Re: [Samba] Urgent help needed for passdb backend
Lonnie wrote: Hello all, I have compiled into RPM's on my Fedora 3 now 3 different versions of Samba (3.0.10, 3.0.14, and 3.0.20) which installs just fine but I am getting errors when trying to start the service. --- [2005/08/17 12:43:32, 0] smbd/server.c:main(802) smbd version 3.0.20rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/17 12:43:32, 0] lib/debug.c:reopen_logs(591) Unable to open new log file /var/log/samba/users/smbd.log: No such file or directory Make sure /var/log/samba and /var/log/samba/users exist [2005/08/17 12:43:32, 0] lib/debug.c:reopen_logs(591) Unable to open new log file /var/log/samba/users/smbd.log: No such file or directory Same here [2005/08/17 12:43:32, 0] passdb/pdb_interface.c:make_pdb_methods_name(756) Plugin is available, but doesn't register passdb backend /usr/lib/samba/pdb/mysql.so Someone familiar with the all the requirements of registering a plugin will have to answer this. [2005/08/17 12:43:32, 1] passdb/pdb_interface.c:make_pdb_context_list(872) Loading /usr/lib/samba/pdb/mysql.so:mysql failed! -- I added the --with-expsam=mysql to the SPEC file for the configuration and it seems to have generated the plugin just fine. Can someone please help me to resolve this problem? or Does anyone have MySQL support compiled into some RPM's that will run on my Fedora 3 that I can get from you? Any help would be greatly appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Creating directories before resource connect
On Thursday 18 August 2005 12:11, Michal Kurowski wrote: Rashid N. Achilov [EMAIL PROTECTED] wrote: When I have fileserver with many users homedirs (but all users from AD through winbind), how can I autocreate /usr/home/blabla, when I have just create user blabla in AD? Samba required existed directory to connect to resource, preexec= starts only after succesful connection. I'd like to automate process - when I have just create user blabla, when it connect first time to their homedir at fileserver, their homedir will autocreate. How can I do it? It's been discussed recently in here. See these threads: http://lists.samba.org/archive/samba/2005-June/106507.html http://lists.samba.org/archive/samba/2005-June/106954.html It shouldn't work and doesn't work. Resource path is (i.e.) /usr/home/blabla. User blabla already exist in domain and can login from any w/s. But path /usr/home/blabla still does NOT exist. And Samba catch an error, when try to connect to this resource cd: can't cd to /usr/home/blabla [2005/08/18 13:07:28, 0] smbd/service.c:make_connection_snum(633) '/usr/home/blabla' does not exist or is not a directory, when connecting to [blabla] root preexec= is a good parameter, it covers a small trouble, but doesn't cover big - I should check domain users through wbinfo -u, parse list and check presence /usr/home/username for each user from domain. It leads to presence a big, big bunch of empty directories in /usr/home and I need to start script or restart Samba each time, when new user will created. Is there any parameters, which setup to autocreate resourse directory, when it missed BEFORE try to connect to it? -- With Best Regards. Rashid N. Achilov (RNA1-RIPE), Web: http://granch.ru/~shelton Granch Ltd. system administrator, e-mail: achilov [at] granch [dot] ru PGP: 83 CD E2 A7 37 4A D5 81 D6 D6 52 BF C9 2F 85 AF 97 BE CB 0A pgpjCeQUsmyit.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-ldap
Do you have any entries showing up in your log.smbd or your ldap error/access logs that look applicable? Tony On 8/17/05 6:32 PM, Scott Mayo [EMAIL PROTECTED] wrote: Well, I am still having problems with my samba server. For some reason, I cannot add all of the users in. I am running a batch useradd program. I can get about 450 or so added in, then it gives me an error that the user does not exist when I go to add the last 60 or so. My batch program actually reads in the users name and then does something like: /opt/IDEALX/sbin/smbldap-useradd -a -u 1000 -G bes,bhs bobbyb then it echos the passwd to /opt/IDEALX/sbin/smbldap-passwd to set the password Here is what I get on output on my last batch: /opt/IDEALX/sbin/smbldap-passwd: user bobbyb doesn't exit It is like it did not do the first line to create the user, so it cannot update the password. I am at a loss, and needed this going today. If I do a 'getent passwd', it only shows me so many users, but they are actually there. I can logon with the others that are not show. If I do an 'id username' of a user that getent does not show, it shows me the information. I remember having a problem similiar to this last year, which ended up being one of my groups had too many members. I guess the line length got too long, so I had to break the group up. I don't know if this is the problem or not. If so, I do not know how to remedy it, since the users are all automatically added into the 'Domain Users' group. Any idea why these users would not show up with the getent, but they are there and what would cause samba to quit accessing -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP suffixes
On Wed, Aug 17, 2005 at 04:35:05PM -0600, John H Terpstra wrote: On Wednesday 17 August 2005 15:57, Geert Stappers wrote: snip/ . ldap suffix [dc=abmas,dc=biz] . ldap group suffix [ou=Groups] . ldap user suffix [ou=People,ou=Users] . ldap machine suffix [ou=Computers,ou=Users] . Idmap suffix [ou=Idmap] That makes this LDAP tree(beard) dc=abmas,dc=bz /|\ / | \ / | \ ou=Groups | ou=Idmap ou=Users / \ / \ / \ ou=Peopleou=Computers That allows a nss_base_passwd ou=Users,dc=abmas,dc=biz?one No, if you want to perform a single search in nss_ldap you need: nss_base_passwd ou=Users,dc=abmas,dc=biz?sub Note: sub not one Okay, noticed Shouldn't /etc/samba/smb.conf contain ldap user suffix = ou=People,ou=Users ldap machine suffix = ou=Computers,ou=Users Correct. or ldap user suffix = ou=Users ldap machine suffix = ou=Users No, that expects all the accounts to be in the ou=Users container. instead of the current ldap machine suffix = ou=People ldap user suffix = ou=People That expects all user and machine accounts in the ou=People container. that is now in Example 5.7. LDAP Based smb.conf File, Server: MASSIVE global Section: Part B at http://us2.samba.org/samba/docs/man/Samba3-ByExample/happy.html ? The example puts both user and machine accounts into the ou=People container. The diagnostic section explains how they CAN be separated. Now I get it, I did see a strange single trail, but it are several trails. ( s/trail/configuration/ ) Cheers, John T. (Jan, de man die niet alles kan). Het was een aangename verrassing om van jou nederlands te lezen. Ik schoot zelfs in de lach. Wat kan een mens toch op het verkeerde been staan. In English: It was a plesant surprise to read Dutch from. It did made my laugh. Man can be tricked by his assumptions. Cheers Geert Stappers signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] After net ads join, kinit fails: Client not found...
On the windows machine, I just set it (again) to what it already was, worked fine after that. Just looking at your krb5.conf file there are a few differences from mine default_tgs_enctypes = des-cbc-crc des-cbc-md5 default_tkt_enctypes = des-cbc-crc des-cbc-md5 I don't have either of those and; [realms] DOMAIN.COM.MX = { kdc = adw2kserver.domain.com.mx kdc = otherADw2kserver.domain.com.mx admin_server = ad2kserver.domain.com.mx default_domain = domain.com.mx } I only have the single kdc and it has :88 (port Im guessing) at the end of the kdc line. I have :749 at the end of admin_server I have redhat es3 here, and I didn't do anything as complicated as you it would seem (don't know if solaris makes a difference or not) Simply, Made sure openldap was installed and kerb. Then I configured my /etc/krb5.conf file to point to the right locatation and ran the kinit [EMAIL PROTECTED] Prompted me for a password (which didn't work 1st time, reseting administrator on the Windows box then sorted it) Its worked for me ever since... Sorry I can't be of more help on this Ross -Original Message- From: P V [mailto:[EMAIL PROTECTED] Sent: 17 August 2005 17:53 To: Ross McInnes; samba@lists.samba.org Subject: RE: [Samba] After net ads join, kinit fails: Client not found... Hi Ross! Excuse my ignorance, but how can I reset the administrators password? --- Ross McInnes [EMAIL PROTECTED] wrote: Hi, I *think* I had this issue. This was during my 1st setup, when I reset the administrators password it worked fine afterwards. Also look on the AD and make sure it actually joined the domain. Cheers Ross -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of P V Sent: 17 August 2005 15:33 To: samba@lists.samba.org Subject: [Samba] After net ads join, kinit fails: Client not found... I'm installing Samba with Security ADS (compiled --with-winbind --with-ads --with-ldap --with-krb5) on Solaris 8, for connect with ActiveDirectory W2K. First, I created in AD Windows an account with the same name that my solaris host and generated the keytab with this: C:\tempktpass princ host/[EMAIL PROTECTED] mapuser mysolarishost -pass ad_user_pwd out file.keytab And add the file to /etc/krb5/krb5.keytab with kerberos/sbin/ktutil I ran kinit host/[EMAIL PROTECTED], and it asked me for a password (ad_usr_pwd) and all right. Then I ran net ads join -U Administrator. It asked for password and sent: Using short domain name -- DOMAINNETBIOS Joined 'MYSOLARISHOST' to realm 'DOMAIN.COM.MX' After this, I ran SMB daemons. In log.smbd I get: [2005/08/16 19:12:48, 0] smbd/server.c:main(802) smbd version 3.0.20rc1 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/16 19:12:48, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password host/[EMAIL PROTECTED] failed: Client not found in Kerberos database If I run kinit host/[EMAIL PROTECTED], I get this message: kinit(v5): Client not found in Kerberos database while getting initial credentials So, the problem is when a run net ads join. After that the authentication with AD W2K is broken. If I delete the computer account in AD W2K, the kinit command works again. Any idea? Here my configuration files: smb.conf: [global] workgroup = DOMAINNETBIOS netbios name = mysolarishost idmap uid = 1-2 idmap gid = 1-2 security = ads realm = DOMAIN.COM.MX password server = adw2kserver.domain.com.mx -- krb5.conf: [libdefaults] ticket_lifetime = 24000 default_realm = DOMAIN.COM.MX default_tgs_enctypes = des-cbc-crc des-cbc-md5 default_tkt_enctypes = des-cbc-crc des-cbc-md5 [realms] DOMAIN.COM.MX = { kdc = adw2kserver.domain.com.mx kdc = otherADw2kserver.domain.com.mx admin_server = ad2kserver.domain.com.mx default_domain = domain.com.mx } [domain_realm] domain.com.mx = DOMAIN.COM.MX .domainnetbios = DOMAIN.COM.MX domainnetbios = DOMAIN.COM.MX --- nsswitch: passwd: files winbind group: files winbind hosts: files wins shadow: files winbind __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] I can't join to domain
Hi Guys, I' testing samba file server now. And I install and config the samba. but I can't access the share folder on the server with win2000 client. I guess the server need to be a domain member server. right? I use net join -U administrator -I dc IP address and I've got an error: [2005/08/18 15:58:19, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot find KDC for requested realm [2005/08/18 15:58:19, 0] utils/net_ads.c:ads_startup(186) ads_connect: Cannot find KDC for requested realm [2005/08/18 15:58:20, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed [2005/08/18 15:58:20, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed [2005/08/18 15:58:20, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) Error domain join verification (reused connection): NT_STATUS_INVALID_COMPUTER_NAME Unable to join domain DOMAINCHINA. Am I miss some thing? thanks abe -- I'm only a noise on the network. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdbedit rebuild for RHEL
On Wed, Aug 17, 2005 at 03:11:28PM -0700, Donald W Watson wrote: Hi, I have a co-worker who has RHELAS4 installed with samba, but the install failed to install pdbedit. I have attempted to build and install pdbedit by itself, but have not successfully covered all the dependencies. Does anyone know a safe way to build/install only pdbedit? Excuus my bluntness, but have you reported the issue in the bugtracking system of RHEL? Thanks in advance. Sincerely,Don Watson Hope This Helps Geert Stappers signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Linux passwd file
On Wed, Aug 17, 2005 at 02:39:08PM -0500, Lonnie wrote: Hello All, I know that Samba can create users and passwords in the smbpasswd file, but is there a way to have Samba use the standard Linux passwd file for the user name and password? Our users will just be connecting to their home directory via samba and I am not sure how to set the configuration to map their home directory and also use the existing Linux authentication from the passwd file. Can anyone please explain to me what needs to be done or where I can read more on this? I assume that you have access to http://us4.samba.org/samba/docs/ If not, then I offer my help for you to find a http-to-E-mail gateway. Cheers Geert Stappers signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] broadcast announce server
Hi, I'm using a samba server for my network and got this weird effect that when browsing network neighborhood , the server sometimes shows up then later doesn't and later shows up again ... Note that the server is still up and working even when it doesn't show up ! Am I missing a setting in smb.conf ? -- Erik * Life is wonderful with Emacs and Perl * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] error with rd /s in windows 2000 shell
Jeremy Allison a écrit : On Wed, Aug 17, 2005 at 06:12:48PM +0200, Thomas Sondag wrote: So I build a freshly svn checkout of the SAMBA_3_0_RELEASE tree with the /debian directory package source files of the current (sarge / 3.0.14a-3) version (with lot of hunk problems with the debian patch) That doesn't solve the problem. This a reproductible bug, I try it with different win2000 stations and sarge/samba servers. I'll try to rebuild the samba debian package without the debian patch, but I'm not sure to have the time to do it before this week end. If you're not building with the source we ship then we can't predict what the problems will be. Why does Debian have a set of specific patches ? If they work, they should be in the main tree. If they don't, they shouldn't be in the build at all. Jeremy. Ok I re-build all with a basic autogen, configure, make. --prefix=/usr --sysconfdir=/etc --libdir=/etc/samba --with-privatedir=/etc/samba --with-piddir=/var/run/samba --localstatedir=/var --with-ldap But it still not working :( no special files in my test dir (just empty text files) the end of the log file with the error : /usr/sbin/smbd -i -S -d 4 [] Transaction 476 of length 76 switch message SMBtrans2 (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1035 call_trans2qfilepathinfo test/Copie (91) de test.txt (fnum = 9829) level=1035 call=7 total_data=0 Transaction 477 of length 81 switch message SMBtrans2 (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user call_trans2setfilepathinfo(8) test/Copie (91) de test.txt (fnum 9829) info_level=1013 totdata=1 Transaction 478 of length 45 switch message SMBclose (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user close fd=-1 fnum=9829 (numopen=2) thomas.sondag closed file test/Copie (91) de test.txt (numopen=1) Transaction 479 of length 130 switch message SMBtrans2 (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user call_trans2findnext: dirhandle = 256, max_data_bytes = 16384, maxentries = 1366, close_after_request=0, close_if_end = 2 requires_resume_key = 4 resume_key = 0 resume name = Copie (91) de test.txt continue=0 level = 260 fetching dirptr 256 for path test dptr_num is 256, mask = *, attr = 16, dirptr=(0x8335CE0,1604867840) closing dptr key 256 SMBtrans2 mask=* directory=test dirtype=22 numentries=0 Transaction 480 of length 90 switch message SMBtrans2 (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 call_trans2qfilepathinfo test (fnum = -1) level=1004 call=5 total_data=0 Transaction 481 of length 90 switch message SMBtrans2 (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1035 call_trans2qfilepathinfo test (fnum = -1) level=1035 call=5 total_data=0 Transaction 482 of length 52 switch message SMBrmdir (pid 10013) conn 0x8401bb0 change_to_user: Skipping user change - already user fetch sid from uid cache 1037 - S-1-5-21-3777391135-2178167557-3978351487-3074 fetch sid from gid cache 100 - S-1-5-21-3777391135-2178167557-3978351487-1201 se_access_check: user sid is S-1-5-21-3777391135-2178167557-3978351487-3074 se_access_check: also S-1-5-21-3777391135-2178167557-3978351487-1201 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 rmdir_internals: couldn't remove directory test : Fonction non implantée unix_error_packet: error string = Fonction non implantée error packet at smbd/trans2.c(2593) cmd=1 (SMBrmdir) NT_STATUS_OBJECT_PATH_NOT_FOUND My smb.conf : [global] ## Browsing/Identification ### workgroup = cnerta-interne netbios name = linux-thomas server string = %h server (Samba %v) wins support = no dns proxy = no Debugging/Accounting log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d ### Authentication ### security = share encrypt passwords = true guest account = nobody invalid users = root dos charset = CP850 domain master = no domain logons = no local master = no [homes] comment = Mon répertoire personnel browseable = no writable = yes create mask = 0640 directory mask = 0750 hide unreadable = yes Does something's else could help ? Thomas. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Beginners help
Hello folks, Today I have picked up samba again after years of neglection :) I want to be able to integrate our linux boxes in out windows domain. There are 2 reasons for this. The first reason is backup purposes. I want to be able to access some directories on my unix boxes to copy/backup files to my windows boxes. Until now, the linux boxes gzipped and ftp'd the zip files to the windows boxes, but the data on the linux boxes is becoming too much to use this method. The method makes incremental backups impossible, too. Thus I want to be able to access my linux harddisks from a windows (xp) pc in our domain. Only 1 user account should be able to access the linux boxes. Can someone advise on the easiest way to do this ? Is it necessary that I make my linux boxes a domain member server (security = DOMAIN) ? Do I have to use winbindd ? The second reason why I want to use samba for is not important, because I will be using the linux boxes as a client and smbmount will dot he trick. If someone would be so kind to advise me on the question, I'd greatly appreciate this. Thanks a lot, Pieterjan ICT Coördintor KSGWL - Scheppersinstituut Scheppersinstituut Wetteren Cooppallaan 128 9230 Wetteren Tel: 09 3692072 Fax: 09 3661348 mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question on BDC secrets.tdb file
Hi, I am having problems getting winbind on a BDC to work in a Samba3 /LDAP Enviornment and have one straightforward question. Should the secrets.tdb file on the BDC contain an entry with the name of the BDC , e.g. where BACKUP is the name of the BDC ?. { key = SECRETS/SID/BACKUP data = \01\04\00\00\00\00\00\05\15\00\00\00\CE/\8B\B05\AF\A5\D4h\C0\DB\04\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00 } All my other domain member servers contain an entry similar to this, but not the BDC. This is why i think winbind is failing. Thanks, -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. P : ++353 93 23151 F : ++353 93 23110 E : mailto:[EMAIL PROTECTED] W : http://www.cel-europe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] roaming profile
Yes, it was maybe a sync trouble. But after some trying i realized it was not a good way for two reasons: At the end windows xp tried to sync the folders loosing as much time as with the usual roaming profile; Disabling the sync i used to loose something anyway. So now i'm looking up a new solution: activated the 'use only local profile' in the gpedit.msc config tool, so the client doesn't even think to have to deal whith something roaming. disabled offline file setting so if there's no connection i just don't see anything ( a bit rude but looks clean and straight) mapped the documents and the other profile folders to the X: (logon drive) network volume. Now waiting for mor disasters. Any experience in 1gb profile user, and network profiles would be appreciated. thanks L.Cerini -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Adding a windows user to unix group?
Hi All, Running version 3.0.14a on freebsd 5.4. configured as a member server of a 2k domain. the directory i need access to is for public websites /usr/local/www/sites and permissions are drwxr-xr-x www www. A single share is configured as below: # FTP share [ftp_share] comment = FTP Share path = /usr/local/www/sites valid users = domain\user browseable = no read only = no writable = yes printable = no public = no write list = domain\user This share is to allow ftp access from a central ftp server which serves several webservers (all windows until now) via a mysql database and UNC paths. I can access the folder but have no permissions in it. I believe i need to add the windows user account the the unix www group but have no idea how to do it. This is my first experience of samba and all went really well...this is the last thing to sort! Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] force groups and file deletion on 3.0.14a
Gerald (Jerry) Carter wrote: WinXP sp2 introduced uses an alternative method for deleting files and directories. This has caused us no end of pain. I think things are ok in the current 3.0 tree now. Have you got time to run a quick check of the SAMBA_3_0_RELEASE tree for me? We're getting ready for 3.0.20. That fixed it. Thanks! Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP suffixes
On Thursday 18 August 2005 01:18, Geert Stappers wrote: Het was een aangename verrassing om van jou nederlands te lezen. Ik schoot zelfs in de lach. Wat kan een mens toch op het verkeerde been staan. Ik ben een Nederlander die voor meer dan 45 jaar al het land uit is. Mijn Nederlands is tog wel gebruikbaar, maar dan ook niet te wel underhouden. Omdat ik Engels speekt als een Engelsman word ik aangenomen als een Engelsman, maar in het haart van maijn haart blijf ik een Nederlander. Het is het land van mijn voorvaders. In English: It was a plesant surprise to read Dutch from. It did made my laugh. Man can be tricked by his assumptions. Ik neem het je niet kwaalijk hor. :-) Ik zou denken dat jou Engels beeter zou zijn dan mijn Nederlands. Tot weerder hooren. Dag. - Jan -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] users connection config question
Hello all, Currently, I am able to have my users connect from their Windows machines like: \\172.16.0.1\lonnie how can I adjust my configuration so that the could connect and even browse to the computer like: \\computername\lonnie -- Thanks, Lonnie Cumberland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.20rc2 infinite dir loop
We have Win98 DOS (4.11.) clients that exhibit behaviors thought to have been corrected. They are running the MS-CLIENT redirector. 3.0.11 will do a directory listing correctly and show all entries in upper case. 3.0.14a gets stuck in a dir loop with the client and displays non-mangled names in lower case. 3.0.20rc2 gets stuck in a dir loop with the client and displays all entries in upper case. I have log level 10 from both 3.0.11 and 3.0.20rc2. I can't see the error in protocol, I'm not that versed in the error and I know you want to release. I can send the log off-list, who would like it? :-) We are also tracking another issue w.r.t. Ghost creating 8.3 names that are all upper case regardless of state of 'short preserve case' and 'default case'. Cheers, Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] users connection config question
On Thu, Aug 18, 2005 at 08:27:51AM -0500, Lonnie wrote: Hello all, Currently, I am able to have my users connect from their Windows machines like: \\172.16.0.1\lonnie how can I adjust my configuration so that the could connect and even browse to the computer like: \\computername\lonnie The magic words you are looking for are name resolving DNS and mayby WINS RTfantasicM signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles 'problem'
Folks, any suggestion? Felipe. - Mensagem de [EMAIL PROTECTED] - Data: Wed, 17 Aug 2005 15:30:21 -0300 De: [EMAIL PROTECTED] Endereço para Resposta (Reply-To): [EMAIL PROTECTED] Assunto: [Samba] Profiles 'problem' Para: samba@lists.samba.org Hello, I use samba-3.0.14a_1,1 on FreeBSD 5.4-STABLE. Everything is running perfectly. Today, the profile of my users are stored on the file server. For example: John logon on the Windows 2000 Professional workstation called machine01. It's the first logon of John on this machine, but him already have a profile stored on the file server. When John logon to machine01, the profile of John are downloaded from file server to machine01. Desktop, My Documents, Documents and Settings and all other stuff of John are now in machine01, and John can access all him stuffs on machine01. That's the problem. I don't want John download (and upload to the file server too) all him stuff, only the following directories: a) c:\documents and settings\john\application data\mozilla; b) c:\documents and settings\john\application data\thunderbird; Does anybody knows how to do it? Here, my smb.conf: su-2.05b# cat /usr/local/etc/smb.conf [global] netbios name = FILESERVER workgroup = MYDOMAIN server string = My FILESERVER passdb backend = smbpasswd os level = 255 preferred master = yes domain master = yes local master = yes security = user domain logons = yes logon path = \\%N\profiles\%U logon drive = H: logon home = \\homeserver\%U\winprofile admin users = neuwald time server = yes logon script = %u.bat add machine script = /usr/sbin/pw useradd -g machines -s /usr/bin/false -d /dev/null -n %u display charset = iso8859-1 log level = 20 [netlogon] path = /data/NETLOGON writable = no browseable = no [profiles] path = /data/PROFILES browseable = no writable = yes create mask = 0600 directory mask = 0700 [homes] read only = no browseable = no guest ok = no map archive = yes [all] comment = All writable = yes path = /data/SHARE/geral create mode = 0666 force create mode = 0666 directory mode = 0777 force directory mode = 0777 [group1] comment = Group 1 writable = yes valid users = @group1 path = /data/SHARE/group1 create mode = 0660 force create mode = 0660 directory mode = 0770 force directory mode = 0770 Thank you, Felipe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Final da mensagem de [EMAIL PROTECTED] - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error joining domain
Hi, I have run a Linux machine as a windows domain client for a while. One time the windows 2000 domain server went down while the linux box kept running. Since then I am unable to login using winbind. I tried re-adding the linux machine without any success, I constantly get errors like this: #net join -U administrator administrator's password: [2005/08/18 16:48:52, 0] libads/kerberos.c:ads_kinit_password(147) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot contact any KDC for requested realm [2005/08/18 16:48:52, 0] utils/net_ads.c:ads_startup(186) ads_connect: Cannot contact any KDC for requested realm Joined domain MYDOMAIN. The command runs without any progress for a minute or so and then gives the error message. Yet logging it still does not work. If I do #net rpc join -U administrator I instantly get 'Joined domain MYDOMAIN.' but it still does not work. I have put the domain controller in /etc/hosts and can ping it without problems. smbclient -L //mycontroller also runs fine after authenticating. Anyone knows what might be causing this problem? Regards, Leen Toelen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.20rc2 infinite dir loop
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 William Jojo wrote: | | | We have Win98 DOS (4.11.) clients that exhibit | behaviors thought to have been corrected. They are | running the MS-CLIENT redirector. | | 3.0.11 will do a directory listing correctly and show all | entries in upper case. | | 3.0.14a gets stuck in a dir loop with the client | and displays non-mangled names in lower case. | | 3.0.20rc2 gets stuck in a dir loop with the client | and displays all entries in upper case. Different bugs actually. The theory about 3.0.20rc2 is that is has to do with the 64 bit resume keys from telldir(). Jeremy will want the level 10 smbd log from 3.0.20rc2. | We are also tracking another issue w.r.t. Ghost | creating 8.3 names that are all upper case regardless | of state of 'short preserve case' and 'default case'. This is news to me. Hmmyou're right. I've got the same thing. Thanks for the heads up. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDBKMyIR7qMdg1EfYRAqLxAKDlYfAW9r3De1Zp9cXd4bCdaen1zwCeJMYq v7slAt7VjV+S117BqRszf+o= =h0OA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.20rc2 infinite dir loop
William Jojo wrote: We have Win98 DOS (4.11.) clients that exhibit behaviors thought to have been corrected. They are running the MS-CLIENT redirector. 3.0.11 will do a directory listing correctly and show all entries in upper case. 3.0.14a gets stuck in a dir loop with the client and displays non-mangled names in lower case. 3.0.20rc2 gets stuck in a dir loop with the client and displays all entries in upper case. I have log level 10 from both 3.0.11 and 3.0.20rc2. I can't see the error in protocol, I'm not that versed in the error and I know you want to release. I can send the log off-list, who would like it? :-) We are also tracking another issue w.r.t. Ghost creating 8.3 names that are all upper case regardless of state of 'short preserve case' and 'default case'. Cheers, Bill Hi, This is exactly the same problem that I am having. Search the mail list for a subject of: BUG: samba-3.0.14a samba-3.0.20pre2 endless loop AIX 5.3 (jfs2) Win98 Just yesterday I was communicating with Jeremy Gerald. Last night I opened a Bugzilla for this per their directions. Maybe you can attach your stuff to my Bugzilla entry # 3010. https://bugzilla.samba.org/ Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Error joining domain
Hi, when I did net ads join -U administrator -I *.*.*.* I got the same error but after that wbinfo -u showed all users and loggin in works. However, browsing to the linux box from another machine I keep getting the password dialog. In the logs I get; [2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain BUILTIN S-1-5-32 [2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain BIOINF S-1-5-21-51082066-3239425611-1963012567 [2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642) NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned NT_STATUS_ACCESS_DENIED (PAM: 4) [2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642) NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned NT_STATUS_ACCESS_DENIED (PAM: 4) [2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642) Anyone an idea? Regards, Leen Toelen On 8/18/05, Leen Toelen [EMAIL PROTECTED] wrote: Hi, I have run a Linux machine as a windows domain client for a while. One time the windows 2000 domain server went down while the linux box kept running. Since then I am unable to login using winbind. I tried re-adding the linux machine without any success, I constantly get errors like this: #net join -U administrator administrator's password: [2005/08/18 16:48:52, 0] libads/kerberos.c:ads_kinit_password(147) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot contact any KDC for requested realm [2005/08/18 16:48:52, 0] utils/net_ads.c:ads_startup(186) ads_connect: Cannot contact any KDC for requested realm Joined domain MYDOMAIN. The command runs without any progress for a minute or so and then gives the error message. Yet logging it still does not work. If I do #net rpc join -U administrator I instantly get 'Joined domain MYDOMAIN.' but it still does not work. I have put the domain controller in /etc/hosts and can ping it without problems. smbclient -L //mycontroller also runs fine after authenticating. Anyone knows what might be causing this problem? Regards, Leen Toelen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SRVTOOLS issues
Hello, I use Samba 3.0.14a acting as simple PDC (using tdbsam), ext3 acls and kernel 2.6.5. All work fine What is the correct configuration to obtain a maximum compatiblity with USRMGR ? : add user script = /usr/sbin/useradd -s /bin/false -d /dev/null %u add group script = /usr/sbin/groupadd %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g machines %u delete user script = /usr/sbin/userdel %u delete group script = /usr/sbin/groupdel %g delete user from group script = /usr/sbin/deluser %u %g with groupmaps : System Operators (S-1-5-32-549) - -1 Domain Admins (S-1-5-21-1234032427-2839496750-1210694437-512) - admins Secretariat (S-1-5-21-1234032427-2839496750-1210694437-5003) - secretariat Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Guests (S-1-5-21-1234032427-2839496750-1210694437-514) - nobody Finances (S-1-5-21-1234032427-2839496750-1210694437-3007) - finances Power Users (S-1-5-32-547) - -1 Domain Users (S-1-5-21-1234032427-2839496750-1210694437-513) - users Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - admins Stagiaires (S-1-5-21-1234032427-2839496750-1210694437-3009) - stagiaires Account Operators (S-1-5-32-548) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - users Domain Computers (S-1-5-21-1234032427-2839496750-1210694437-3011) - machines Technique (S-1-5-21-1234032427-2839496750-1210694437-3005) - technique The problem is that doing operations on groups (changing primary group of a user, adding a user to a group, etc...) lead error messages and strange behaviour. For example, user joe is initially created with primary group Domain Users When I add another group technique and set it to its primary group, It works (set in tdbsam but not in /etc/group /etc/passwd) but when trying to deleted joe from Domain Users, access is refused... Thx for help (not man or samba howto plz, I've already red them) Max -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Use of netgroups and LDAP in Samba
Hello, I'm in the process of migrating from Samba 2.2.8a to 3.0.14a and also changing from NIS to LDAP. I've installed and populated SUN's Directory Server v5.2 and added the required schema extensions and imported some accounts for testing with Samba. Previously I used a NIS netgroup in the hosts allow clause, of the form @hosts_smb and this worked when the samba server system was still using NIS as its directory. Now that I've converted the samba server to use LDAP as its directory, samba will no longer find hosts in the netgroup. I've inserted the netgroup information into LDAP and the log information seems to indicate that it is looking there: [2005/08/18 17:31:21, 3] lib/access.c:only_ipaddrs_in_list(291) only_ipaddrs_in_list: list has non-ip address (@hosts_smb) [2005/08/18 17:31:21, 3] lib/access.c:check_access(316) check_access: hostnames in host allow/deny list. [2005/08/18 17:31:21, 5] lib/access.c:string_match(100) looking for 128.40.40.89 of domain ee.ucl.ac.uk in netgroup hosts_smb gave No [2005/08/18 17:31:21, 5] lib/access.c:string_match(100) looking for getafix.ee.ucl.ac.uk of domain ee.ucl.ac.uk in netgroup hosts_smb gave No Does samba look up the netgroup information in LDAP or do I have to use a list in the host allow clause? -- Tom. Tom Crummey, Systems and Network Manager, EMAIL: [EMAIL PROTECTED] Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with group memberships in AD
I have a Samba box joined to a Windows 2003 AD. I have noticed a strange problem with adding users to groups. I added user 'shw' to the group 'project1' on the AD. When the user logs in the the Samba box, he does not have the permissions of someone in the 'project1' group. When I run 'id shw', group 'project1' shows up. However when I run 'id' as shw2, group 'project1' does not show up. For example: # getent group project1 project1:x:15026:svend,shw # su - shw -c id shw uid=15013(shw) gid=15000(domain users) groups=15000(domain users),15026(project1) # su - shw -c id uid=15013(shw) gid=15000(domain users) groups=15000(domain users) # wbinfo -r shw 15000 15026 I have restarted the winbindd daemon several times. Has anyone seen this behavior before? Any know fixes? Details: Samba 3.0.14a on Slackware 10.0 /etc/samba/smb.conf [global] workgroup = SOLARSYSTEM netbiosname = earth realm = solarsystem.us security = ads password server = sun.solarsystem.us idmap uid = 15000-2 idmap gid = 15000-2 winbind user default domain = yes template shell = /bin/bash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] I can't join to domain
Does $ host -t srv _kerberos._tcp.china.medifacts.com resolve to the domain controller? AD needs SRV records for the kerberos server for the domain. On 8/18/05, abe.li [EMAIL PROTECTED] wrote: Hi Guys, I' testing samba file server now. And I install and config the samba. but I can't access the share folder on the server with win2000 client. I guess the server need to be a domain member server. right? I use net join -U administrator -I dc IP address and I've got an error: [2005/08/18 15:58:19, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot find KDC for requested realm [2005/08/18 15:58:19, 0] utils/net_ads.c:ads_startup(186) ads_connect: Cannot find KDC for requested realm [2005/08/18 15:58:20, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed [2005/08/18 15:58:20, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed [2005/08/18 15:58:20, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) Error domain join verification (reused connection): NT_STATUS_INVALID_COMPUTER_NAME Unable to join domain DOMAINCHINA. Am I miss some thing? thanks abe -- I'm only a noise on the network. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind problems
Hello, Does anyone know if there are issues using winbind 3.0.14a to communicate with a 2.2.3a samba build? I've setup winbind using all the documentation on the site but all I get are the following results: # wbinfo -u Error looking up domain users # wbinfo -g BUILTIN+system operators BUILTIN+replicators BUILTIN+guests BUILTIN+power users BUILTIN+print operators BUILTIN+administrators BUILTIN+account operators BUILTIN+backup operators BUILTIN+users # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_PIPE_NOT_AVAILABLE (0xc0ac) Could not check secret 'wbinfo -m' lists the BUILTIN domain and the local machine domain but not the domain the machine is a member of, I've checked the domain membership using 'net rpc testjoin' which reports everything is ok and I can enumerate the user list using the 'enumdomusers' command connecting with rpcclient and using the same user/password as winbind is configured with. smb.conf: # Global parameters [global] workgroup = X server string = %h server (Samba) security = DOMAIN obey pam restrictions = Yes password server = xx syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = host wins dns preferred master = No local master = No domain master = No dns proxy = No panic action = /usr/share/samba/panic-action %d idmap uid = 1-2 idmap gid = 1-2 winbind separator = + winbind use default domain = Yes invalid users = root Getting that head + brickwall = pain feeling, any help anyone can give would be appreciated. Cheers, -- Martin Clapson -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem executing windows application in samba
Hi, I've come across a rather strange problem while trying to execute a windows application in samba. I'm running Samba Version 3.0.10-Ubuntu on Linux Ubuntu, kernel 2.6.10-5-386, my full smb.conf is at the end of this message. We have AIMS v3.0.0.3, a database application which accesses data in .mdb files and we've stuck it on a samba share called AIMS. The problem is, when I execute //servername/AIMS/AIMS.exe from a windows2000 client connected to the network, it gives me an application error (cannot access memory address, or similar). However, if I log in as root on the server and change the owner of all the files in the AIMS folder to the user who's logging in to the samba share and trying to execute it, it runs fine. This happens even though samba checks users according to what group they're in and all users are in the staff group. [AIMS] comment = AIMS files path = /home/AIMS readonly = no public = yes browseable = yes valid users = @staff write list = @staff create mask = 775 force create mode = 775 So, I would log in with the user 'cherry' and it'd crash if the owner of the files wasn't cherry. This is no good, because there are many users on the network who need to execute the application (BTW, it CAN be run by multiple users on a share, we've done it in windows and on an old samba server). I pinpointed which files needed to be owned by the user logged in to the samba share for it not to crash, and it's not the whole folder /home/AIMS, but just the /home/AIMS/Temp folder. drwxrwxrwx 1 cherry staff 8 2005-08-01 11:45 Temp So, what I did is move Temp to Temp.old and create a link to Temp. lrwxrwxrwx 1 cherry staff 8 2005-08-01 11:45 Temp - Temp.old drwxr-xr-x 2 cherry staff4096 2005-08-18 09:27 Temp.old Which made things very erratic, some of the users would try and execute AIMS.exe and it'd crash maybe 1/5th of the times and then crash while they're using aims to enter data into it's database. So I added to smb.conf: [AIMS] ... valid users = @staff cherry write list = @staff cherry ... force user = cherry Which has made almost all users able to run it without it crashing, however, there appears to be some data inconsistencies. I can only imagine that the data inconsistencies are happening because of this ridiculous solution I've come up with by replacing the Temp/ folder with a link to it. Are there any known issues with access to temp folders and file ownership permissions being needed by windows in order to execute a program properly? Any suggestions appreciated, Alexander H Deriziotis communitytechnology.org.uk -- #=== Global Settings === [global] netbios name = BACSAMBA domain logons = yes veto oplock files = /*.mdb/ logon script = baclogon.bat ## Browsing/Identification ### # Change this to the workgroup/NT-domain name your Samba server will part of workgroup = BAC # server string is the equivalent of the NT Description field server string = Brixton Advice SAMBA Server # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable its WINS Server wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # This will prevent nmbd to search for NetBIOS names through DNS. dns proxy = no # What naming service and in what order should we use to resolve host names # to IP addresses ; name resolve order = lmhosts host wins bcast Debugging/Accounting # This tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 1000 # If you want Samba to only log through syslog then set the following # parameter to 'yes'. ; syslog only = no # We want Samba to log a minimum amount of information to syslog. Everything # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log # through syslog you should set the following parameter to something higher. syslog = 0 # Do something sensible when Samba crashes: mail the admin a backtrace panic action = /usr/share/samba/panic-action %d ### Authentication ### # security = user is always a good idea. This will require a Unix account # in this server for every user accessing the server. See # /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc # package for details. ; security = user # You may wish to use password encryption. See the section on # 'encrypt passwords' in the smb.conf(5) manpage before enabling. encrypt passwords = true # If you are using encrypted passwords, Samba will need to know what # password database type you are using. ;
Re: [Samba] %g variable not working
On 8/17/05, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Saravanan wrote: Hi, I am trying to assign policies for groups. I am using the following netlogon configuration. [netlogon] path = /usr/local/samba/lib/%g/netlogon browseable = No it works fine with [netlogon] path = /usr/local/samba/lib/%u/netlogon browseable = No I can't reproduce this against the current SAMBA_3_0 code. %g works fine. Perhaps the client is caching a connection to the [netlogon] share. I'm seeing similar things also, with stock debian sarge. Samba is an AD member via winbind. It is also the master browser on the network. I am trying to run a script to create per machine user profiles (for sites where client machines are non-homogenous). The paths created would be something like /home/DOMAIN/netbios-name/user-name. I've been tinkering on it for a little while now, but not getting anywhere, although at times I will get blank variables passed in, iirc depending upon what samba variables I use. I pass several variables to the script from samba. --- start script --- #!/bin/sh # create user home directories upon first connection to service # $1 == DOMAIN %D # $2 == username (%U or %u) # $3 == primary group (%G or %g) # $4 == netbios computer name (%m) # $5 == dns computer name (%M) # $6 == client ip address (%I) PATH=/bin:/usr/bin:/sbin:/usr/sbin LOGFILE=/tmp/mksmbdir.txt SAMBASCRIPTSDIR=/etc/samba/scripts REVDNSLOOKUPCMD=$SAMBASCRIPTSDIR/dnsrevlookup.py $6 DEBUG=1 HRT=/home HRTDOM=$HRT/$1 HRTDOMCMP=$HRTDOM/`$REVDNSLOOKUPCMD` HRTDOMCMPUSR=$HRTDOMCMP/$2 if [ $DEBUG == 1 ]; then echo path: $PATH $LOGFILE echo logfile: $LOGFILE $LOGFILE echo DOMAIN: $1 $LOGFILE echo USER: $2 $LOGFILE echo PRIMARY GROUP: $3 $LOGFILE echo CLIENT NETBIOS NAME: $4 $LOGFILE echo CLIENT DNS NAME: $5 $LOGFILE echo CLIENT IP ADDRESS: $6 $LOGFILE echo hrt: $HRT $LOGFILE echo hrtdom: $HRTDOM $LOGFILE echo hrtdomcmp: $HRTDOMCMP $LOGFILE echo hrtdomcmpusr: $HRTDOMCMPUSR $LOGFILE fi [ mkdir stuff down here ... ] --- end script --- This script is called via: [homes] comment = %U's Home Directory path = /home/%D/%M/%U valid users = %D+%S read only = No browseable = No root preexec = /etc/samba/scripts/mk_sambadir %D %U %G %m %M %I I even tried using a reverse lookup script for the hostname, but that only gets the proper directory path created, one that Samba is unaware of. Here's the debug output from the script when a new user logs into a machine, using a domain account for the first time: --- start debug output --- path: /bin:/usr/bin:/sbin:/usr/sbin logfile: /tmp/mksmbdir.txt DOMAIN: SYSGEN USER: ndain PRIMARY GROUP: administrators CLIENT NETBIOS NAME: 192.168.1.103 CLIENT DNS NAME: 192.168.1.103 CLIENT IP ADDRESS: 192.168.1.103 hrt: /home hrtdom: /home/SYSGEN hrtdomcmp: /home/SYSGEN/cyclops.sysgen hrtdomcmpusr: /home/SYSGEN/cyclops.sysgen/ndain --- end debug output --- -- Noah Dain [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Auth: NETLOGON vs. lsarpc
All, So, I have a OS X Server 10.3.9 box running Samba 3.0.10. File sharing is fast and cannot as for much more in the department. Only slow thing: authentication. We are using the OS X box as the PDC, and running authentication of all workstations against the PDC. This works good, but takes 15-30 seconds to take place, which is not great. I did a debug level 3 of the samba file server, and took a peek at the log after trying to log in a user. Now know I am no expert with Samba authentication, but this is how I think things are going down: Essentially, there are 2 logon attempts. The first fails (although it does not report so), waits for about 20 seconds, then the second one succeeds. Timing wise, the first one fails within a second, and the second one works with in a second... there is just a stack wait function that makes the user wait for something like 20 seconds. SO... at a log level 3 debug, I poured through it and found that both authentication methods first identify the user as unknown as specified in the smb.conf file, probably because user credientials haven't been validated yet. Next it identifies the computer by way of the SID. Both authentication methods get this far. Now, this is the code where something is different between the successful authentication and the unsuccessful one: - Unsuccessful: nt_open_pipe: Known pipe NETLOGON opening. - Successful: nt_open_pipe: Known pipe lsarpc opening. From this point, the NETLOGON one essentially does some pushing and poping, frees the pipe, tries api_rpcTNP: RPC command: NET_AUTH2, the a few lines later does: setting_sec_ctx(0,0) - sec_ctx_stack_ndx = 1 then 20 seconds later pop_sec_ctx(99,99) - sec_ctx_stack_ndx = 0 Now, it redoes everything it had done before (authentcating as guest and checking the SID). Now it says the open_pipe: Known pipe lsarpc opening., does the exact same stuff as the NETLOGON method until the line: api_rpcTNP: RPC command: LSA_OPENPOLICY2 Then it goes on to authenticate the user within a second. So, moral of the story: it looks like it is using some NETLOGON method, then is using LDAP and the LSA_OPENPOLICY2 associated with 'lsarpc'. My question: how do i skip the NETLOGON method and/or change the order of authentication here? This would undoubldy fix the problem and authentication would only take 1 second. I would like to believe this is something in the opendirectorysam auth method, not really in Samba. But, I am not sure. Any ideas or suggestions would be greatly greatly appreciated. Thank you and have a great day! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profiles 'problem'
[EMAIL PROTECTED] wrote: I don't want John download (and upload to the file server too) all him stuff, only the following directories: a) c:\documents and settings\john\application data\mozilla; b) c:\documents and settings\john\application data\thunderbird; Does anybody knows how to do it? Roaming profiles is an all/nothing proposition. However, you can do several things to consider: 1. Using Group Policy, one can Redirect certain folders to a network share. One of the Redirectable folders is Application Data 2. You can specify portions of a profile to omit for roaming (and their contents (may) get lost on logout) -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Move Samba to another server
Hello all, I am intending to install a new server and migrate all my data to it (the server was severely underpowered and the O/S needed to be upgraded anyway). Now, I need to move the user database and Samba Server. I can easily move the data and (kinda) re-create the users, but I don't know what data needs to be migrated to the new server? It would be nice to migrate things like Profiles, et al. Would it be better to create a new domain or should I build the new server next to the old one. Any thoughts would be appreciated. Kit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Users Domain Authentication doesn´t wor k
Hi, I´m using DEBIAN Sarge, LDAP 2.2.23-8, SAMBA 3.0.14a-3, LIBPAM-LDAP 178-1 and LIBNSS-LDAP 238-1 I´m trying to use SAMBA with LDAP and I misleading my self with the authentication configuration files. I´m using IDEALX scripts template. I can add an account machine in LDAP through SAMBA, but I can´t authenticate and add users to my domain through SAMBA. My LDAP files seems to be ok because if I get straight access to LDAP base I can do whatever I want. My SAMBA SERVER created a SAMBA domain into LDAP base by Its own. I think he has a connection with LDAP but a partial one. I´m putting some errors messages that I found to my self. Server# smbclient -L //10.1.1.1 Connection to 10.1.1.1 failed Server# net getlocalsid [2005/08/18 17:15:03, 0] lib/smbldap.c:smbldap_search_domain_info(1413) Adding domain info for CULTURA failed with NT_STATUS_UNSUCCESSFUL SID for domain SERVER is: S-1-5-21-969076039-2928544937-2279580746 I have two users inside my LDAP created by smbldap-populate, but when I use getent command (passwd), It don´t show me this users. I have no much experience with SAMBA, If somebody could help me break through this. Since now, thank you. Sergio Ferreira -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Access to shares from a machine with no trust account
Hi folks I don't understand why it is possible to access a share on the samba server from a pc that hasn't a Trust Account on the samba server. All i do is to log in on the pc with a local login account (not in the domain). Then i can access the shares in the following way on the server: \\server\MyShare pc asks for username/password -- i login with a valid combination -- i get access to shares security level is set to user (not to shares!) Can anybody explain what's going on here? Thanks. Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] %g variable not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Noah Dain wrote: | [homes] | comment = %U's Home Directory | path = /home/%D/%M/%U %M is the client's hostname. You need to set 'hostname lookups = yes' for this to work. | valid users = %D+%S | read only = No | browseable = No | root preexec = /etc/samba/scripts/mk_sambadir %D %U %G %m %M %I | | I even tried using a reverse lookup script for | the hostname, but that only gets the proper directory | path created, one that Samba is unaware of. For the client netbios name, you probably need to set 'smb ports = 139' cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDBPtWIR7qMdg1EfYRAjrTAJ9kD86pVeSk9gma8s555SfI5aeytACfbqR5 NF69jHkC3Df1AT64mWWp0OE= =h9C9 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Hide printers share?
I'm sure there is a simple solution to this one... how do I make the printers share go away? I have no printers, and no [printers] section. I tried adding one, and making it browseable=no, but it still appears. This is on v 3.0.11 and 3.0.14a -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Shawn Wright, I.T. Manager Shawnigan Lake School http://www.sls.bc.ca [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pdbedit makefile or php interface to passdb?
Hello All, Does someone have a makefile just so that I can build the pdbedit.c utility? or perhaps someone has some php code that will add users/passwords to the MySQL Samba user table? The problem is that although I can add information to the database table, I do not know the proper way to encode passwords for the lm_pw and nt_pw fields in the database and there does not seem to be any documentation on this in the Samba docs. I hope that someone can help -- Thanks, Lonnie -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pdbedit frustrations
Hello All, I have been trying very hard to get a handle on the pdbedit application but it appears that when I try to create a new user, that it does not add in the username and nt_username fields although it will add in stuff like the home_dir, fullname, and even generate the nt_pw and lm_pw from the command line entries. I was testing with: pdbedit -u lonnie -f lonnie cumberland -h /home/lonnie -a Does anyone know what is happening here and why it will not create a new user? -- Cheers, Lonnie Cumberland OutStep Technologies Incorporated -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Account Manager 0.5.rc2 released
LDAP Account Manager (LAM) 0.5.rc2 - August 18th, 2005 == A web frontend for managing accounts stored in an OpenLDAP directory. Announcement: - This is the second release candidate of LAM 0.5. Blowfish encryption is no longer included in LAM because it caused trouble and bad performance on many PHP installations. MCrypt is still supported. Please test this release and report any bugs to our bug tracker. The more bugs you find the sooner we can release a stable version. This is no stable release, do not use it in productive environments. Thanks for your support. Features: - * new modular architecture - possibility to create Unix-only accounts - plugins for more object classes planned - enhanced PDF output - enhanced file upload - enhanced editor for account profiles - dynamic configuration options (based on modules) * all pages in UTF-8 * added developer documentation * PHPDoc formated comments * new plugin for managing Kolab 2 accounts * new plugin for managing MAC addresses * new plugin for managing NIS mail aliases * new plugin for managing mail routing with inetLocalMailRecipient * schema browser * tree view Availability: - This software is available under the GNU General Public License V2.0. You can get the newest version at http://lam.sf.net. File formats: DEB, tar.gz There is also a FreeBSD port. Debian users may use the packages in unstable. Support: If you find a bug please file a bug report. For questions or implementing new features please use the forum and feature request tracker at our Sourceforge homepage http://www.sf.net/projects/lam. Author Copyright: --- Copyright (C) 2003 - 2005: Michael Duergner [EMAIL PROTECTED] Roland Gruber [EMAIL PROTECTED] Tilo Lutz [EMAIL PROTECTED] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3, AD, and roaming profiles
On 08/17/2005 12:46 AM, Ilia Chipitsine wrote: I have access to User Manager for AD and have modified the profile entry for my test user to: profile path \\techops-test\profile login script \\techops-test\netlogon\mglcua.bat Home directory map h:\ to \\techops-test\homes\marteltest I have also tried: profile path \\techops-test\profile\marteltest logon path ? logon home ? (depending on windows version) not profile path :-) logon path doesn't have to point to PDC (which is AD in your case), so You can specify samba UNC for that. just remember win2ksp4 and later are picky on profile ACLs, You should either use samba with ACL support or enable profile acls = yes on that share (believe me, You don't want that option enabled globally). logon script is relative to \\PDC\netlogon, so You can just specify s.bat and it will look for \\PDC\netlogon\s.bat I do have profile acls = yes for the share I want to store the profiles on. Perhaps I was unclear, the parameters above are NOT in my Samba smb.conf, but from Microsoft's Active Directory Users and Computers tool running from an XP client. So on the profile tab for a user I have the following set: Profile Path\\techops-test\profile\%USERNAME% Logon Script\\techops-test\netlogon\mglcua.bat Home Folder (*) connect h: to \\techops-test\homes\%USERNAME% When I logon My home directory is mapped to h:\. The logon script does not run, nor are any errors generated. The Windows machine reports that it is unable to locate the server copy of my roaming profile because the network path was not found. The Samba resource \\techops-test\profile exists, and already has a subdirectory called marteltest waiting. I then see the odd (to me) message in the smblog on the samba server for this client that says the profile path is being set to \\techops-test\marteltest\profile : [2005/08/18 09:49:59, 4] lib/substitute.c:automount_server(337) Home server: techops-test [2005/08/18 09:49:59, 10] passdb/pdb_get_set.c:pdb_set_profile_path(752) pdb_set_profile_path: setting profile path \\techops-test\marteltest\profile, was [2005/08/18 09:49:59, 4] lib/substitute.c:automount_server(337) Home server: techops-test [2005/08/18 09:49:59, 10] passdb/pdb_get_set.c:pdb_set_homedir(806) pdb_set_homedir: setting home dir \\techops-test\marteltest, was When earlier in the process I see the profile path I want being passed: [2005/08/18 09:49:59, 8] rpc_parse/parse_prs.c:prs_debug(82) 0001c8 smb_io_unistr2 uni_profile_path [2005/08/18 09:49:59, 5] rpc_parse/parse_prs.c:prs_uint32(669) 01c8 uni_max_len: 0011 [2005/08/18 09:49:59, 5] rpc_parse/parse_prs.c:prs_uint32(669) 01cc offset : [2005/08/18 09:49:59, 5] rpc_parse/parse_prs.c:prs_uint32(669) 01d0 uni_str_len: 0011 [2005/08/18 09:49:59, 5] rpc_parse/parse_prs.c:dbg_rw_punival(841) 01d4 buffer : \.\.t.e.c.h.o.p.s.\.p.r.o.f.i.l.e. [2005/08/18 09:49:59, 8] rpc_parse/parse_prs.c:prs_debug(82) 0001f6 smb_io_unistr2 uni_home_dir - I guess I should ask if I *can* store my user's roaming profiles on a samba server in an Active Directory environment before I ask what might be wrong with my configuration. It looks like the Windows client is asking for the right path...but error messages on the windows client just say the network path is not found, but don't say what path it is looking for. Thanks, Bob Martel -- *** Bob Martel,System Administrator I met someone who looks a lot like you Levin College of Urban Affairs She does the things you do Cleveland State University But she is an IBM (216) 687-2214 [EMAIL PROTECTED]-Jeff Lynne *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Accent problem
use UTF-8 on your samba server (delete both the unix and display charset). Might check to see that your server is setup in UTF-8 as well, but I think this is the default in SuSE these days. (see /etc/sysconfig/language and related variables and manpages). That should pass through file-name support that will have the files looking the same on your linux box and windows box... Linda Cédric MARCOUX wrote: Hi! I just wonder how to setup samba to correctly handling accentued caracter. At this moment, if i write Cédric thrue windows network, Cédric appear correctly thrue the windows share however Cédric is written as C?dric on the linux server thus I cannot write back C?dric to a windows machine thrue smbmount because ? is not accepted for writing on remote FAT32. Does anybody have the magic number? For the moment hera are my configuration: Samba 3.02a on SuSE 9.1 using unix charset = ISO8859-15 display charset = ISO8859-15 I have tried to mount remote windows share with cifs, different iocharset and codepage but ever able to copy C?dric (that is normal) So the only thing I want to know is how to setup Samba for write Cédric on the server and not C?dric. Regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How many downloads?
I have an off the wall question: Does anyone know how many downloads of SAMBA have occurred in the last year? How about the last two years? Three? Thanks, Jerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Réponse automatique d'absence du bureau : [Samba] Accent problem
Bonjour, je suis absent jusqu'au 5 septembre. en cas de besoin, merci de prendre contact avec Serge Ravez (chef du BEEIT). O Henriot -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Default uid
I am wanting to recreate my ldap-samba users. I have a list of the users from my old server. They are in the same order as what they were on the old server and I want to do a batch add, keeping the uids the same. The problem is that the useradd starts adding users at uid 1000. I need to change where this starts adding. How do I do that? -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How many downloads?
On Thursday 18 August 2005 08:40, [EMAIL PROTECTED] wrote: I have an off the wall question: Does anyone know how many downloads of SAMBA have occurred in the last year? How about the last two years? Three? No. That is almost impossible to estimate now. We have about 80 official FTP mirror servers, and many times that number of unoficial ones. Additionally, how does one count all the copies of Samba that are distributed with Linux and UNIX OSs? Sorry to say it, but we have given up trying to estimate this number. When you reach a conclusion perhaps you will share it with us? - John T. -- John H Terpstra General Secretary Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NETLOGON Auth
Ok. Simple questions: What is NETLOGON in respect to Samba authentication? Further, what is NET_AUTH2 and NET_SAMLOGON which are RPCs of NETLOGON? Finally, how can I make the system try NET_SAMLOGON before NET_AUTH2? I am getting significant login delays b/c samba hangs with NET_AUTH2 as the RPC, but works immediately with the NET_SAMLOGON protocol after about a 20 second wait for the user. Thanks! Matt Vlasach Owner / Operator Pacific Swell Networks, Inc. http://www.pacificswell.com Contact: email : [EMAIL PROTECTED] cell : 310.529.9165 fax : 877.531.6463 - DIGITALLY SIGNED EMAIL: This email has been digitally signed to guarantee it has originated from the actual sender. The attachment smime.p7s contains this verification information, and is readable by newer versions of mail clients. IMPORTANT NOTICE: This message is intended only for the addressee and may contain confidential, privileged information. If you are not the intended recipient, you may not use, copy or disclose any information contained in the message. If you have received this message in error, please notify the sender by reply e-mail and delete the message. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Binding to Tun0 device
Hello all, We have a few aliased Ethernet addresses on our server and if I do not use the Bind statement in the Global section then the NMBD seems to try to bind to all of the addresses. We are actually using OpenVPN which make the connections just fine on a 172.16.x.x subnet to tun0 device. The problem is that Samba does not seem to find the tun0 device and reports that there are no network cards available if I use the: Bind Interfaces Only = True Interfaces tun0 172.16.0.1 How can I just bind Samba to the tun0 device? Also, with my home machine on the 192.168.x.x subnet and can see another Samba server just fine in the WORKGROUP but I cannot see the workgroup on the 172.16.x.x subnet through the VPN connection. Any ideas on how to be able to see the other workgroup as well? -- Cheers, Lonnie Cumberland OutStep Technologies Incorporated -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can connect from Windows 2000 but not Windows XP SP2
I have been running samba-2 for many years under irix using security = server and authenticating against Windows domain controllers. I am now trying to install samba3 on a Redhat EL 3.0 x86_64 machine, essentially duplicating the existing setup. I find that I can connect successfully from a Windows 2000 server but not from (two) windows XP workstations. First I tried the redhat samba-3.0.9-1.3E.3.x86_64.rpm that came with the system, but I have reproduced the problem with smbd version 3.0.20rc2 compiled from source. I have attached: - smb.conf - smb log files with log level = 2 for 3.0.20rc2 for two cases, but the 3.0.9 logs are similar o CASE 1 - access from Windows 2000 server start smbd start run \\calttux001 this works fine stop smbd o CASE 2 - access from Windows XP SP2 workstation ditto, but get error message \\calttux001 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The request is not supported. :: smb.conf # Global parameters [global] workgroup = CAL server string = Samba Server security = server password server = calttdc001 username map = /usr/local/samba/lib/smbusers max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = No dns proxy = No log level = 2 [homes] comment = Home Directories read only = No [tmp] comment = Temporary file space path = /tmp read only = No : log.smb.ok ::: [2005/08/19 14:32:54, 0] smbd/server.c:main(802) smbd version 3.0.20rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/19 14:32:54, 2] param/loadparm.c:do_section(3559) Processing section [homes] [2005/08/19 14:32:54, 2] param/loadparm.c:do_section(3559) Processing section [tmp] [2005/08/19 14:32:55, 2] lib/interface.c:add_interface(81) added interface ip=203.4.72.201 bcast=203.4.72.255 nmask=255.255.255.0 [2005/08/19 14:32:55, 0] smbd/server.c:main(839) standard input is not a socket, assuming -D option [2005/08/19 14:32:55, 2] lib/tallocmsg.c:register_msg_pool_usage(56) Registered MSG_REQ_POOL_USAGE [2005/08/19 14:32:55, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2005/08/19 14:32:55, 2] smbd/server.c:open_sockets_smbd(330) waiting for a connection [2005/08/19 14:33:02, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/08/19 14:33:02, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/08/19 14:33:02, 2] auth/auth.c:check_ntlm_password(307) check_ntlm_password: authentication for user [DABilling] - [billingd] - [billingd] succeeded [2005/08/19 14:33:11, 1] smbd/service.c:make_connection_snum(662) calttsv003 (203.4.72.10) connect to service billingd initially as user billingd (uid=272, gid=89) (pid 21661) [2005/08/19 14:33:26, 1] smbd/service.c:close_cnum(835) calttsv003 (203.4.72.10) closed connection to service billingd [2005/08/19 14:33:41, 2] smbd/server.c:exit_server(608) Closing connections [2005/08/19 14:33:41, 2] smbd/server.c:exit_server(608) Closing connections [2005/08/19 14:33:41, 2] smbd/server.c:exit_server(608) Closing connections : log.smb.ok ::: [2005/08/19 14:34:27, 0] smbd/server.c:main(802) smbd version 3.0.20rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/19 14:34:27, 2] param/loadparm.c:do_section(3559) Processing section [homes] [2005/08/19 14:34:27, 2] param/loadparm.c:do_section(3559) Processing section [tmp] [2005/08/19 14:34:27, 2] lib/interface.c:add_interface(81) added interface ip=203.4.72.201 bcast=203.4.72.255 nmask=255.255.255.0 [2005/08/19 14:34:27, 0] smbd/server.c:main(839) standard input is not a socket, assuming -D option [2005/08/19 14:34:27, 2] lib/tallocmsg.c:register_msg_pool_usage(56) Registered MSG_REQ_POOL_USAGE [2005/08/19 14:34:27, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2005/08/19 14:34:27, 2] smbd/server.c:open_sockets_smbd(330) waiting for a connection [2005/08/19 14:34:31, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/08/19 14:34:31, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/08/19 14:34:31, 2] smbd/server.c:exit_server(608) Closing connections
RE : RE : Samba 2.2.8 (JYC 31-Mar-05 version) problem with record s longer than 1022 bytes
Unfortunately, I have no more VAX available for compiling, and I have no I64 yet. JYC -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de David J Dachtera Envoyé : jeudi 18 août 2005 02:38 À : [EMAIL PROTECTED] Cc : 'samba-vms@lists.samba.org' Objet : RE : Samba 2.2.8 (JYC 31-Mar-05 version) problem with records longer than 1022 bytes I'm downloading the new .ZIPs as I write this. They used to come with both VAX and Alpha .OLBs (any hope for I64?). Will check into it as soon as the downloads finish... David J Dachtera At 06:58 PM 08/17/2005 -0400, you wrote: At 01:53 PM 8/17/2005 +0200, COLLOT Jean-Yves wrote: A new version (20050817) is available at http://www.pi-net.dyndns.org/anonymous/jyc/ JYC -Message d'origine- De : Rodney Kimber [mailto:[EMAIL PROTECTED] Envoyé : mercredi 17 août 2005 01:57 À : COLLOT Jean-Yves; samba-vms@lists.samba.org Objet : RE: RE : Samba 2.2.8 (JYC 31-Mar-05 version) problem with records longer than 1022 bytes Thanks for your prompt response. Unfortunately I don't have the facility to compile. :-(I will have to wait for your next release. Keep up the great work. Regards. I'm trying to compile 20050531 version with the change you suggested for long records on my VAX (VMS 7.3/DEC C V6.4/TCPware V5.6-2) as I write this. :-( looks like I'll have to start over... So far, I've gotten warnings on 3 modules, about mismatched pointer types. Compiling CLIPRINT in LIBSMB rparam, rprcnt,/* return params, length */ .^ %CC-W-PTRMISMATCH1, In this statement, the referenced type of the pointer value rprcnt is int, which is not compatible with unsigned int because they differ by signed/unsigned attribute. At line number 91 in DU0:[SAMBA.SOURCE.LIBSMB]CLIPRINT.C;4. is a typical example. The variables are rdrcnt and rprcnt in CLIPRINT and CLIRAP, and rparam_count and rdata_count in CLISECDESC. Since these are warnings, I don't think it will effect the link, though I have seen cases of C compiler warnings that produced unlinkable object modules (or maybe there's a qualifier on LINK that says it's okay to have warnings, and whatever I was building didn't use the qualifier? I don't see such a qualifier in HELP LINK, but maybe there is something in the options file?) I just recompiled the same sources on an Alpha (V7.3-2, DEC C V6.5/TCPware V5.6-2) and had no warnings. DEC C 6.4 vs. 6.5 or an Alpha/VAX difference? If you need, I would be happy to upload the VAX object modules/libraries, assuming it builds/links okay. Or would it be better to do over with the latest sources? John Santos PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r9378 - in branches/SAMBA_4_0/source/lib/registry: .
Author: tridge Date: 2005-08-18 06:14:10 + (Thu, 18 Aug 2005) New Revision: 9378 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9378 Log: initialise the last_mod attribute in the ldb backend. Better to return 0 than an uninitialised value, but we should put proper last_modified time support into the ldb winreg backend in the future Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c === --- branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 05:09:26 UTC (rev 9377) +++ branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 06:14:10 UTC (rev 9378) @@ -170,6 +170,8 @@ talloc_set_destructor(*subkey, reg_close_ldb_key); (*subkey)-name = talloc_strdup(mem_ctx, el-values[0].data); (*subkey)-backend_data = newkd = talloc_zero(*subkey, struct ldb_key_data); + (*subkey)-last_mod = 0; /* TODO: we need to add this to the + ldb backend properly */ newkd-dn = talloc_strdup(mem_ctx, kd-subkeys[idx]-dn); return WERR_OK;
svn commit: samba r9379 - in branches/SAMBA_4_0/source/script/tests: .
Author: tridge Date: 2005-08-18 06:19:32 + (Thu, 18 Aug 2005) New Revision: 9379 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9379 Log: the valgrind test box is now just going past the max 30 minute smbd runtime for testing. Increased to 45 minutes. Modified: branches/SAMBA_4_0/source/script/tests/test_functions.sh Changeset: Modified: branches/SAMBA_4_0/source/script/tests/test_functions.sh === --- branches/SAMBA_4_0/source/script/tests/test_functions.sh2005-08-18 06:14:10 UTC (rev 9378) +++ branches/SAMBA_4_0/source/script/tests/test_functions.sh2005-08-18 06:19:32 UTC (rev 9379) @@ -19,7 +19,7 @@ echo -n STARTING SMBD... (( - $SMBD_VALGRIND $SRCDIR/bin/smbd --maximum-runtime=1800 -d1 -s $CONFFILE -M single -i $SMBD_TEST_FIFO $SMBD_TEST_LOG 21; + $SMBD_VALGRIND $SRCDIR/bin/smbd --maximum-runtime=2700 -d1 -s $CONFFILE -M single -i $SMBD_TEST_FIFO $SMBD_TEST_LOG 21; ret=$?; rm -f $SMBD_TEST_FIFO; if [ -n $SOCKET_WRAPPER_DIR -a -d $SOCKET_WRAPPER_DIR ]; then
svn commit: samba r9380 - in branches/SOC/SAMBA_3_0/source/client: .
Author: kalim Date: 2005-08-18 06:50:58 + (Thu, 18 Aug 2005) New Revision: 9380 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9380 Log: Added handling to the authentication callback for passwords specified on the command line and the -N|--no-pass option. Cleaned up straggling debug output. -Kalim Modified: branches/SOC/SAMBA_3_0/source/client/client.c Changeset: Modified: branches/SOC/SAMBA_3_0/source/client/client.c === --- branches/SOC/SAMBA_3_0/source/client/client.c 2005-08-18 06:19:32 UTC (rev 9379) +++ branches/SOC/SAMBA_3_0/source/client/client.c 2005-08-18 06:50:58 UTC (rev 9380) @@ -140,18 +140,26 @@ strncpy(pUsername, username, maxLenUsername - 1); strncpy(authUsername, username, maxLenUsername - 1); -char *pass = getpass(Password: ); -if (pass) -fstrcpy(temp, pass); -if (temp[strlen(temp) - 1] == '\n') /* A new line? */ +if (cmdline_auth_info.got_pass) { -temp[strlen(temp) - 1] = '\0'; -} -if (temp[0] != '\0') +strncpy(pPassword, cmdline_auth_info.password, maxLenPassword - 1); +strncpy(authPassword, cmdline_auth_info.password, maxLenPassword - 1); +} +else { -strncpy(pPassword, temp, maxLenPassword - 1); -strncpy(authPassword, pPassword, maxLenPassword - 1); -} +char *pass = getpass(Password: ); +if (pass) +fstrcpy(temp, pass); +if (temp[strlen(temp) - 1] == '\n') /* A new line? */ +{ +temp[strlen(temp) - 1] = '\0'; +} +if (temp[0] != '\0') +{ +strncpy(pPassword, temp, maxLenPassword - 1); +strncpy(authPassword, pPassword, maxLenPassword - 1); +} +} authSet = 1; } } @@ -2376,7 +2384,7 @@ pstrcat(src, oname); pstrcat(dest, nname); -d_printf(O: %s\nN: %s\n, src, dest); +DEBUG(4, (O: %s\nN: %s\n, src, dest)); err = smbc_rename(src, dest); if (err 0)
svn commit: samba r9381 - in branches/SAMBA_4_0/source/lib/registry: .
Author: tpot Date: 2005-08-18 07:00:37 + (Thu, 18 Aug 2005) New Revision: 9381 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9381 Log: Line wrapping. Modified: branches/SAMBA_4_0/source/lib/registry/README Changeset: Modified: branches/SAMBA_4_0/source/lib/registry/README === --- branches/SAMBA_4_0/source/lib/registry/README 2005-08-18 06:50:58 UTC (rev 9380) +++ branches/SAMBA_4_0/source/lib/registry/README 2005-08-18 07:00:37 UTC (rev 9381) @@ -1,22 +1,23 @@ -This is the registry library. The registry is basically a bunch of hives -that can be loaded from different places. +This is the registry library. The registry is basically a bunch of +hives that can be loaded from different places. -The various registry backends provide support for loading/saving specific types -of hives: +The various registry backends provide support for loading/saving +specific types of hives: + - ldb - w95 (USER.DAT-style files) - nt4 (NTUSER.DAT-style files) - gconf (GNOME configuration) - rpc (Remote individual hives) -Instead of opening individual hives, one can also open a 'complete' registry by -using one of these three functions: +Instead of opening individual hives, one can also open a 'complete' +registry by using one of these three functions: - reg_open_local() - load local registry, see below - reg_open_remote() - connect to remote registry over RPC - reg_open_wine() (not working yet) -reg_open_local() loads a set of hives based on smb.conf settings. +reg_open_local() loads a set of hives based on smb.conf settings. Lines in smb.conf should have the following syntax: registry:hivename = backend:location @@ -38,4 +39,3 @@ HKEY_LOCAL_MACHINE\System: %SystemRoot%\System32\Config\System HKEY_USERS\.DEFAULT: %SystemRoot%\System32\Config\Default HKEY_LOCAL_MACHINE\HARDWARE: is autogenerated -
svn commit: samba r9382 - in branches/SAMBA_4_0/source/param: .
Author: tpot Date: 2005-08-18 07:06:19 + (Thu, 18 Aug 2005) New Revision: 9382 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9382 Log: Add a dummy registry for HKEY_USERS to get rid of the annoying dialog presented by regedt32. I think this hive is dynamically generated from SAM information. Modified: branches/SAMBA_4_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_4_0/source/param/loadparm.c === --- branches/SAMBA_4_0/source/param/loadparm.c 2005-08-18 07:00:37 UTC (rev 9381) +++ branches/SAMBA_4_0/source/param/loadparm.c 2005-08-18 07:06:19 UTC (rev 9382) @@ -936,6 +936,12 @@ do_parameter(spoolss database, spoolss.ldb); do_parameter(wins database, wins.ldb); do_parameter(registry:HKEY_LOCAL_MACHINE, hklm.ldb); + + /* This hive should be dynamically generated by Samba using + data from the sam, but for the moment leave it in a tdb to + keep regedt32 from popping up an annoying dialog. */ + do_parameter(registry:HKEY_USERS, hku.ldb); + do_parameter(guest account, GUEST_ACCOUNT); /* using UTF8 by default allows us to support all chars */
svn commit: samba r9383 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: tridge Date: 2005-08-18 09:33:03 + (Thu, 18 Aug 2005) New Revision: 9383 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9383 Log: remove unused file Removed: branches/SAMBA_4_0/testprogs/ejs/winreg.js Changeset: Deleted: branches/SAMBA_4_0/testprogs/ejs/winreg.js === --- branches/SAMBA_4_0/testprogs/ejs/winreg.js 2005-08-18 07:06:19 UTC (rev 9382) +++ branches/SAMBA_4_0/testprogs/ejs/winreg.js 2005-08-18 09:33:03 UTC (rev 9383) @@ -1,72 +0,0 @@ -#!/usr/bin/env smbscript -/* - test winreg calls from ejs -*/ - -libinclude(base.js); -libinclude(winreg.js); - -var options = new Object(); - -ok = GetOptions(ARGV, options, - POPT_AUTOHELP, - POPT_COMMON_SAMBA, - POPT_COMMON_CREDENTIALS); -if (ok == false) { - println(Failed to parse options: + options.ERROR); - return -1; -} - -if (options.ARGV.length 1) { - println(Usage: winreg.js BINDING); - return -1; -} -var binding = options.ARGV[0]; -reg = winreg_init(); -security_init(reg); - -print(Connecting to + binding + \n); -status = reg.connect(binding); -if (status.is_ok != true) { - print(Failed to connect to + binding + - + status.errstr + \n); - return -1; -} - -function list_values(path) { - var list = winreg_enum_values(reg, path); - var i; - if (list == undefined) { - return; - } - for (i=0;ilist.length;i++) { - printf(\ttype=%2d size=%4d '%s'\n, list[i].type, list[i].size, list[i].name); - } -} - -function list_path(path) { - var list = winreg_enum_path(reg, path); - var i; - list_values(path); - for (i=0;ilist.length;i++) { - var npath; - if (path) { - npath = path + \\ + list[i]; - } else { - npath = list[i]; - } - println(npath); - list_path(npath); - } -} - -var root; - -if (options.ARGV.length 1) { - root = options.ARGV[1]; -} else { - root = ''; -} - -printf(Listing registry tree '%s'\n, root); -list_path(root); -return 0;
svn commit: samba r9384 - in branches/SAMBA_4_0/source/rpc_server: .
Author: tridge Date: 2005-08-18 10:12:55 + (Thu, 18 Aug 2005) New Revision: 9384 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9384 Log: added a debug to show the dcerpc fault code for any calls we fault Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c === --- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c2005-08-18 09:33:03 UTC (rev 9383) +++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c2005-08-18 10:12:55 UTC (rev 9384) @@ -788,6 +788,10 @@ /* call the dispatch function */ status = context-iface-dispatch(call, call, call-r); if (!NT_STATUS_IS_OK(status)) { + DEBUG(5,(dcerpc fault in call %s:%02x - %s\n, +context-iface-name, +call-pkt.u.request.opnum, +dcerpc_errstr(pull, call-fault_code))); return dcesrv_fault(call, call-fault_code); }
svn commit: samba r9385 - in branches/SAMBA_4_0/source/dsdb/samdb: .
Author: idra Date: 2005-08-18 10:23:53 + (Thu, 18 Aug 2005) New Revision: 9385 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9385 Log: Remove unused functions Modified: branches/SAMBA_4_0/source/dsdb/samdb/samdb.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/samdb.c === --- branches/SAMBA_4_0/source/dsdb/samdb/samdb.c2005-08-18 10:12:55 UTC (rev 9384) +++ branches/SAMBA_4_0/source/dsdb/samdb/samdb.c2005-08-18 10:23:53 UTC (rev 9385) @@ -656,103 +656,6 @@ /* - allocate a new id, attempting to do it atomically - return 0 on failure, the id on success -*/ -static NTSTATUS _samdb_allocate_next_id(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, const char *dn, - const char *attr, uint32_t *id) -{ - struct ldb_message msg; - int ret; - const char *str; - struct ldb_val vals[2]; - struct ldb_message_element els[2]; - - str = samdb_search_string(sam_ldb, mem_ctx, dn, attr, dn=%s, dn); - if (!str) { - DEBUG(1,(id not found at %s %s\n, dn, attr)); - return NT_STATUS_OBJECT_NAME_INVALID; - } - - *id = strtol(str, NULL, 0); - if ((*id)+1 == 0) { - /* out of IDs ! */ - return NT_STATUS_INSUFFICIENT_RESOURCES; - } - - /* we do a delete and add as a single operation. That prevents - a race */ - ZERO_STRUCT(msg); - msg.dn = talloc_strdup(mem_ctx, dn); - if (!msg.dn) { - return NT_STATUS_NO_MEMORY; - } - msg.num_elements = 2; - msg.elements = els; - - els[0].num_values = 1; - els[0].values = vals[0]; - els[0].flags = LDB_FLAG_MOD_DELETE; - els[0].name = talloc_strdup(mem_ctx, attr); - if (!els[0].name) { - return NT_STATUS_NO_MEMORY; - } - - els[1].num_values = 1; - els[1].values = vals[1]; - els[1].flags = LDB_FLAG_MOD_ADD; - els[1].name = els[0].name; - - vals[0].data = (uint8_t *)talloc_asprintf(mem_ctx, %u, *id); - if (!vals[0].data) { - return NT_STATUS_NO_MEMORY; - } - vals[0].length = strlen((const char *)vals[0].data); - - vals[1].data = (uint8_t *)talloc_asprintf(mem_ctx, %u, (*id)+1); - if (!vals[1].data) { - return NT_STATUS_NO_MEMORY; - } - vals[1].length = strlen((const char *)vals[1].data); - - ret = ldb_modify(sam_ldb, msg); - if (ret != 0) { - return NT_STATUS_UNEXPECTED_IO_ERROR; - } - - (*id)++; - - return NT_STATUS_OK; -} - -/* - allocate a new id, attempting to do it atomically - return 0 on failure, the id on success -*/ -NTSTATUS samdb_allocate_next_id(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, const char *dn, const char *attr, - uint32_t *id) -{ - int tries = 10; - NTSTATUS status; - - /* we need to try multiple times to cope with two account - creations at the same time */ - while (tries--) { - status = _samdb_allocate_next_id(sam_ldb, mem_ctx, dn, attr, id); - if (!NT_STATUS_EQUAL(NT_STATUS_UNEXPECTED_IO_ERROR, status)) { - break; - } - } - - if (NT_STATUS_EQUAL(NT_STATUS_UNEXPECTED_IO_ERROR, status)) { - DEBUG(1,(Failed to increment id %s at %s\n, attr, dn)); - } - - return status; -} - - -/* add a string element to a message */ int samdb_msg_add_string(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg,
svn commit: samba r9386 - in branches/SAMBA_4_0/source/lib/registry: .
Author: tridge Date: 2005-08-18 10:58:05 + (Thu, 18 Aug 2005) New Revision: 9386 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9386 Log: OpenKey with a bad name must return WERR_BADFILE (w2k3 regedit relies on this) Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c === --- branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 10:23:53 UTC (rev 9385) +++ branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 10:58:05 UTC (rev 9386) @@ -214,7 +214,7 @@ ret = ldb_search(c, ldap_path, LDB_SCOPE_BASE, (key=*), NULL,msg); if(ret == 0) { - return WERR_NO_MORE_ITEMS; + return WERR_BADFILE; } else if(ret 0) { DEBUG(0, (Error opening key '%s': %s\n, ldap_path, ldb_errstring(c))); return WERR_FOOBAR;
svn commit: samba r9387 - in branches/SAMBA_4_0/source/lib: ldb/common ldb/include registry
Author: tridge Date: 2005-08-18 11:15:15 + (Thu, 18 Aug 2005) New Revision: 9387 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9387 Log: regedit uses New Key #nn for newly created keys, which conflicts with the stricter DN rules in ldb. Escape the DN components to cope. Simo, sorry for making a change in ldb_dn.c while you have changes pending. Please feel free to revert these and switch reg_backend_ldb.c to use the new dn construction code. Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 10:58:05 UTC (rev 9386) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 11:15:15 UTC (rev 9387) @@ -56,7 +56,7 @@ return 1; } -static char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value) +char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value) { const char *p, *s, *src; char *d, *dst; Modified: branches/SAMBA_4_0/source/lib/ldb/include/ldb.h === --- branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 10:58:05 UTC (rev 9386) +++ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 11:15:15 UTC (rev 9387) @@ -342,6 +342,7 @@ int ldb_dn_cmp(struct ldb_context *ldb, const char *dn1, const char *dn2); int ldb_attr_cmp(const char *dn1, const char *dn2); +char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value); /* case-fold a DN */ char *ldb_dn_fold(void * mem_ctx, Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c === --- branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 10:58:05 UTC (rev 9386) +++ branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 11:15:15 UTC (rev 9387) @@ -126,12 +126,24 @@ while(mypath) { char *keyname; begin = strrchr(mypath, '\\'); + struct ldb_val val; + char *key; - if(begin) keyname = begin + 1; + if (begin) keyname = begin + 1; else keyname = mypath; - if(strlen(keyname)) - ret = talloc_asprintf_append(ret, key=%s,, keyname); + val.data = keyname; + val.length = strlen(keyname); + + key = ldb_dn_escape_value(mem_ctx, val); + if (key == NULL) { + return NULL; + } + + if (strlen(key)) + ret = talloc_asprintf_append(ret, key=%s,, key); + + talloc_free(key); if(begin) { *begin = '\0';
svn commit: samba r9388 - in branches/SAMBA_4_0/source/rpc_server/winreg: .
Author: tridge Date: 2005-08-18 11:16:32 + (Thu, 18 Aug 2005) New Revision: 9388 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9388 Log: we should fault bad handles given to winreg_GetVersion() Modified: branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c === --- branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c2005-08-18 11:15:15 UTC (rev 9387) +++ branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c2005-08-18 11:16:32 UTC (rev 9388) @@ -495,8 +495,12 @@ winreg_GetVersion */ static WERROR winreg_GetVersion(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct winreg_GetVersion *r) + struct winreg_GetVersion *r) { + struct dcesrv_handle *h; + + DCESRV_PULL_HANDLE_FAULT(h, r-in.handle, HTYPE_REGKEY); + r-out.version = 5; return WERR_OK; }
svn commit: samba r9389 - in branches/SAMBA_4_0/source/web_server: .
Author: tridge Date: 2005-08-18 12:19:16 + (Thu, 18 Aug 2005) New Revision: 9389 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9389 Log: handle errors reading from files in web server bug found by coverity Modified: branches/SAMBA_4_0/source/web_server/web_server.c Changeset: Modified: branches/SAMBA_4_0/source/web_server/web_server.c === --- branches/SAMBA_4_0/source/web_server/web_server.c 2005-08-18 11:16:32 UTC (rev 9388) +++ branches/SAMBA_4_0/source/web_server/web_server.c 2005-08-18 12:19:16 UTC (rev 9389) @@ -153,13 +153,14 @@ web-output.nsent = 0; nread = read(web-output.fd, buf, sizeof(buf)); - if (nread == 0) { + if (nread == -1 errno == EINTR) { + return; + } + if (nread = 0) { close(web-output.fd); web-output.fd = -1; + nread = 0; } - if (nread == -1 errno == EINTR) { - return; - } web-output.content = data_blob_talloc(web, buf, nread); }
svn commit: samba r9390 - in branches/SAMBA_4_0/source/lib/registry: .
Author: tridge Date: 2005-08-18 12:21:42 + (Thu, 18 Aug 2005) New Revision: 9390 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9390 Log: fixed mixing of code and data Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c === --- branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 12:19:16 UTC (rev 9389) +++ branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c2005-08-18 12:21:42 UTC (rev 9390) @@ -125,10 +125,11 @@ while(mypath) { char *keyname; - begin = strrchr(mypath, '\\'); struct ldb_val val; char *key; + begin = strrchr(mypath, '\\'); + if (begin) keyname = begin + 1; else keyname = mypath;
svn commit: lorikeet r425 - in trunk/ntacl-lsm: . userspace
Author: metze Date: 2005-08-18 13:14:48 + (Thu, 18 Aug 2005) New Revision: 425 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=425 Log: - add more samba stuff - switch the string values to struct security_token - add ntacl_set_security_token tool for testing metze Added: trunk/ntacl-lsm/dom_sid.c trunk/ntacl-lsm/dom_sid.h trunk/ntacl-lsm/privilege.c trunk/ntacl-lsm/privilege.h trunk/ntacl-lsm/security_descriptor.c trunk/ntacl-lsm/security_descriptor.h trunk/ntacl-lsm/security_token.c trunk/ntacl-lsm/security_token.h trunk/ntacl-lsm/userspace/ntacl_set_security_token.c Modified: trunk/ntacl-lsm/Makefile trunk/ntacl-lsm/access_check.c trunk/ntacl-lsm/includes.h trunk/ntacl-lsm/main.c trunk/ntacl-lsm/userspace/Makefile trunk/ntacl-lsm/userspace/cp_prefix.sh trunk/ntacl-lsm/userspace/libntacl.c trunk/ntacl-lsm/userspace/ntacl_get_security_token.c Changeset: Sorry, the patch is too large (2121 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=425
svn commit: lorikeet r426 - in trunk/ntacl-lsm: . userspace
Author: metze Date: 2005-08-18 14:35:57 + (Thu, 18 Aug 2005) New Revision: 426 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=426 Log: - merge in my hierachical memory changes from samba (so, talloc_steal of the security_token now works) - add a uint32 magic field in frnt of the ndr blob metze Modified: trunk/ntacl-lsm/libndr.h trunk/ntacl-lsm/main.c trunk/ntacl-lsm/ndr.c trunk/ntacl-lsm/ndr.h trunk/ntacl-lsm/ndr_security.c trunk/ntacl-lsm/ndr_xattr.c trunk/ntacl-lsm/userspace/libntacl.c trunk/ntacl-lsm/xattr.h Changeset: Sorry, the patch is too large (739 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=426
svn commit: lorikeet r427 - in trunk/ntacl-lsm/userspace: .
Author: metze Date: 2005-08-18 14:40:31 + (Thu, 18 Aug 2005) New Revision: 427 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=427 Log: ignore more files metze Modified: trunk/ntacl-lsm/userspace/ Changeset: Property changes on: trunk/ntacl-lsm/userspace ___ Name: svn:ignore - byteorder.h dlinklist.h includes.h libndr.h *.so* misc.h ndr.c ndr.h ndr_basic.c ndr_misc.c ndr_misc.h ndr_misc_helper.c ndr_misc_helper.h ndr_sec_helper.c ndr_sec_helper.h ndr_security.c ndr_security.h ndr_xattr.c ndr_xattr.h security.h talloc.c talloc.h xattr.h ntacl_get_security_token *.o *.so* + byteorder.h dlinklist.h dom_sid.c dom_sid.h includes.h libndr.h *.so* misc.h ndr.c ndr.h ndr_basic.c ndr_misc.c ndr_misc.h ndr_misc_helper.c ndr_misc_helper.h ndr_sec_helper.c ndr_sec_helper.h ndr_security.c ndr_security.h ndr_xattr.c ndr_xattr.h privilege.c privilege.h security.h security_descriptor.c security_descriptor.h security_token.c security_token.h talloc.c talloc.h xattr.h ntacl_get_security_token ntacl_set_security_token *.o *.so*
svn commit: samba r9391 - in branches/SAMBA_4_0/source: auth auth/gensec cldap_server dsdb/samdb dsdb/samdb/ldb_modules include kdc ldap_server lib lib/ldb/common lib/ldb/include lib/ldb/ldb_ildap lib
Author: idra Date: 2005-08-18 15:02:01 + (Thu, 18 Aug 2005) New Revision: 9391 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9391 Log: Convert all the code to use struct ldb_dn to ohandle ldap like distinguished names Provide more functions to handle DNs in this form Modified: branches/SAMBA_4_0/source/auth/auth_sam.c branches/SAMBA_4_0/source/auth/gensec/schannel_state.c branches/SAMBA_4_0/source/cldap_server/netlogon.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/dsdb/samdb/samdb.c branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/kdc/hdb-ldb.c branches/SAMBA_4_0/source/ldap_server/config.mk branches/SAMBA_4_0/source/ldap_server/ldap_hacked_ldb.c branches/SAMBA_4_0/source/ldap_server/ldap_simple_ldb.c branches/SAMBA_4_0/source/lib/gendb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_ldif.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_match.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h branches/SAMBA_4_0/source/lib/ldb/include/ldb_private.h branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c branches/SAMBA_4_0/source/lib/ldb/ldb_ldap/ldb_ldap.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_cache.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_pack.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.h branches/SAMBA_4_0/source/lib/ldb/modules/rdn_name.c branches/SAMBA_4_0/source/lib/ldb/modules/schema.c branches/SAMBA_4_0/source/lib/ldb/modules/skel.c branches/SAMBA_4_0/source/lib/ldb/modules/timestamps.c branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.c branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.h branches/SAMBA_4_0/source/lib/ldb/tools/ldbadd.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbdel.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbmodify.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbrename.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbsearch.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbtest.c branches/SAMBA_4_0/source/lib/registry/reg_backend_ldb.c branches/SAMBA_4_0/source/libnet/libnet_join.c branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c branches/SAMBA_4_0/source/nbt_server/wins/winsdb.c branches/SAMBA_4_0/source/ntptr/simple_ldb/ntptr_simple_ldb.c branches/SAMBA_4_0/source/rpc_server/drsuapi/drsuapi_cracknames.c branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.h branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c branches/SAMBA_4_0/source/scripting/ejs/mprutil.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Sorry, the patch is too large (6356 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9391
svn commit: samba r9392 - in branches/SAMBA_4_0/source: kdc lib/ldb/common lib/ldb/include libnet ntptr/simple_ldb rpc_server/lsa rpc_server/samr
Author: idra Date: 2005-08-18 16:18:48 + (Thu, 18 Aug 2005) New Revision: 9392 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9392 Log: Fix ldb_dn_compose to make build farm happy Add ldb_dn_string_compose so that you can build a dn starting from a struct ldb_dn base and a set of parameters to be composed in a format string with the same syntax of printf Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c branches/SAMBA_4_0/source/ntptr/simple_ldb/ntptr_simple_ldb.c branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c Changeset: Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c === --- branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2005-08-18 15:02:01 UTC (rev 9391) +++ branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2005-08-18 16:18:48 UTC (rev 9392) @@ -624,10 +624,9 @@ int count; struct ldb_message **msg; struct ldb_message_element *spnmappings; - struct ldb_dn *service_dn = ldb_dn_compose_string_dn(mem_ctx, + struct ldb_dn *service_dn = ldb_dn_string_compose(mem_ctx, realm_dn, CN=Directory Service,CN=Windows NT - ,CN=Services,CN=Configuration, - realm_dn); + ,CN=Services,CN=Configuration); char *service_dn_str = ldb_dn_linearize(mem_ctx, service_dn); const char *directory_attrs[] = { sPNMappings, Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 15:02:01 UTC (rev 9391) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 16:18:48 UTC (rev 9392) @@ -771,7 +771,9 @@ new-comp_num = dn1-comp_num; new-components = talloc_array(new, struct ldb_dn_component, new-comp_num); } else { - new = ldb_dn_copy_partial(mem_ctx, dn2, dn2-comp_num + dn1?dn1-comp_num:0); + int comp_num = dn2-comp_num; + if (dn1 != NULL) comp_num += dn1-comp_num; + new = ldb_dn_copy_partial(mem_ctx, dn2, comp_num); } if (dn1 == NULL) { @@ -790,11 +792,26 @@ return NULL; } -struct ldb_dn *ldb_dn_compose_string_dn(void *mem_ctx, const char *dn1, const struct ldb_dn *dn2) +struct ldb_dn *ldb_dn_string_compose(void *mem_ctx, const struct ldb_dn *base, const char *child_fmt, ...) { - if (dn1 == NULL) return NULL; + struct ldb_dn *dn; + char *child_str; + va_list ap; + int ret; + + if (child_fmt == NULL) return NULL; - return ldb_dn_compose(mem_ctx, ldb_dn_explode(mem_ctx, dn1), dn2); + va_start(ap, child_fmt); + ret = vasprintf(child_str, child_fmt, ap); + va_end(ap); + + if (ret = 0) return NULL; + + dn = ldb_dn_compose(mem_ctx, ldb_dn_explode(mem_ctx, child_str), base); + + free(child_str); + + return dn; } struct ldb_dn_component *ldb_dn_get_rdn(void *mem_ctx, const struct ldb_dn *dn) Modified: branches/SAMBA_4_0/source/lib/ldb/include/ldb.h === --- branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 15:02:01 UTC (rev 9391) +++ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 16:18:48 UTC (rev 9392) @@ -371,7 +371,7 @@ const struct ldb_dn_component *component, const struct ldb_dn *base); struct ldb_dn *ldb_dn_compose(void *mem_ctx, const struct ldb_dn *dn1, const struct ldb_dn *dn2); -struct ldb_dn *ldb_dn_compose_string_dn(void *mem_ctx, const char *dn1, const struct ldb_dn *dn2); +struct ldb_dn *ldb_dn_string_compose(void *mem_ctx, const struct ldb_dn *base, const char *child_fmt, ...); struct ldb_dn_component *ldb_dn_get_rdn(void *mem_ctx, const struct ldb_dn *dn); /* useful functions for ldb_message structure manipulation */ Modified: branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c === --- branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c 2005-08-18 15:02:01 UTC (rev 9391) +++ branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c 2005-08-18 16:18:48 UTC (rev 9392) @@ -337,11 +337,8 @@ if (add) { samdb_msg_add_string(state-sam_ldb, mem_ctx, msg, objectClass, obj_class); - msg-dn = ldb_dn_build_child(mem_ctx, -CN,
svn commit: samba r9393 - in branches/SAMBA_4_0/source/lib/ldb: common include
Author: idra Date: 2005-08-18 16:27:09 + (Thu, 18 Aug 2005) New Revision: 9393 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9393 Log: Fix ldb standalone build Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 16:18:48 UTC (rev 9392) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 16:27:09 UTC (rev 9393) @@ -353,6 +353,7 @@ /* Allocate a structure to hold the exploded DN */ edn = ldb_dn_new(mem_ctx); + pdn = NULL; /* Empty DNs */ if (dn[0] == '\0') { Modified: branches/SAMBA_4_0/source/lib/ldb/include/ldb.h === --- branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 16:18:48 UTC (rev 9392) +++ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 16:27:09 UTC (rev 9393) @@ -348,6 +348,11 @@ unsigned num_handlers); /* The following definitions come from lib/ldb/common/ldb_dn.c */ + +#ifndef BOOL +typedef int BOOL; +#endif + BOOL ldb_dn_is_special(const struct ldb_dn *dn); BOOL ldb_dn_check_special(const struct ldb_dn *dn, const char *check); char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value);
svn commit: samba r9394 - in branches/SAMBA_4_0/source/lib/ldb: common include
Author: idra Date: 2005-08-18 16:41:27 + (Thu, 18 Aug 2005) New Revision: 9394 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9394 Log: avoid to use BOOL in ldb Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c branches/SAMBA_4_0/source/lib/ldb/include/ldb.h Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 16:27:09 UTC (rev 9393) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-08-18 16:41:27 UTC (rev 9394) @@ -43,14 +43,14 @@ #define LDB_SPECIAL @SPECIAL -BOOL ldb_dn_is_special(const struct ldb_dn *dn) +int ldb_dn_is_special(const struct ldb_dn *dn) { if (dn == NULL || dn-comp_num != 1) return 0; return ! strcmp(dn-components[0].name, LDB_SPECIAL); } -BOOL ldb_dn_check_special(const struct ldb_dn *dn, const char *check) +int ldb_dn_check_special(const struct ldb_dn *dn, const char *check) { if (dn == NULL || dn-comp_num != 1) return 0; Modified: branches/SAMBA_4_0/source/lib/ldb/include/ldb.h === --- branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 16:27:09 UTC (rev 9393) +++ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2005-08-18 16:41:27 UTC (rev 9394) @@ -349,12 +349,8 @@ /* The following definitions come from lib/ldb/common/ldb_dn.c */ -#ifndef BOOL -typedef int BOOL; -#endif - -BOOL ldb_dn_is_special(const struct ldb_dn *dn); -BOOL ldb_dn_check_special(const struct ldb_dn *dn, const char *check); +int ldb_dn_is_special(const struct ldb_dn *dn); +int ldb_dn_check_special(const struct ldb_dn *dn, const char *check); char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value); struct ldb_dn *ldb_dn_new(void *mem_ctx); struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn);
svn commit: samba r9395 - in branches/SOC/SAMBA_3_0/source: . include libmsrpc libmsrpc/test libmsrpc/test/sam
Author: skel Date: 2005-08-18 20:36:13 + (Thu, 18 Aug 2005) New Revision: 9395 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9395 Log: fixed infinite loop in cac_SamEnumGroups() if there are no groups in the sam adduser can be used to delete a user that already exists Modified: branches/SOC/SAMBA_3_0/source/Makefile.in branches/SOC/SAMBA_3_0/source/include/libmsrpc.h branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c branches/SOC/SAMBA_3_0/source/libmsrpc/test/Makefile branches/SOC/SAMBA_3_0/source/libmsrpc/test/sam/adduser.c branches/SOC/SAMBA_3_0/source/libmsrpc/test/sam/samgroup.c Changeset: Modified: branches/SOC/SAMBA_3_0/source/Makefile.in === --- branches/SOC/SAMBA_3_0/source/Makefile.in 2005-08-18 16:41:27 UTC (rev 9394) +++ branches/SOC/SAMBA_3_0/source/Makefile.in 2005-08-18 20:36:13 UTC (rev 9395) @@ -137,7 +137,7 @@ EVERYTHING_PROGS = bin/[EMAIL PROTECTED]@ bin/[EMAIL PROTECTED]@ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ -SHLIBS = @SHLIB_PROGS@ @LIBSMBCLIENT@ +SHLIBS = @SHLIB_PROGS@ @LIBSMBCLIENT@ cac SCRIPTS = $(srcdir)/script/smbtar $(builddir)/script/findsmb Modified: branches/SOC/SAMBA_3_0/source/include/libmsrpc.h === --- branches/SOC/SAMBA_3_0/source/include/libmsrpc.h2005-08-18 16:41:27 UTC (rev 9394) +++ branches/SOC/SAMBA_3_0/source/include/libmsrpc.h2005-08-18 20:36:13 UTC (rev 9395) @@ -1429,6 +1429,8 @@ /**Array storing the descriptions of all the groups returned*/ char **descriptions; + + BOOL done; } out; }; Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c === --- branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c 2005-08-18 16:41:27 UTC (rev 9394) +++ branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c 2005-08-18 20:36:13 UTC (rev 9395) @@ -788,6 +788,7 @@ srv-cli.pipe_idx = PI_SAMR; + printf(addgroupmember: adding rid 0x%x\n, op-in.rid); hnd-status = cli_samr_add_groupmem( (srv-cli), mem_ctx, op-in.group_hnd, op-in.rid); if(!NT_STATUS_IS_OK(hnd-status)) @@ -869,6 +870,7 @@ /*try to delete the users one by one*/ for(i = 0; i num_mem NT_STATUS_IS_OK(hnd-status); i++) { + printf(cleargroupmembers: removing user 0x%x\n, rid[i]); hnd-status = cli_samr_del_groupmem((srv-cli), mem_ctx, group_hnd, rid[i]); } @@ -922,6 +924,7 @@ for(i = 0; i op-in.num_members NT_STATUS_IS_OK(hnd-status); i++) { + printf(setgroupmembers: adding 0x%x\n, op-in.rids[i]); hnd-status = cli_samr_add_groupmem( (srv-cli), mem_ctx, op-in.group_hnd, op-in.rids[i]); } @@ -958,10 +961,8 @@ return CAC_FAILURE; } -/* cli_samr_enum_dom_users returns NT_STATUS_OK and sets resume_idx to 0 if all users have been enumerated, making it tricky to use in a loop - * If all users have been enumerated and the developer has not modified op between calls, then the following will be true*/ - /*FIXME: is there a better solution?*/ - if(op-out.resume_idx == 0 op-out.num_groups != 0 op-out.rids != NULL op-out.names != NULL) + /*using this BOOL is the only reliable way to know that we are done*/ + if(op-out.done == True) /*we return failure so the call will break out of a loop*/ return CAC_FAILURE; srv = cac_GetServer(hnd); @@ -978,10 +979,14 @@ acct_buf, num_groups_out); - /*if there are no more entries, the operation will return NT_STATUS_OK. -* We want to return failure if no results were returned*/ - if(!NT_STATUS_IS_OK(hnd-status) NT_STATUS_V(hnd-status) != NT_STATUS_V(STATUS_MORE_ENTRIES)) + if(NT_STATUS_IS_OK(hnd-status)) { + op-out.done = True; + } + else if(NT_STATUS_V(hnd-status) != NT_STATUS_V(STATUS_MORE_ENTRIES)) { + /*if there are no more entries, the operation will return NT_STATUS_OK. + * We want to return failure if no results were returned*/ return CAC_FAILURE; + } names_out = talloc_array(mem_ctx, char *, num_groups_out); if(!names_out) { Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/test/Makefile === --- branches/SOC/SAMBA_3_0/source/libmsrpc/test/Makefile2005-08-18 16:41:27 UTC (rev 9394) +++ branches/SOC/SAMBA_3_0/source/libmsrpc/test/Makefile2005-08-18 20:36:13 UTC (rev 9395) @@ -79,5 +79,8 @@ samgroup: sam/samgroup.o test_util.o $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $ test_util.o $(LIBS) +samalias: sam/samalias.o test_util.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $ test_util.o $(LIBS) + clean: rm -f $(TESTS) *.o lsa/*.o reg/*.o sam/*.o Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/test/sam/adduser.c
svn commit: samba r9396 - in branches/SAMBA_4_0/source/utils: .
Author: abartlet Date: 2005-08-18 22:36:12 + (Thu, 18 Aug 2005) New Revision: 9396 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9396 Log: ntlm_auth updates, including again support for the NTLMSSP client mode, and specification of the workstation. Andrew Bartlett Modified: branches/SAMBA_4_0/source/utils/ntlm_auth.c Changeset: Modified: branches/SAMBA_4_0/source/utils/ntlm_auth.c === --- branches/SAMBA_4_0/source/utils/ntlm_auth.c 2005-08-18 20:36:13 UTC (rev 9395) +++ branches/SAMBA_4_0/source/utils/ntlm_auth.c 2005-08-18 22:36:12 UTC (rev 9396) @@ -349,7 +349,9 @@ cli_credentials_set_conf(creds); if (opt_username) { cli_credentials_set_username(creds, opt_username, CRED_SPECIFIED); - } + } else { + cli_credentials_set_username(creds, , CRED_GUESSED); + } if (opt_domain) { cli_credentials_set_domain(creds, opt_domain, CRED_SPECIFIED); } @@ -360,6 +362,9 @@ creds-password_cb = get_password; creds-priv_data = (void*)mux_id; } + if (opt_workstation) { + cli_credentials_set_workstation(creds, opt_workstation, CRED_SPECIFIED); + } gensec_set_credentials(*gensec_state, creds); @@ -498,7 +503,7 @@ } } else if ((*gensec_state)-gensec_role == GENSEC_CLIENT) { reply_code = AF; - reply_arg = NULL; + reply_arg = out_base64; } else { abort(); } @@ -862,6 +867,7 @@ { password, 0, POPT_ARG_STRING, opt_password, OPT_PASSWORD, User's plaintext password}, { multiplex, 0, POPT_ARG_NONE, opt_multiplex, OPT_MULTIPLEX, Multiplex Mode}, POPT_COMMON_SAMBA + POPT_COMMON_VERSION POPT_TABLEEND };
Build status as of Fri Aug 19 00:00:01 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-08-18 00:00:09.0 + +++ /home/build/master/cache/broken_results.txt 2005-08-19 00:00:10.0 + @@ -1,17 +1,17 @@ -Build status as of Thu Aug 18 00:00:02 2005 +Build status as of Fri Aug 19 00:00:01 2005 Build counts: Tree Total Broken Panic -ccache 8 3 0 -distcc 9 4 0 -lorikeet-heimdal 35 22 0 -ppp 22 2 0 -rsync34 2 0 +ccache 9 3 0 +distcc 10 4 0 +lorikeet-heimdal 35 23 0 +ppp 21 2 0 +rsync36 2 0 samba0 0 0 samba-docs 0 0 0 -samba4 40 14 0 -samba_3_036 3 0 -smb-build30 5 0 -talloc 12 5 0 -tdb 8 4 0 +samba4 41 14 0 +samba_3_037 3 0 +smb-build29 5 0 +talloc 14 5 0 +tdb 9 5 0