend require an entry in /etc/passwd? Is it possible to create samba encrypted users without a /etc/passwd entry? I have a samba PDC setup that is mainly just a login server, then a separate server for $HOME's. I have all of my PAM configs setup to remotely authenticate to another server with 8000+ users, then pam_smbpass migrates passwords to the PDC. The HOME server automatically creates $HOME directories, and uses winbind for UID mappings against my PDC. The problem is the password migration in smbpass won't work without an /etc/passwd entry, and I don't want to potentially have to add 8000 users from a constantly changing database. Is there any workaround for this? I've noticed in the source that the check for this is done in passdb/passdb.c approx line 947 if (!NT_STATUS_IS_OK(pdb_init_sam_new(sam_pass, user_name, 0))) But this is in the function local_password_change() -- If this is modifying the smbpasswd database, why would it need to check /etc/passwd? Is this just a sanity check, or do I have my samba configs incorrect? Call me naive, but could I just comment out this section of code and see what happens? Thanks for any help in advance, --Cal Heldenbrand ___ Do you Yahoo!? Express yourself with Y! Messenger! Free. Download now. http://messenger.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] share directory
The operating system on my computer is Redhat 9.0, I want to share a directory of another computer on which the operating system is win2003 whthrough Samba. but I always failed.someone can tell me why? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbldap tools blocks when using net rpc vampire to migrate accounts from the NT4 PDC to the SambaLdap BDC
Ioan Caltun a écrit : Hello, I am trying to migrate a NT4 PDC server to a linux PDC Samba3.0+openLDAP backend I have followed all the instructions in the Samba manual The Linux Samba-openLDAP How to V.1.6. However my efforts are in vain when I have to use net rpc. It hangs up and I' m trying to find out why... So.. Here is what I did: [2004/08/06 17:17:06, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597) ldapsam_search_one_group: searching for:[((objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-375199814-1253531362-1423778804-512))] [2004/08/06 17:17:06, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1612) ldapsam_search_one_group: Problem during the LDAP search: LDAP error:(No such object)ldapsam_search_one_group: Query was: ou=Groups, ((objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-375199814-1253531362-1423778804-512)) Creating unix group: 'Admins du domaine' Here is a question... here,in the research he usees SID sambaSID=S-1-5-21-375199814-1253531362-1423778804-512 However, in smbldap.cong, the SID I obtained after net rpc getlocalsid -S servpdc is SID=S-1-5-21-375199814-1253531362-1423778804 It's normal. It appends 512 to your domain SID, which is the RID of group Domain Admins (Admins du domaine). I think your problem come from group mapping. Do you map all your Windows groups (defined in your NT4 domain) to Unix groups with the command net groupmap?? (eg, for Domain Admins : net groupmap add sid=S-1-5-21-375199814-1253531362-1423778804-512 unixgroup=Admins du domaine with Admins du domaine defined in the /etc/group of your new Samba server... NB : maybe you have to change space in Admins du domaine by =20 in /etc/group = admins=20du=20domaine) Another point. I saw you use 'smbldap-useradd -w %u' for add machine script. If you won't be able to login from a Windows workstation after the migration (with 'Workstation XX no account in domain' error), the only way I found to bypass this error is to remove the -w from the script command line. Problem : by doing this, Samba put computer account in Users instead of Computers in LDAP. A little bit annoying... Maybe someone knows how to avoid this problem... Regards, Lionel Beard -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Net rpc shutdown
Hi all, I'm trying to make a script that will shut down a couple of Windows boxes from a Linux machine with Samba. If I use net rpc shutdown -I windows-ip -U administrator it works fine, except that I get prompted for the password. After looking through man net I can't seem to find a way to include the password (I tried -U administrator%password but got [2004/08/10 16:45:58, 0] utils/net_rpc.c:rpc_shutdown_internals(2766) - Shutdown of remote machine failed back). Am I missing a switch? Mark Lidstone IT and Network Support Administrator BMT SeaTech Ltd Grove House, Meridians Cross, 7 Ocean Way Ocean Village, Southampton. SO14 3TJ. UK Tel: +44 (0)23 8063 5122 Fax: +44 (0)23 8063 5144 E-Mail: mailto:[EMAIL PROTECTED] Website: www.bmtseatech.co.uk == Confidentiality Notice and Disclaimer: The contents of this e-mail and any attachments are intended only for the use of the e-mail addressee(s) shown. If you are not that person, or one of those persons, you are not allowed to take any action based upon it or to copy it, forward, distribute or disclose the contents of it and you should please delete it from your system. BMT SeaTech Limited does not accept liability for any errors or omissions in the context of this e-mail or its attachments which arise as a result of Internet transmission, nor accept liability for statements which are those of the author and not clearly made on behalf of BMT SeaTech Limited. == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ADS membership with Samba 3.0.4
Hi, We are in the process of evaluating the possibility of porting Samba 3.0.4 to VxWorks. Features wise we don't see any problems. But our main concern is on the security. Since we do not have the concept of Users and Groups on VxWorks, we cannot have any authentications as such. So, the other possibility is to pass on the authentication to another Server on the network, typically a AD server (since Samba is required to be a part of a domain) All the documents that we have seen so far, regarding the ADS membership, talk about winbind and NSS. My question here is, 1. Do I really need winbind or NSS since I am not maintaining any Users or Groups locally ?! 2. Is it sufficient if I get the Kerberos and sasl support to work on VxWorks ?! Regards, Sandeep Sundaram Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Your mail to Firewalls-Book-Info
This pre-recorded message is being sent in response to your recent email to Firewalls-Book-Info. Building Internet Firewalls, Second Edition === by Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman Published by O'Reilly Associates 2nd Edition June 2000 894 Pages ISBN 1-56592-871-7 List price $49.95 Available through the Internet at a discount from Amazon.com: http://www.amazon.com/exec/obidos/ASIN/1565928717/greatcircleassoc Also available from the publisher, O'Reilly Associates: US/Canadian Inquiries: 1-800-998-9938 Local/Overseas Orders/Inquiries: 1-707-829-0515 Order your copy today! Overview In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, a critical component of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes: Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls Issues involved in a variety of new Internet services and protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD r commands, SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows Browser) Authentication and auditing services (e.g., PAM, Kerberos, RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server) The book's complete list of resources includes the location of many publicly available firewall construction tools. Table of Contents = Preface Part I: Network Security Chapter 1: Why Internet Firewalls? What Are You Trying to Protect? What Are You Trying to Protect Against? Who Do You Trust? How Can You Protect Your Site? What Is an Internet Firewall? Religious Arguments Chapter 2: Internet Services Secure Services and Safe Services The World Wide Web Electronic Mail and News File Transfer, File Sharing, and Printing Remote Access Real-Time Conferencing Services Naming and Directory Services Authentication and Auditing Services Administrative Services Databases Games Chapter 3: Security Strategies Least Privilege Defense in Depth Choke Point Weakest Link Fail-Safe Stance Universal Participation Diversity of Defense Simplicity Security Through Obscurity Part II: Building Firewalls Chapter 4: Packets and Protocols What Does a Packet Look Like? IP Protocols Above IP Protocols Below IP Application Layer Protocols IP Version 6 Non-IP Protocols Attacks Based on Low-Level Protocol Details Chapter 5: Firewall Technologies Some Firewall Definitions Packet Filtering Proxy Services Network Address Translation Virtual Private Networks Chapter 6: Firewall Architectures Single-Box Architectures
RE: [Samba] Your mail to Firewalls-Book-Info
I wonder if it has a section on securing maillists? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Change of password problems with 3.0.6rc2
Good afternoon. I have installed the 3.0.6rc2 version of samba and have found the users can't change their password. Cheers, Rafael Paris Gerente de Sistemas Casino e-mail: [EMAIL PROTECTED] pagina web/page: www.hotelmaruma.com Telefono/Phone: 0058 261 730 27 70 Fax: 0058 261 730 28 10 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Winbind sutff (Squid and Windows 2003)
Hi Rivanor, I really know nothing about FreeBSD, but I have seen that error before on SuSE Linux, when I upgraded samba versions without restarting nscd. Once nscd was restarted, all the problems seemed to go away. Hope this helps Oliver Rivanor Soares [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Fellows, hello... My first post. :) The environment: Samba 3.0.5, Windows 2003 (domain controller), Squid 2.5-STABLE and FreeBSD 5.2.1. I'm facing this problem: While trying to authenticate the users inside Windows 2003 through the proxy server, using the wb_auth auth program, i can see the lines below in my log.winbindd [2004/08/09 22:28:12, 0] nsswitch/winbindd.c:process_loop(726) process_loop: Invalid request size from pid 1235: 1304 bytes sent, should be 1824 This usually means that you are running old wbinfo, pam_winbind or libnss_winbind clients I successfully joined the domain using 'net join'. I can wbinfo to list the users too. But it's not enough! :P Does anyone face this anytime? Thanks in advance! :) -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming profile, esp. laptops
Here's an issue I don't think I've seen come up since I've been trolling that is going to be a headache for me: Say I have a user on a laptop, when he is constantly on the network, everything is happy. Say the user goes home, does some work, monkeys around with his settings, and comes back. As soon as said user logs on he gets the copy of his profile from the last time he logged off. Does anyone else see the problem here? I would like to know what creative solutions people have come up with to get around the issue. We currently use 2.2.8 but I'm going to push 3.0.x out Real Soon Now (TM), so if some negotiation has somehow been done in 3 to make this work better I'll shut up and go back to my hole. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Winbind sutff (Squid and Windows 2003)
Try net join ads -U admin (enter) provide passwd. See what happens. winbindd is a bit of a devil to get under control in my opinion. olly wrote: Hi Rivanor, I really know nothing about FreeBSD, but I have seen that error before on SuSE Linux, when I upgraded samba versions without restarting nscd. Once nscd was restarted, all the problems seemed to go away. Hope this helps Oliver Rivanor Soares [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Fellows, hello... My first post. :) The environment: Samba 3.0.5, Windows 2003 (domain controller), Squid 2.5-STABLE and FreeBSD 5.2.1. I'm facing this problem: While trying to authenticate the users inside Windows 2003 through the proxy server, using the wb_auth auth program, i can see the lines below in my log.winbindd [2004/08/09 22:28:12, 0] nsswitch/winbindd.c:process_loop(726) process_loop: Invalid request size from pid 1235: 1304 bytes sent, should be 1824 This usually means that you are running old wbinfo, pam_winbind or libnss_winbind clients I successfully joined the domain using 'net join'. I can wbinfo to list the users too. But it's not enough! :P Does anyone face this anytime? Thanks in advance! :) -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Bizarre failure of samba shares to XP
I am seeing this problem too, Though we're using winbind. -Original Message- From: Keith Edmunds [mailto:[EMAIL PROTECTED] Sent: Monday, August 09, 2004 1:21 AM To: [EMAIL PROTECTED] Subject: Re: [Samba] Bizarre failure of samba shares to XP On Sun, 08 Aug 2004 23:48:26 -0400 Dean Carpenter [EMAIL PROTECTED] wrote: The really weird part is that I can connect to any subdirectory below the share root just fine. I would suspect directory permissions/ownership of the share root. Can the same user successfully access the share root from another PC? Keith -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Kerberos verfy ticket failed
Hello list. I've got a problem using samba-3.0.4 (RedHat AS 3.0) the server is member of a Win2003 Active directory domain All stuff about krb5 seems to work correctly kinit [EMAIL PROTECTED] klist etc... net ads join -U administrator has worked well too But when any Windows client member of the domain try to connect to the server it asks me for a user/pass. here is the log. [2004/08/10 18:56:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2004/08/10 18:56:42, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[] [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 48018 1 2 2 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 113554 1 2 2 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 3 6 1 4 1 311 2 2 10 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(447) Got secblob of size 1191 [2004/08/10 18:56:42, 3] libads/kerberos_verify.c:ads_verify_ticket(185) ads_verify_ticket: enc type [3] failed to decrypt with error Decrypt integrity check failed [2004/08/10 18:56:43, 3] libads/kerberos_verify.c:ads_verify_ticket(193) ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type) [2004/08/10 18:56:43, 1] smbd/sesssetup.c:reply_spnego_kerberos(174) Failed to verify incoming ticket! [2004/08/10 18:56:43, 3] smbd/error.c:error_packet(94) error string = Aucun fichier ou répertoire de ce type [2004/08/10 18:56:43, 3] smbd/error.c:error_packet(118) error packet at smbd/sesssetup.c(175) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2004/08/10 18:56:43, 3] smbd/process.c:timeout_processing(1131) timeout_processing: End of file from client (client has disconnected). [2004/08/10 18:56:43, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/08/10 18:56:43, 2] smbd/server.c:exit_server(572) Closing connections [2004/08/10 18:56:43, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2004/08/10 18:56:44, 3] smbd/connection.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. [2004/08/10 18:56:44, 3] smbd/server.c:exit_server(615) Server exit (normal exit) I'm not sure it's due to Win2k3 server because enc type [3] is des-cbc-md5. I definitiveley Don't know what's wrong! I have even tried to compile samba-3.0.5 and link with kerberos-1.3.4 without success. Any help would be appretciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Bizarre failure of samba shares to XP
-Original Message- From: Michael Andrewjeski [mailto:[EMAIL PROTECTED] I am seeing this problem too, Though we're using winbind. Are your users making any folders available offline? I've seen some odd interaction problems with Samba and XP's offline folder feature. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Winbind sutff (Squid and Windows 2003)
Hi Oliver :) I upgraded samba 2.x to samba 3.x from ports install, which downloads samba source from the oficial mirror, and found nothing about nscd. :/ Thanks anyway!... On Tue, 10 Aug 2004 18:20:01 +0100, olly [EMAIL PROTECTED] wrote: Hi Rivanor, I really know nothing about FreeBSD, but I have seen that error before on SuSE Linux, when I upgraded samba versions without restarting nscd. Once nscd was restarted, all the problems seemed to go away. Hope this helps Oliver Rivanor Soares [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Fellows, hello... My first post. :) The environment: Samba 3.0.5, Windows 2003 (domain controller), Squid 2.5-STABLE and FreeBSD 5.2.1. I'm facing this problem: While trying to authenticate the users inside Windows 2003 through the proxy server, using the wb_auth auth program, i can see the lines below in my log.winbindd [2004/08/09 22:28:12, 0] nsswitch/winbindd.c:process_loop(726) process_loop: Invalid request size from pid 1235: 1304 bytes sent, should be 1824 This usually means that you are running old wbinfo, pam_winbind or libnss_winbind clients I successfully joined the domain using 'net join'. I can wbinfo to list the users too. But it's not enough! :P Does anyone face this anytime? Thanks in advance! :) -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Winbind sutff (Squid and Windows 2003)
Hi Tom! I try typing 'net join ads -U user -W DOMAIN -S SERVER' then the password. Same old thing. The same errors... Look how this is weird: i net join and Joined domain DOMAIN. I type wbinfo -u, it's OK. Everything works, almost everything :P Does anyone have winbindd working with Windows 2003 and stuff...? Thank you all...! []'s On Tue, 10 Aug 2004 10:31:26 -0700, Tom Skeren [EMAIL PROTECTED] wrote: Try net join ads -U admin (enter) provide passwd. See what happens. winbindd is a bit of a devil to get under control in my opinion. olly wrote: Hi Rivanor, I really know nothing about FreeBSD, but I have seen that error before on SuSE Linux, when I upgraded samba versions without restarting nscd. Once nscd was restarted, all the problems seemed to go away. Hope this helps Oliver Rivanor Soares [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Fellows, hello... My first post. :) The environment: Samba 3.0.5, Windows 2003 (domain controller), Squid 2.5-STABLE and FreeBSD 5.2.1. I'm facing this problem: While trying to authenticate the users inside Windows 2003 through the proxy server, using the wb_auth auth program, i can see the lines below in my log.winbindd [2004/08/09 22:28:12, 0] nsswitch/winbindd.c:process_loop(726) process_loop: Invalid request size from pid 1235: 1304 bytes sent, should be 1824 This usually means that you are running old wbinfo, pam_winbind or libnss_winbind clients I successfully joined the domain using 'net join'. I can wbinfo to list the users too. But it's not enough! :P Does anyone face this anytime? Thanks in advance! :) -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Rivanor P. Soares [web_knows] The meeting is over. Agents are coming... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT4 Terminal Server samba-3.0.3-5 +
After updating to samba-3.0.3-5, I began seeing problems with our NT4 Terminal Server. We are unable to copy or access large (200MB) files on the server. The file is an access file, but this doesn't seem to matter, I can't do a copy bigfile.mdb \\cxhs\sys Small files don't seem to be a problem. I've tried upgrading to samba-3.0.6rc2-2, no joy We replaced nic, cable hub, no joy Any ideas? My smb.conf is as follows: [global] force user = root hosts allow = 192.168.10. 192.168.20. hosts deny = all interfaces = eth0 eth1 workgroup = workgroup netbios name = cxhs comment = Server server string = Server security = share null passwords = yes encrypt passwords = yes log level = 1 max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY level2 oplocks = yes remote announce = 192.168.10.255 192.168.20.255 strict locking = yes oplocks = no public = yes browseable = yes writable = yes guest ok = yes wins support = yes [sys] public=yes path = /home/sys read only = No [vol1] public=yes path = /home/vol1 read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] DSA is unwilling to perform...
I have searched through samba.org and google but have not gained any ground on this one. I have two servers. One is a linux server that must authenticate users logging in via ssh against a Windows 2003 AD server and hopefully create a home directory for them if authenticated. I am trying to avoid going the padl.com route if possible and only use samba/krb5/ldap since hopefully that will require less modifications to the underlying ldap/krb config. (Maybe not) After following all the instructions on samba.org, kinit works fine. I can then do smbclient with -k to mount shares just fine. The one thing I can not get working is net ads join. I always get the responce: [2004/08/10 12:42:30, 0] libads/ldap.c:ads_join_realm(1336) ads_add_machine_acct: DSA is unwilling to perform ads_join_realm: DSA is unwilling to perform All of the searches I did for that string return things totally unrelated to samba/AD. Any thoughts on this? My user account is a domain administrator, local administrator, etc... Regards, Aaron -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] hard links on a samba share from a samba client
Hi,
I'm having problems creating hard links on a samba share from a samba
client.
My environment is as follows:
- PDC on a Windows NT
- samba-3.0.5 client
- samba-3.0.5 server (homes)
I use winbindd to authenticate and it is working fine, I can create,
remove and change files without any problems.
The mount command line I'm using is:
mount -t smbfs //10.101.0.231/homes /mnt -o
username=dcoletti,password=XX,uid=dcoletti
At the server (and client) I set unix extensions = yes (eventhought is
the default value) and I also tried fstype = Samba.
I also tried to do the same thing against an Windows NT with a NTFS
filesystem (it didn't work eighter), that *doesn't* work at all, does it?
Any ideas on how to get hard links to work in a samba-samba environment?
thanks,
daniel//
(here's my smb.conf)
[global]
workgroup = MC_CAW
netbios name = LinuxPrueba
os level = 2
encrypt passwords = Yes
map to guest = Bad User
log level = 1
syslog = 0
printing = CUPS
printcap name = CUPS
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
wins server = 10.101.0.41
veto files = /*.eml/*.nws/riched20.dll/*.{*}/
security=domain
password server = *
winbind uid = 1-2
winbind gid = 1-2
winbind separator = +
winbind use default domain = true
winbind enum users = Yes
winbind enum groups = Yes
template shell = /bin/bash
template home dir = /home/MC_CAW/%U
obey pam restrictions = Yes
unix extensions = yes
[homes]
comment = Home Directories
browseable = Yes
read only = No
create mask = 0640
directory mask = 0750
fstype = Samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profile, esp. laptops
You could use mandatory profiles. If your using XP on the laptop it will use the cached version of the profile when the user logs onto the domain and then will send the changes back to the server when he logs off again. Paul Gienger wrote: Here's an issue I don't think I've seen come up since I've been trolling that is going to be a headache for me: Say I have a user on a laptop, when he is constantly on the network, everything is happy. Say the user goes home, does some work, monkeys around with his settings, and comes back. As soon as said user logs on he gets the copy of his profile from the last time he logged off. Does anyone else see the problem here? I would like to know what creative solutions people have come up with to get around the issue. We currently use 2.2.8 but I'm going to push 3.0.x out Real Soon Now (TM), so if some negotiation has somehow been done in 3 to make this work better I'll shut up and go back to my hole. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profile, esp. laptops
You misunderstand my point, which may be my fault ;) Said user goes home and does his work, sets up things the way they should be. He comes in the next day, starts up his laptop and gets his desktop and settings from the last time he logged off 'in the office' ( I didn't make that part clear). When you deal with salespeople and other types that may not be in the office for a week or two at a time they get a little testy when they all of the sudden start to lose things because the server overwrote their settings. I WANT them to be flexible, so mandatory profiles are not the solution. Joseph E. Werle wrote: You could use mandatory profiles. If your using XP on the laptop it will use the cached version of the profile when the user logs onto the domain and then will send the changes back to the server when he logs off again. Paul Gienger wrote: Here's an issue I don't think I've seen come up since I've been trolling that is going to be a headache for me: Say I have a user on a laptop, when he is constantly on the network, everything is happy. Say the user goes home, does some work, monkeys around with his settings, and comes back. As soon as said user logs on he gets the copy of his profile from the last time he logged off. Does anyone else see the problem here? I would like to know what creative solutions people have come up with to get around the issue. We currently use 2.2.8 but I'm going to push 3.0.x out Real Soon Now (TM), so if some negotiation has somehow been done in 3 to make this work better I'll shut up and go back to my hole. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Bizarre failure of samba shares to XP
With a little help I was just able to build krb5-1.3.4 That solved my issues. So Doc http://web.mit.edu/kerberos/www/krb5-1.3/krb5-1.3.4/doc/krb5-install.htm l Source http://web.mit.edu/kerberos/www/dist/krb5/1.3/krb5-1.3.4.tar untar GZ it... Install ( I used up2date): Byacc, Flex, texinfo, e2fsprogs-devel, ibtermcap-devel, tcl-devel Then cd to the src dir: ./configure --without-tcl make makecheck make install Reboot Start smb winbind ( if needed) test your kerberos ( klist -e , kinit) Test winbind ( wbinfo -t ) access a samba share with XP Good luck!! -Alex -Original Message- From: David Brodbeck [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 10, 2004 2:36 PM To: [EMAIL PROTECTED] Subject: RE: [Samba] Bizarre failure of samba shares to XP -Original Message- From: Michael Andrewjeski [mailto:[EMAIL PROTECTED] I am seeing this problem too, Though we're using winbind. Are your users making any folders available offline? I've seen some odd interaction problems with Samba and XP's offline folder feature. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] hosts.allow
In the smb.conf file, are there any restrictions on how many ranges of IP can be placed in this list? In the hosts.deny, 0.0.0.0/0 is the setting to block all ip addresses? Thanks, Wayne -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Wanted a Good Tool To Bench Marking Samba Servers
What is a good tool to benchmark Samba servers? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP SP2 (Official) and Samba 3
I've looked through the archives and the only information I can find regarding Windows XP SP2 is RC2. Has anyone out there had ANY experience with XP SP2 Official and a Samba 3 domain? Like what? I installed the final release version last night and have had no problems John -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 (Official) and Samba 3
Bert Rapp wrote: I've looked through the archives and the only information I can find regarding Windows XP SP2 is RC2. Has anyone out there had ANY experience with XP SP2 Official and a Samba 3 domain? Yes! All my workstations are WinXP SP2, and I'm runnig samba 3.0.5 as PDC and everything is fine. I had just disabled the NT sign on seal at the registry on each XP workstation. With the following reg script: http://www.em.pucrs.br/~filipi/WinXP_SignOrSeal.reg Regards, -- Filipi Vianna Laboratório de Mecânica Computacional (DEMM) Faculdade de Engenharia - PUC-RS telefone: (51) 3320-3500 ramal: 4053 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP SP2
Has anyone done any trialling of Windows XP Service Pack 2 and its effect on a Samba domain? I am going to set up a test machine here, but would be very interested to hear of others experiences. Tim Gibson __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 (Official) and Samba 3
I had just disabled the NT sign on seal at the registry on each XP workstation. With the following reg script: http://www.em.pucrs.br/~filipi/WinXP_SignOrSeal.reg This should not have been necessary with samba 3. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 (Official) and Samba 3
Paul Gienger wrote: I had just disabled the NT sign on seal at the registry on each XP workstation. With the following reg script: http://www.em.pucrs.br/~filipi/WinXP_SignOrSeal.reg This should not have been necessary with samba 3. I was thinking the same... But I had tried without it and I could not add the machine to the domain. -- Filipi Vianna Laboratório de Mecânica Computacional (DEMM) Faculdade de Engenharia - PUC-RS telefone: (51) 3320-3500 ramal: 4053 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 (Official) and Samba 3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bert Rapp wrote: | I've looked through the archives and the only information | I can find regarding Windows XP SP2 is RC2. Has anyone | out there had ANY experience with XP SP2 Official and a Samba | 3 domain? Looks like MS did not fix the print change notify bug. I would not recommend installing it if you Samba is is serving printers or unless you are running 3.0.6rc2. 3.0.6 final will be out later this week. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBGWhUIR7qMdg1EfYRAnJQAJ4qibLcmNnYs+oF8zxyNl/dBjmjdACaA+16 LsvyDzVj4oxvNRlqvc0Pzo0= =6xvt -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Kerberos verfy ticket failed
I have seen this on multiple occasions as well. I can't really pinpoint it, but I'd really like to know what is going wrong. Aaron On Aug 10, 2004, at 1:48 PM, Raphael RIGNIER wrote: Hello list. I've got a problem using samba-3.0.4 (RedHat AS 3.0) the server is member of a Win2003 Active directory domain All stuff about krb5 seems to work correctly kinit [EMAIL PROTECTED] klist etc... net ads join -U administrator has worked well too But when any Windows client member of the domain try to connect to the server it asks me for a user/pass. here is the log. [2004/08/10 18:56:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2004/08/10 18:56:42, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[] [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 48018 1 2 2 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 113554 1 2 2 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 3 6 1 4 1 311 2 2 10 [2004/08/10 18:56:42, 3] smbd/sesssetup.c:reply_spnego_negotiate(447) Got secblob of size 1191 [2004/08/10 18:56:42, 3] libads/kerberos_verify.c:ads_verify_ticket(185) ads_verify_ticket: enc type [3] failed to decrypt with error Decrypt integrity check failed [2004/08/10 18:56:43, 3] libads/kerberos_verify.c:ads_verify_ticket(193) ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type) [2004/08/10 18:56:43, 1] smbd/sesssetup.c:reply_spnego_kerberos(174) Failed to verify incoming ticket! [2004/08/10 18:56:43, 3] smbd/error.c:error_packet(94) error string = Aucun fichier ou répertoire de ce type [2004/08/10 18:56:43, 3] smbd/error.c:error_packet(118) error packet at smbd/sesssetup.c(175) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2004/08/10 18:56:43, 3] smbd/process.c:timeout_processing(1131) timeout_processing: End of file from client (client has disconnected). [2004/08/10 18:56:43, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/08/10 18:56:43, 2] smbd/server.c:exit_server(572) Closing connections [2004/08/10 18:56:43, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2004/08/10 18:56:44, 3] smbd/connection.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. [2004/08/10 18:56:44, 3] smbd/server.c:exit_server(615) Server exit (normal exit) I'm not sure it's due to Win2k3 server because enc type [3] is des-cbc-md5. I definitiveley Don't know what's wrong! I have even tried to compile samba-3.0.5 and link with kerberos-1.3.4 without success. Any help would be appretciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] URGENT : NT4 Standalone server in a Samba-LDAP PDC
I have an urgent need, Is it possible to connect an NT4 Standalone server to a Samba-LDAP PDC ?? I am trying to do that but keep getting the same error when trying to change an NT4 standalone server to the Samba-LDAP PDC. Error message : The machine account for this computer either does not exist or is inaccessible. log.smbd : [2004/08/10 22:29:03, 5] lib/smbldap.c:smbldap_search(932) smbldap_search: base = [dc=prod,dc=blc,dc=com], filter = [((uid=NC1981WTX03$)(objectclass=sambaSamAccount))], scope = [2] [2004/08/10 22:29:03, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1157) ldapsam_getsampwnam: Unable to locate user [NC1981WTX03$] count=0 It creates a computer object in ldap but Samba seems to search for sambaSamAccount on this object after, which is not a class of the newly created computer object -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] File locks not always released (Samba 2.2.8)
We have the occasional problem that file locks are not always being released. The result is files that insist on being 'read only' (claiming that the file is already 'in use') or that cannot be deleted or replaced. The problem only happens occasionally, and I have yet to be able to determine a pattern. The problem will usuall resolve itself within 24 hours, but sometimes it is very inconvenient. Firstly, is this a known issue with this version of Samba? If so, does it go away in later versions? Secondly, is there a way to 'manually' release a file lock on the server, for just a specific file? (I'm thinking of a command that could be run on the samba server itself.) Failing that, what about releasing all locks? Google seems to suggest that: Stopping Samba, removing /var/cache/samba/locking.tdb and restarting Samba would do that. Presumably this would be best to do after everyone has logged out of the system? Is this a reasonable thing to do, or is it likely to break something? We are at the moment stuck with Samba 2.2.8 for support reasons, so upgrading to a newer version of Samba is not an option at the current point in time, although will hopefully become an option within the next 6 months. Thanks, Rasjid. -- Rasjid Wilcox Senior Systems Architect Australian Ethical Investment Ltd Suite 66, Canberra Business Centre Bradfield St, DOWNER ACT 2602 Ph:02 6242 1980 Fax: 02 6242 1987 This email (and any attachments) is confidential and for the persons to whom it is addressed. Any unauthorised reproduction or dissemination of this message is prohibited. Please notify the sender immediately if you have received this message in error. AEI accepts no responsibility for the use of any attachments and/or corrupt files which this email may contain. The contents and opinions expressed by the author of this email are not necessarily those of AEI. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
svn commit: samba-web r241 - in trunk/news: . advocacy developers releases style team users
Author: deryck Date: 2004-08-10 07:23:32 + (Tue, 10 Aug 2004) New Revision: 241 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/trunk/newsrev=241nolog=1 Log: Finishing touches to the news site. Adds javascript to not allow blank form submissions of stories. Removes norobots meta tag to allow search-engines to index the site now. Adds story not yet published here in sections without stories. --deryck Modified: trunk/news/about.html trunk/news/advocacy/index.html trunk/news/developers/index.html trunk/news/header2.html trunk/news/releases/index.html trunk/news/style/news.css trunk/news/submit.html trunk/news/team/index.html trunk/news/users/index.html Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1688 - in branches/tmp/SAMBA_3_2_MERGE/source: . include lib libads libcli libsmb rpc_server smbd
Author: vlendec Date: 2004-08-10 11:09:13 + (Tue, 10 Aug 2004) New Revision: 1688 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/tmp/SAMBA_3_2_MERGE/sourcerev=1688nolog=1 Log: Some more little fixes before I try to merge over current 4_0. Lets see if *anything* still works after that Volker Modified: branches/tmp/SAMBA_3_2_MERGE/source/Makefile.in branches/tmp/SAMBA_3_2_MERGE/source/include/rewrite.h branches/tmp/SAMBA_3_2_MERGE/source/include/smb.h branches/tmp/SAMBA_3_2_MERGE/source/lib/util.c branches/tmp/SAMBA_3_2_MERGE/source/lib/util_sock.c branches/tmp/SAMBA_3_2_MERGE/source/libads/ldap_printer.c branches/tmp/SAMBA_3_2_MERGE/source/libcli/namequery.c branches/tmp/SAMBA_3_2_MERGE/source/libsmb/doserr.c branches/tmp/SAMBA_3_2_MERGE/source/rpc_server/srv_spoolss_nt.c branches/tmp/SAMBA_3_2_MERGE/source/smbd/change_trust_pw.c branches/tmp/SAMBA_3_2_MERGE/source/smbd/msdfs.c Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1689 - trunk/source/libsmb
Author: vlendec
Date: 2004-08-10 11:23:08 + (Tue, 10 Aug 2004)
New Revision: 1689
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1689nolog=1
Log:
Forgot asn1.c in last ldap commit
Modified:
trunk/source/libsmb/asn1.c
Changeset:
Modified: trunk/source/libsmb/asn1.c
===
--- trunk/source/libsmb/asn1.c 2004-08-10 11:09:13 UTC (rev 1688)
+++ trunk/source/libsmb/asn1.c 2004-08-10 11:23:08 UTC (rev 1689)
@@ -184,6 +184,14 @@
return !data-has_error;
}
+BOOL asn1_read_BOOLEAN2(ASN1_DATA *data, BOOL *v)
+{
+ asn1_start_tag(data, ASN1_BOOLEAN);
+ asn1_read_uint8(data, (uint8 *)v);
+ asn1_end_tag(data);
+ return !data-has_error;
+}
+
/* check a BOOLEAN */
BOOL asn1_check_BOOLEAN(ASN1_DATA *data, BOOL v)
{
@@ -367,6 +375,24 @@
return True;
}
+/* Get the length to be expected in buf */
+BOOL asn1_object_length(uint8_t *buf, size_t buf_length,
+ uint8 tag, size_t *result)
+{
+ ASN1_DATA data;
+
+ /* Fake the asn1_load to avoid the memdup, this is just to be able to
+* re-use the length-reading in asn1_start_tag */
+ ZERO_STRUCT(data);
+ data.data = buf;
+ data.length = buf_length;
+ if (!asn1_start_tag(data, tag))
+ return False;
+ *result = asn1_tag_remaining(data)+data.ofs;
+ asn1_end_tag(data);
+ return True;
+}
+
/* stop reading a tag */
BOOL asn1_end_tag(ASN1_DATA *data)
{
svn commit: samba r1691 - trunk/source/nsswitch
Author: vlendec Date: 2004-08-10 12:13:50 + (Tue, 10 Aug 2004) New Revision: 1691 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1691nolog=1 Log: Shape up winbind a bit: This removes the multi-socket architechture (/tmp/.winbindd/lsa etc) again. Having a number of multi-purpose dual daemons is the better idea I think. In case anybody is interested, this is what version control is for. :-) Volker Modified: trunk/source/nsswitch/wb_client.c trunk/source/nsswitch/wb_common.c trunk/source/nsswitch/winbindd.c trunk/source/nsswitch/winbindd_cm.c trunk/source/nsswitch/winbindd_dual.c trunk/source/nsswitch/winbindd_nss.h Changeset: Sorry the patch is to large, please use WebSVN to see it!
Re: svn commit: samba r1689 - trunk/source/libsmb
On Tue, Aug 10, 2004 at 11:23:08AM +, [EMAIL PROTECTED] wrote: Author: vlendec Date: 2004-08-10 11:23:08 + (Tue, 10 Aug 2004) New Revision: 1689 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1689nolog=1 Log: Forgot asn1.c in last ldap commit Yes, you've had :) First I wanted to commit turned off code (ifdef-ed) as it broke my build, but then I just left this fix in my local repo. cheers, -- Rafal Szczesniak Samba Team member http://www.samba.org signature.asc Description: Digital signature
svn commit: samba-web r242 - trunk/news
Author: deryck Date: 2004-08-10 13:58:48 + (Tue, 10 Aug 2004) New Revision: 242 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=242nolog=1 Log: Change links back to news sections on this page only to a full http://samba.org/samba/news/ path to get people out of the news2 redirect that was established in order to process the form script on samba.org. --deryck Modified: trunk/news/submit.html Changeset: Modified: trunk/news/submit.html === --- trunk/news/submit.html 2004-08-10 07:23:32 UTC (rev 241) +++ trunk/news/submit.html 2004-08-10 13:58:48 UTC (rev 242) @@ -66,14 +66,14 @@ div id=news_logo div class=news_logo_hack -a href=/samba/news/img src=/samba/news/images/linkpad.gif alt=news.samba.org//a +a href=http://samba.org/samba/news/;img src=/samba/news/images/linkpad.gif alt=news.samba.org//a /div /div div id=links div class=about ul -lia href=/samba/news/about.htmlAbout news.samba.org/a/li +lia href=http://samba.org/samba/news/about.html;About news.samba.org/a/li lia href=http://news.samba.org/submit.html;Submit A Story/a/li lia href=http://samba.org/;Samba-Web Home/a/li /ul
svn commit: samba r1692 - in branches/SAMBA_3_0/source: . printing rpc_client rpc_parse rpc_server rpcclient utils
Author: gd
Date: 2004-08-10 14:27:17 + (Tue, 10 Aug 2004)
New Revision: 1692
WebSVN:
http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_3_0/sourcerev=1692nolog=1
Log:
first commit :)
* add IA64 to the architecture table of printer-drivers
* add new net-subcommands:
net rpc printer migrate {drivers|printers|forms|security|settings|all}
[printer]
net rpc share migrate {shares|files|all} [share]
this is the first part of the migration suite. this will will (once
feature-complete) allow to do 1:1 server-cloning in the best possible way by
making heavy use of samba's rpc_client-functions. all migration-steps
are implemented as rpc/smb-client-calls; net communicates via rpc/smb
with two servers at the same time (a remote, source server and a
destination server that currently defaults to the local smbd). this
allows e. g. printer-driver migration including driverfiles, recursive
mirroring of file-shares including file-acls, etc. almost any migration
step can be called with a migrate-subcommand to provide more flexibility
during a migration process (at the cost of quite some redundancy :) ).
net rpc printer migrate settings is still in a bad condition (many
open questions that hopefully can be adressed soon).
net rpc share migrate security as an isolated call to just migrate
share-ACLs will be added later.
Before playing with it, make sure to use a test-server. Migration is a
serious business and this tool-set can perfectly overwrite your
existing file/print-shares.
* along with the migration functions had to make I the following
changes:
- implement setprinter level 3 client-side
- implement net_add_share level 502 client-side
- allow security descriptor to be set in setprinterdata level 2
serverside
guenther
Added:
branches/SAMBA_3_0/source/utils/net_rpc_printer.c
Modified:
branches/SAMBA_3_0/source/Makefile.in
branches/SAMBA_3_0/source/printing/nt_printing.c
branches/SAMBA_3_0/source/rpc_client/cli_srvsvc.c
branches/SAMBA_3_0/source/rpc_parse/parse_spoolss.c
branches/SAMBA_3_0/source/rpc_parse/parse_srv.c
branches/SAMBA_3_0/source/rpc_server/srv_spoolss_nt.c
branches/SAMBA_3_0/source/rpcclient/cmd_spoolss.c
branches/SAMBA_3_0/source/utils/net.c
branches/SAMBA_3_0/source/utils/net.h
branches/SAMBA_3_0/source/utils/net_help.c
branches/SAMBA_3_0/source/utils/net_rpc.c
Changeset:
Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1693 - in trunk/source: . printing rpc_client rpc_parse rpc_server rpcclient utils
Author: gd
Date: 2004-08-10 14:38:52 + (Tue, 10 Aug 2004)
New Revision: 1693
WebSVN:
http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/trunk/sourcerev=1693nolog=1
Log:
merge over net rpc {share|printer} migrate from 3_0.
guenther
Added:
trunk/source/utils/net_rpc_printer.c
Modified:
trunk/source/Makefile.in
trunk/source/printing/nt_printing.c
trunk/source/rpc_client/cli_srvsvc.c
trunk/source/rpc_parse/parse_spoolss.c
trunk/source/rpc_parse/parse_srv.c
trunk/source/rpc_server/srv_spoolss_nt.c
trunk/source/rpcclient/cmd_spoolss.c
trunk/source/utils/net.c
trunk/source/utils/net.h
trunk/source/utils/net_help.c
trunk/source/utils/net_rpc.c
Changeset:
Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1695 - trunk/source/utils
Author: mimir
Date: 2004-08-10 14:58:31 + (Tue, 10 Aug 2004)
New Revision: 1695
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1695nolog=1
Log:
Searching for existing entry before updating isn't needed and in fact
hinders doing it right. We need changes _only_ to catch the right values
inside the backend.
rafal
Modified:
trunk/source/utils/pdbedit.c
Changeset:
Modified: trunk/source/utils/pdbedit.c
===
--- trunk/source/utils/pdbedit.c2004-08-10 14:54:39 UTC (rev 1694)
+++ trunk/source/utils/pdbedit.c2004-08-10 14:58:31 UTC (rev 1695)
@@ -818,14 +818,11 @@
if (!dom_name) return -1;
- /* fetch existing password to fill the structure before
- the changes themselves */
- nt_status = in-pdb_gettrustpwnam(in, trust, dom_name);
- if (!NT_STATUS_IS_OK(nt_status)) {
- printf(Wrong domain name - seems non-existent!\n);
- return -1;
- }
-
+ /* unicode domain name */
+ trust.private.uni_name_len = strlen(dom_name);
+ push_ucs2(NULL, trust.private.uni_name, dom_name, trust.private.uni_name_len,
+ STR_TERMINATE);
+
/* domain sid */
if (dom_sid) {
/* copying sid to trust password structure */
@@ -844,6 +841,8 @@
givenpass = getpass(password (type Enter to leave it untouched):);
if (strlen(givenpass))
strncpy(trust.private.pass, givenpass, FSTRING_LEN);
+ else
+ trust.private.pass[0] = '\0';
/* last change time */
lct = time(NULL);
svn commit: samba-web r243 - in trunk: . news news/announcements
Author: deryck Date: 2004-08-10 15:01:12 + (Tue, 10 Aug 2004) New Revision: 243 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/trunkrev=243nolog=1 Log: Add announcement accepting story submissions to news site and samba.org front page headline section. --deryck Added: trunk/news/announcements/accepting.html Modified: trunk/index.html trunk/news/announcements/index.html trunk/news/index.html Changeset: Modified: trunk/index.html === --- trunk/index.html2004-08-10 13:58:48 UTC (rev 242) +++ trunk/index.html2004-08-10 15:01:12 UTC (rev 243) @@ -31,7 +31,8 @@ h2News/h2 ul -li8 August 2004 a href=http://news.samba.org/#redesign;samba.org Has Been Redesigned/a/li +li10 August 2004 a href=/samba/news/#acceptingnews.samba.org Open For Story Submissions/a/li +li8 August 2004 a href=/samba/news/#redesignsamba.org Has Been Redesigned/a/li /ul Added: trunk/news/announcements/accepting.html === --- trunk/news/announcements/accepting.html 2004-08-10 13:58:48 UTC (rev 242) +++ trunk/news/announcements/accepting.html 2004-08-10 15:01:12 UTC (rev 243) @@ -0,0 +1,24 @@ +h3a name=acceptingnews.samba.org Open For Story Submissions/a/h3 + +div class=article +pThe Samba Team is pleased to announce that news.samba.org, the recently +added news and information portal for samba.org, is now accepting story +submissions. Please follow the link to Submit A Story if you have something +that you think may be of interest to members of the Samba community./p + +pThe About news.samba.org page here explains a bit further:/p + +p class=quoteA story may be an actual news piece about Samba, or a link to a news +piece from another site, or a story could be an article someone has +written that relates to Samba. Stories could also be announcements of +related technologies, conferences, etc. that users, developers, and +vendors of Samba might find interesting and/or useful. And in practical +terms, we will also be publishing release announcements and Samba Team +announcements as stories on news.samba.org./p + +pThe Samba news site is, like the Samba community itself, dependent on contributors. +Whether or not news.samba.org grows and proves useful is completely up +to you, the dedicated users and developers of Samba. a href=/samba/news/submit.htmlSubmit A Story/a +/div + + Modified: trunk/news/announcements/index.html === --- trunk/news/announcements/index.html 2004-08-10 13:58:48 UTC (rev 242) +++ trunk/news/announcements/index.html 2004-08-10 15:01:12 UTC (rev 243) @@ -7,6 +7,9 @@ pMiscellaneous announcements for news.samba.org are archived here./p +h210 August 2004/h2 + a name=accepting!--#include virtual=accepting.html --/a + h28 August 2004/h2 a name=redesign!--#include virtual=redesign.html --/a Modified: trunk/news/index.html === --- trunk/news/index.html 2004-08-10 13:58:48 UTC (rev 242) +++ trunk/news/index.html 2004-08-10 15:01:12 UTC (rev 243) @@ -2,10 +2,15 @@ titlenews.samba.org/title !--#include virtual=/samba/news/header2.html -- +h210 August 2004/h2 + +!--#include virtual=/samba/news/announcements/accepting.html -- +div class=referenceLink: a href=/samba/news/announcements/#acceptingannouncements//a/div + h28 August 2004/h2 !--#include virtual=/samba/news/announcements/redesign.html -- -div class=referenceLink: a href=/samba/news/announcements/#redesignannouncements//a/div +div class=referenceLink: a href=/samba/news/announcements/#redesignannouncements//a/div !--#include virtual=footer.html--
svn commit: samba r1696 - trunk/source/libsmb
Author: vlendec Date: 2004-08-10 15:12:09 + (Tue, 10 Aug 2004) New Revision: 1696 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1696nolog=1 Log: Fix memleak Modified: trunk/source/libsmb/asn1.c Changeset: Modified: trunk/source/libsmb/asn1.c === --- trunk/source/libsmb/asn1.c 2004-08-10 14:58:31 UTC (rev 1695) +++ trunk/source/libsmb/asn1.c 2004-08-10 15:12:09 UTC (rev 1696) @@ -389,7 +389,9 @@ if (!asn1_start_tag(data, tag)) return False; *result = asn1_tag_remaining(data)+data.ofs; - asn1_end_tag(data); + /* We can't use asn1_end_tag here, as we did not consume the complete +* tag, so asn1_end_tag would flag an error and not free nesting */ + free(data.nesting); return True; }
svn commit: samba r1697 - trunk/source/utils
Author: mimir
Date: 2004-08-10 15:30:01 + (Tue, 10 Aug 2004)
New Revision: 1697
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1697nolog=1
Log:
Deal with unicode domain name in uniform way across all *_trustpw functions.
rafal
Modified:
trunk/source/utils/pdbedit.c
Changeset:
Modified: trunk/source/utils/pdbedit.c
===
--- trunk/source/utils/pdbedit.c2004-08-10 15:12:09 UTC (rev 1696)
+++ trunk/source/utils/pdbedit.c2004-08-10 15:30:01 UTC (rev 1697)
@@ -811,18 +811,22 @@
static int update_trustpw(struct pdb_context *in, const char *dom_name,
const char *dom_sid, const char* flag)
{
+ TALLOC_CTX *mem_ctx = NULL;
SAM_TRUST_PASSWD trust;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ smb_ucs2_t *uni_name = NULL;
char *givenpass = NULL;
time_t lct;
if (!dom_name) return -1;
- /* unicode domain name */
- trust.private.uni_name_len = strlen(dom_name);
- push_ucs2(NULL, trust.private.uni_name, dom_name, trust.private.uni_name_len,
- STR_TERMINATE);
+ mem_ctx = talloc_init(pdbedit: updating trust password);
+ /* unicode name */
+ trust.private.uni_name_len = strnlen(dom_name, 32);
+ push_ucs2_talloc(mem_ctx, uni_name, dom_name);
+ strncpy_w(trust.private.uni_name, uni_name, 32);
+
/* domain sid */
if (dom_sid) {
/* copying sid to trust password structure */
@@ -851,6 +855,7 @@
/* update the trust password */
nt_status = in-pdb_update_trust_passwd(in, trust);
+ talloc_destroy(mem_ctx);
if (!NT_STATUS_IS_OK(nt_status)) {
printf(Coulnd't modify trust password\n);
}
svn commit: samba r1698 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: gd
Date: 2004-08-10 16:42:58 + (Tue, 10 Aug 2004)
New Revision: 1698
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1698nolog=1
Log:
fix build.
guenther
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_printer.c
trunk/source/utils/net_rpc_printer.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_printer.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_printer.c 2004-08-10 15:30:01 UTC (rev
1697)
+++ branches/SAMBA_3_0/source/utils/net_rpc_printer.c 2004-08-10 16:42:58 UTC (rev
1698)
@@ -369,13 +369,14 @@
while (is_file) {
- int n = cli_read(cli_share_src, fnum_src, data, nread + start,
+ int n, ret;
+ n = cli_read(cli_share_src, fnum_src, data, nread + start,
read_size);
if (n = 0)
break;
- int ret = cli_write(cli_share_dst, fnum_dst, 0, data,
+ ret = cli_write(cli_share_dst, fnum_dst, 0, data,
nread + start, n);
if (n != ret) {
Modified: trunk/source/utils/net_rpc_printer.c
===
--- trunk/source/utils/net_rpc_printer.c2004-08-10 15:30:01 UTC (rev 1697)
+++ trunk/source/utils/net_rpc_printer.c2004-08-10 16:42:58 UTC (rev 1698)
@@ -369,13 +369,14 @@
while (is_file) {
- int n = cli_read(cli_share_src, fnum_src, data, nread + start,
+ int n, ret;
+ n = cli_read(cli_share_src, fnum_src, data, nread + start,
read_size);
if (n = 0)
break;
- int ret = cli_write(cli_share_dst, fnum_dst, 0, data,
+ ret = cli_write(cli_share_dst, fnum_dst, 0, data,
nread + start, n);
if (n != ret) {
svn commit: samba-web r244 - in trunk: . GUI devel docs download history news/announcements style team vendors
Author: deryck Date: 2004-08-10 17:51:07 + (Tue, 10 Aug 2004) New Revision: 244 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/trunkrev=244nolog=1 Log: Set news headline links to font-size:small. Add security page link to download page. Remove sitemap since it seemed unneccesary with new design. Change All the Docs to Docs and Books in all nav menus. Copy release notes from tmp branch. Sorry for the long commit. Couldn't connect during the last talk. --deryck Added: trunk/history/index.html trunk/history/samba-2.0.0.html trunk/history/samba-2.0.1.html trunk/history/samba-2.0.2.html trunk/history/samba-2.0.3.html trunk/history/samba-2.0.4.html trunk/history/samba-2.0.5.html trunk/history/samba-2.0.5a.html trunk/history/samba-2.0.6.html trunk/history/samba-2.0.7.html trunk/history/samba-2.2.0.html trunk/history/samba-2.2.1.html trunk/history/samba-2.2.10.html trunk/history/samba-2.2.2.html trunk/history/samba-2.2.3.html trunk/history/samba-2.2.3a.html trunk/history/samba-2.2.4.html trunk/history/samba-2.2.5.html trunk/history/samba-2.2.6.html trunk/history/samba-2.2.7.html trunk/history/samba-2.2.7a.html trunk/history/samba-2.2.8.html trunk/history/samba-2.2.8a.html trunk/history/samba-2.2.9.html trunk/history/samba-3.0.0.html trunk/history/samba-3.0.1.html trunk/history/samba-3.0.2.html trunk/history/samba-3.0.2a.html trunk/history/samba-3.0.3.html trunk/history/samba-3.0.4.html trunk/history/samba-3.0.5.html trunk/history/samba1.9.17.html trunk/history/samba1.9.17p1.html trunk/history/samba1.9.17p2.html trunk/history/samba1.9.17p3.html trunk/history/samba1.9.17p4.html trunk/history/samba1.9.17p5.html trunk/history/samba1.9.18.html trunk/history/samba1.9.18p1.html trunk/history/samba1.9.18p10.html trunk/history/samba1.9.18p2.html trunk/history/samba1.9.18p3.html trunk/history/samba1.9.18p4.html trunk/history/samba1.9.18p5.html trunk/history/samba1.9.18p6.html trunk/history/samba1.9.18p7.html trunk/history/samba1.9.18p8.html Removed: trunk/security.html trunk/sitemap.html Modified: trunk/GUI/header_gui.html trunk/devel/header_devel.html trunk/docs/header_docs.html trunk/download/header_download.html trunk/download/index.html trunk/header2.html trunk/index.html trunk/news/announcements/accepting.html trunk/style/main.css trunk/team/header_team.html trunk/vendors/header_vendors.html Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba-web r245 - trunk/history
Author: deryck Date: 2004-08-10 17:55:35 + (Tue, 10 Aug 2004) New Revision: 245 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=245nolog=1 Log: Cleaning up mistake with last commit. --deryck Removed: trunk/history/index.html Changeset: Deleted: trunk/history/index.html === --- trunk/history/index.html2004-08-10 17:51:07 UTC (rev 244) +++ trunk/history/index.html2004-08-10 17:55:35 UTC (rev 245) @@ -1,45 +0,0 @@ -!--#include virtual=/samba/header.html -- - titleSamba - opening windows to a wider world/title -!--#include virtual=/samba/header2.html -- - -pSamba is an a href=http://www.opensource.org/;Open Source/a/a href=http://www.gnu.org/philosophy/free-sw.html;Free Software/a suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available under the a href=/samba/docs/GPL.htmlGNU General Public License/a./p - - -h2Current Release/h2 - -h47 August 2004/h4 - -p class=headlinea name=latest Samba 3.0.6rc2 Available for Download/a/p - -pThe second release candidate of Samba 3.0.6 is now available for download. -Previously released snapshots in this series were referred to as 3.0.5pre1 -and 3.0.5rc1. These were later renamed as the 3.0.6 series due to the -3.0.5 security release. Samba 3.0.6rc2 can be downloaded in -a href=/samba/ftp/rc/samba-3.0.6rc2.tar.gzgzipped format/a. -The a href=/samba/ftp/rc/samba-3.0.6rc2.tar.ascGPG signature/a is for the uncompressed tarball. -There have been several bug fixes since the 3.0.4/5 release that -we feel are important to make available to the Samba community -for wider testings. This release is bnot/b intended for production -servers. Use at your own risk. All testing is very much appreciated. -Please refer to the a href=/samba/ftp/rc/WHATSNEW-3-0-6rc2.txtRelease Notes/a for -descriptions of the exact changes./p - -pa href=http://samba.org/~jerry/RPMS/samba/;RPMS for RedHat 8/9 -and Fedora Core 1/2/a can also be downloaded./p - - -h2News/h2 - - -div class=plugs - a href=/samba/tshirt.htmlimg src=/samba/images/t-small.jpg -alt=Samba t-shirt //a - - pa href=/samba/tshirt.htmlSamba T-shirts and mugs are available!/a/p -/div - -div class=request - pPlease select the closest span class=punchmirror site/span from the menu above. The popularity of Samba puts a strain on our network. By using a mirror site you can do your bit to reduce the load./p -/div - -!--#include virtual=/samba/footer.html --
svn commit: samba-web r246 - trunk/history
Author: deryck Date: 2004-08-10 17:57:00 + (Tue, 10 Aug 2004) New Revision: 246 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=246nolog=1 Log: Last clean up for previous mistake. --deryck Added: trunk/history/index.html Changeset: Copied: trunk/history/index.html (from rev 218, branches/tmp.samba.org/history/index.html)
svn commit: samba r1699 - in branches/SAMBA_4_0/source/gtk: common tools
Author: jelmer Date: 2004-08-10 18:44:58 + (Tue, 10 Aug 2004) New Revision: 1699 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/source/gtkrev=1699nolog=1 Log: Formatting update, bugfixes Modified: branches/SAMBA_4_0/source/gtk/common/select.c branches/SAMBA_4_0/source/gtk/tools/gregedit.c branches/SAMBA_4_0/source/gtk/tools/gwcrontab.c branches/SAMBA_4_0/source/gtk/tools/gwsam.c branches/SAMBA_4_0/source/gtk/tools/gwsam_user.c Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1700 - branches/SAMBA_4_0/source/build/pidl
Author: jelmer
Date: 2004-08-10 18:46:36 + (Tue, 10 Aug 2004)
New Revision: 1700
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1700nolog=1
Log:
make version default to 0.0 (same as midl)
Modified:
branches/SAMBA_4_0/source/build/pidl/header.pm
Changeset:
Modified: branches/SAMBA_4_0/source/build/pidl/header.pm
===
--- branches/SAMBA_4_0/source/build/pidl/header.pm 2004-08-10 18:44:58 UTC (rev
1699)
+++ branches/SAMBA_4_0/source/build/pidl/header.pm 2004-08-10 18:46:36 UTC (rev
1700)
@@ -275,6 +275,8 @@
if (defined $if_uuid) {
my $name = uc $interface-{NAME};
$res .= #define DCERPC_$name\_UUID \$if_uuid\\n;
+
+ if(!defined $if_version) { $if_version = 0.0; }
$res .= #define DCERPC_$name\_VERSION $if_version\n;
$res .= #define DCERPC_$name\_NAME \$interface-{NAME}\\n\n;
$res .= extern const struct dcerpc_interface_table
dcerpc_table_$interface-{NAME};\n;
svn commit: samba r1701 - branches/SAMBA_4_0/source/build/pidl
Author: jelmer Date: 2004-08-10 18:47:26 + (Tue, 10 Aug 2004) New Revision: 1701 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1701nolog=1 Log: Bugfixes to Tim's ethereal parser generator Modified: branches/SAMBA_4_0/source/build/pidl/eparser.pm branches/SAMBA_4_0/source/build/pidl/packet-dcerpc-eparser.c branches/SAMBA_4_0/source/build/pidl/packet-dcerpc-eparser.h Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1702 - trunk/source/lib
Author: vlendec
Date: 2004-08-10 19:10:46 + (Tue, 10 Aug 2004)
New Revision: 1702
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1702nolog=1
Log:
A little more ldap stuff
Modified:
trunk/source/lib/smb_ldap.c
Changeset:
Modified: trunk/source/lib/smb_ldap.c
===
--- trunk/source/lib/smb_ldap.c 2004-08-10 18:47:26 UTC (rev 1701)
+++ trunk/source/lib/smb_ldap.c 2004-08-10 19:10:46 UTC (rev 1702)
@@ -1191,7 +1191,7 @@
r-dn = blob2string_talloc(msg-mem_ctx, blob);
if (asn1_peek_tag(data, 0x80)) {
int pwlen;
- r-creds.password = NULL;
+ r-creds.password = ;
/* Mechanism 0 (SIMPLE) */
asn1_start_tag(data, 0x80);
pwlen = asn1_tag_remaining(data);
@@ -1410,8 +1410,8 @@
return !data-has_error;
}
-static BOOL ldap_parse_basic_url(TALLOC_CTX *mem_ctx, const char *url,
-char **host, uint16 *port, BOOL *ldaps)
+BOOL ldap_parse_basic_url(TALLOC_CTX *mem_ctx, const char *url,
+ char **host, uint16 *port, BOOL *ldaps)
{
int tmp_port = 0;
fstring protocol;
@@ -1740,6 +1740,21 @@
return res;
}
+struct ldap_message *new_ldap_simple_bind_msg(const char *dn, const char *pw)
+{
+ struct ldap_message *res = new_ldap_message();
+
+ if (res == NULL)
+ return NULL;
+
+ res-type = LDAP_TAG_BindRequest;
+ res-r.BindRequest.version = 3;
+ res-r.BindRequest.dn = talloc_strdup(res-mem_ctx, dn);
+ res-r.BindRequest.mechanism = LDAP_AUTH_MECH_SIMPLE;
+ res-r.BindRequest.creds.password = talloc_strdup(res-mem_ctx, pw);
+ return res;
+}
+
BOOL ldap_setsearchent(struct ldap_connection *conn, struct ldap_message *msg,
const struct timeval *endtime)
{
svn commit: samba r1703 - in branches/SAMBA_4_0/source: build/pidl librpc librpc/idl librpc/rpc rpc_server/epmapper torture/rpc
Author: jelmer Date: 2004-08-10 20:55:42 + (Tue, 10 Aug 2004) New Revision: 1703 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/sourcerev=1703nolog=1 Log: - Lots of RPC updates, adding new pipes and protocols. - More updates/fixes to the ethereal parser generator Added: branches/SAMBA_4_0/source/librpc/idl/policyagent.idl Modified: branches/SAMBA_4_0/source/build/pidl/eparser.pm branches/SAMBA_4_0/source/build/pidl/packet-dcerpc-eparser.c branches/SAMBA_4_0/source/build/pidl/packet-dcerpc-eparser.h branches/SAMBA_4_0/source/librpc/config.m4 branches/SAMBA_4_0/source/librpc/idl/browser.idl branches/SAMBA_4_0/source/librpc/idl/dcom.idl branches/SAMBA_4_0/source/librpc/idl/epmapper.idl branches/SAMBA_4_0/source/librpc/idl/keysvc.idl branches/SAMBA_4_0/source/librpc/idl/protected_storage.idl branches/SAMBA_4_0/source/librpc/idl/svcctl.idl branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c branches/SAMBA_4_0/source/rpc_server/epmapper/rpc_epmapper.c branches/SAMBA_4_0/source/torture/rpc/epmapper.c branches/SAMBA_4_0/source/torture/rpc/svcctl.c Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1704 - trunk/source/utils
Author: mimir
Date: 2004-08-10 21:05:08 + (Tue, 10 Aug 2004)
New Revision: 1704
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1704nolog=1
Log:
Explicitly zero flags field (ie. turn it off) if no flags have been
specified in command line.
rafal
Modified:
trunk/source/utils/pdbedit.c
Changeset:
Modified: trunk/source/utils/pdbedit.c
===
--- trunk/source/utils/pdbedit.c2004-08-10 20:55:42 UTC (rev 1703)
+++ trunk/source/utils/pdbedit.c2004-08-10 21:05:08 UTC (rev 1704)
@@ -837,9 +837,7 @@
}
/* flags */
- if (flag) {
- trust.private.flags = trustpw_flag(flag);
- }
+ trust.private.flags = (flag) ? trustpw_flag(flag) : 0;
/* password */
givenpass = getpass(password (type Enter to leave it untouched):);
svn commit: samba r1705 - trunk/source/passdb
Author: mimir
Date: 2004-08-10 21:15:27 + (Tue, 10 Aug 2004)
New Revision: 1705
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1705nolog=1
Log:
1) When updating skip the password when it's zero length or put it (even
if empty) otherwise
2) Use snprintf functions instead of slprintf, which is the same btw
3) Skip trust flags field if zero
rafal
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===
--- trunk/source/passdb/pdb_ldap.c 2004-08-10 21:05:08 UTC (rev 1704)
+++ trunk/source/passdb/pdb_ldap.c 2004-08-10 21:15:27 UTC (rev 1705)
@@ -3275,6 +3275,7 @@
return False;
}
+ /* Attribute names to avoid extra calls get_attr_key2string and make code
clearer */
attr_domain = get_attr_key2string(trustpw_attr_list, LDAP_ATTR_DOMAIN);
attr_ntpw = get_attr_key2string(trustpw_attr_list, LDAP_ATTR_NTPW);
attr_sid= get_attr_key2string(trustpw_attr_list, LDAP_ATTR_SID);
@@ -3295,19 +3296,21 @@
}
/* Trust password itself */
- if (strlen(pdb_get_tp_pass(trustpw))) {
- pdb_sethexpwd(hexpwd, pdb_get_tp_pass(trustpw), 0);
- if (entry) {
+ pdb_sethexpwd(hexpwd, pdb_get_tp_pass(trustpw), 0);
+ if (entry) {
+ /* in case of updating we only need to do that if anything has been
+ entered at new password prompt */
+ if (strlen(pdb_get_tp_pass(trustpw))) {
ret =
smbldap_get_single_attribute(ldap_state-smbldap_state-ldap_struct, entry,
attr_ntpw, attr_val,
sizeof(attr_val));
if (ret)
if (strncmp(hexpwd, attr_val, sizeof(attr_val)))
smbldap_make_mod(ldap_state-smbldap_state-ldap_struct, entry, mod,
attr_ntpw, hexpwd);
- } else {
- smbldap_make_mod(ldap_state-smbldap_state-ldap_struct,
entry, mod,
-attr_ntpw, hexpwd);
}
+ } else {
+ smbldap_make_mod(ldap_state-smbldap_state-ldap_struct, entry, mod,
+attr_ntpw, hexpwd);
}
/* SID of the trust password */
@@ -3326,7 +3329,7 @@
}
/* Last change time */
- slprintf(mtime_str, sizeof(mtime_str) - 1, %li,
pdb_get_tp_mod_time(trustpw));
+ snprintf(mtime_str, sizeof(mtime_str) - 1, %li,
pdb_get_tp_mod_time(trustpw));
if (entry) {
ret =
smbldap_get_single_attribute(ldap_state-smbldap_state-ldap_struct, entry,
attr_lct, attr_val,
sizeof(attr_val));
@@ -3340,14 +3343,16 @@
}
/* Trust type flags */
- slprintf(flags_str, sizeof(flags_str) - 1, %i, pdb_get_tp_flags(trustpw));
+ snprintf(flags_str, sizeof(flags_str) - 1, %i, pdb_get_tp_flags(trustpw));
if (entry) {
- ret =
smbldap_get_single_attribute(ldap_state-smbldap_state-ldap_struct, entry,
- attr_flags, attr_val,
sizeof(attr_val));
- if (ret)
- if (strncmp(flags_str, attr_val, sizeof(attr_val)))
-
smbldap_make_mod(ldap_state-smbldap_state-ldap_struct, entry, mod,
-attr_flags, flags_str);
+ if (pdb_get_tp_flags(trustpw)) {
+ ret =
smbldap_get_single_attribute(ldap_state-smbldap_state-ldap_struct, entry,
+ attr_flags, attr_val,
sizeof(attr_val));
+ if (ret)
+ if (strncmp(flags_str, attr_val, sizeof(attr_val)))
+
smbldap_make_mod(ldap_state-smbldap_state-ldap_struct, entry, mod,
+attr_flags, flags_str);
+ }
} else {
smbldap_make_mod(ldap_state-smbldap_state-ldap_struct, entry, mod,
attr_flags, flags_str);
@@ -3649,7 +3654,7 @@
ldap_op = LDAP_MOD_ADD;
/* DN of the object being added */
- slprintf(dn, sizeof(dn) - 1, %s=%s,%s=%s,%s,
get_attr_key2string(trustpw_attr_list, LDAP_ATTR_DOMAIN),
+ snprintf(dn, sizeof(dn) - 1, %s=%s,%s=%s,%s,
get_attr_key2string(trustpw_attr_list, LDAP_ATTR_DOMAIN),
dom_name, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
lp_workgroup(),
lp_ldap_suffix());
@@ -3753,7 +3758,7 @@
ldap_op = LDAP_MOD_REPLACE;
/* DN of the object being added */
- slprintf(dn, sizeof(dn) -
svn commit: samba r1707 - trunk/source/utils
Author: mimir
Date: 2004-08-10 21:23:48 + (Tue, 10 Aug 2004)
New Revision: 1707
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1707nolog=1
Log:
Meet also the case when passdb backend does not implement trust passwords
handling functions. Many don't, at the moment.
rafal
Modified:
trunk/source/utils/pdbedit.c
Changeset:
Modified: trunk/source/utils/pdbedit.c
===
--- trunk/source/utils/pdbedit.c2004-08-10 21:16:19 UTC (rev 1706)
+++ trunk/source/utils/pdbedit.c2004-08-10 21:23:48 UTC (rev 1707)
@@ -854,11 +854,15 @@
nt_status = in-pdb_update_trust_passwd(in, trust);
talloc_destroy(mem_ctx);
- if (!NT_STATUS_IS_OK(nt_status)) {
- printf(Coulnd't modify trust password\n);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ return 0;
+
+ } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOT_IMPLEMENTED)) {
+ printf(Error: this functionality is not supported by your current
passdb backend!\n);
+ return -1;
}
- return NT_STATUS_IS_OK(nt_status) ? 0 : -1;
+ return -1;
}
svn commit: samba r1708 - branches/SAMBA_4_0/source/librpc
Author: metze Date: 2004-08-10 21:33:27 + (Tue, 10 Aug 2004) New Revision: 1708 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1708nolog=1 Log: fix jelmers bugs:-) metze Modified: branches/SAMBA_4_0/source/librpc/config.m4 Changeset: Modified: branches/SAMBA_4_0/source/librpc/config.m4 === --- branches/SAMBA_4_0/source/librpc/config.m4 2004-08-10 21:23:48 UTC (rev 1707) +++ branches/SAMBA_4_0/source/librpc/config.m4 2004-08-10 21:33:27 UTC (rev 1708) @@ -6,6 +6,7 @@ librpc/ndr/ndr_sec.o librpc/ndr/ndr_spoolss_buf.o librpc/gen_ndr/tables.o + librpc/gen_ndr/ndr_audiosrv.o librpc/gen_ndr/ndr_dcerpc.o librpc/gen_ndr/ndr_echo.o librpc/gen_ndr/ndr_misc.o
svn commit: samba r1709 - trunk/source/lib
Author: vlendec Date: 2004-08-10 21:37:52 + (Tue, 10 Aug 2004) New Revision: 1709 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1709nolog=1 Log: Add server-side encoding for add/mod/delrequest. Volker Modified: trunk/source/lib/smb_ldap.c Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1710 - trunk/source/utils
Author: mimir
Date: 2004-08-10 22:08:02 + (Tue, 10 Aug 2004)
New Revision: 1710
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1710nolog=1
Log:
Meet the case when passdb backend does not implement trust passwords
handling functions.
rafal
Modified:
trunk/source/utils/pdbedit.c
Changeset:
Modified: trunk/source/utils/pdbedit.c
===
--- trunk/source/utils/pdbedit.c2004-08-10 21:37:52 UTC (rev 1709)
+++ trunk/source/utils/pdbedit.c2004-08-10 22:08:02 UTC (rev 1710)
@@ -935,7 +935,6 @@
{
SAM_TRUST_PASSWD trust;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- BOOL status = False;
/* unicode name and its null-termination */
trust.private.uni_name_len = strnlen(domain, 32);
@@ -946,8 +945,15 @@
to fill the rest of the structure */
nt_status = in-pdb_delete_trust_passwd(in, trust);
- status = NT_STATUS_IS_OK(nt_status) ? 0 : -1;
- return status;
+ if (NT_STATUS_IS_OK(nt_status)) {
+ return 0;
+
+ } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOT_IMPLEMENTED)) {
+ printf(Error: this functionality is not supported by your current
passdb backend!\n);
+ return -1;
+ }
+
+ return -1;
}
svn commit: samba r1711 - branches/SAMBA_4_0/source/librpc/idl
Author: jelmer Date: 2004-08-10 22:21:12 + (Tue, 10 Aug 2004) New Revision: 1711 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1711nolog=1 Log: Add ServerAlive2 Modified: branches/SAMBA_4_0/source/librpc/idl/dcom.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/dcom.idl === --- branches/SAMBA_4_0/source/librpc/idl/dcom.idl 2004-08-10 22:08:02 UTC (rev 1710) +++ branches/SAMBA_4_0/source/librpc/idl/dcom.idl 2004-08-10 22:21:12 UTC (rev 1711) @@ -382,6 +382,12 @@ [out, ref] COMVERSION *pComVersion ); + [idempotent] WERROR ServerAlive2 ( + [out] COMVERSION version, + [out] uint8 unknown1[4], + [out] DUALSTRINGARRAY dualstring, + [out] uint8 unknown2[5]); + } [
svn commit: samba r1712 - branches/SAMBA_4_0/source/libcli/raw
Author: tridge
Date: 2004-08-10 23:06:59 + (Tue, 10 Aug 2004)
New Revision: 1712
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1712nolog=1
Log:
this should fix a bug with a spinning client when a server dies
unexpectedly. bug found by abartlett.
Modified:
branches/SAMBA_4_0/source/libcli/raw/clitransport.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/raw/clitransport.c
===
--- branches/SAMBA_4_0/source/libcli/raw/clitransport.c 2004-08-10 22:21:12 UTC (rev
1711)
+++ branches/SAMBA_4_0/source/libcli/raw/clitransport.c 2004-08-10 23:06:59 UTC (rev
1712)
@@ -433,6 +433,10 @@
transport-recv_buffer.header +
transport-recv_buffer.received,
NBT_HDR_SIZE - transport-recv_buffer.received);
+ if (ret == 0) {
+ smbcli_transport_dead(transport);
+ return;
+ }
if (ret == -1) {
if (errno == EINTR || errno == EAGAIN) {
return;
svn commit: samba r1713 - in trunk/source: . nsswitch
Author: vlendec Date: 2004-08-10 23:37:28 + (Tue, 10 Aug 2004) New Revision: 1713 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/trunk/sourcerev=1713nolog=1 Log: Add a winbind ldap proxy. This is incomplete, but you can run most basic operations against it. Major missing pieces: Extended operations, referrals and tls. Why do I do this? Hmm. Like the OpenBSD people reply to the question why they ship cryptography: Because I can :-) There are some other reasons however: Our current handling of update referrals is less than optimal. I would like to optimize the referral handling so that during the ldap replication timeout we query the ldap server we've been referred to so that the operations are not stalled. I would like to have non-tls for loopback and ldapi, and tls for remote referred servers. At least some versions of OpenLDAP have a 1024 client limit, this has already hit me at a customer site. The winbind proxy code can be extended to load-balance over any configured number of ldap servers. For all these features I don't have the energy to figure out how to do that with the RFC C API and how to work around the several RFC SHOULD thingies that popular libraries choose not to implement. Next reason: Samba4 will be an LDAP server, this can be a good testbed for the ldap encoding/decoding routines. Volker Added: trunk/source/nsswitch/winbindd_ldap.c Modified: trunk/source/Makefile.in trunk/source/nsswitch/winbindd.c Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1714 - in branches/SAMBA_4_0/source/build: . dcom
Author: jelmer Date: 2004-08-11 00:02:11 + (Wed, 11 Aug 2004) New Revision: 1714 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/source/buildrev=1714nolog=1 Log: Initial docs on DCOM stuff and build utilities Added: branches/SAMBA_4_0/source/build/dcom/ branches/SAMBA_4_0/source/build/dcom/procedure Changeset: Added: branches/SAMBA_4_0/source/build/dcom/procedure === --- branches/SAMBA_4_0/source/build/dcom/procedure 2004-08-10 23:37:28 UTC (rev 1713) +++ branches/SAMBA_4_0/source/build/dcom/procedure 2004-08-11 00:02:11 UTC (rev 1714) @@ -0,0 +1,69 @@ +- Bind to IOXIDResolver +- ServerAlive2() +- Bind to ISystemActivator + +Everything based on IDispatch implements: + +/*/ +/* Function 0x00 */ +HRESULT QueryInterface( + [in] ORPCTHIS *this, + [out] ORPCTHAT *that, + [in] REFIID riid, + [out] /* [iid_is] */ void **ppvObject); + +/*/ +/* Function 0x01 */ +ULONG AddRef ( + [in] ORPCTHIS *this, + [out] ORPCTHAT *that +); + +/*/ +/* Function 0x02 */ +ULONG Release( + [in] ORPCTHIS *this, + [out] ORPCTHAT *that +); + +/*/ +/* Function 0x03 */ +HRESULT GetTypeInfoCount( +[in] ORPCTHIS *this, +[out] ORPCTHAT *that, +[out] UINT *pctinfo); + +/*/ +/* Function 0x04 */ +HRESULT GetTypeInfo ( +[in] ORPCTHIS *this, +[out] ORPCTHAT *that, +[in] UINT iTInfo, +[in] LCID lcid, +[out] ITypeInfo **ppTInfo); + +/*/ +/* Function 0x05 */ +HRESULT GetIDsOfNames( + [in] ORPCTHIS *this, + [out] ORPCTHAT *that, + [in] REFIID riid, + [size_is][in] LPOLESTR *rgszNames, + [in] UINT cNames, + [in] LCID lcid, + [size_is][out] DISPID *rgDispId); + +/*/ +/* Function 0x06 */ +HRESULT Invoke( + [in] ORPCTHIS *this, + [out] ORPCTHAT *that, + [in] DISPID dispIdMember, + [in] REFIID riid, + [in] LCID lcid, + [in] WORD wFlags, + [out][in] DISPPARAMS *pDispParams, + [out] VARIANT *pVarResult, + [out] EXCEPINFO *pExcepInfo, + [out] UINT *puArgErr); +
svn commit: samba-web r247 - trunk
Author: deryck Date: 2004-08-11 00:25:57 + (Wed, 11 Aug 2004) New Revision: 247 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=247nolog=1 Log: Add further safety nets for non-javascript enabled browsers. --deryck Added: trunk/mirrors_lists.html Modified: trunk/header2.html trunk/redirect_us.html Changeset: Modified: trunk/header2.html === --- trunk/header2.html 2004-08-10 17:57:00 UTC (rev 246) +++ trunk/header2.html 2004-08-11 00:25:57 UTC (rev 247) @@ -59,11 +59,14 @@ input type=submit value=Go / /form span|/span - form action=no_script_required.cgi name=mirrorForm + form action=no_script_yet.cgi name=mirrorForm select name=mirrorLocation onchange=changeMirror(this.form.mirrorLocation) option selected=selectedChoose A Mirror/option !--#include virtual=/samba/mirror_options.html -- /select +noscript +input type=submit value=Go / +/noscript /form /div /div Added: trunk/mirrors_lists.html === --- trunk/mirrors_lists.html2004-08-10 17:57:00 UTC (rev 246) +++ trunk/mirrors_lists.html2004-08-11 00:25:57 UTC (rev 247) @@ -0,0 +1,16 @@ +html + +headtitleSamba -- Opening Windows to a Wider World/title/head + +body + +h3Please chose a mirror/h3 + +h4For the samba.org web site:/h4 +!--#include virtual=/samba/web_hosts.html -- + +h4For download ftp sites:/h4 +!--#include virtual=ftp_hosts.html -- + +/body +/html Modified: trunk/redirect_us.html === --- trunk/redirect_us.html 2004-08-10 17:57:00 UTC (rev 246) +++ trunk/redirect_us.html 2004-08-11 00:25:57 UTC (rev 247) @@ -32,7 +32,9 @@ body onload=javascript:window.location=randomMirror[index] +pYou do not have javascript enabled and therefore have not been redirected to a Samba mirror. Please go a href=/samba/mirrors_lists.htmlhere/a instead./p +pWe are sorry for the inconvenience./p /body /html
svn commit: samba-web r248 - trunk
Author: deryck Date: 2004-08-11 00:42:09 + (Wed, 11 Aug 2004) New Revision: 248 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=248nolog=1 Log: Remove us2.samba from redirect page until the mirror catches up with changes. --deryck Modified: trunk/redirect_us.html Changeset: Modified: trunk/redirect_us.html === --- trunk/redirect_us.html 2004-08-11 00:25:57 UTC (rev 247) +++ trunk/redirect_us.html 2004-08-11 00:42:09 UTC (rev 248) @@ -7,9 +7,8 @@ randomMirror = new Array; randomMirror[0] = http://us1.samba.org/samba/;; - randomMirror[1] = http://us2.samba.org/samba/;; - randomMirror[2] = http://us3.samba.org/samba/;; - randomMirror[3] = http://us4.samba.org/samba/;; + randomMirror[1] = http://us3.samba.org/samba/;; + randomMirror[2] = http://us4.samba.org/samba/;; rnd.today=new Date(); rnd.seed=rnd.today.getTime(); @@ -23,7 +22,7 @@ return Math.ceil(rnd()*number); } -index = rand(4)-1; +index = rand(3)-1; /script @@ -32,9 +31,11 @@ body onload=javascript:window.location=randomMirror[index] +noscript pYou do not have javascript enabled and therefore have not been redirected to a Samba mirror. Please go a href=/samba/mirrors_lists.htmlhere/a instead./p pWe are sorry for the inconvenience./p +/noscript /body /html
svn commit: samba-web r249 - in trunk: . news news/advocacy
Author: deryck Date: 2004-08-11 01:08:13 + (Wed, 11 Aug 2004) New Revision: 249 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/trunkrev=249nolog=1 Log: Add Chris Hertel's Minnesota MS announcment to the news section. --deryck Added: trunk/news/advocacy/minnesota_ms.html Modified: trunk/index.html trunk/news/advocacy/index.html trunk/news/index.html Changeset: Modified: trunk/index.html === --- trunk/index.html2004-08-11 00:42:09 UTC (rev 248) +++ trunk/index.html2004-08-11 01:08:13 UTC (rev 249) @@ -31,6 +31,7 @@ h2News/h2 ul class=news +li10 August 2004 a href=/samba/news/#minnesota_msMinnesota Vouchers/a/li li10 August 2004 a href=/samba/news/#acceptingnews.samba.org Open For Story Submissions/a/li li8 August 2004 a href=/samba/news/#redesignsamba.org Has Been Redesigned/a/li /ul Modified: trunk/news/advocacy/index.html === --- trunk/news/advocacy/index.html 2004-08-11 00:42:09 UTC (rev 248) +++ trunk/news/advocacy/index.html 2004-08-11 01:08:13 UTC (rev 249) @@ -6,7 +6,7 @@ pStories related to Samba advocacy on news.samba.org are archived here./p -p class=creditThere are no stories currently published for this section./p +h210 August 2004/h2 + a name=minnesota_ms!--#include virtual=minnesota_ms.html --/a - !--#include virtual=/samba/news/footer.html -- Added: trunk/news/advocacy/minnesota_ms.html === --- trunk/news/advocacy/minnesota_ms.html 2004-08-11 00:42:09 UTC (rev 248) +++ trunk/news/advocacy/minnesota_ms.html 2004-08-11 01:08:13 UTC (rev 249) @@ -0,0 +1,15 @@ +h3a name=minnesota_msMinnesota Vouchers/a/h3 + +div class=article + pIf you purchased Microsoft products (or a computer with Microsoft +products installed) between May 18, 1994 and March 17, 2003 +(inclusive) for use in Minnesota, you may be eligible to receive +vouchers for future software and/or hardware product purchases -- even if +you're not using them to buy Microsoft stuff. a href=http://ubiqx.org/cifs/Vouchers.html;Read More/a./p + + + pStory from a href=http://ubiqx.org/cifs/;Chris Hertel/a./p + +/div + + Modified: trunk/news/index.html === --- trunk/news/index.html 2004-08-11 00:42:09 UTC (rev 248) +++ trunk/news/index.html 2004-08-11 01:08:13 UTC (rev 249) @@ -3,6 +3,9 @@ !--#include virtual=/samba/news/header2.html -- h210 August 2004/h2 + +!--#include virtual=/samba/news/advocacy/minnesota_ms.html -- +div class=referenceLink: a href=/samba/news/advocacy/#minnesota_msadvocacy//a/div !--#include virtual=/samba/news/announcements/accepting.html -- div class=referenceLink: a href=/samba/news/announcements/#acceptingannouncements//a/div
svn commit: samba r1715 - in trunk/examples: . pcap2nbench
Author: jmcd Date: 2004-08-11 01:26:42 + (Wed, 11 Aug 2004) New Revision: 1715 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/trunk/examplesrev=1715nolog=1 Log: Add pcap2nbench, written by [EMAIL PROTECTED] pcap2nbench converts pcap files to nbench input files. Very handy :-) Added: trunk/examples/pcap2nbench/ trunk/examples/pcap2nbench/COPYING trunk/examples/pcap2nbench/Makefile trunk/examples/pcap2nbench/README trunk/examples/pcap2nbench/closerequest.cpp trunk/examples/pcap2nbench/closerequest.hpp trunk/examples/pcap2nbench/ethernet.cpp trunk/examples/pcap2nbench/ethernet.hpp trunk/examples/pcap2nbench/ip.cpp trunk/examples/pcap2nbench/ip.hpp trunk/examples/pcap2nbench/main.cpp trunk/examples/pcap2nbench/ntcreateandxrequest.cpp trunk/examples/pcap2nbench/ntcreateandxrequest.hpp trunk/examples/pcap2nbench/ntcreateandxresponse.cpp trunk/examples/pcap2nbench/ntcreateandxresponse.hpp trunk/examples/pcap2nbench/readandxrequest.cpp trunk/examples/pcap2nbench/readandxrequest.hpp trunk/examples/pcap2nbench/readandxresponse.hpp trunk/examples/pcap2nbench/smb.cpp trunk/examples/pcap2nbench/smb.hpp trunk/examples/pcap2nbench/tcp.cpp trunk/examples/pcap2nbench/tcp.hpp trunk/examples/pcap2nbench/writeandxrequest.cpp trunk/examples/pcap2nbench/writeandxrequest.hpp Changeset: Sorry the patch is to large, please use WebSVN to see it!
svn commit: samba r1716 - branches/SAMBA_3_0/source/utils
Author: vlendec
Date: 2004-08-11 01:30:23 + (Wed, 11 Aug 2004)
New Revision: 1716
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1716nolog=1
Log:
Get rid of a compiler warning. pipe is a symbol that is defined as a system
call, and gcc -Wall complains about a shadowed definition.
Volker
Modified:
branches/SAMBA_3_0/source/utils/net.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net.c
===
--- branches/SAMBA_3_0/source/utils/net.c 2004-08-11 01:26:42 UTC (rev 1715)
+++ branches/SAMBA_3_0/source/utils/net.c 2004-08-11 01:30:23 UTC (rev 1716)
@@ -215,7 +215,7 @@
*
* @return Normal NTSTATUS return.
**/
-NTSTATUS connect_local_pipe(struct cli_state **cli_local, int pipe, BOOL *got_pipe)
+NTSTATUS connect_local_pipe(struct cli_state **cli_local, int pipe_num, BOOL
*got_pipe)
{
NTSTATUS nt_status;
extern struct in_addr loopback_ip;
@@ -227,7 +227,7 @@
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
- if (!cli_nt_session_open(cli_tmp, pipe)) {
+ if (!cli_nt_session_open(cli_tmp, pipe_num)) {
DEBUG(0, (couldn't not initialise spoolss pipe\n));
cli_shutdown(cli_tmp);
return NT_STATUS_UNSUCCESSFUL;
svn commit: samba r1717 - trunk/source/utils
Author: vlendec
Date: 2004-08-11 04:02:54 + (Wed, 11 Aug 2004)
New Revision: 1717
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1717nolog=1
Log:
merge warning fix from 3_0
Modified:
trunk/source/utils/net.c
Changeset:
Modified: trunk/source/utils/net.c
===
--- trunk/source/utils/net.c2004-08-11 01:30:23 UTC (rev 1716)
+++ trunk/source/utils/net.c2004-08-11 04:02:54 UTC (rev 1717)
@@ -215,7 +215,7 @@
*
* @return Normal NTSTATUS return.
**/
-NTSTATUS connect_local_pipe(struct cli_state **cli_local, int pipe, BOOL *got_pipe)
+NTSTATUS connect_local_pipe(struct cli_state **cli_local, int pipe_num, BOOL
*got_pipe)
{
NTSTATUS nt_status;
extern struct in_addr loopback_ip;
@@ -227,7 +227,7 @@
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
- if (!cli_nt_session_open(cli_tmp, pipe)) {
+ if (!cli_nt_session_open(cli_tmp, pipe_num)) {
DEBUG(0, (couldn't not initialise spoolss pipe\n));
cli_shutdown(cli_tmp);
return NT_STATUS_UNSUCCESSFUL;
svn commit: samba r1718 - trunk/source/passdb
Author: mimir
Date: 2004-08-11 05:23:55 + (Wed, 11 Aug 2004)
New Revision: 1718
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1718nolog=1
Log:
Deleting trust password stored in ldap directory is now possible.
rafal
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===
--- trunk/source/passdb/pdb_ldap.c 2004-08-11 04:02:54 UTC (rev 1717)
+++ trunk/source/passdb/pdb_ldap.c 2004-08-11 05:23:55 UTC (rev 1718)
@@ -3701,7 +3701,7 @@
static NTSTATUS ldapsam_update_trust_passwd(struct pdb_methods *methods, const
SAM_TRUST_PASSWD *trust)
{
struct ldapsam_privates *ldap_state = (struct ldapsam_privates
*)methods-private_data;
- NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS nt_status = NT_STATUS_OK;
SAM_TRUST_PASSWD trustpw;
char **attr_list;
LDAPMessage *res = NULL;
@@ -3796,7 +3796,65 @@
static NTSTATUS ldapsam_delete_trust_passwd(struct pdb_methods *methods, const
SAM_TRUST_PASSWD *trust)
{
- NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates
*)methods-private_data;
+ NTSTATUS nt_status;
+ const char *dom_name;
+ char **attr_list, *dn = NULL;
+ LDAPMessage *res = NULL;
+ int rc, count;
+
+ if (!trust) {
+ DEBUG(0, (trust was NULL!\n));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ dom_name = pdb_get_tp_domain_name_c(trust);
+ if (!dom_name) {
+ DEBUG(0, (Couldn't get char-converted domain name\n));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ attr_list = get_attr_list(trustpw_attr_list);
+
+ /* Checking if such trust password already exists in the directory
+ - search and count the results */
+ rc = ldapsam_search_trustpw_by_name(ldap_state, dom_name, res, attr_list);
+ if (rc != LDAP_SUCCESS) {
+ free_attr_list(attr_list);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* Counting the actual number of entries returned (we need only one) */
+ count = ldap_count_entries(ldap_state-smbldap_state-ldap_struct, res);
+ if (count 1) {
+ DEBUG(0, (Trust password (%s) does not exist in the directory!\n,
dom_name));
+ return NT_STATUS_UNSUCCESSFUL;
+
+ } else if (count 1) {
+ DEBUG(0, (Multiple entries found for trust password [%s]!\n,
dom_name));
+ return NT_STATUS_UNSUCCESSFUL;
+
+ } else
+ DEBUG(3, (Trust password (%s) found in the directory\n, dom_name));
+
+ /* Getting distinguished name of the ldap entry */
+ dn = smbldap_get_dn(ldap_state-smbldap_state-ldap_struct, res);
+ if (!dn) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* Time to delete ... */
+ rc = smbldap_delete(ldap_state-smbldap_state, dn);
+ if (rc != LDAP_SUCCESS) {
+ char *ldap_err = NULL;
+ ldap_get_option(ldap_state-smbldap_state-ldap_struct,
LDAP_OPT_ERROR_STRING,
+ ldap_err);
+ DEBUG(1, (Failed to delete trustpw dn= %s with %s\n\t%s\n, dn,
+ ldap_err2string(rc), ldap_err ? ldap_err : unknown));
+ SAFE_FREE(ldap_err);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
return nt_status;
}
svn commit: samba r1719 - trunk/source/passdb
Author: mimir
Date: 2004-08-11 05:39:12 + (Wed, 11 Aug 2004)
New Revision: 1719
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1719nolog=1
Log:
A doxygen comment explaining what's this.
rafal
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===
--- trunk/source/passdb/pdb_ldap.c 2004-08-11 05:23:55 UTC (rev 1718)
+++ trunk/source/passdb/pdb_ldap.c 2004-08-11 05:39:12 UTC (rev 1719)
@@ -3794,6 +3794,14 @@
}
+/**
+ * Deletes trust password entry from the directory
+ *
+ * @param methods passdb backend methods related to current context
+ * @param trust trust password to delete (only the name is actually used)
+ * @return nt status code of operation
+ */
+
static NTSTATUS ldapsam_delete_trust_passwd(struct pdb_methods *methods, const
SAM_TRUST_PASSWD *trust)
{
struct ldapsam_privates *ldap_state = (struct ldapsam_privates
*)methods-private_data;
