[Samba] Have anyone successful shrink smbd size
hello I want to deploy smbd into my smartphone. but flash size is limited. I cross compile samba-2.2.8 as arm xscale .the size of smbd is 1.6M, a little big. Have anyone cut it down before. I only need very basic question like file browsing, delete , add etc. Another question I assumed I don't need nmbd to share file in mobile to windows host, right? Thanks for your help _ MSN Explorer: http://explorer.msn.com/lccn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login script Query
Hi, use a default login.bat script for all users and use ifmember.exe ( download it at MS ) to invoke subprocuredures by relating groupmembership Regards Anandh G schrieb: I have a login script to mount some folders to the clients PC. I use the login script as login script = logon.bat [netlogon] path = /home/%u Then i create .bat file for each group of users in the /home dir. Then create a symbolic link in each users home dir to their respective group batch file in /home. I thought of using login script = %g, which will do the same. I have one more requirement like if a user belongs to two group will this %g run both the groups batch file? How can I implement this? Plz help me = Regards, AnandhG __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Use wbinfo to create local user/group, but where is the account ?
wbinfo has several options on managing the local user/group accounts. But these accounts seem not system account (/etc/passwd), not smbpasswd managed accounts , not remote ADS accounts. (via winbindd) What are those acccounts for? Any hints are very appreciated. Iap -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannoi delete files: the mounted file system does not support extended attributes
Hi all, I'm having what seems like a strange problem, I hope I'm not missing something obvious, any help will be appreciated. When trying to delete files on a Samba share, I get the message Cannot delete file: The mounted file system does not support extended attributes. What is strange is that it depends on weird conditions: in one directory, if I create a file (right click - New text document) with a name more than 16 characters, it can't be deleted, with that message. If it is less that 16 characters (renamed or created that way), it can be deleted. I tried created a serie of nested test directories, with a single a file in them. This one can be deleted: \\machine\STAT\test\test\a This one cannot: \\machine\STAT\test\test\test\a Even stranger: if I reight-click on those files, and go in the Security tab, their permissions look identical (even the special ones). But if I click on Everyone/Modify for the file that I just couldn't delete, I now can delete it. If I immediately recreate the same file, it can be deleted. If I wait a few minutes, then it can't be deleted, unless I check the security permission again. Now, the catch: this is Samba 2.0.9, running on HP-UX 11i. The clients are Windows 2000 SP4 w/ patches. I know this is an old version of Samba, but it's been working, litterally, for years, and it's not easy to update it. The problem only appeared last week. If someone has a workaround for that version of Samba, it'll be welcome. If is a known bug or limitation of that version, it'll be welcome as well to have it pointed out. I had a look at the change log without success. Thanks in advance for any help, Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Getting INTERNAL ERROR: Signal 10 in Solaris 9
Samba works at least... The problem was simple. The Solaris box has several compilations of samba and openldap (different versions, options,...) and the Patch Cluster of the Solaris was quite old too. This box is for testing purposes. With the gdb i saw extrange things (libraries loaded from the incorrect path, errors in the system libc,...) So i decided to install the software in a clean Solaris with the last cluster-patch and everything works fine... Sorry for bothering you and thanks. ciao --- Ricardo Martin [EMAIL PROTECTED] escribió: Sorry, but the attachments seems to be deleted in the list. So i put the files directly in the mail: --- smb.conf --- # Samba config file created using SWAT # from 1.1.15.2 (1.1.15.2) # Date: 2004/12/29 16:13:43 # Global parameters [global] workgroup = ARATEST server string = Pruebas SAMBA passdb backend = ldapsam:ldap://andorra log level = 5 log file = /opt/samba3/var/log.%m logon script = startup.bat logon path = \\TAUSTE\netlogon domain logons = Yes os level = 33 preferred master = Yes domain master = Yes wins support = Yes ldap server = andorra ldap admin dn = cn=Directory Manager ldap group suffix = ou=Group,ou=posix ldap machine suffix = ou=computers,ou=posix ldap suffix = o=aragon.es,o=root ldap ssl = no ldap user suffix = ou=people [test] comment = For testing only, please path = /export/home1/samba3/test read only = No [netlogon] comment = Net Logon Service path = /opt/samba3/var/netlogon write list = ntadmin guest ok = Yes browseable = No csc policy = disable locking = No share modes = No [profiles] path = /opt/samba3/var/profiles read only = No create mask = 0600 directory mask = 0700 [homes] read only = No browseable = No [printers] path = /tmp printable = Yes browseable = No [corporat] comment = /home1/corporat mount point path = /home1/corporat create mask = 0777 [vertical] comment = /home1/vertical mount point path = /home1/vertical [user] comment = /home1/user mount point path = /home1/user read only = No create mask = 0777 [datablq] comment = /home1/datablq mount point path = /home1/datablq read only = No create mask = 0777 [winaply] comment = /home1/winaply mount point path = /home1/winaply create mask = 0777 [temporal] comment = /export/temporal mount point path = /export/temporal read only = No create mask = 0755 [volcados] comment = /volcados mount point path = /volcados read only = No create mask = 0700 --- log.smbd --- [2004/12/29 16:12:53, 3] smbd/process.c:process_smb(1091) Transaction 7 of length 244 [2004/12/29 16:12:53, 5] lib/util.c:show_msg(464) [2004/12/29 16:12:53, 5] lib/util.c:show_msg(474) size=240 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=9536 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 240 (0xF0) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]=0 (0x0) smb_vwv[ 7]= 79 (0x4F) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=0 (0x0) smb_vwv[10]= 212 (0xD4) smb_vwv[11]=40960 (0xA000) smb_bcc=181 [2004/12/29 16:12:53, 3] smbd/process.c:switch_message(886) switch message SMBsesssetupX (pid 9210) conn 0x0 [2004/12/29 16:12:53, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/12/29 16:12:53, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2004/12/29 16:12:53, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2004/12/29 16:12:53, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2004/12/29 16:12:53, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2004/12/29 16:12:53, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/12/29 16:12:53, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2004/12/29 16:12:53, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2004/12/29 16:12:53, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 3 6 1 4 1 311 2 2 10
[Samba] Result of net rpc user info differents from net ads user info?
I have tried for several accounts (below is one of them), net ads always reports less 1 item than net rpc? (The result of net rpc is same with the AD's setting) Any hints? Thanks in advance. Iap - # net rpc user info rdadmin -Uusername%password -S2003ad Thecus-RD Domain Users Domain Admins # net ads user info rdadmin -Uusername%password -S2003ad Thecus-RD Domain Users # net -V Version 3.0.9 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] TIP: Correct DHCP settings for joining XP to domains.
Hi, I've seen this one a few times and I thought I'd document it for other people. It should be on anybodys checklist when setting up a Samba domain controller. The problem is that newish XP clients use TCP/IP to find the sambaserver, but this will not happen you haven't set up the DNS server to get updated. To solve this problem you can either: a) Get a working DNS (which might be a hassle) or b) run a winssserver with the samba server (wins server = yes in smb.conf) and make sure that the dhcpserver points the XP-server to these entries. For reference I've included sample settings for dnsmasq and dhcpd. Change the ipadress to the adress of your samba-server. Dnsmasq entries: dhcp-option=44,192.168.1.1 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s) dhcp-option=45,192.168.1.1 # netbios datagram distribution server dhcp-option=46,8 # netbios node type dhcp-option=47 # empty netbios scope. Dhcpd: option ntp-servers 192.168.1.1; option netbios-name-servers 192.168.1.1; option netbios-node-type 8; I hope this helps someone. Tarjei -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA - Domain function levels
Hi, I'm gonna have to be putting a good argument to my ICT team against going to 2003 in 2003 server mode ( I think thats what they call the highest mode for 2003 server) to keep samba at our school. I like what windows 2003 has to offer, but do not want to lock samba out forever. I know samba will work at lower mode. And that's what I'm pushing. Can people chip in with some arguments and advice. What is the highest 2003 mode (forest and domain) that we can go to and still have samba function as a member file server? What are the advantages for a school with only 2 domains and no geographical displacement in going to the highest 2003 server level (list of GPO advantages?, etc). We have the money to upgrade to 2003 on all our 22 servers. But could save money by mixing with samba and 2000. Is there really better security in that higher mode? What in particular? Will winbind (ADS and kerb mode) break? As we use it for squid auth, etc. How long before SAMBA can work at the highest level with 2003? I'm feeling that MS have provided some functional incentives to go with the highest mode. Can someone suggest some ways to take the hype out this higher level? I know from my reading, that once we make that jump, there is no turning back :-( Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA - Domain function levels (resent)
Hi, Re-sent this; sorry, it came from my other account and it was not subscribed to this list. I'm gonna have to be putting a good argument to my ICT team against going to 2003 in 2003 server mode ( I think thats what they call the highest mode for 2003 server) to keep samba at our school. I like what windows 2003 has to offer, but do not want to lock samba out forever. I know samba will work at lower mode. And that's what I'm pushing. Can people chip in with some arguments and advice. What is the highest 2003 mode (forest and domain) that we can go to and still have samba function as a member file server? What are the advantages for a school with only 2 domains and no geographical displacement in going to the highest 2003 server level (list of GPO advantages?, etc). We have the money to upgrade to 2003 on all our 22 servers. But could save money by mixing with samba and 2000. Is there really better security in that higher mode? What in particular? Will winbind (ADS and kerb mode) break? As we use it for squid auth, etc. How long before SAMBA can work at the highest level with 2003? I'm feeling that MS have provided some functional incentives to go with the highest mode. Can someone suggest some ways to take the hype out this higher level? I know from my reading, that once we make that jump, there is no turning back :-( Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Want a cheap Watch? http://ghq.nepel.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
Authentication does work but it does not permission resolution (we use winbind). Neither smbclient -U domain user. I don't know the solution yet. We also use Debian but I'm afraid it is not Debian related because I've tried to compile Samba and MIT kerberos from source and it keeps failing. What can we do?? Thanks On Tue, 28 Dec 2004 18:12:40 -0800, Thomas M. Skeren III [EMAIL PROTECTED] wrote: Andrew Zbikowski wrote: Commented out passdb backend abrams:/etc/samba# net ads testjoin Join is OK abrams:/etc/samba# net ads join [2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) ads_add_machine_acct: Host account for ttlnx01 already exists - modifying old account Using short domain name -- CORP [2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed Segmentation fault Yep I get the same damned thing. Check to see if user authentication to the share works. If so it will work. I'm not sure about that error during the re-join. I have 150 computers to manage by myself, so if it works I ain't worrying about it. As long as the testjoin works, then users should authenticate. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
On 30 Dec, Pau Capdevila wrote: Authentication does work but it does not permission resolution (we use winbind). Neither smbclient -U domain user. I don't know the solution yet. We also use Debian but I'm afraid it is not Debian related because I've tried to compile Samba and MIT kerberos from source and it keeps failing. abrams:/etc/samba# net ads join [2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) ads_add_machine_acct: Host account for ttlnx01 already exists - modifying old account Using short domain name -- CORP [2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed Segmentation fault I don't know if it might also work in your case. After defining an uppercased netbios name on smb.conf, the segfault warnings stopped. Javier Palacios This e-mail message and any attached files are intended SOLELY for the addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY PRIVILEGED information and may not necessarily represent the opinion of this company. If you receive this message in ERROR, please immediately notify the sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose, distribute, print or copy all or part of the contained information. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error Messages
Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) regards Arno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
Pau Capdevila wrote: Authentication does work but it does not permission resolution Huh? Do you mean that there's file access permission issues? If so have you set up acl's? Remeber posix permissions are User, Group, Other. All clients authenticating via W2K3 are Other. (we use winbind). Neither smbclient -U domain user. I don't use smbclient. I don't know the solution yet. We also use Debian but I'm afraid it is not Debian related because I've tried to compile Samba and MIT kerberos from source and it keeps failing. What can we do?? Thanks On Tue, 28 Dec 2004 18:12:40 -0800, Thomas M. Skeren III [EMAIL PROTECTED] wrote: Andrew Zbikowski wrote: Commented out passdb backend abrams:/etc/samba# net ads testjoin Join is OK abrams:/etc/samba# net ads join [2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) ads_add_machine_acct: Host account for ttlnx01 already exists - modifying old account Using short domain name -- CORP [2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed Segmentation fault Yep I get the same damned thing. Check to see if user authentication to the share works. If so it will work. I'm not sure about that error during the re-join. I have 150 computers to manage by myself, so if it works I ain't worrying about it. As long as the testjoin works, then users should authenticate. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Messages
Hi, On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. According to what I know, this is not an error. It is just information. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) This means that the group you are intending to login as does not exist in your LDAP tree. When does this happen. Can you give some background? regards Arno Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Openldap + Samba 3 PDC
I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials [2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 1 try! my smb.conf file: [global] interfaces = eth0 10.1.0.143/24 workgroup = STROZTEST netbios name = AUTH passdb backend = ldapsam:ldaps://10.1.0.143:636 username map = /etc/samba/smbusers printcap name = cups add user script = /usr/local/samba/sbin/smbldap-useradd.pl -m '%u' delete user script = /usr/local/samba/sbin/smbldap-userdel.pl %u add group script = /usr/local/samba/sbin/smbldap-groupadd.pl -p '%g' delete group script = /usr/local/samba/sbin/smbldap-groupdel.pl '%g' add user to group script = /usr/local/samba/sbin/ \ smbldap-groupmod.pl -m '%g' '%u' delete user from group script = /usr/local/samba/sbin/ \ smbldap-groupmod.pl -x '%g' '%u' set primary group script = /usr/local/samba/sbin/ \ smbldap-usermod.pl -g '%g' '%u' add machine script = /usr/local/samba/sbin/smbldap-useradd.pl -w '%u' logon script = scripts\logon.bat logon path = \\%L\Profiles\%U #logon drive = H: #logon home = \\%L\%U domain logons = Yes os level = 35 preferred master = Yes domain master = Yes ldap suffix = dc=strozllc,dc=com ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=People ldap idmap suffix = ou=People ldap admin dn = cn=Manager ldap ssl = yes ldap passwd sync = Yes idmap uid = 15000-2 idmap gid = 15000-2 winbind separator = + #printing = cups and my slapd.conf file: # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/openldap/run/slapd.pid argsfile /var/openldap/run/slapd.args # Load dynamic backend modules: # modulepath /usr/sbin/openldap # moduleload back_bdb.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base= by * read # access to dn.base=cn=Subschema by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., access to * by * read) # # rootdn can always read and write EVERYTHING! # allow the ldap admin dn access, but deny everyone else #access to attrs=lmPassword, ntPassword # by dn=cn=Samba Admin,ou=People,dc=strozllc,dc=com write # by * none ### # BDB database definitions ### database bdb suffix dc=strozllc,dc=com rootdn cn=Manager,dc=strozllc,dc=com # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # Change password with 'slappasswd -h {Md5}' rootpw {MD5} # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/openldap/openldap-data # Use crypt to has the passwords #password-hash {crypt} # Define SSL and TLS properties TLSCertificateFile/etc/ssl/ldap.pem TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem TLSCACertificateFile /etc/ssl/ldap.pem # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default
Re: [Samba] Openldap + Samba 3 PDC
Sorry if I'm stating the obvious, but you did run smbpasswd -w to set the password properly? (Going by memory so double check the flag ) Duncan Quoting David Sonenberg [EMAIL PROTECTED]: I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials [2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 1 try! - University of St Andrews Webmail: http://webmail.st-andrews.ac.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
Don't apologize, the obvious is the best place to start. Yes I did set the password by typing smbpasswd -w. David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:44 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC Sorry if I'm stating the obvious, but you did run smbpasswd -w to set the password properly? (Going by memory so double check the flag ) Duncan Quoting David Sonenberg [EMAIL PROTECTED]: I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials [2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 1 try! - University of St Andrews Webmail: http://webmail.st-andrews.ac.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Openldap + Samba 3 PDC
I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials Your DCs bind DN is cn=Manager? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Messages
Hi, thanks for that quick response, for the 1. what causes this message to appear??? 2. this comes up every time a user logs in to the domain / server i played arround with the log levels but i don´t found any information which group / object is missing net groupmap list returns following: Domain Guests (S-1-5-21-4226538298-1610114045-865933353-514) - domain_guests domain computers (S-1-5-21-4226538298-1610114045-865933353-515) - computers Enterprise Admins (S-1-5-21-4226538298-1610114045-865933353-519) - root Administrators (S-1-5-21-4226538298-1610114045-865933353-544) - root Guests (S-1-5-21-4226538298-1610114045-865933353-546) - domain_guests Account Operators (S-1-5-21-4226538298-1610114045-865933353-548) - account_operators Server Operators (S-1-5-21-4226538298-1610114045-865933353-549) - server_operators Print Operators (S-1-5-21-4226538298-1610114045-865933353-550) - print_operators Backup Operators (S-1-5-21-4226538298-1610114045-865933353-551) - backup_operators Replicator (S-1-5-21-4226538298-1610114045-865933353-552) - replicator Domain Admins (S-1-5-21-4226538298-1610114045-865933353-512) - root Users (S-1-5-21-4226538298-1610114045-865933353-1201) - users Domain Users (S-1-5-21-4226538298-1610114045-865933353-513) - users which looks to me ok regards arno Prakash Velayutham wrote: Hi, On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. According to what I know, this is not an error. It is just information. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) This means that the group you are intending to login as does not exist in your LDAP tree. When does this happen. Can you give some background? regards Arno Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I'm new to ldap. What should I set my DC's DN to, admin? Anyway here's the results of a ldapsearch. ldapsearch -D cn=Manager,dc=strozllc,dc=com -W # extended LDIF # # LDAPv3 # base with scope sub # filter: (objectclass=*) # requesting: ALL # # strozllc.com dn: dc=strozllc,dc=com objectClass: dcObject objectClass: organization dc: strozllc o: Strozllc Com Network description: Stroz Friedberg LLC # Manager, strozllc.com dn: cn=Manager,dc=strozllc,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager # People, strozllc.com dn: ou=People,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: People # admin, People, strozllc.com dn: cn=admin,ou=People,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Groups, strozllc.com dn: ou=Groups,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Groups # admin, Groups, strozllc.com dn: cn=admin,ou=Groups,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Computers, strozllc.com dn: ou=Computers,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Computers # admin, Computers, strozllc.com dn: cn=admin,ou=Computers,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # search result search: 2 result: 0 Success # numResponses: 9 # numEntries: 8 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:47 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials Your DCs bind DN is cn=Manager? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Regarding testsuites for protocol conformance
We have made some changes in samba-3.0.7, as part of our graduation project. Are there any test suites which we could use to check the conformance of the changes, with the original samba specifications? Also, with reference to your statement in document tridge_cifs04_tutorial.pdf , saying that inputs about test documents would be welcome, if the above mentioned suites are not available,then we would like to contribute in this regard. Please inform such the exact domains in which such contribution can be made. Thanking You, Sujay Lele. (VIT, Pune-37, India) [EMAIL PROTECTED] Yahoo! India Matrimony: Find your life partner online Go to: http://yahoo.shaadi.com/india-matrimony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Annoying Samba 2.2.4 Errors in Solaris 8 Logs
Hi all, I have an error message that pops up every time someone connects to my Samba server. All day long I get these messages from smbd: Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] [2004/12/28 07:27:24, 0] smbd/service.c:(252) Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] rhunt1-pc (162.18.178.237) couldn't find service o The last part, couldn't find service o is when the user is accessing a share name OESDL but the name is truncated. I know this because the other errors have more letters that correspond to the shared directory, not the name. I also know this because the directory name oesdl is in lower case. The next example shows a successful connection to the share name JWST. Note the truncated jws in reference to the jwst directory. Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] [2004/12/28 07:27:24, 0] smbd/service.c:(252) Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] rhunt1-pc (162.18.178.237) couldn't find service jws This is not a fatal error but an extremely irritating numerous repeating log message to us anal sys admins that we must cut out of the logs to find the needle in the haystack when we scan the server logs. Other than that the samba service runs perfectly. This server provides a flat file database for a product called PVCS VM. A version managing software for maintaining versions of software code. I thought maybe it could be an issue with oplocks but I have not been able to confirm that. Any idea what causes this? Thanks, Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I tried changing the DN to cn=admin but that didn't work either. Could it have anything to do with the fact that I used md5 for the password hash? David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Sonenberg Sent: Thursday, December 30, 2004 9:59 AM To: [EMAIL PROTECTED] Cc: samba@lists.samba.org; [EMAIL PROTECTED] Subject: RE: [Samba] Openldap + Samba 3 PDC I'm new to ldap. What should I set my DC's DN to, admin? Anyway here's the results of a ldapsearch. ldapsearch -D cn=Manager,dc=strozllc,dc=com -W # extended LDIF # # LDAPv3 # base with scope sub # filter: (objectclass=*) # requesting: ALL # # strozllc.com dn: dc=strozllc,dc=com objectClass: dcObject objectClass: organization dc: strozllc o: Strozllc Com Network description: Stroz Friedberg LLC # Manager, strozllc.com dn: cn=Manager,dc=strozllc,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager # People, strozllc.com dn: ou=People,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: People # admin, People, strozllc.com dn: cn=admin,ou=People,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Groups, strozllc.com dn: ou=Groups,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Groups # admin, Groups, strozllc.com dn: cn=admin,ou=Groups,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Computers, strozllc.com dn: ou=Computers,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Computers # admin, Computers, strozllc.com dn: cn=admin,ou=Computers,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # search result search: 2 result: 0 Success # numResponses: 9 # numEntries: 8 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:47 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials Your DCs bind DN is cn=Manager? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I tried changing the DN to cn=admin but that didn't work either. Could it have anything to do with the fact that I used md5 for the password hash? No, the application doesn't know or care what password hash you used. Authenticating against the password is processed internally by the DSA (OpenLDAP). If your OpenLDAP build supports MD5, and it should, using that crypt method is fine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I'm new to ldap. What should I set my DC's DN to, admin? There is no answer to this question. You create an object in the Dit for the DC to bind to, and make sure it has sufficient privilages. You shouldn't use the OpenLDAP manager dn; that DN has the access to trash the entire Dit. We for example have a - dn: uid=CIFSDC,ou=System Accounts,o=Morrison Industries,c=US objectClass: top objectClass: account objectClass: simpleSecurityObject uid: CIFSDC l: Grand Rapids o: Morrison Industries ou: Grand Rapids - object[1] [1] userPassword attribute is hidden by ACL dn: cn=admin,ou=People,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: Don't ever expose userPassword. No application ever needs read access to this attribute; the value is used internally by the DSA for authentication purposes, this value egressing the DSA is a security problem. The CIFDC needs write access, everyone else needs auth access; you may have to grant self write access as well depending on your password change routines/policies. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as PDC and Win2K File Srv
Hi everybody... I have a Debian GNU/Linux Box running Samba as PDC on my network, but i have too a Win2K File Server... all the clients are Win98,2K,XP... I have created users in both Linux/Samba and W2K with the same username and passwords, the W98 clients now can join the domain owned by Samba, but when this client try to access to the W2K Srv a popup window ask for a Password, it says: -- Enter the Network password: You must supply a password to make this connection: Resource: \\serverW2K\IPC$ Password: If i type the password and clic Enter a new popup window appear with: - Microsoft Networking The password is incorrect. Try again. - Even if the username and password are the same than the Win2K Somebody can help me? How can access to this server shared folders with any client (98,2K,XP) Thanks. -- OrvUx Making the Hard...Soft with GNU/Linux ;) Usuario Linux #16088 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Messages
Hi, 1. Are you able to login to the domain successfully? 2. Can you show some more of the log information from log.smbd or %m logs (%m is the name of the machine connecting). Do you see any error message similar to User Administrator in passdb, but getpwnam() fails! or check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' Prakash On Thursday 30 December 2004 09:56, Arno Seidel wrote: Hi, thanks for that quick response, for the 1. what causes this message to appear??? 2. this comes up every time a user logs in to the domain / server i played arround with the log levels but i don´t found any information which group / object is missing net groupmap list returns following: Domain Guests (S-1-5-21-4226538298-1610114045-865933353-514) - domain_guests domain computers (S-1-5-21-4226538298-1610114045-865933353-515) - computers Enterprise Admins (S-1-5-21-4226538298-1610114045-865933353-519) - root Administrators (S-1-5-21-4226538298-1610114045-865933353-544) - root Guests (S-1-5-21-4226538298-1610114045-865933353-546) - domain_guests Account Operators (S-1-5-21-4226538298-1610114045-865933353-548) - account_operators Server Operators (S-1-5-21-4226538298-1610114045-865933353-549) - server_operators Print Operators (S-1-5-21-4226538298-1610114045-865933353-550) - print_operators Backup Operators (S-1-5-21-4226538298-1610114045-865933353-551) - backup_operators Replicator (S-1-5-21-4226538298-1610114045-865933353-552) - replicator Domain Admins (S-1-5-21-4226538298-1610114045-865933353-512) - root Users (S-1-5-21-4226538298-1610114045-865933353-1201) - users Domain Users (S-1-5-21-4226538298-1610114045-865933353-513) - users which looks to me ok regards arno Prakash Velayutham wrote: Hi, On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. According to what I know, this is not an error. It is just information. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) This means that the group you are intending to login as does not exist in your LDAP tree. When does this happen. Can you give some background? regards Arno Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC [SOLVED]
I figured it out. I had to change ldap admin dn = cn=Manager To ldap admin dn = cn=Manager,dc=strozllc,dc=com David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: Adam Tauno Williams [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 11:17 AM To: David Sonenberg Cc: samba@lists.samba.org Subject: RE: [Samba] Openldap + Samba 3 PDC I tried changing the DN to cn=admin but that didn't work either. Could it have anything to do with the fact that I used md5 for the password hash? No, the application doesn't know or care what password hash you used. Authenticating against the password is processed internally by the DSA (OpenLDAP). If your OpenLDAP build supports MD5, and it should, using that crypt method is fine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Administering Samba Shares
Hey all, Do any of you have an example configureation file for setting up ADS users for administering samba shares? I have a samber server and its part of my ADS and everything works. However i would like for some of my AD users to be administers on the samba share and have yet to figure out how to do that. IF you have an example of how i can go about doing this I would greatly appreciate it. Thanks, R. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help Me
Hi, I try to configure a PDC in FreeBSD with Samba using MySQL for database for users, groups, computers and other resources in domain like printers, sites...but without success. I installed * FreeBSD 5.3 with support for linux bin; * Samba-3.0.7,1 with CONFIGURE_ARGS --with-ldap --with-expsam=mysql --with-mysql-prefix=/usr/local --with-pam --with-pam_smbpass --with-ldapsam --with-syslog --with-quotas --with-manpages-lan=en --with-acl-support --with-winbind automaticaly was installed openldap-client-2.2.15; * pam_ldap-1.7.1_1 in default mode; * and MySQL 4.0.21 (server and client) in default mode. First, I just want register the Windows client in Domain and make logon in Windows using the username stored in MySQL database. When I change security=domain to security=share in smb.conf, then from Windows station I can access de Server PDC and open folders and automaticaly a user is stored in MySQL with the name nobody, but when I change to domain I can´t register Windows in domain and I can´t access the Server using the username and password. I have to create a username in FreeBSD using pw or adduser and then I can use smbpasswd -a username, this way I can write in MySQL, but still no working and I will have the 2 user, one in de FreeBSD and in MySQL. For my table I use the mysql.dump in Samba examples. After I will use Apache with PHP for MySQL databases and retire PDC Windows NT Server. Can you help me to configure this? Thanks. Alexandre Melo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and Win2K File Srv
OrvUx wrote: Hi everybody... I have a Debian GNU/Linux Box running Samba as PDC on my network, but i have too a Win2K File Server... all the clients are Win98,2K,XP... OK, well, you should just join the W2K server to the samba domain, as a domain member server. Or you could create an AD W2K domain and make the samba PDC a domain member server. That would be the easiest solution to your problem. TMS III I have created users in both Linux/Samba and W2K with the same username and passwords, the W98 clients now can join the domain owned by Samba, but when this client try to access to the W2K Srv a popup window ask for a Password, it says: -- Enter the Network password: You must supply a password to make this connection: Resource: \\serverW2K\IPC$ Password: If i type the password and clic Enter a new popup window appear with: - Microsoft Networking The password is incorrect. Try again. - Even if the username and password are the same than the Win2K Somebody can help me? How can access to this server shared folders with any client (98,2K,XP) Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.10 ads mode and winbind
i have successfully joined to an active dir server with 1000 users all is work fine but sometimes when i try to run wbinfo -u i have this message in the winbind log file: return critical error. Error was Call timed out: server did not respond after 1 milliseconds is there a way to increase this value ? thanks matteo italy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Guest Login Pop UP in XP
Has anyone run into the problem with connecting to a Unix samba server via Windows XP Professional? When we try to connect, it keeps popping up a keys windows box and forcing (by graying out) Guest. We did not have this trouble with Windows 2000. Any help would be greatly appreciated. Regards, Linda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC + LDAP group mappings
Alright now that samba can talk to LDAP I have a blank slate. I know I need to setup group mappings, but I'm a little confused about this. Since it's an ldap backend do the groups need to have unix counterparts? Should I use the net groupmap command to add the mappings or should I use an LDIF file? David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC + LDAP group mappings
Alright now that samba can talk to LDAP I have a blank slate. I know I need to setup group mappings, but I'm a little confused about this. Since it's an ldap backend do the groups need to have unix counterparts? Yes, it is group mapping; you must have group to map to. Should I use the net groupmap command to add the mappings or should I use an LDIF file? You must use net groupmap unless you want to calculate the SIDs/RIDs yourself. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP and Samba -- a basic question
I've gathered that there's a close connection between Samba and LDAP, but the Samba documentation I've looked at, mainly in the SWAT help and man page, doesn't discuss LDAP. Just what is the nature of the connection? If it's relevant, I'm running SuSE 9.1 Linux. Paul Abrahams -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and Samba -- a basic question
On Thursday 30 December 2004 10:57, Paul W. Abrahams wrote: I've gathered that there's a close connection between Samba and LDAP, but the Samba documentation I've looked at, mainly in the SWAT help and man page, doesn't discuss LDAP. Just what is the nature of the connection? Paul, I wrote the Samba-3 by Example book using SuSE Linux 9.x and Red Hat 9 and Fedora Core 1. You can purchase this book from Amazon.Com or download the PDF from: http://www.samba.org/samba/docs/Samba-Guide.pdf Suggest you work through chapter 6 to see the connections. If you get lost get me a shout. Cheers, John T. If it's relevant, I'm running SuSE 9.1 Linux. Paul Abrahams -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and Samba -- a basic question
On Thu, 2004-12-30 at 12:57 -0500, Paul W. Abrahams wrote: I've gathered that there's a close connection between Samba and LDAP, but the Samba documentation I've looked at, mainly in the SWAT help and man page, doesn't discuss LDAP. Just what is the nature of the connection? Your question is kind of vague. You can use LDAP as your security backend (SAM) via ldapsam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba3.0.10 pkg error
Hi Jerry/Samba Team I tried compiling samba3.0.10 and followed the instruction(from $tmpdir/samba-3.0.10/packaging/Solaris/README) to create the package and got the following error: = * * * no object for lib/charset/CP850.so found in root directory no object for lib/libsmbclient.so found in root directory no object for include/libsmbclient.h found in root directory no object for lib/smbwrapper.so found in root directory no object for bin/smbsh found in root directory no object for lib/nss_winbind.so.1 found in root directory WARNING: parametric paths may ignore BASEDIR pkgmk: ERROR: unable to build pkgmap from prototype file ## Packaging was not successful. The samba package is in /tmp == I ran following commands in source directory - ($tmpdir/samba-3.0.10/source) A ./configure --prefix=$installdir B make C-and I edited the INSTALL_BASE=$installdir variable in makepkg.sh ($tmpdir/samba-3.0.10/packaging/Solaris/makepkg.sh) file and run this to create the package ANYONE HAS ANY ODEA WHAT IS WRONG AND WHAT IS THIS ERROR MESSAGE IS ABOUT. Thank you Fatima [EMAIL PROTECTED] - This E-mail is confidential. It may also be legally privileged. If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return E-mail. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Network interference? Settings?
I have a problem. I've purchased 2 different brand NAS devices that both use Samba in some form as their sharing mechanism. When I attach them to the LAN I get dreadful speed. To the tune of under 3.5GB per hour transfers. I've even done tests on the same subnet. Two Windows servers on that vlan can move files at great speeds. Map one of them to the NAS and it crawls. I recall last year setting up a Linux server and seeing a huge slow down then too. That pretty much forced me to move to a Windows server. I know it's LAN related. Something in our Cisco switches must be the inhibitor but I don't know what. I'm taking one of these NAS's home tonite to test there. I expect to see normal speeds. Does anyone know of anything that could cause this from a switch/router IOS perspective? We do have ICMP limited through our WAN, would this be an inhibitor? That wouldn't explain the performance within a VLAN, though, since ICMP works in that VLAN. I'm stumped. -- JAV -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PDC + LDAP group mappings
So I gave it try but it didn't work. Here's the output. net groupmap add ntgroup=Domain Admin unixgroup=ntadmin -d 4 [2004/12/30 13:12:06, 3] param/loadparm.c:lp_load(3902) lp_load: refreshing parameters [2004/12/30 13:12:06, 3] param/loadparm.c:init_globals(1312) Initialising global parameters [2004/12/30 13:12:06, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2004/12/30 13:12:06, 3] param/loadparm.c:do_section(3395) Processing section [global] doing parameter interfaces = eth0 10.1.0.143/24 doing parameter workgroup = STROZTEST doing parameter netbios name = AUTH [2004/12/30 13:12:06, 4] param/loadparm.c:handle_netbios_name(2740) handle_netbios_name: set global_myname to: AUTH doing parameter passdb backend = ldapsam:ldaps://10.1.0.143:636 doing parameter username map = /etc/samba/smbusers doing parameter printcap name = cups doing parameter add user script = /usr/local/samba/sbin/smbldap-useradd.pl -m '%u' doing parameter delete user script = /usr/local/samba/sbin/smbldap-userdel.pl %u doing parameter add group script = /usr/local/samba/sbin/smbldap-groupadd.pl -p '%g' doing parameter delete group script = /usr/local/samba/sbin/smbldap-groupdel.pl '%g' doing parameter add user to group script = /usr/local/samba/sbin/ smbldap-groupmod.pl -m '%g' '%u' doing parameter delete user from group script = /usr/local/samba/sbin/ smbldap-groupmod.pl -x '%g' '%u' doing parameter set primary group script = /usr/local/samba/sbin/ smbldap-usermod.pl -g '%g' '%u' doing parameter add machine script = /usr/local/samba/sbin/smbldap-useradd.pl -w '%u' doing parameter domain logons = Yes doing parameter os level = 35 doing parameter preferred master = Yes doing parameter domain master = Yes doing parameter local master = Yes doing parameter ldap suffix = dc=strozllc,dc=com doing parameter ldap machine suffix = ou=People doing parameter ldap user suffix = ou=People doing parameter ldap group suffix = ou=People doing parameter ldap idmap suffix = ou=People doing parameter ldap admin dn = cn=Manager,dc=strozllc,dc=com doing parameter ldap ssl = yes doing parameter ldap passwd sync = Yes doing parameter idmap uid = 15000-2 doing parameter idmap gid = 15000-2 doing parameter winbind separator = + [2004/12/30 13:12:06, 4] param/loadparm.c:lp_load(3933) pm_process() returned Yes [2004/12/30 13:12:06, 3] lib/util.c:interpret_addr(1135) sys_gethostbyname: Unknown host. eth0 [2004/12/30 13:12:06, 2] lib/interface.c:interpret_interface(128) can't determine netmask for eth0 [2004/12/30 13:12:06, 2] lib/interface.c:add_interface(79) added interface ip=10.1.0.143 bcast=10.1.0.255 nmask=255.255.255.0 [2004/12/30 13:12:06, 2] lib/smbldap.c:smbldap_search_domain_info(1373) Searching for:[((objectClass=sambaDomain)(sambaDomainName=STROZTEST))] [2004/12/30 13:12:06, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2004/12/30 13:12:06, 3] lib/smbldap.c:smbldap_connect_system(858) ldap_connect_system: succesful connection to the LDAP server [2004/12/30 13:12:06, 4] lib/smbldap.c:smbldap_open(909) The LDAP server is succesfully connected [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 2] utils/net.c:main(859) return code = -1 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: Adam Tauno Williams [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 12:42 PM To: David Sonenberg Cc:
Re: [Samba] PDC + LDAP group mappings
On Thursday 30 December 2004 10:34, David Sonenberg wrote: Alright now that samba can talk to LDAP I have a blank slate. I know I need to setup group mappings, but I'm a little confused about this. Since it's an ldap backend do the groups need to have unix counterparts? Should I use the net groupmap command to add the mappings or should I use an LDIF file? David, This subject comes up on this list ad nauseum! I am responding in full in the hope that we can get this sorted out so that others who do their homework before asking here will find the answers they need. I have tried to document this in the Samba-HOWTO-Collection and in the Samba-Guide (Samba-3 by Example books). Suggest you check out chapter 6 of the book, Samba-4 by Example. You can download it from: http://www.samba.org/samba/docs/Samba-Guide.pdf If you get lost give me a shout. If the documentation is not clear enough and has too much fog-factor, please promise us all that when this becomes clear to you you will help to improve the documentation. Feedback, improvement in clarifty and corrections are always welcome. For the record: = If you use LDAP with Samba it is essential that ALL your UNIX (POSIX) accounts (both for users and for groups) are in the LDAP backend. Samba requires the SambaSAM account data also in LDAP. It is NOT possible with Samba to have only the SambaSAM account information in LDAP and not the UNIX accounts in LDAP. Additionally, it is essential that all accounts will translate unambiguously between Windows credentials and UNIX credentials. This means that any UID must translate to exactly one (and one only) MS Windows SID. Every SID must translate (map) to precisely one UID or GID. Every GID must map to precisely one SID and vica versa. The net groupmap utility provides the connection between a Windows NT Group and the UNIX (POSIX) group. What this does is it tells Samba that when a Windows user accesses the Samba server that user will be treated by the UNIX operating system as if he is accessing UNIX directly as the mapped account. For Example: A Windows user is called 'billyboy' and is a member of Windows groups Domain Users, Engineers, and Goodguys, and his primary group is Goodguys. In your LDAP based POSIX backend the UNIX account is called 'billyboy' with UID = 1106. Group mappings are set so that: Windows NT Group== UNIX group - Domain Users - users (group id = 500) Domain Guests - nobody (group id = 65534) Domain Admins - root (group id = 0) Engineers - engineers (group id = 1211) Goodguys - goodguys (group id = 1235) Then for all UNIX file system access the user 'billyboy' will have the following UNIX credentials: UID: 1106 Primary group ID: 1235 Additional group memberships IDs: 500, 1211 That is the information that should be returned if you execute in a UNIX shell: id billyboy You can manually populate your LDAP database using an LDIF file to set all this up, but if you use the Idealx scripts this is all neatly done for you. I hope that helps to explain the connections. Cheers, John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Network interference? Settings?
On Thursday December 30, 2004 01:26 pm, Joe Polk wrote: Something in our Cisco switches must be the inhibitor but I don't know what. Some of the Catalyst switches don't do autoneg well with some NICs. If you can force the NIC to 10FD or 100FD you may see improvements. YMMV. -- ___ A Message From... L. Mark Stone Reliable Networks of Maine, LLC We manage your network so you can manage your business. 477 Congress Street Portland, ME 04101 Tel: (207) 772-5678 Web: http://www.RNoME.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] could not delete unix link from windows client
Hi All, I created a bunch of files in a samba share and also created few soft links which points to files in the same directory. The problem is, when i try to delete all the files at once from windows client, it fails at deleting soft links. When it comes to soft liks, it deletes only the original file but not the link itself. Can anyone please give information on how to delele the softlink itself from a windows client? I am using samba version '3.0.8pre1-0.pre1.3' under Redhat FC 3 Please CC me in your reply. Thanks, Srikumar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.10 on Red Hat AS 2.1
Does Samba 3.0.x can be compiled on RH AS 2.1 (using glibc 2.2.4)? I can't complete the compilation! Here are the configuration options: ./configure --prefix=/usr --sysconfdir=/etc/samba \ --localstatedir=/var/samba --with-ldap --with-ads \ --with-smbmount --with-pam --with-pam_smbpass \ --with-winbind --with-configdir=/etc/samba \ --with-logbasedir=/var/log/samba \ --with-shared-modules=idmap_rid I need LDAP, ADS, PAM, Winbind and idmap_rid to be able to login with Active Directory users on Linux servers. I want idmap_rid to have the same UID on each server (I will use NFS). I tried idmap backend with ldap instead of idmap_rid but I'm unable to make it work on RH 9.0! Here is what I got when compiling: --snip, seems ok until there-- Compiling dynconfig.c with -fPIC Linking shared library bin/pam_smbpass.so Linking nsswitch/libnss_wins.so lib/system.po: In function `sys_dlopen': lib/system.po(.text+0xcb9): undefined reference to `dlopen' lib/system.po: In function `sys_dlsym': lib/system.po(.text+0xce1): undefined reference to `dlsym' lib/system.po: In function `sys_dlclose': lib/system.po(.text+0xd06): undefined reference to `dlclose' lib/system.po: In function `sys_dlerror': lib/system.po(.text+0xd24): undefined reference to `dlerror' lib/username.po: In function `user_in_netgroup_list': lib/username.po(.text+0xb76): undefined reference to `yp_get_default_domain' lib/access.po: In function `string_match': lib/access.po(.text+0x1e1): undefined reference to `yp_get_default_domain' libads/kerberos.po: In function `kerberos_secrets_fetch_salting_principal': libads/kerberos.po(.text+0x5dc): undefined reference to `secrets_fetch' libads/kerberos.po: In function `kerberos_secrets_store_salting_principal': libads/kerberos.po(.text+0x806): undefined reference to `secrets_store' libads/kerberos.po(.text+0x813): undefined reference to `secrets_delete' libads/kerberos.po: In function `get_service_ticket': libads/kerberos.po(.text+0x926): undefined reference to `secrets_fetch_machine_password' libads/kerberos.po: In function `verify_service_password': libads/kerberos.po(.text+0xe23): undefined reference to `secrets_fetch_machine_password' Linking libsmbclient non-shared library bin/libsmbclient.a Linking libsmbclient shared library bin/libsmbclient.so Compiling sam/idmap_rid.c with -fPIC sam/idmap_rid.c: In function `rid_idmap_parse': sam/idmap_rid.c:55: parse error before `sid_str' sam/idmap_rid.c:58: parse error before `tok' sam/idmap_rid.c:65: `sid_str' undeclared (first use in this function) sam/idmap_rid.c:65: (Each undeclared identifier is reported only once sam/idmap_rid.c:65: for each function it appears in.) sam/idmap_rid.c:79: `tok' undeclared (first use in this function) sam/idmap_rid.c:103: `known_domain' undeclared (first use in this function) make: *** [sam/idmap_rid.po] Error 1 I searched on the web and red the samba guide, I can't find anything on that. Thanks, Jean-Philippe Houde -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot delete files: the mounted file system does not su pport extended attributes
Hi, I have been running samba 2.0.7 on a K420 hpux server for many years and it 's been working great. However, it 's been the last couple of days, I cannot delete files in a samba share from the window 2000 clients. Every time I tried to delete a file, this error message popped up Cannot delete files: The mounted file system does not support extended attributes. I am not sure how to fix this. Please help. Thank you very much. Tuan Nguyen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP machine cannot be accessed
I have a small peer to peer network of 4 machines, WinME, Win2K Pro SP4, Win XP Pro SP2 and Linux Mandrake 10.1 Samba 3.0.10.1. I am pretty new at Linux but have been around computers for a very long time. The Linux installation went smoothly, MDK and KDE3 utilities make it simple for newbies to get things running, so Samba went together quite easily but I now have a problem I have been struggling with for days. All of the Windows machines have no problems accessing shares on each other and Mandrake. The Mandrake machine accesses the WinME an Win2K machines readily, but the WinXP machine is not visible on any utility I have tried. I can ping it OK. I have disabled firewalls etc in case this was the problem but no change. I manually edited fstab and inserted what seemed an appropriate entry for a share on the XP machine. In Konqueror for instance an icon appeared for the share but when clicked up in was empty. I have almost convinced myself that it must be some kind of authentication problem, probably something basic I have overlooked and so simple I cannot see it. Can anybody give me some ideas please? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
All of the Windows machines have no problems accessing shares on each other and Mandrake. The Mandrake machine accesses the WinME an Win2K machines readily, but the WinXP machine is not visible on any utility I have tried. I can ping it OK. I have disabled firewalls etc in case this was the problem but no change. OK so Samba is working fine? yes? The windows machines can mount the samba share off of the mandrake box? they get asked for a password and username which you supply and then you can browse the shares from the windows machines? I manually edited fstab and inserted what seemed an appropriate entry for a share on the XP machine. In Konqueror for instance an icon appeared for the share but when clicked up in was empty. I don't have a linux desktop machine any more but I used to do this in fstab (note that if the above is correct and samba works then this is an smbfs problem, and appropriate to that list, not this one) : #Samba filesystems, not auto mounted and any user. //ukldnfs05/shared_area /mnt/smb/ukldnfs05/shared_area smbfs noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 //ukldninstall03/allsoftware$ /mnt/smb/ukldninstall03/allsoftware smbfs noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 then inside of /home/geoff/Crap/smbcred I had: username=geoff password=doggyp00 workgroup=dudenet I have almost convinced myself that it must be some kind of authentication problem, probably something basic I have overlooked and so simple I cannot see it. Can anybody give me some ideas please? John these things are best done manually on the command line first to see if all is working well, from memory: mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff If the above manual stuff works then it must be another problem. Tell us what you see. Regards Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
Try going to the Authentication tab on the WinXP's Local Area Connection Properties dialog screen and disabling the IEEE 802.1x authentication - just for giggles. Clay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [inbox] RE: [Samba] Windows XP machine cannot be accessed
- Original Message - From: Geoff Scott [EMAIL PROTECTED] To: John [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Friday, December 31, 2004 1:02 PM Subject: [inbox] RE: [Samba] Windows XP machine cannot be accessed | | All of the Windows machines have no problems accessing shares on each | other and | Mandrake. The Mandrake machine accesses the WinME an Win2K machines | readily, | but the WinXP machine is not visible on any utility I have tried. I can | ping it | OK. I have disabled firewalls etc in case this was the problem but no | change. | | OK so Samba is working fine? yes? The windows machines can mount the samba | share off of the mandrake box? they get asked for a password and username | which you supply and then you can browse the shares from the windows | machines? I do not get asked for a password. I still have some work on permisisons, but I can copy files form Mandrake, but need to sort out write permissions before I can write back. I use the same user name and passwword throughout and have set it as the default user for LAN access. | | I manually edited fstab and inserted what seemed an appropriate entry for | a | share on the XP machine. In Konqueror for instance an icon appeared for | the | share but when clicked up in was empty. | | I don't have a linux desktop machine any more but I used to do this in fstab | (note that if the above is correct and samba works then this is an smbfs | problem, and appropriate to that list, not this one) : | | #Samba filesystems, not auto mounted and any user. | | //ukldnfs05/shared_area /mnt/smb/ukldnfs05/shared_area smbfs | noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 | //ukldninstall03/allsoftware$ /mnt/smb/ukldninstall03/allsoftware smbfs | noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 | | then inside of /home/geoff/Crap/smbcred I had: | | username=geoff | password=doggyp00 | workgroup=dudenet | | | I have almost convinced myself that it must be some kind of authentication | problem, probably something basic I have overlooked and so simple I cannot | see | it. Can anybody give me some ideas please? | John | | these things are best done manually on the command line first to see if all | is working well, from memory: | | mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff | | If the above manual stuff works then it must be another problem. | | Tell us what you see. | | Regards Geoff | If I use mount at the console in the format you suggest I get asked for my password and the XP share mounts and can be accessed (also through Konqueror etc.) When I attempt to write the equivalent into fstab, the folder appears but is empty. No messages. It has not auto generated a credentials file for the XP machine as it has for the other machines. Inserting user=john in fstab is OK for the WinME machine, but XP must want more. I guess if it cannot see the machine then it will not auto generate the needed access files. Regards John. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows Errors on Long, Large Writes...
Problem: Windows machines (some W2K-Pro, some XP-Pro) through a delayed write error when doing backup to Samba share. ~ Configuration: Fedora Core 3 on Dell PIII-450 with 320MB ram, 100T NIC. [EMAIL PROTECTED] ~]# df Filesystem 1K-blocks Used Available Use% Mounted on /dev/hda2 12729096 8247728 3834752 69% / /dev/hda1 101089 9400 86470 10% /boot none160572 0160572 0% /dev/shm /dev/hdb1240362656 150851676 77301180 67% /disk2 [EMAIL PROTECTED] ~]# ~ Logs: some-pc-name.log [2004/12/28 21:33:09, 0] smbd/nttrans.c:call_nt_transact_ioctl(2276) call_nt_transact_ioctl(0x9003c): Currently not implemented. [2004/12/28 22:40:34, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 17424. Error = Connection timed out Samba.log [2004/12/28 19:40:01, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/28 20:40:17, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/28 21:29:09, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 04:03:48, 1] smbd/server.c:open_sockets_smbd(348) Reloading services after SIGHUP [2004/12/29 07:10:19, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 16:32:54, 0] smbd/server.c:main(760) smbd version 3.0.10-1.fc3 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2004/12/29 18:15:13, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 18:43:38, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 20:49:51, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 23:55:49, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected ~~ Thoughts: It appears smbd services are being restarted from time to time while the large transfers are going on and Windows then gives up and throws an error. Conclusion: So, all this brings me to the question, why are samba services restarting? Any help would be appreciated. Thanks, Clay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP machine cannot be accessed
| these things are best done manually on the command line first to see if all | is working well, from memory: | | mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff | | If the above manual stuff works then it must be another problem. | | Tell us what you see. | | Regards Geoff | If I use mount at the console in the format you suggest I get asked for my password and the XP share mounts and can be accessed (also through Konqueror etc.) When I attempt to write the equivalent into fstab, the folder appears but is empty. No messages. It has not auto generated a credentials file for the XP machine as it has for the other machines. Inserting user=john in fstab is OK for the WinME machine, but XP must want more. I guess if it cannot see the machine then it will not auto generate the needed access files. Regards John. I manually created the credentials file. Create one yourself and point the fstab entry to that, as I mentioned before. (rejig it so it suits your needs of course) eg. username=john password=winXPlocalpassword workgroup=winxpWorkgroup once you have that plus an entry in fstab plus you have made a mount point do: mount /mnt/winXpmountpoint take a look at any errors that you get. Maybe smbmount needs to be Suid root for your mandrake user to mount it properly. Regards Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
FYI John, If you wish to automount shares when you login, you can try pam_mount. It should be a package on the mdk 10.1 CDs. You can set it to mount windows cifs and smb shares to your mandrake box. It's possible because Linux supports pluggable auth modules(PAM) I used it along with winbind auth to mount all my windows shares from servers at work to my Linux mandrake workstation (laptop) When ever I ssh'd in, the shares mounted. It can be set to mount based on preferred authentication system (local password file, winbind, nis, etc) and protocol. ie. mount windows shares if you login via ssh, or even if you login through the kde desktop (warning: kde requires special files relocated when mounting home directories). Having said that and seeing as how you are new, I believe Geoff's solution is a much easier way to go. You may however wish to read up on pam_mount anyway. For more info do a google on pam_mount Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Long waiting time connecting to Samba
I run Samba 3.0.10 on a RedHat 9.0 with the 2.4.20-8 kernel. Samba is the PDC and Wins server. When opening a share all users have to wait several seconds (15 to 20) until the share opens. Then it works fast for some time. The same wating time can appear when saving a file from Word or other programs to the share. It only works fast for some time. Can someone help me? Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SMBFS mounts slow across gigabit connection
I'm using Samba smbfs to make directories on a Linux file server available across a switched Gigabit network. Unfortunately, when mounting the shares to another Linux system with smbfs, the performance is terrible. To test the setup, I created both a 100mb and 650mb file and transferred them with ftp, smbclient, and smbfs (mounted share). I also used iperf to send each file, just out of curiosity. Here's what I'm seeing: iperf: 100mb - 1.7 seconds (59 MB/s) 650mb - 10.8 seconds (60 MB/s) FTP: 100mb - 2.17 seconds (47 MB/s) 650mb - 34.9 seconds (19 MB/s) smbclient: 100mb - 5.2 seconds (19 MB/s) 650mb - 35.1 seconds (18.8 MB/s) smbfs: 100mb - 45.4 seconds (2.5 MB/s) 650mb - 282.6 seconds (2.4 MB/s) As you can see, using iperf (which has little or no overhead), the network is capable of about 60 MB/s. I wasn't expecting to get anything near that through a file transfer protocol (though I'm not entirely sure why FTP is so much faster with the 100mb file as opposed to the 650mb file), but smbfs is nearly 10 times slower than smbclient. Both the server and the host are Linux machines. The samba server is running Ubuntu (Debian) with the 2.6.8 kernel, while the host is a Gentoo box running the 2.6.10-rc3 (nitro2) kernel. I have made a few adjustments to the TCP settings on each system: echo 262144 /proc/sys/net/core/rmem_max echo 262144 /proc/sys/net/core/wmem_max echo 163840 /proc/sys/net/core/rmem_default echo 163840 /proc/sys/net/core/wmem_default echo 4096 163840 262144 /proc/sys/net/ipv4/tcp_rmem echo 4096 163840 262144 /proc/sys/net/ipv4/tcp_wmem echo 49152 163840 262144 /proc/sys/net/ipv4/tcp_mem These, however, have only helped each of the transfer types performance-wise (FTP especially, smbfs wasn't really affected at all). Does anybody have any idea why I'm seeing such a huge difference between the smbfs and smbclient numbers? Am I missing something obvious? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r4413 - in branches/SAMBA_4_0/source/libcli/auth: .
Author: tridge Date: 2004-12-30 11:24:49 + (Thu, 30 Dec 2004) New Revision: 4413 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4413 Log: login failure doesn't warrant a level 1 debug (its filling my logs during torture tests) Modified: branches/SAMBA_4_0/source/libcli/auth/spnego.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/auth/spnego.c === --- branches/SAMBA_4_0/source/libcli/auth/spnego.c 2004-12-30 07:10:31 UTC (rev 4412) +++ branches/SAMBA_4_0/source/libcli/auth/spnego.c 2004-12-30 11:24:49 UTC (rev 4413) @@ -400,7 +400,7 @@ spnego_state-state_position = SPNEGO_DONE; } else { spnego_out.negTokenTarg.negResult = SPNEGO_REJECT; - DEBUG(1, (SPNEGO login failed: %s\n, nt_errstr(nt_status))); + DEBUG(2, (SPNEGO login failed: %s\n, nt_errstr(nt_status))); spnego_state-state_position = SPNEGO_DONE; }
svn commit: samba r4415 - in branches/SAMBA_4_0/source/rpc_server/samr: .
Author: vlendec Date: 2004-12-30 18:50:15 + (Thu, 30 Dec 2004) New Revision: 4415 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4415 Log: Implement samr_RemoveMemberFromForeignDomain. This is needed to delete a user with usrmgr.exe. To fix: Remove domain group membership attrib values when a user is deleted. Volker Modified: branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c === --- branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2004-12-30 17:01:49 UTC (rev 4414) +++ branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2004-12-30 18:50:15 UTC (rev 4415) @@ -3160,7 +3160,64 @@ static NTSTATUS samr_RemoveMemberFromForeignDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct samr_RemoveMemberFromForeignDomain *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h; + struct samr_domain_state *d_state; + struct dom_sid *domain_sid; + const char *membersid, *memberdn; + struct ldb_message **res; + const char * const attrs[3] = { dn, objectSid, NULL }; + int i, count; + + DCESRV_PULL_HANDLE(h, r-in.domain_handle, SAMR_HANDLE_DOMAIN); + + d_state = h-data; + + domain_sid = dom_sid_parse_talloc(mem_ctx, d_state-domain_sid); + membersid = dom_sid_string(mem_ctx, r-in.sid); + if ((domain_sid == NULL) || (membersid == NULL)) + return NT_STATUS_NO_MEMORY; + + memberdn = samdb_search_string(d_state-sam_ctx, mem_ctx, NULL, + dn, (objectSid=%s), membersid); + if (memberdn == NULL) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + + /* TODO: Does this call only remove alias members, or does it do this +* for domain groups as well? */ + + count = samdb_search_domain(d_state-sam_ctx, mem_ctx, + d_state-domain_dn, res, attrs, + domain_sid, + ((member=%s)(objectClass=group) + (|(groupType=%s)(groupType=%s))), + memberdn, + ldb_hexstr(mem_ctx, + GTYPE_SECURITY_BUILTIN_LOCAL_GROUP), + ldb_hexstr(mem_ctx, + GTYPE_SECURITY_DOMAIN_LOCAL_GROUP)); + + if (count 0) + return NT_STATUS_INTERNAL_DB_CORRUPTION; + + for (i=0; icount; i++) { + struct ldb_message mod; + ZERO_STRUCT(mod); + + mod.dn = talloc_reference(mem_ctx, + samdb_result_string(res[i], dn, + NULL)); + if (mod.dn == NULL) + continue; + + if (samdb_msg_add_delval(d_state-sam_ctx, mem_ctx, mod, +member, memberdn) != 0) + return NT_STATUS_NO_MEMORY; + + if (samdb_modify(d_state-sam_ctx, mem_ctx, mod) != 0) + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; }
svn commit: samba r4416 - in branches/SAMBA_4_0/source/rpc_server/lsa: .
Author: vlendec Date: 2004-12-30 19:08:32 + (Thu, 30 Dec 2004) New Revision: 4416 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4416 Log: [in,out] variables do have an r-out component... Volker Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-30 18:50:15 UTC (rev 4415) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-30 19:08:32 UTC (rev 4416) @@ -153,7 +153,7 @@ i++; } - *r-in.resume_handle = i; + *r-out.resume_handle = i; return NT_STATUS_OK; }
svn commit: samba r4417 - in branches/SAMBA_4_0/source/rpc_server/samr: .
Author: vlendec Date: 2004-12-30 19:11:25 + (Thu, 30 Dec 2004) New Revision: 4417 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4417 Log: Reply to samr_QueryDomainInfo with the same static value as level2 does. Volker Modified: branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c === --- branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2004-12-30 19:08:32 UTC (rev 4416) +++ branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2004-12-30 19:11:25 UTC (rev 4417) @@ -409,6 +409,19 @@ return NT_STATUS_OK; } +/* + return DomInfo3 +*/ +static NTSTATUS samr_info_DomInfo3(struct samr_domain_state *state, + TALLOC_CTX *mem_ctx, + struct samr_DomInfo3 *info) +{ + /* where is this supposed to come from? is it settable? */ + info-force_logoff_time = 0x8000LL; + + return NT_STATUS_OK; +} + /* samr_QueryDomainInfo */ @@ -437,6 +450,9 @@ r-out.info-info1); case 2: return samr_info_DomInfo2(d_state, mem_ctx, r-out.info-info2); + case 3: + return samr_info_DomInfo3(d_state, mem_ctx, + r-out.info-info3); } return NT_STATUS_INVALID_INFO_CLASS;
svn commit: samba r4418 - in branches/SAMBA_4_0/source/include: .
Author: metze Date: 2004-12-30 19:55:23 + (Thu, 30 Dec 2004) New Revision: 4418 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4418 Log: fix compiler warning and remove unused typedef metze Modified: branches/SAMBA_4_0/source/include/structs.h Changeset: Modified: branches/SAMBA_4_0/source/include/structs.h === --- branches/SAMBA_4_0/source/include/structs.h 2004-12-30 19:11:25 UTC (rev 4417) +++ branches/SAMBA_4_0/source/include/structs.h 2004-12-30 19:55:23 UTC (rev 4418) @@ -122,10 +122,9 @@ struct ldb_message; +struct dom_sid; struct security_token; struct security_acl; struct security_ace; -typedef struct security_descriptor SEC_DESC; - struct lsa_RightSet;
svn commit: samba r4419 - in branches/SAMBA_4_0/source: auth dsdb/samdb include libcli/security ntvfs/unixuid utils
Author: metze Date: 2004-12-30 20:34:20 + (Thu, 30 Dec 2004) New Revision: 4419 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4419 Log: move security_token stuff to the libcli/security/ and debug privileges metze Added: branches/SAMBA_4_0/source/libcli/security/security.h Modified: branches/SAMBA_4_0/source/auth/auth_util.c branches/SAMBA_4_0/source/dsdb/samdb/samdb_privilege.c branches/SAMBA_4_0/source/include/smb.h branches/SAMBA_4_0/source/libcli/security/access_check.c branches/SAMBA_4_0/source/libcli/security/dom_sid.c branches/SAMBA_4_0/source/libcli/security/privilege.c branches/SAMBA_4_0/source/libcli/security/security_descriptor.c branches/SAMBA_4_0/source/libcli/security/security_token.c branches/SAMBA_4_0/source/ntvfs/unixuid/vfs_unixuid.c branches/SAMBA_4_0/source/utils/ntlm_auth.c Changeset: Sorry, the patch is too large (460 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4419
svn commit: samba r4420 - in branches/SAMBA_4_0/source/include: .
Author: metze Date: 2004-12-30 23:51:18 + (Thu, 30 Dec 2004) New Revision: 4420 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4420 Log: - add usefull helper macros for allocation failures, they should be used in mostly all our code after calling a talloc_* function - the current NTSTATUS_TALLOC_CHECK() and WERR_TALLOC_CHECK() should be replaced by this new macros metze Modified: branches/SAMBA_4_0/source/include/nt_status.h Changeset: Modified: branches/SAMBA_4_0/source/include/nt_status.h === --- branches/SAMBA_4_0/source/include/nt_status.h 2004-12-30 20:34:20 UTC (rev 4419) +++ branches/SAMBA_4_0/source/include/nt_status.h 2004-12-30 23:51:18 UTC (rev 4420) @@ -57,9 +57,22 @@ #define NT_STATUS_IS_OK(x) (NT_STATUS_V(x) == 0) #define NT_STATUS_IS_ERR(x) ((NT_STATUS_V(x) 0xc000) == 0xc000) #define NT_STATUS_EQUAL(x,y) (NT_STATUS_V(x) == NT_STATUS_V(y)) + +#define NT_STATUS_HAVE_NO_MOMORY(x) do { \ + if (!(x)) {\ + return NT_STATUS_NO_MEMORY;\ + }\ +} while (0) + #define W_ERROR_IS_OK(x) (W_ERROR_V(x) == 0) #define W_ERROR_EQUAL(x,y) (W_ERROR_V(x) == W_ERROR_V(y)) +#define W_ERROR_HAVE_NO_MOMORY(x) do { \ + if (!(x)) {\ + return WERR_NOMEM;\ + }\ +} while (0) + /* this defines special NTSTATUS codes to represent DOS errors. I have chosen this macro to produce status codes in the invalid NTSTATUS range */
svn commit: samba r4421 - in branches/SAMBA_4_0/source/include: .
Author: metze Date: 2004-12-31 00:07:37 + (Fri, 31 Dec 2004) New Revision: 4421 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4421 Log: fix typo metze Modified: branches/SAMBA_4_0/source/include/nt_status.h Changeset: Modified: branches/SAMBA_4_0/source/include/nt_status.h === --- branches/SAMBA_4_0/source/include/nt_status.h 2004-12-30 23:51:18 UTC (rev 4420) +++ branches/SAMBA_4_0/source/include/nt_status.h 2004-12-31 00:07:37 UTC (rev 4421) @@ -58,7 +58,7 @@ #define NT_STATUS_IS_ERR(x) ((NT_STATUS_V(x) 0xc000) == 0xc000) #define NT_STATUS_EQUAL(x,y) (NT_STATUS_V(x) == NT_STATUS_V(y)) -#define NT_STATUS_HAVE_NO_MOMORY(x) do { \ +#define NT_STATUS_HAVE_NO_MEMORY(x) do { \ if (!(x)) {\ return NT_STATUS_NO_MEMORY;\ }\ @@ -67,7 +67,7 @@ #define W_ERROR_IS_OK(x) (W_ERROR_V(x) == 0) #define W_ERROR_EQUAL(x,y) (W_ERROR_V(x) == W_ERROR_V(y)) -#define W_ERROR_HAVE_NO_MOMORY(x) do { \ +#define W_ERROR_HAVE_NO_MEMORY(x) do { \ if (!(x)) {\ return WERR_NOMEM;\ }\
svn commit: samba r4422 - in branches/SAMBA_4_0/source/torture: . raw rpc
Author: metze Date: 2004-12-31 01:02:22 + (Fri, 31 Dec 2004) New Revision: 4422 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4422 Log: make lp_set_cmdline(torture:dangerous, Yes) a bool parameter metze Modified: branches/SAMBA_4_0/source/torture/raw/setfileinfo.c branches/SAMBA_4_0/source/torture/rpc/drsuapi.c branches/SAMBA_4_0/source/torture/rpc/samr.c branches/SAMBA_4_0/source/torture/rpc/winreg.c branches/SAMBA_4_0/source/torture/torture.c Changeset: Modified: branches/SAMBA_4_0/source/torture/raw/setfileinfo.c === --- branches/SAMBA_4_0/source/torture/raw/setfileinfo.c 2004-12-31 00:07:37 UTC (rev 4421) +++ branches/SAMBA_4_0/source/torture/raw/setfileinfo.c 2004-12-31 01:02:22 UTC (rev 4422) @@ -527,7 +527,7 @@ NTSTATUS status; int fnum; - if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(torture_raw_sfileinfo_bug disabled - enable dangerous tests to use\n); return True; } Modified: branches/SAMBA_4_0/source/torture/rpc/drsuapi.c === --- branches/SAMBA_4_0/source/torture/rpc/drsuapi.c 2004-12-31 00:07:37 UTC (rev 4421) +++ branches/SAMBA_4_0/source/torture/rpc/drsuapi.c 2004-12-31 01:02:22 UTC (rev 4422) @@ -772,7 +772,7 @@ } }; - if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(DsReplicaSync disabled - enable dangerous tests to use\n); return True; } @@ -791,7 +791,7 @@ r.in.req.req1.info-unknown2= 120; ZERO_STRUCT(r.in.req.req1.info-guid1); ZERO_ARRAY(r.in.req.req1.info-unknown3); - r.in.req.req1.info-nc_dn = priv-domain_obj_dn; + r.in.req.req1.info-nc_dn = priv-domain_obj_dn?priv-domain_obj_dn:; r.in.req.req1.guid1 = priv-dcinfo.ntds_guid; r.in.req.req1.string1 = NULL; r.in.req.req1.unknown1 = 16; Modified: branches/SAMBA_4_0/source/torture/rpc/samr.c === --- branches/SAMBA_4_0/source/torture/rpc/samr.c2004-12-31 00:07:37 UTC (rev 4421) +++ branches/SAMBA_4_0/source/torture/rpc/samr.c2004-12-31 01:02:22 UTC (rev 4422) @@ -70,7 +70,7 @@ NTSTATUS status; struct samr_Shutdown r; - if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(samr_Shutdown disabled - enable dangerous tests to use\n); return True; } @@ -96,7 +96,7 @@ struct samr_String string; struct samr_Password hash; - if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(samr_SetDsrmPassword disabled - enable dangerous tests to use\n); return True; } @@ -2176,7 +2176,7 @@ #define ASYNC_COUNT 100 struct rpc_request *req[ASYNC_COUNT]; - if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(samr async test disabled - enable dangerous tests to use\n); return True; } Modified: branches/SAMBA_4_0/source/torture/rpc/winreg.c === --- branches/SAMBA_4_0/source/torture/rpc/winreg.c 2004-12-31 00:07:37 UTC (rev 4421) +++ branches/SAMBA_4_0/source/torture/rpc/winreg.c 2004-12-31 01:02:22 UTC (rev 4422) @@ -770,7 +770,7 @@ return False; } -if (lp_parm_int(-1, torture, dangerous) != 1) { + if (!lp_parm_bool(-1, torture, dangerous, False)) { printf(winreg_InitiateShutdown disabled - enable dangerous tests to use\n); } else { ret = test_InitiateSystemShutdown(p, mem_ctx, spottyfood, 30); Modified: branches/SAMBA_4_0/source/torture/torture.c === --- branches/SAMBA_4_0/source/torture/torture.c 2004-12-31 00:07:37 UTC (rev 4421) +++ branches/SAMBA_4_0/source/torture/torture.c 2004-12-31 01:02:22 UTC (rev 4422) @@ -2697,7 +2697,7 @@ parse_dns(poptGetOptArg(pc)); break; case OPT_DANGEROUS: - lp_set_cmdline(torture:dangerous, 1); + lp_set_cmdline(torture:dangerous, Yes); break; default:
svn commit: samba r4423 - in branches/SAMBA_4_0/source: ntvfs/posix param
Author: metze Date: 2004-12-31 01:03:57 + (Fri, 31 Dec 2004) New Revision: 4423 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4423 Log: give lp_parm_int() and lp_parm_ulong() default values metze Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_shortname.c branches/SAMBA_4_0/source/ntvfs/posix/vfs_posix.c branches/SAMBA_4_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_shortname.c === --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_shortname.c 2004-12-31 01:02:22 UTC (rev 4422) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_shortname.c 2004-12-31 01:03:57 UTC (rev 4423) @@ -604,7 +604,7 @@ memset(ctx-prefix_cache, 0, sizeof(char *)*MANGLE_CACHE_SIZE); memset(ctx-prefix_cache_hashes, 0, sizeof(uint32_t)*MANGLE_CACHE_SIZE); - ctx-mangle_prefix = lp_parm_int(-1, mangle, prefix); + ctx-mangle_prefix = lp_parm_int(-1, mangle, prefix, -1); if (ctx-mangle_prefix 0 || ctx-mangle_prefix 6) { ctx-mangle_prefix = DEFAULT_MANGLE_PREFIX; } Modified: branches/SAMBA_4_0/source/ntvfs/posix/vfs_posix.c === --- branches/SAMBA_4_0/source/ntvfs/posix/vfs_posix.c 2004-12-31 01:02:22 UTC (rev 4422) +++ branches/SAMBA_4_0/source/ntvfs/posix/vfs_posix.c 2004-12-31 01:03:57 UTC (rev 4423) @@ -34,7 +34,6 @@ static void pvfs_setup_options(struct pvfs_state *pvfs) { int snum = pvfs-tcon-service; - int delay; const char *eadb; if (lp_map_hidden(snum)) pvfs-flags |= PVFS_FLAG_MAP_HIDDEN; @@ -53,11 +52,7 @@ if (lp_parm_bool(snum, posix, xattr, True)) pvfs-flags |= PVFS_FLAG_XATTR_ENABLE; #endif - pvfs-sharing_violation_delay = 100; - delay = lp_parm_int(snum, posix, sharedelay); - if (delay != -1) { - pvfs-sharing_violation_delay = delay; - } + pvfs-sharing_violation_delay = lp_parm_int(snum, posix, sharedelay, 100); pvfs-share_name = talloc_strdup(pvfs, lp_servicename(snum)); @@ -81,7 +76,6 @@ } } - if (pvfs-flags PVFS_FLAG_XATTR_ENABLE) { pvfs-fs_attribs |= FS_ATTR_NAMED_STREAMS; } Modified: branches/SAMBA_4_0/source/param/loadparm.c === --- branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 01:02:22 UTC (rev 4422) +++ branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 01:03:57 UTC (rev 4423) @@ -1436,27 +1436,27 @@ /* Return parametric option from a given service. Type is a part of option before ':' */ /* Parametric option has following syntax: 'Type: option = value' */ -int lp_parm_int(int lookup_service, const char *type, const char *option) +int lp_parm_int(int lookup_service, const char *type, const char *option, int default_v) { const char *value = get_parametrics(lookup_service, type, option); if (value) return lp_int(value); - return (-1); + return default_v; } /* Return parametric option from a given service. Type is a part of option before ':' */ /* Parametric option has following syntax: 'Type: option = value' */ -unsigned long lp_parm_ulong(int lookup_service, const char *type, const char *option) +unsigned long lp_parm_ulong(int lookup_service, const char *type, const char *option, unsigned long default_v) { const char *value = get_parametrics(lookup_service, type, option); if (value) return lp_ulong(value); - return (0); + return default_v; } /* Return parametric option from a given service. Type is a part of option before ':' */
svn commit: samba r4424 - in branches/SAMBA_4_0/source/lib/ldb/ldb_tdb: .
Author: tridge Date: 2004-12-31 02:18:14 + (Fri, 31 Dec 2004) New Revision: 4424 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4424 Log: fixed a simple bug in the '|' handling in indexed ldb searches. I'm amazed we got along for so long with this bug! Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2004-12-31 01:03:57 UTC (rev 4423) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2004-12-31 02:18:14 UTC (rev 4424) @@ -385,6 +385,7 @@ return -1; } dn_list_free(ldb, list2); + ret = 1; } }
svn commit: samba r4425 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/common rpc_server/srvsvc rpc_server/wkssvc
Author: metze Date: 2004-12-31 02:48:11 + (Fri, 31 Dec 2004) New Revision: 4425 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4425 Log: - move srvsvc and wkssvc server code to the new W_ERROR_HAVE_NO_MEMORY() macro - add parameters for server_info:platform_id = 500 /* this is PLATFORM_ID_NT */ server_info:version_major = 5 server_info:version_minor = 2 - implmented srvsvc_NetSrvGetInfo level 101 - make dcesrv_common_get_server_name() match w2k3 metze Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl branches/SAMBA_4_0/source/rpc_server/common/server_info.c branches/SAMBA_4_0/source/rpc_server/srvsvc/dcesrv_srvsvc.c branches/SAMBA_4_0/source/rpc_server/wkssvc/dcesrv_wkssvc.c Changeset: Sorry, the patch is too large (632 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4425
svn commit: samba r4426 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/wkssvc
Author: metze Date: 2004-12-31 03:32:36 + (Fri, 31 Dec 2004) New Revision: 4426 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4426 Log: fix same names metze Modified: branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl branches/SAMBA_4_0/source/rpc_server/wkssvc/dcesrv_wkssvc.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl === --- branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2004-12-31 02:48:11 UTC (rev 4425) +++ branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2004-12-31 03:32:36 UTC (rev 4426) @@ -18,27 +18,27 @@ typedef struct { uint32 platform_id; - unistr *server; - unistr *domain; - uint32 ver_major; - uint32 ver_minor; + unistr *server_name; + unistr *domain_name; + uint32 version_major; + uint32 version_minor; } wkssvc_NetWkstaInfo100; typedef struct { uint32 platform_id; - unistr *server; - unistr *domain; - uint32 ver_major; - uint32 ver_minor; + unistr *server_name; + unistr *domain_name; + uint32 version_major; + uint32 version_minor; unistr *lan_root; } wkssvc_NetWkstaInfo101; typedef struct { uint32 platform_id; - unistr *server; - unistr *domain; - uint32 ver_major; - uint32 ver_minor; + unistr *server_name; + unistr *domain_name; + uint32 version_major; + uint32 version_minor; unistr *lan_root; uint32 logged_on_users; } wkssvc_NetWkstaInfo102; Modified: branches/SAMBA_4_0/source/rpc_server/wkssvc/dcesrv_wkssvc.c === --- branches/SAMBA_4_0/source/rpc_server/wkssvc/dcesrv_wkssvc.c 2004-12-31 02:48:11 UTC (rev 4425) +++ branches/SAMBA_4_0/source/rpc_server/wkssvc/dcesrv_wkssvc.c 2004-12-31 03:32:36 UTC (rev 4426) @@ -46,12 +46,12 @@ W_ERROR_HAVE_NO_MEMORY(info100); info100-platform_id= dcesrv_common_get_platform_id(mem_ctx, dce_ctx); - info100-server = dcesrv_common_get_server_name(mem_ctx, dce_ctx, NULL); - W_ERROR_HAVE_NO_MEMORY(info100-server); - info100-domain = dcesrv_common_get_domain_name(mem_ctx, dce_ctx); - W_ERROR_HAVE_NO_MEMORY(info100-domain); - info100-ver_major = dcesrv_common_get_version_major(mem_ctx, dce_ctx); - info100-ver_minor = dcesrv_common_get_version_minor(mem_ctx, dce_ctx); + info100-server_name= dcesrv_common_get_server_name(mem_ctx, dce_ctx, NULL); + W_ERROR_HAVE_NO_MEMORY(info100-server_name); + info100-domain_name= dcesrv_common_get_domain_name(mem_ctx, dce_ctx); + W_ERROR_HAVE_NO_MEMORY(info100-domain_name); + info100-version_major = dcesrv_common_get_version_major(mem_ctx, dce_ctx); + info100-version_minor = dcesrv_common_get_version_minor(mem_ctx, dce_ctx); r-out.info.info100 = info100; return WERR_OK; @@ -64,12 +64,12 @@ W_ERROR_HAVE_NO_MEMORY(info101); info101-platform_id= dcesrv_common_get_platform_id(mem_ctx, dce_ctx); - info101-server = dcesrv_common_get_server_name(mem_ctx, dce_ctx, NULL); - W_ERROR_HAVE_NO_MEMORY(info101-server); - info101-domain = dcesrv_common_get_domain_name(mem_ctx, dce_ctx); - W_ERROR_HAVE_NO_MEMORY(info101-domain); - info101-ver_major = dcesrv_common_get_version_major(mem_ctx, dce_ctx); - info101-ver_minor = dcesrv_common_get_version_minor(mem_ctx, dce_ctx); + info101-server_name= dcesrv_common_get_server_name(mem_ctx, dce_ctx, NULL); + W_ERROR_HAVE_NO_MEMORY(info101-server_name); + info101-domain_name= dcesrv_common_get_domain_name(mem_ctx, dce_ctx); + W_ERROR_HAVE_NO_MEMORY(info101-domain_name); + info101-version_major = dcesrv_common_get_version_major(mem_ctx, dce_ctx); + info101-version_minor = dcesrv_common_get_version_minor(mem_ctx, dce_ctx); info101-lan_root = dcesrv_common_get_lan_root(mem_ctx, dce_ctx); r-out.info.info101 = info101; @@ -155,7 +155,7 @@ return WERR_UNKNOWN_LEVEL; } - return WERR_OK; + return WERR_UNKNOWN_LEVEL; }
svn commit: samba r4427 - in branches/SAMBA_4_0/source/lib/ldb: common include tools
Author: tridge Date: 2004-12-31 03:51:42 + (Fri, 31 Dec 2004) New Revision: 4427 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4427 Log: - added ldb_msg_*() functions for sorting, comparing and copying messages - added a ldb_msg_canonicalize() function that fixes a record to not have any duplicate elements - changed ldbedit to use ldb_msg_canonicalize(). This fixes a bug when you rename multiple elements in a record in one edit Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c 2004-12-31 03:32:36 UTC (rev 4426) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c 2004-12-31 03:51:42 UTC (rev 4427) @@ -228,6 +228,16 @@ } /* + compare two ldb_message_element structures + comparing by element name +*/ +int ldb_msg_element_compare_name(struct ldb_message_element *el1, +struct ldb_message_element *el2) +{ + return ldb_attr_cmp(el1-name, el2-name); +} + +/* convenience functions to return common types from a message these return the first value if the attribute is multi-valued */ @@ -305,3 +315,127 @@ } return v-data; } + + +/* + sort the elements of a message by name +*/ +void ldb_msg_sort_elements(struct ldb_message *msg) +{ + qsort(msg-elements, msg-num_elements, sizeof(struct ldb_message_element), + (comparison_fn_t)ldb_msg_element_compare_name); +} + + +/* + free a message created using ldb_msg_copy +*/ +void ldb_msg_free(struct ldb_context *ldb, struct ldb_message *msg) +{ + int i, j; + + for (i=0;imsg-num_elements;i++) { + struct ldb_message_element *el = msg-elements[i]; + for (j=0;jel-num_values;j++) { + ldb_free(ldb, el-values[j].data); + } + if (el-values) ldb_free(ldb, el-values); + ldb_free(ldb, el-name); + } + if (msg-elements) ldb_free(ldb, msg-elements); + ldb_free(ldb, msg-dn); + ldb_free(ldb, msg); +} + +/* + copy a message, allocating new memory for all parts +*/ +struct ldb_message *ldb_msg_copy(struct ldb_context *ldb, +const struct ldb_message *msg) +{ + struct ldb_message *msg2; + int i, j; + + msg2 = ldb_malloc_p(ldb, struct ldb_message); + if (msg2 == NULL) return NULL; + + msg2-elements = NULL; + msg2-num_elements = 0; + msg2-private_data = NULL; + + msg2-dn = ldb_strdup(ldb, msg-dn); + if (msg2-dn == NULL) goto failed; + + msg2-elements = ldb_malloc_array_p(ldb, struct ldb_message_element, msg-num_elements); + if (msg2-elements == NULL) goto failed; + + for (i=0;imsg-num_elements;i++) { + struct ldb_message_element *el1 = msg-elements[i]; + struct ldb_message_element *el2 = msg2-elements[i]; + + el2-flags = el1-flags; + el2-num_values = 0; + el2-values = NULL; + el2-name = ldb_strdup(ldb, el1-name); + if (el2-name == NULL) goto failed; + el2-values = ldb_malloc_array_p(ldb, struct ldb_val, el1-num_values); + for (j=0;jel1-num_values;j++) { + el2-values[j] = ldb_val_dup(ldb, el1-values[j]); + if (el2-values[j].data == NULL + el1-values[j].length != 0) { + goto failed; + } + el2-num_values++; + } + + msg2-num_elements++; + } + + return msg2; + +failed: + ldb_msg_free(ldb, msg2); + return NULL; +} + + +/* + canonicalise a message, merging elements of the same name +*/ +struct ldb_message *ldb_msg_canonicalize(struct ldb_context *ldb, +const struct ldb_message *msg) +{ + int i; + struct ldb_message *msg2; + + msg2 = ldb_msg_copy(ldb, msg); + if (msg2 == NULL) return NULL; + + ldb_msg_sort_elements(msg2); + + for (i=1;imsg2-num_elements;i++) { + struct ldb_message_element *el1 = msg2-elements[i-1]; + struct ldb_message_element *el2 = msg2-elements[i]; + if (ldb_msg_element_compare_name(el1, el2) == 0) { + el1-values = ldb_realloc_p(ldb, el1-values, struct ldb_val, + el1-num_values + el2-num_values); + if (el1-values == NULL) { + return NULL; + } + memcpy(el1-values + el1-num_values, +
svn commit: samba r4428 - in branches/SAMBA_4_0/source/client: .
Author: tridge Date: 2004-12-31 03:54:49 + (Fri, 31 Dec 2004) New Revision: 4428 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4428 Log: use minimum open permissions in the 'acl' command in smbclient, so the user is not prevented from viewing the acl by other access bits Modified: branches/SAMBA_4_0/source/client/client.c Changeset: Modified: branches/SAMBA_4_0/source/client/client.c === --- branches/SAMBA_4_0/source/client/client.c 2004-12-31 03:51:42 UTC (rev 4427) +++ branches/SAMBA_4_0/source/client/client.c 2004-12-31 03:54:49 UTC (rev 4428) @@ -1859,7 +1859,14 @@ } pstrcat(fname,buf); - fnum = smbcli_open(cli-tree, fname, O_RDONLY, DENY_NONE); + fnum = smbcli_nt_create_full(cli-tree, fname, 0, +SEC_STD_READ_CONTROL, +0, +NTCREATEX_SHARE_ACCESS_DELETE| +NTCREATEX_SHARE_ACCESS_READ| +NTCREATEX_SHARE_ACCESS_WRITE, +NTCREATEX_DISP_OPEN, +0, 0); if (fnum == -1) { d_printf(%s - %s\n, fname, smbcli_errstr(cli-tree)); return -1;
svn commit: samba r4429 - in branches/SAMBA_4_0/source/libcli/security: .
Author: tridge Date: 2004-12-31 03:55:37 + (Fri, 31 Dec 2004) New Revision: 4429 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4429 Log: the owner of a file always gets SEC_STD_DELETE Modified: branches/SAMBA_4_0/source/libcli/security/access_check.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/security/access_check.c === --- branches/SAMBA_4_0/source/libcli/security/access_check.c2004-12-31 03:54:49 UTC (rev 4428) +++ branches/SAMBA_4_0/source/libcli/security/access_check.c2004-12-31 03:55:37 UTC (rev 4429) @@ -50,9 +50,8 @@ unsigned i; if (sid_active_in_token(sd-owner_sid, token)) { - granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL; - } - if (sec_privilege_check(token, SEC_PRIV_RESTORE)) { + granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE; + } else if (sec_privilege_check(token, SEC_PRIV_RESTORE)) { granted |= SEC_STD_DELETE; } @@ -122,10 +121,10 @@ return NT_STATUS_ACCESS_DENIED; } - /* the owner always gets SEC_STD_WRITE_DAC SEC_STD_READ_CONTROL */ - if ((bits_remaining (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) + /* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */ + if ((bits_remaining (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) sid_active_in_token(sd-owner_sid, token)) { - bits_remaining = ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL); + bits_remaining = ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE); } if ((bits_remaining SEC_STD_DELETE) sec_privilege_check(token, SEC_PRIV_RESTORE)) {
svn commit: samba r4430 - in branches/SAMBA_4_0/source/torture/basic: .
Author: tridge Date: 2004-12-31 04:17:03 + (Fri, 31 Dec 2004) New Revision: 4430 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4430 Log: - fixed the BASE-LOCK* tests to use a subdirectory, and properly setup the directory before each test, thus avoiding errors due to previous failures Modified: branches/SAMBA_4_0/source/torture/basic/locking.c Changeset: Modified: branches/SAMBA_4_0/source/torture/basic/locking.c === --- branches/SAMBA_4_0/source/torture/basic/locking.c 2004-12-31 03:55:37 UTC (rev 4429) +++ branches/SAMBA_4_0/source/torture/basic/locking.c 2004-12-31 04:17:03 UTC (rev 4430) @@ -25,6 +25,8 @@ #include libcli/raw/libcliraw.h #include system/time.h +#define BASEDIR \\locktest + /* This test checks for two things: @@ -35,7 +37,7 @@ BOOL torture_locktest1(void) { struct smbcli_state *cli1, *cli2; - const char *fname = \\lockt1.lck; + const char *fname = BASEDIR \\lockt1.lck; int fnum1, fnum2, fnum3; time_t t1, t2; uint_t lock_timeout; @@ -46,7 +48,9 @@ printf(starting locktest1\n); - smbcli_unlink(cli1-tree, fname); + if (!torture_setup_dir(cli1, BASEDIR)) { + return False; + } fnum1 = smbcli_open(cli1-tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { @@ -190,7 +194,7 @@ BOOL torture_locktest2(void) { struct smbcli_state *cli; - const char *fname = \\lockt2.lck; + const char *fname = BASEDIR \\lockt2.lck; int fnum1, fnum2, fnum3; BOOL correct = True; @@ -200,7 +204,9 @@ printf(starting locktest2\n); - smbcli_unlink(cli-tree, fname); + if (!torture_setup_dir(cli, BASEDIR)) { + return False; + } printf(Testing pid context\n); @@ -329,7 +335,7 @@ BOOL torture_locktest3(void) { struct smbcli_state *cli1, *cli2; - const char *fname = \\lockt3.lck; + const char *fname = BASEDIR \\lockt3.lck; int fnum1, fnum2, i; uint32_t offset; BOOL correct = True; @@ -345,7 +351,9 @@ printf(Testing 32 bit offset ranges\n); - smbcli_unlink(cli1-tree, fname); + if (!torture_setup_dir(cli1, BASEDIR)) { + return False; + } fnum1 = smbcli_open(cli1-tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { @@ -461,7 +469,7 @@ BOOL torture_locktest4(void) { struct smbcli_state *cli1, *cli2; - const char *fname = \\lockt4.lck; + const char *fname = BASEDIR \\lockt4.lck; int fnum1, fnum2, f; BOOL ret; uint8_t buf[1000]; @@ -473,7 +481,9 @@ printf(starting locktest4\n); - smbcli_unlink(cli1-tree, fname); + if (!torture_setup_dir(cli1, BASEDIR)) { + return False; + } fnum1 = smbcli_open(cli1-tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); fnum2 = smbcli_open(cli2-tree, fname, O_RDWR, DENY_NONE); @@ -629,7 +639,7 @@ BOOL torture_locktest5(void) { struct smbcli_state *cli1, *cli2; - const char *fname = \\lockt5.lck; + const char *fname = BASEDIR \\lockt5.lck; int fnum1, fnum2, fnum3; BOOL ret; uint8_t buf[1000]; @@ -641,7 +651,9 @@ printf(starting locktest5\n); - smbcli_unlink(cli1-tree, fname); + if (!torture_setup_dir(cli1, BASEDIR)) { + return False; + } fnum1 = smbcli_open(cli1-tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); fnum2 = smbcli_open(cli2-tree, fname, O_RDWR, DENY_NONE); @@ -759,6 +771,10 @@ return False; } + if (!torture_setup_dir(cli, BASEDIR)) { + return False; + } + printf(starting locktest6\n); for (i=0;i1;i++) { @@ -788,7 +804,7 @@ BOOL torture_locktest7(void) { struct smbcli_state *cli1; - const char *fname = \\lockt7.lck; + const char *fname = BASEDIR \\lockt7.lck; int fnum1; int fnum2 = -1; size_t size; @@ -801,7 +817,9 @@ printf(starting locktest7\n); - smbcli_unlink(cli1-tree, fname); + if (!torture_setup_dir(cli1, BASEDIR)) { + return False; + } fnum1 = smbcli_open(cli1-tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
svn commit: samba r4431 - in branches/SAMBA_4_0/source: include libcli/util
Author: metze Date: 2004-12-31 04:45:13 + (Fri, 31 Dec 2004) New Revision: 4431 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4431 Log: add WERR_NET_NAME_NOT_FOUND metze Modified: branches/SAMBA_4_0/source/include/doserr.h branches/SAMBA_4_0/source/libcli/util/doserr.c Changeset: Modified: branches/SAMBA_4_0/source/include/doserr.h === --- branches/SAMBA_4_0/source/include/doserr.h 2004-12-31 04:17:03 UTC (rev 4430) +++ branches/SAMBA_4_0/source/include/doserr.h 2004-12-31 04:45:13 UTC (rev 4431) @@ -222,12 +222,13 @@ #define WERR_PRINTER_HAS_JOBS_QUEUED W_ERROR(ERRprinterhasjobsqueued) -/* DFS errors */ - #ifndef NERR_BASE #define NERR_BASE (2100) #endif +#define WERR_NET_NAME_NOT_FOUNDW_ERROR(NERR_BASE+210) + +/* DFS errors */ #define WERR_DFS_NO_SUCH_VOLW_ERROR(NERR_BASE+562) #define WERR_DFS_NO_SUCH_SHARE W_ERROR(NERR_BASE+565) #define WERR_DFS_NO_SUCH_SERVER W_ERROR(NERR_BASE+573) Modified: branches/SAMBA_4_0/source/libcli/util/doserr.c === --- branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-12-31 04:17:03 UTC (rev 4430) +++ branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-12-31 04:45:13 UTC (rev 4431) @@ -59,7 +59,8 @@ { WERR_DEST_NOT_FOUND, WERR_DEST_NOT_FOUND }, { WERR_NOT_LOCAL_DOMAIN, WERR_NOT_LOCAL_DOMAIN }, { WERR_PRINTER_DRIVER_IN_USE, WERR_PRINTER_DRIVER_IN_USE }, - { WERR_STATUS_MORE_ENTRIES , WERR_STATUS_MORE_ENTRIES }, + { WERR_STATUS_MORE_ENTRIES, WERR_STATUS_MORE_ENTRIES }, + { WERR_NET_NAME_NOT_FOUND, WERR_NET_NAME_NOT_FOUND }, { WERR_DFS_NO_SUCH_VOL, WERR_DFS_NO_SUCH_VOL }, { WERR_DFS_NO_SUCH_SHARE, WERR_DFS_NO_SUCH_SHARE }, { WERR_DFS_NO_SUCH_SERVER, WERR_DFS_NO_SUCH_SERVER },
svn commit: samba r4432 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/common rpc_server/srvsvc
Author: metze Date: 2004-12-31 05:34:31 + (Fri, 31 Dec 2004) New Revision: 4432 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4432 Log: - add srvsvc_NetShareInfo level 1006 and 1501 idl - implement srvsvc_NetGetShareInfo() - add more error checks - bring the rest of the code in the same layout metze Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl branches/SAMBA_4_0/source/rpc_server/common/share_info.c branches/SAMBA_4_0/source/rpc_server/srvsvc/dcesrv_srvsvc.c Changeset: Sorry, the patch is too large (1364 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4432
svn commit: samba r4433 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/lsa
Author: tridge Date: 2004-12-31 06:08:43 + (Fri, 31 Dec 2004) New Revision: 4433 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4433 Log: added the boilerplate for the new w2k3 LSA functions in preparation for adding LookupSids3 (needed for ACL editing from w2k3) Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Sorry, the patch is too large (307 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4433
svn commit: samba r4434 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: metze Date: 2004-12-31 06:19:05 + (Fri, 31 Dec 2004) New Revision: 4434 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4434 Log: - fix some NetShare* idl functions - add torture test for NetShareCheck() metze Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl branches/SAMBA_4_0/source/torture/rpc/srvsvc.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl === --- branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl 2004-12-31 06:08:43 UTC (rev 4433) +++ branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl 2004-12-31 06:19:05 UTC (rev 4434) @@ -518,7 +518,7 @@ /* Function: 0x11 */ WERROR srvsvc_NetShareSetInfo( [in] unistr *server_unc, - [in] unistr *share_name, + [in] unistr share_name, [in] uint32 level, [in,switch_is(level)] srvsvc_NetShareInfo info, [in,out] uint32 *parm_error @@ -528,7 +528,7 @@ /* Function: 0x12 */ WERROR srvsvc_NetShareDel( [in] unistr *server_unc, - [in] unistr *share_name, + [in] unistr share_name, [in] uint32 reserved ); @@ -536,7 +536,7 @@ /* Function: 0x13 */ WERROR srvsvc_NetShareDelSticky( [in] unistr *server_unc, - [in] unistr *share_name, + [in] unistr share_name, [in] uint32 reserved ); @@ -544,7 +544,7 @@ /* Function: 0x14 */ WERROR srvsvc_NetShareCheck( [in] unistr *server_unc, - [in] unistr *share_name, + [in] unistr device_name, [out] uint32 type ); Modified: branches/SAMBA_4_0/source/torture/rpc/srvsvc.c === --- branches/SAMBA_4_0/source/torture/rpc/srvsvc.c 2004-12-31 06:08:43 UTC (rev 4433) +++ branches/SAMBA_4_0/source/torture/rpc/srvsvc.c 2004-12-31 06:19:05 UTC (rev 4434) @@ -448,6 +448,32 @@ return ret; } +static BOOL test_NetShareCheck(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + const char *device_name) +{ + NTSTATUS status; + struct srvsvc_NetShareCheck r; + BOOL ret = True; + + r.in.server_unc = talloc_asprintf(mem_ctx, %s, dcerpc_server_name(p)); + r.in.device_name = device_name; + + printf(testing NetShareCheck on device '%s'\n, r.in.device_name); + + status = dcerpc_srvsvc_NetShareCheck(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status)) { + printf(dcerpc_srvsvc_NetShareCheck on device '%s' failed - %s\n, + r.in.device_name, nt_errstr(status)); + ret = False; + } else if (!W_ERROR_IS_OK(r.out.result)) { + printf(NetShareCheck on device '%s' failed - %s\n, + r.in.device_name, win_errstr(r.out.result)); + ret = False; + } + + return ret; +} + /**/ /* srvsvc_NetShare*/ /**/ @@ -489,13 +515,18 @@ } /* call srvsvc_NetShareGetInfo for each returned share */ - if (r.in.level == 1) { - for (j=0;jr.out.ctr.ctr1-count;j++) { + if (r.in.level == 2) { + for (j=0;jr.out.ctr.ctr2-count;j++) { const char *name; - name = r.out.ctr.ctr1-array[j].name; + const char *device; + name = r.out.ctr.ctr2-array[j].name; if (!test_NetShareGetInfo(p, mem_ctx, name)) { ret = False; } + device = r.out.ctr.ctr2-array[j].path; + if (!test_NetShareCheck(p, mem_ctx, device)) { + ret = False; + } } } }
svn commit: samba r4435 - in branches/SAMBA_4_0/source: include libcli/util
Author: metze Date: 2004-12-31 07:21:31 + (Fri, 31 Dec 2004) New Revision: 4435 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4435 Log: add another error code metze Modified: branches/SAMBA_4_0/source/include/doserr.h branches/SAMBA_4_0/source/libcli/util/doserr.c Changeset: Modified: branches/SAMBA_4_0/source/include/doserr.h === --- branches/SAMBA_4_0/source/include/doserr.h 2004-12-31 06:19:05 UTC (rev 4434) +++ branches/SAMBA_4_0/source/include/doserr.h 2004-12-31 07:21:31 UTC (rev 4435) @@ -227,6 +227,7 @@ #endif #define WERR_NET_NAME_NOT_FOUNDW_ERROR(NERR_BASE+210) +#define WERR_DEVICE_NOT_SHARED W_ERROR(NERR_BASE+211) /* DFS errors */ #define WERR_DFS_NO_SUCH_VOLW_ERROR(NERR_BASE+562) Modified: branches/SAMBA_4_0/source/libcli/util/doserr.c === --- branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-12-31 06:19:05 UTC (rev 4434) +++ branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-12-31 07:21:31 UTC (rev 4435) @@ -61,6 +61,7 @@ { WERR_PRINTER_DRIVER_IN_USE, WERR_PRINTER_DRIVER_IN_USE }, { WERR_STATUS_MORE_ENTRIES, WERR_STATUS_MORE_ENTRIES }, { WERR_NET_NAME_NOT_FOUND, WERR_NET_NAME_NOT_FOUND }, + { WERR_DEVICE_NOT_SHARED, WERR_DEVICE_NOT_SHARED }, { WERR_DFS_NO_SUCH_VOL, WERR_DFS_NO_SUCH_VOL }, { WERR_DFS_NO_SUCH_SHARE, WERR_DFS_NO_SUCH_SHARE }, { WERR_DFS_NO_SUCH_SERVER, WERR_DFS_NO_SUCH_SERVER },
svn commit: samba r4436 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: metze Date: 2004-12-31 07:22:10 + (Fri, 31 Dec 2004) New Revision: 4436 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4436 Log: add one more flag metze Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl === --- branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl 2004-12-31 07:21:31 UTC (rev 4435) +++ branches/SAMBA_4_0/source/librpc/idl/srvsvc.idl 2004-12-31 07:22:10 UTC (rev 4436) @@ -378,6 +378,7 @@ const int STYPE_PRINTQ = 1; const int STYPE_DEVICE = 2; /* Serial device */ const int STYPE_IPC = 3; /* Interprocess communication (IPC) */ + const int STYPE_TEMPORARY= 0x4000; /* share is a temporary one */ const int STYPE_HIDDEN = 0x8000; /* share is a hidden one */ typedef struct {
svn commit: samba r4437 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: tridge Date: 2004-12-31 07:26:26 + (Fri, 31 Dec 2004) New Revision: 4437 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4437 Log: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3(). For some reason I am getting ACCESS_DENIED from w2k3 on lsa_LookupSids3(). I will investigate. Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-31 07:22:10 UTC (rev 4436) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-31 07:26:26 UTC (rev 4437) @@ -792,9 +792,32 @@ /* Function 0x43 */ NTSTATUS lsa_CREDRPROFILELOADED(); + /**/ /* Function 0x44 */ - NTSTATUS lsa_LSARLOOKUPNAMES3(); + typedef struct { + uint16 sid_type; + dom_sid *sid; + uint32 sid_index; + uint32 unknown; + } lsa_TranslatedSid3; + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedSid3 *sids; + } lsa_TransSidArray3; + + NTSTATUS lsa_LookupNames3 ( + [in,ref] policy_handle *handle, + [in,range(0,1000)] uint32 num_names, + [in,ref,size_is(num_names)] lsa_String *names, + [out]lsa_RefDomainList *domains, + [in,out,ref] lsa_TransSidArray3 *sids, + [in] uint16 level, + [in,out,ref] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + /* Function 0x45 */ NTSTATUS lsa_CREDRGETSESSIONTYPES(); @@ -816,9 +839,19 @@ /* Function 0x4b */ NTSTATUS lsa_CREDRRENAME(); + /*/ /* Function 0x4c */ - NTSTATUS lsa_LSARLOOKUPSIDS3(); + NTSTATUS lsa_LookupSids3( + [in,ref] lsa_SidArray *sids, + [out]lsa_RefDomainList *domains, + [in,out,ref] lsa_TransNameArray2 *names, + [in] uint16 level, + [in,out,ref] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + /* Function 0x4d */ NTSTATUS lsa_LSARLOOKUPNAMES4(); Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-31 07:22:10 UTC (rev 4436) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-31 07:26:26 UTC (rev 4437) @@ -188,6 +188,51 @@ } +static BOOL test_LookupNames3(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_TransNameArray2 *tnames) +{ + struct lsa_LookupNames3 r; + struct lsa_TransSidArray3 sids; + struct lsa_String *names; + uint32_t count = 0; + NTSTATUS status; + int i; + + printf(\nTesting LookupNames3 with %d names\n, tnames-count); + + sids.count = 0; + sids.sids = NULL; + + names = talloc_array_p(mem_ctx, struct lsa_String, tnames-count); + for (i=0;itnames-count;i++) { + init_lsa_String(names[i], tnames-names[i].name.string); + } + + r.in.handle = handle; + r.in.num_names = tnames-count; + r.in.names = names; + r.in.sids = sids; + r.in.level = 1; + r.in.count = count; + r.in.unknown1 = 0; + r.in.unknown2 = 0; + r.out.count = count; + r.out.sids = sids; + + status = dcerpc_lsa_LookupNames3(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status) !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) { + printf(LookupNames3 failed - %s\n, nt_errstr(status)); + return False; + } + + printf(\n); + + return True; +} + + static BOOL test_LookupSids(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, @@ -267,6 +312,45 @@ return True; } +static BOOL test_LookupSids3(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_SidArray *sids) +{ + struct lsa_LookupSids3 r; + struct lsa_TransNameArray2 names; + uint32_t count = sids-num_sids; + NTSTATUS status; + + printf(\nTesting LookupSids3\n); + + names.count = 0; + names.names = NULL; + + r.in.sids = sids; + r.in.names = names; + r.in.level = 1; + r.in.count = count; + r.in.unknown1
svn commit: samba r4438 - in branches/SAMBA_4_0/source/param: .
Author: metze Date: 2004-12-31 07:35:14 + (Fri, 31 Dec 2004) New Revision: 4438 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4438 Log: the ADMIN$ share is a diskshare but hidden metze Modified: branches/SAMBA_4_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_4_0/source/param/loadparm.c === --- branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 07:26:26 UTC (rev 4437) +++ branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 07:35:14 UTC (rev 4438) @@ -924,6 +924,7 @@ do_parameter(fstype, FSTYPE_STRING); do_parameter(ntvfs handler, unixuid default); + do_parameter(max connections, -1); do_parameter(dcerpc endpoint servers, epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg IOXIDResolver IRemoteActivation); do_parameter(server services, smb rpc); @@ -1653,32 +1654,34 @@ Add the IPC service. ***/ -static BOOL lp_add_ipc(const char *ipc_name, BOOL guest_ok) +static BOOL lp_add_hidden(const char *name, const char *fstype, BOOL guest_ok) { pstring comment; - int i = add_a_service(sDefault, ipc_name); + int i = add_a_service(sDefault, name); if (i 0) return (False); slprintf(comment, sizeof(comment) - 1, -IPC Service (%s), Globals.szServerString); +%s Service (%s), fstype, Globals.szServerString); string_set(ServicePtrs[i]-szPath, tmpdir()); string_set(ServicePtrs[i]-szUsername, ); string_set(ServicePtrs[i]-comment, comment); - string_set(ServicePtrs[i]-fstype, IPC); + string_set(ServicePtrs[i]-fstype, fstype); ServicePtrs[i]-iMaxConnections = 0; ServicePtrs[i]-bAvailable = True; ServicePtrs[i]-bRead_only = True; ServicePtrs[i]-bGuest_only = False; ServicePtrs[i]-bGuest_ok = guest_ok; ServicePtrs[i]-bPrint_ok = False; - ServicePtrs[i]-bBrowseable = sDefault.bBrowseable; + ServicePtrs[i]-bBrowseable = False; - lp_do_parameter(i, ntvfs handler, default); + if (strcasecmp(fstype, IPC) == 0) { + lp_do_parameter(i, ntvfs handler, default); + } - DEBUG(3, (adding IPC service\n)); + DEBUG(3, (adding hidden service %s\n, name)); return (True); } @@ -3056,8 +3059,8 @@ if (add_ipc) { /* When 'restrict anonymous = 2' guest connections to ipc$ are denied */ - lp_add_ipc(IPC$, (lp_restrict_anonymous() 2)); - lp_add_ipc(ADMIN$, False); + lp_add_hidden(IPC$, IPC, (lp_restrict_anonymous() 2)); + lp_add_hidden(ADMIN$, DISK, False); } set_server_role();
svn commit: samba r4439 - in branches/SAMBA_4_0/source/param: .
Author: metze Date: 2004-12-31 07:40:14 + (Fri, 31 Dec 2004) New Revision: 4439 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4439 Log: unlimited connections is -1 metze Modified: branches/SAMBA_4_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_4_0/source/param/loadparm.c === --- branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 07:35:14 UTC (rev 4438) +++ branches/SAMBA_4_0/source/param/loadparm.c 2004-12-31 07:40:14 UTC (rev 4439) @@ -1669,7 +1669,7 @@ string_set(ServicePtrs[i]-szUsername, ); string_set(ServicePtrs[i]-comment, comment); string_set(ServicePtrs[i]-fstype, fstype); - ServicePtrs[i]-iMaxConnections = 0; + ServicePtrs[i]-iMaxConnections = -1; ServicePtrs[i]-bAvailable = True; ServicePtrs[i]-bRead_only = True; ServicePtrs[i]-bGuest_only = False;
svn commit: samba r4442 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: tridge Date: 2004-12-31 07:52:54 + (Fri, 31 Dec 2004) New Revision: 4442 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4442 Log: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid) Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-31 07:43:08 UTC (rev 4441) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-31 07:52:54 UTC (rev 4442) @@ -796,7 +796,7 @@ /* Function 0x44 */ typedef struct { uint16 sid_type; - dom_sid *sid; + dom_sid2 *sid; uint32 sid_index; uint32 unknown; } lsa_TranslatedSid3;
svn commit: samba r4443 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: tridge Date: 2004-12-31 07:53:42 + (Fri, 31 Dec 2004) New Revision: 4443 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4443 Log: test lsa_LookupNames3() even when lsa_LookupSids3() fails Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-31 07:52:54 UTC (rev 4442) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-31 07:53:42 UTC (rev 4443) @@ -309,6 +309,10 @@ return False; } + if (!test_LookupNames3(p, mem_ctx, handle, names)) { + return False; + } + return True; }