Re: [Samba] what's the best filesystem
On 10/6/05, Eric A. Hall [EMAIL PROTECTED] wrote: On 10/4/2005 7:17 PM, mourik jan c heupink wrote: I like xfs, specially with quota. (and using acl's here as well) with xfs you never have to run the check_quota (or whatever the command is...) This makes a rebooting after a crash *much* faster. that was one of the things I liked about, and replaying the journal was nice too. one of the problems I had a couple of years back was that it wasn't bootable (had to boot a mini-kernel off a fat partition, then load the xfs modules). they've fixed that buy now I assume. That might depend on yr distro. I've used XFS root partitions on Ubuntu 5.04, SLES9 and OpenSUSE without any problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SOLUTION} problem accessing home directory
My problem was related to the %S in the valid users parameter for the [homes] share. Remove the %S and it worked. Jason Jason Smith wrote: Hello, I'm trying to setup a domain member server. I've followed the directions from http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id2536544 but I'm having a problem accessing the user home directories. I have been able to setup a another share and read and write from it. Any help is greatly appreciated. Is it possible the space in the username is causing problems (I didn't setup the domain)? Thanks, Jason Here's what I'm getting in my log. [2005/10/05 15:29:07, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [jason smith] - [jason smith] - [FIRSTCELL\jason smith] succeeded [2005/10/05 15:29:07, 2] smbd/service.c:make_connection_snum(321) user 'FIRSTCELL\jason smith' (from session setup) not permitted to access this share (jason smith) Here's getent output noflsrvtest:/var/log/samba# getent passwd jason smith jason smith:x:15000:15000::/home/FIRSTCELL/jason smith:/bin/bash Here's what happens when I try to use smbclient noflsrvtest:/var/log/samba# smbclient //noflsrvtest/jason smith -Ujason smith added interface ip=172.31.x.x bcast=172.31.x.x nmask=255.255.255.0 Password: Domain=[FIRSTCELL] OS=[Unix] Server=[Samba 3.0.14a-Debian] tree connect failed: NT_STATUS_ACCESS_DENIED Here's what the directory permissions look like. noflsrvtest:/home/FIRSTCELL# ls -al total 0 drwxrwxrwx 3 rootstaff 80 Oct 5 12:58 . drwxrwsr-x 6 rootstaff 128 Oct 4 23:05 .. drwx-- 2 jason smith staff 48 Oct 5 12:58 jason smith Here's some output from testparm. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = FIRSTCELL server string = %h server security = DOMAIN passdb backend = tdbsam, guest pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . unix password sync = Yes log level = 2 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = wins bcast host printcap name = cups disable spoolss = Yes show add printer wizard = No preferred master = No dns proxy = No wins server = 172.30.82.11 ldap ssl = no panic action = /usr/share/samba/panic-action %d idmap uid = 15000-2 idmap gid = 15000-2 template primary group = template shell = /bin/bash winbind use default domain = Yes invalid users = root printer admin = root printing = cups print command = lpq command = %p lprm command = [homes] comment = Home Directories valid users = %S read only = No create mask = 0700 directory mask = 0700 browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: what's the best filesystem
Actually, I am setting up an Ubuntu 5.04 box tomorrow as a Samba server (right after I figure out how to disable the raid controller). Do you suggest xfs? I've been reading this thread and people seem positive on it, but are there negatives as well? Sean James Peach wrote: On 10/6/05, Eric A. Hall [EMAIL PROTECTED] wrote: On 10/4/2005 7:17 PM, mourik jan c heupink wrote: I like xfs, specially with quota. (and using acl's here as well) with xfs you never have to run the check_quota (or whatever the command is...) This makes a rebooting after a crash *much* faster. that was one of the things I liked about, and replaying the journal was nice too. one of the problems I had a couple of years back was that it wasn't bootable (had to boot a mini-kernel off a fat partition, then load the xfs modules). they've fixed that buy now I assume. That might depend on yr distro. I've used XFS root partitions on Ubuntu 5.04, SLES9 and OpenSUSE without any problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trying to add machine accounts on the fly,
On Wed, Oct 05, 2005 at 06:34:17PM -0700, DSanchez wrote: [...] The following error occured attempting to join the domain etnet the user name could not be found [...] Well, I see in your config that you have not setup your server as a local master browser (by defining the local master parameter to Yes. If Isn't a local master browser on the subnet, the hosts probably can't resolve netbios names correctly. I another side... one host on the network maybe had turned the local master browser. Try the net lookup master to discover the IP's of the master browser(s). -- Marcos S. Trazzini -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Retrieve share information
Hi! I wonder if it is possible to retreive info about Win shares in samba. I would like retrieve the physical path of a share. I.e a share named Public is physical located at C:\Data\Public. Is it possible to retrieve this with samba? Thanks Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] password policy
Hello, PDC: Samba 2.2.5 on FreeBSD 4.11 Clients: WindowsXP SP2 (local user profiles) The WindowsXP clients login to the PDC. The users can change their password on local PC and Samba in one step (Ctrl+Alt+Del - Change Password) Now my question: How can I set password policies like min. passwowrd length I tried to do that with gpedit, but it works, if the user login to the local PC, only. Thanks in advance Niels -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] password policy
Hi, pdbedit -P min password length -C value --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 06/10/2005 11:40:33 : Hello, PDC: Samba 2.2.5 on FreeBSD 4.11 Clients: WindowsXP SP2 (local user profiles) The WindowsXP clients login to the PDC. The users can change their password on local PC and Samba in one step (Ctrl+Alt+Del - Change Password) Now my question: How can I set password policies like min. passwowrd length I tried to do that with gpedit, but it works, if the user login to the local PC, only. Thanks in advance Niels -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] password policy
Hi Stéphane, pdbedit -P min password length -C value thanks for your reply. Ok, I will upgrade Samba to Version 3 and try pdbedit. 8-)) Thank you very much Niels -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Strange error.
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Jerry Others, What does this error in my logs mean: [2005/10/06 08:50:47, 0] smbd/service.c:make_connection(798) ~ james (192.168.100.158) couldn't find service ::{2227a280-3aea-1069-a2de-08002b30309d} It could be that I don't have any shared printers setup; but, the error doesn't suggest anything intuitive. Thanks, James - -- - -- James Kosin International Communications Group, Inc. 230 Pickett's Line Newport News, VA 23603-1366 - - United States of America - Phone: 1(757)947-1030 ext. 122 Fax : 1(757)947-1035 - -- GPG Fingerprint: 28E9 6487 34B2 18DD 6468 F091 8CD9 2038 DEB0 0590 GPG Key ID: 0xDEB00590 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDRR6/jNkgON6wBZARA5dkAKCYeFworqI96Jafxl6yEgi1a1fEAQCfTucE RIIg4Ve8ghwQFh7qDl3Kj3I= =2X36 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: what's the best filesystem
I gotta put my vote in for ext3. While it is slower than the other fs's: - It's robust. I've researched this it seems you can bash ext3/2 pretty hard still recover data. I saw too many stories of lost data on the other fs's for my liking. - It's fully supported. ACL, xattr, quota, LVM snapshots, shrink, grow, mount unjournaled, etc. xfs is a port from IRIX, jfs seems to have only a partial feature set, reiserfs seems to be made for one thing - a sh*tload of small files. - It's widely supported. It's the standard fs for Linux. As with just about anything, fast hardware, plenty of RAM proper tuning will get the most out of your system. Why not setup various tests for yourself - we've used iometer ( www.iometer.org ) recently. My little hodge-podge of hardware made out fairly well against the enterprise systems here. Just my 2 cents serving ~ 2TB of ext3 on LVM on sw raid over NFS Samba. Disclaimer: I could be very wrong about the current status of things outside my little world. - toby bluhm philips medical systems, cleveland ohio [EMAIL PROTECTED] 440-483-5323 Sean W [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/06/2005 03:26 AM To samba@lists.samba.org cc Subject [Samba] Re: what's the best filesystem Classification Actually, I am setting up an Ubuntu 5.04 box tomorrow as a Samba server (right after I figure out how to disable the raid controller). Do you suggest xfs? I've been reading this thread and people seem positive on it, but are there negatives as well? Sean James Peach wrote: On 10/6/05, Eric A. Hall [EMAIL PROTECTED] wrote: On 10/4/2005 7:17 PM, mourik jan c heupink wrote: I like xfs, specially with quota. (and using acl's here as well) with xfs you never have to run the check_quota (or whatever the command is...) This makes a rebooting after a crash *much* faster. that was one of the things I liked about, and replaying the journal was nice too. one of the problems I had a couple of years back was that it wasn't bootable (had to boot a mini-kernel off a fat partition, then load the xfs modules). they've fixed that buy now I assume. That might depend on yr distro. I've used XFS root partitions on Ubuntu 5.04, SLES9 and OpenSUSE without any problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: what's the best filesystem
On Thursday 06 October 2005 09:10 am, Tobias Bluhm wrote: I gotta put my vote in for ext3. While it is slower than the other fs's: - It's robust. I've researched this it seems you can bash ext3/2 pretty hard still recover data. I saw too many stories of lost data on the other fs's for my liking. - It's fully supported. ACL, xattr, quota, LVM snapshots, shrink, grow, mount unjournaled, etc. xfs is a port from IRIX, jfs seems to have only a partial feature set, reiserfs seems to be made for one thing - a sh*tload of small files. - It's widely supported. It's the standard fs for Linux. As with just about anything, fast hardware, plenty of RAM proper tuning will get the most out of your system. Why not setup various tests for yourself - we've used iometer ( www.iometer.org ) recently. My little hodge-podge of hardware made out fairly well against the enterprise systems here. Just my 2 cents serving ~ 2TB of ext3 on LVM on sw raid over NFS Samba. Disclaimer: I could be very wrong about the current status of things outside my little world. I don't know. ext2/3 has been around for a long time and I'm sure it's very reliable and I use ext2 for /boot. However, I have used reiserfs for /, /home and /var for a very long time, 2+years and not had any problems with it. I have used it with the 2.4 and 2.6 kernels without issue of any kind. One machine an old IBM PC Server 330 with built in hardware raid has a 6 disk raid (0,5?, hee been so long now I'd have to look) setup for samba and not had any issues with it. The machine has lost power in several ways and it gets all sorts of stuff installed and removed, copied and deleted. In all reiserfs have been very good for me. As with all things YMMV. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: what's the best filesystem
EXT3 is a good filesystem, but I wouldn't say it's the standard for Linux. That largely depends on what distribution you use. For example, SuSE's standard is ReiserFS 3.6. Reiser is great for lots of small files, but yes EXT3 is better in general. Reiser4 is very high performance though, if speed is your ultimate concern. However, Reiser4 is not presently supported in the standard Linux kernel, is very bleeding edge, and there is some degree of political fallout regarding its take on plugins. That being said, I've had good luck with it personally, but don't yell at me if a bug in it causes data loss! Regards, Ryan On Thu, 2005-10-06 at 09:10 -0400, Tobias Bluhm wrote: I gotta put my vote in for ext3. While it is slower than the other fs's: - It's robust. I've researched this it seems you can bash ext3/2 pretty hard still recover data. I saw too many stories of lost data on the other fs's for my liking. - It's fully supported. ACL, xattr, quota, LVM snapshots, shrink, grow, mount unjournaled, etc. xfs is a port from IRIX, jfs seems to have only a partial feature set, reiserfs seems to be made for one thing - a sh*tload of small files. - It's widely supported. It's the standard fs for Linux. As with just about anything, fast hardware, plenty of RAM proper tuning will get the most out of your system. Why not setup various tests for yourself - we've used iometer ( www.iometer.org ) recently. My little hodge-podge of hardware made out fairly well against the enterprise systems here. Just my 2 cents serving ~ 2TB of ext3 on LVM on sw raid over NFS Samba. Disclaimer: I could be very wrong about the current status of things outside my little world. - toby bluhm philips medical systems, cleveland ohio [EMAIL PROTECTED] 440-483-5323 Sean W [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/06/2005 03:26 AM To samba@lists.samba.org cc Subject [Samba] Re: what's the best filesystem Classification Actually, I am setting up an Ubuntu 5.04 box tomorrow as a Samba server (right after I figure out how to disable the raid controller). Do you suggest xfs? I've been reading this thread and people seem positive on it, but are there negatives as well? Sean James Peach wrote: On 10/6/05, Eric A. Hall [EMAIL PROTECTED] wrote: On 10/4/2005 7:17 PM, mourik jan c heupink wrote: I like xfs, specially with quota. (and using acl's here as well) with xfs you never have to run the check_quota (or whatever the command is...) This makes a rebooting after a crash *much* faster. that was one of the things I liked about, and replaying the journal was nice too. one of the problems I had a couple of years back was that it wasn't bootable (had to boot a mini-kernel off a fat partition, then load the xfs modules). they've fixed that buy now I assume. That might depend on yr distro. I've used XFS root partitions on Ubuntu 5.04, SLES9 and OpenSUSE without any problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind have repeat wbinfo -u before user can authentication
Nattapon, My thanks for putting this in the list. I have been running head long into this problem for months now, and this was the fix. You have my gratitude. Sean nattapon viroonsri wrote: After mailling list search someone told that samba 3.0.14 already fixed this problem Or in my version can fix with client schannel = no client use spnego = no server signing = auto after i put this in global section everything work fine Nattapon, Regards _ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] authentication problem with WinXP clients
Hello, we have problem with user authentication when accessing shared folders at standalone Samba server (security=share) from Windows XP. There is no problem accessing public folders (guest ok=yes and guest only=yes). But when trying to access non-public folders (guest ok=no with valid users definition), username / password dialog appears, but username is always servername/Guest and is greyed out, so it can not be changed. Windows 2000 client is OK - user can enter whatever username in username field. I know the difference between share and user security modes, which might cause the unchangeable username. But it works in Win2000 ... and based on their specs none of them suits IMHO our objective: - to have public folders and folders with limited access on one server - don't annoy users with authentication when they want to access public folders at all. (username/password authentication should proceed only when clicking on non-public folder). Is this possible ? Like allow clients to send username in share mode or don't require login to server in user mode first ? Or any other way ? Thanks. Charon Just in case ... Samba version 3.0.20 and smb.conf: -- [global] server string = XX netbios name = X workgroup = XX domain master = yes local master = yes preferred master = yes os level = 127 wins support = yes interfaces = eth0 lo bind interfaces only = yes hosts allow = 192.168.1. 127. security = share encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd guest account = share load printers = yes printing = lprng printcap name = /etc/printcap max print jobs = 200 lpq cache time = 20 printer admin = user syslog only = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no kernel oplocks = no [printers] comment = All printers path = /var/spool/print/samba guest ok = yes writeable = no browsable = no printable = yes print command = /usr/bin/lpr [EMAIL PROTECTED] -r -P%p %s lpq command = /usr/bin/lpq [EMAIL PROTECTED] -P%p lprm command = /usr/bin/lprm [EMAIL PROTECTED] -P%p %j lppause command = /usr/bin/lpc [EMAIL PROTECTED] hold %p %j lpresume command = /usr/bin/lpc [EMAIL PROTECTED] release %p %j queuepause command = /usr/bin/lpc [EMAIL PROTECTED] stop %p queueresume command = /usr/bin/lpc [EMAIL PROTECTED] start %p # # Default folders # # internet presentation [Internet] path = /var/share/internet guest ok = no writable = yes printable = no valid users = +admins create mode = 0664 directory mode = 0775 vfs objects = netatalk # intranet presentation [Intranet] path = /var/share/intranet guest ok = no writable = yes printable = no valid users = +share create mode = 0664 directory mode = 0775 vfs objects = netatalk # users shared data [Z] path = /var/share/public guest ok = yes guest only = yes writable = yes printable = no vfs objects = netatalk -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: what's the best filesystem
While I don't know all distros, I don't know of any that doesn't support ext2/3. I can't say that about xfs, jfs, reiserfs. That's what I meant by standard. SuSE's default or preferred fs maybe reiser, but I would be surprised to find out they took out ext2/3 support. - toby bluhm philips medical systems, cleveland ohio [EMAIL PROTECTED] 440-483-5323 Ryan Kather [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/06/2005 09:28 AM To samba@lists.samba.org cc Subject Re: [Samba] Re: what's the best filesystem Classification EXT3 is a good filesystem, but I wouldn't say it's the standard for Linux. That largely depends on what distribution you use. For example, SuSE's standard is ReiserFS 3.6. Reiser is great for lots of small files, but yes EXT3 is better in general. Reiser4 is very high performance though, if speed is your ultimate concern. However, Reiser4 is not presently supported in the standard Linux kernel, is very bleeding edge, and there is some degree of political fallout regarding its take on plugins. That being said, I've had good luck with it personally, but don't yell at me if a bug in it causes data loss! Regards, Ryan On Thu, 2005-10-06 at 09:10 -0400, Tobias Bluhm wrote: I gotta put my vote in for ext3. While it is slower than the other fs's: - It's robust. I've researched this it seems you can bash ext3/2 pretty hard still recover data. I saw too many stories of lost data on the other fs's for my liking. - It's fully supported. ACL, xattr, quota, LVM snapshots, shrink, grow, mount unjournaled, etc. xfs is a port from IRIX, jfs seems to have only a partial feature set, reiserfs seems to be made for one thing - a sh*tload of small files. - It's widely supported. It's the standard fs for Linux. As with just about anything, fast hardware, plenty of RAM proper tuning will get the most out of your system. Why not setup various tests for yourself - we've used iometer ( www.iometer.org ) recently. My little hodge-podge of hardware made out fairly well against the enterprise systems here. Just my 2 cents serving ~ 2TB of ext3 on LVM on sw raid over NFS Samba. Disclaimer: I could be very wrong about the current status of things outside my little world. - toby bluhm philips medical systems, cleveland ohio [EMAIL PROTECTED] 440-483-5323 Sean W [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/06/2005 03:26 AM To samba@lists.samba.org cc Subject [Samba] Re: what's the best filesystem Classification Actually, I am setting up an Ubuntu 5.04 box tomorrow as a Samba server (right after I figure out how to disable the raid controller). Do you suggest xfs? I've been reading this thread and people seem positive on it, but are there negatives as well? Sean James Peach wrote: On 10/6/05, Eric A. Hall [EMAIL PROTECTED] wrote: On 10/4/2005 7:17 PM, mourik jan c heupink wrote: I like xfs, specially with quota. (and using acl's here as well) with xfs you never have to run the check_quota (or whatever the command is...) This makes a rebooting after a crash *much* faster. that was one of the things I liked about, and replaying the journal was nice too. one of the problems I had a couple of years back was that it wasn't bootable (had to boot a mini-kernel off a fat partition, then load the xfs modules). they've fixed that buy now I assume. That might depend on yr distro. I've used XFS root partitions on Ubuntu 5.04, SLES9 and OpenSUSE without any problems. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP PDC question
recent versions of nss honor more than just one nss_base_passwd entry greez Michael George wrote: Question is, will it check both DNs or does it just use the last one entered? On Wed, October 5, 2005 3:06 pm, Derek Harkness said: The cool thing is, I didn't either I simply forgot to comment one out. But hey I'll certainly make use of it. Derek On Oct 4, 2005, at 9:46 AM, Marcel de Riedmatten wrote: Le mar 04/10/2005 à 14:57, Derek Harkness a écrit : Thanks! I was doing some testing this morning and found that on the pdc I was setup nss like this nss_base_passwd ou=People nss_base_passwd ou=machines,ou=Samba I just didn't know that you could have many nss_base_passwd entries ;-). -- Marcel de Riedmatten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -Michael George Ideal Solution, LLC -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution (IT) Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] what's the best filesystem
Duncan Robertson wrote: snip dir_index for ext3 some comments here: http://info.ccone.at/INFO/Mail-Archives/redhat/Jul-2005/msg00225.html http://www.surfnetters.nl/paul/fs/ seem to indicate variable results with this feature enabled, does anyone have much experience with it in production Samba environments? Interesting links. dir_index is the default under RHEL 4. We've been using it for about two months now, and it works well enough, but I haven't done this kind of performance comparison to see how it compares to no dir_index or to ReiserFS. also how well can it be enabled on pre-existing ext3 partitions? The tune2fs manpage says that you can do tune2fs -O dir_index /dev/hda1 then e2fsck -D /dev/hda1 I've not tried this. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA/PDC + LDAP HELP please?
On October 5, 2005 06:28 pm, Ryan Taylor wrote: Error 49 from the slapd docs is an invalid credentials error. So you're problem will be in the libnss config file /etc/ldap.conf not in /etc/ldap/ldap.conf. Check to make sure that both binddn and rootdn are defined in the file and make sure that you have the proper rootdn password in /etc/ldap.secret ie. binddn cn=nss,ou=Admins,dc=x bindpw ldap rootbinddn cn=root,dc=x You can also run ethereal to see what is getting sent down the wire as long as you turn ssl/tls off. It's pretty handy for figuring out stuff like this out. Ryan More information... below is my log after running getent group | grep Domain thank you -ryan Oct 5 19:25:04 beefylinux slapd[3320]: conn=0 fd=11 ACCEPT from IP= 127.0.0.1:32894 http://127.0.0.1:32894 (IP=0.0.0.0:389http://0.0.0.0:389 ) Oct 5 19:25:04 beefylinux slapd[3320]: conn=0 op=0 BIND dn=cn=Manager,ou=DSA,dc=beefylinux,dc=com method=128 Oct 5 19:25:04 beefylinux slapd[3320]: conn=0 op=0 RESULT tag=97 err=49 text= Oct 5 19:25:04 beefylinux slapd[3320]: conn=0 op=1 UNBIND Oct 5 19:25:04 beefylinux slapd[3320]: conn=0 fd=11 closed Oct 5 19:26:38 beefylinux slapd[3320]: conn=1 fd=11 ACCEPT from IP= 127.0.0.1:32895 http://127.0.0.1:32895 (IP=0.0.0.0:389http://0.0.0.0:389 ) Oct 5 19:26:38 beefylinux slapd[3320]: conn=1 op=0 BIND dn=cn=Manager,ou=DSA,dc=beefylinux,dc=com method=128 Oct 5 19:26:38 beefylinux slapd[3320]: conn=1 op=0 RESULT tag=97 err=49 text= Oct 5 19:26:38 beefylinux slapd[3320]: conn=1 op=1 UNBIND Oct 5 19:26:38 beefylinux slapd[3320]: conn=1 fd=11 closed -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba support for local profiles
Hi, I tried searching the list and could not find a straight answer. Does samba support local profiles? How does one enable/setup local profiles? What version of samba has best support for local profiles? We are having trouble with a novell-samba migration and would like to use local profiles if possible. It would take alot of work off our hands to migrate the profiles correctly. Any suggestions are appreciated, Milan Andric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Reliability of samba
So far, I haven't seen problems with smbclient as much as with smbmount There have been problems with windows machines not responding, due to business. Possibly some network issues, but I think that these are normal. Inability to read files which are already open is a problem, but I can't blame smbclient here. Andrew Bartlett [EMAIL PROTECTED] writes: On Mon, 2005-10-03 at 15:38 -0700, Kevin Dalley wrote: Most of my use is actually with smbclient, but I realize that smbclient uses much of the code from smbfs, which makes the errors I see of some concern to me. I use smbclient for performing amanda backups. If I can't trust smbclient, then I can't trust the backups. The code that smbclient and smbfs 'share' is the connection setup logic. Otherwise, they are separate codebases with distinct properties. You should not make assumptions from one to the other. Do you have reliability problems in smbclient to report? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -- Kevin Dalley [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Tree connect failed: ERRDOS - ERRnomem
sorry for the long lag in reply...my grandmother passed so I've been down in TN for her services. [EMAIL PROTECTED] wrote: You don't see a slowdown or even jobs failing (oom-killer) when you receive the samba out of memory messages? novery strange I tried deleting browse.dat but this didn't make a difference. I don't have wins.dat, gencache.tdb, or connections.tdb. Should I? Actually yes, maybe these files are not built until a first connection has been established to a new server. Run updatedb and locate them afterwards. okay I found them [global] panic action = /usr/share/samba/panic-action %d netbios name = alfalfa workgroup = OAKWOOD server string = Fileserver guest account = nobody Try a smbclient -L alfalfa -U nobody and see if that works from the shell. nobody should be able to browse. this works. I can also [EMAIL PROTECTED]:/$ smbclient -L buckwheat Password: Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Sharename Type Comment - --- IPC$ IPC Remote IPC SharedDocs Disk share Disk ADMIN$ Disk Remote Admin C$ Disk Default share Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Server Comment - --- Workgroup Master - --- but when I try [EMAIL PROTECTED]:/$ smbclient //buckwheat/share Password: Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] tree connect failed: NT_STATUS_INSUFF_SERVER_RESOURCES After I found browse.dat, wins.dat, connections.tdb, and gencache.tdb... [EMAIL PROTECTED]:/var/run/samba$ sudo invoke-rc.d samba stop Stoping Samba daemons: nmbd smbd. [EMAIL PROTECTED]:/var/run/samba$ sudo rm -f connections.tdb gencache.tdb/var/lib/samba/wins.dat /var/cache/samba/browse.dat [EMAIL PROTECTED]:/var/run/samba$ sudo invoke-rc.d samba start Starting Samba daemons: nmbd smbd. and now I can't even connect to or list the shares on any of my clients [EMAIL PROTECTED]:/var/run/samba$ smbclient -L buckwheat Connection to buckwheat failed [EMAIL PROTECTED]:/var/run/samba$ smbclient //buckwheat/share Connection to buckwheat failed [EMAIL PROTECTED]:/var/run/samba$ smbclient //darla/share Connection to darla failed But I can still list shares on the server. I can also access all shares from windows clients except those on Buckwheat(the aflicted client) log file = /var/log/samba/log.%m max log size = 5000 security = user domain logons = yes You are certain your domain trust stands? If it does, you should be able to smbclient //winclient/c$ -U root and give the root password, and connect to the admin share of your clients. Or, if you login to the windows client with root credentials, you should also have local admin rights on the winbox or at least permission to change domain membership. I should have tried that before I deleted those files, because smbclient is no longer working (see above) logon home = logon path = logon script = %U.bat encrypt passwords = true passdb backend = smbpasswd guest Rather omit the guest here. invalid users = bin adm sync shutdown halt mail news uucp operator socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.111.0/24 http://192.168.111.0/24 local master = yes os level = 255 Don't use such high levels. You may get adverse effects. Usually 64 is far enough. Okay fixed conf... domain master = yes preferred master = yes wins support = yes dns proxy = no name resolve order = wins lmhosts hosts unix password sync = false passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] comment = Network Logon Service path = /home/samba/netlogon By all means, make sure the netlogon path is accessible/readable for the clients. You have to consider the filesystem permissions. It is Actually I am uncertain where your problem lies, but it's something netbios-name-resolution related. You should use nbtstat -a nebiosname on windows-clients, and nmblookup -a netbiosname -S on the linux. You may substitute -A ip-of-host if names don't work. Make sure your dns setup or your /etc/hosts does not point to the same IPs using different names. Often some setup with different dns/netbios names makes nothing but a big mess in the end. Good Luck again, and come back with your solution (hopefully). nbstat and nmblookup look okay [EMAIL PROTECTED]:~$ nmblookup -a darla -S querying darla on 192.168.111.255 http://192.168.111.255 192.168.111.3 http://192.168.111.3 darla00 Looking up status of 192.168.111.3 http://192.168.111.3 DARLA 00 - M ACTIVE DARLA 20 - M ACTIVE OAKWOOD 00 - GROUP M ACTIVE OAKWOOD 1e - GROUP M ACTIVE MAC Address = 00-11-95-03-FE-54 [EMAIL PROTECTED]:~$ smbclient -L darla Connection to darla failed [EMAIL PROTECTED]:~$ nmblookup -a
[Samba] smbprint'ing problem
Hey Folks, I've spent several days weeding through list archives and FAQs. I've been given the task to debug a samba printing issue and have really no idea where to start. The version is 3.0.15a and the config in question is exactly the same as the previous version we used. I believe that was 2.8.x (not sure though) I guess the problem is that no matter what I've tried the end result is that lpr (which then grabs smbprint) gets NT_STATUS_ACCESS_DENIED when I try to print to the windows printer. I can list shares etc on windows using smbclient but smbprint always fails. Any advice, tips, or trouble shooting ideas greatly appreciated. Here is a -d 9 output from my last attempt. --p INFO: Current debug levels: all: True/9 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] doing parameter workgroup = MYGROUP doing parameter server string = Samba Server doing parameter security = user doing parameter load printers = yes doing parameter printcap name = /etc/printcap doing parameter printcap name = lpstat doing parameter log file = /usr/local/samba/var/log.%m doing parameter max log size = 50 doing parameter passdb backend = tdbsam doing parameter socket options = TCP_NODELAY doing parameter dns proxy = no pm_process() returned Yes lp_servicenumber: couldn't find homes added interface ip=192.168.0.254 bcast=192.168.0.255 nmask=255.255.255.0 Netbios name list:- my_netbios_names[0]=RX30 Client started (version 3.0.11). Connecting to 192.168.0.100 at port 445 socket option SO_KEEPALIVE = 0 socket option SO_REUSEADDR = 0 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 1 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 session request ok write_socket(3,183) write_socket(3,183) wrote 183 size=178 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=12676 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]=8 (0x8) smb_vwv[ 1]= 2563 (0xA03) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=0 (0x0) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 227 (0xE3) smb_vwv[11]=28800 (0x7080) smb_vwv[12]=60899 (0xEDE3) smb_vwv[13]=43954 (0xABB2) smb_vwv[14]=50634 (0xC5CA) smb_vwv[15]=61441 (0xF001) smb_vwv[16]=0 (0x0) smb_bcc=109 size=178 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=12676 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]=8 (0x8) smb_vwv[ 1]= 2563 (0xA03) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=0 (0x0) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 227 (0xE3) smb_vwv[11]=28800 (0x7080) smb_vwv[12]=60899 (0xEDE3) smb_vwv[13]=43954 (0xABB2) smb_vwv[14]=50634 (0xC5CA) smb_vwv[15]=61441 (0xF001) smb_vwv[16]=0 (0x0) smb_bcc=109 Serverzone is 14400 Doing spnego session setup (blob length=109) got OID=1 2 840 48018 1 2 2 got OID=1 2 840 113554 1 2 2 got OID=1 2 840 113554 1 2 2 3 got OID=1 3 6 1 4 1 311 2 2 10 got [EMAIL PROTECTED] write_socket(3,162) write_socket(3,162) wrote 162 size=354 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=12676 smb_uid=2048 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 354 (0x162) smb_vwv[ 2]=0 (0x0) smb_vwv[ 3]= 237 (0xED) smb_bcc=311 size=354 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=12676 smb_uid=2048 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 354 (0x162) smb_vwv[ 2]=0 (0x0) smb_vwv[ 3]= 237 (0xED) smb_bcc=311 Got challenge flags: Got NTLMSSP neg_flags=0x62890215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP challenge set by NTLM2 challenge is: [000] FA 5F 21 AD F5 A7 40 D1 [EMAIL PROTECTED] NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET
[Samba] Samba Cups Windows 98 Raw Printing - need help
Hello - I am trying to use Samba and Cups to serve a file share and a raw printer to a Windows 98 client. I am using Gentoo Linux, kernel 2.6.12, Samba 3.0.14a, and Cups 1.1.23. I can access the data share from the Samba server, but the printer share does not show up when I try to use it, even if I specifically type in the name of the share (\\data_dog\win98_photosmart) it still doesn't work. I had this working with this laptop and a practice file server I had, the hard drive died in that machine, so I've set up my new file server and I can't get this to work. Before I had either of the file servers I had installed the printer directly on this laptop. When I set up the practice file server I was able to make it work by changing the port the printer used from it's own usb to the printer share, \\data_dog\win98_photosmart (to change the printer port in Win 98 you go to the detail tab of the printer properties dialog box). I have been trying every different samba and cups option I could google for the last week. Please look over my smb.conf and cupsd.conf and tell me where I'm going wrong. data_dog ~ # cat /etc/samba/smb.conf [global] netbios name = data_dog workgroup = sheckellfield server string = samba %v on %L security = user encrypt passwords = yes wins support = yes local master = yes os level = 128 log level = 3 log file = /var/log/samba.log max log size = 50 hosts allow = 192.168.0. read only = no printing = cups printcap = cups load printers = yes [data] path = /srv/samba/data_share comment = %S on %L volume = data_share create mask = 0660 directory mask = 0770 force create mode = 0660 force directory mode = 0770 [win98_photosmart] comment = HP Photosmart 7150 printer = win98_photosmart path = /var/spool/samba/win98_photosmart browseable = yes guest ok = yes writable = no printable = yes printer admin = root, @wheel use client driver = yes Here are the parts of my cupsd.conf file that are not comments: DocumentRoot /usr/share/cups/docs LogLevel info User lp Group lp Port 631 SystemGroup lp Location / Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 192.168.0.0/24 /Location Location /admin AuthType Basic AuthClass System Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 192.168.0.0/24 /Location The only thing I've added to the file are the two Allow From 192.168.0.0/24 lines. Everything else is Gentoo default. I think that cups is working properly, at least as far as controlling the printer. Here is my /etc/cups/printers.conf: data_dog cups # cat printers.conf # Printer configuration file for CUPS v1.1.23 # Written by cupsd on Wed Oct 5 12:28:11 2005 DefaultPrinter win98_photosmart Info HP Photosmart 7150 Location Above meerkat DeviceURI usb://hp/photosmart%207150?serial=MY3445509G2F State Idle Accepting Yes JobSheets none none QuotaPeriod 0 PageLimit 0 KLimit 0 /Printer I set up the printer with the cups web interface. If I click on Print Test Page the printer prints a couple of lines that look like this: %!PS-Adobe-3.0 %%BoundingBox: 0 0 612 792 ... and then starts spitting out blank pages. The tail of the file /var/log/cups/error_log looks like this after a test page print: data_dog cups # tail error_log I [05/Oct/2005:12:28:27 -0700] Started /usr/lib/cups/cgi-bin/printers.cgi (pid=8808) I [05/Oct/2005:12:28:28 -0700] Adding start banner page none to job 1. I [05/Oct/2005:12:28:28 -0700] Adding end banner page none to job 1. I [05/Oct/2005:12:28:28 -0700] Job 1 queued on 'win98_photosmart' by 'root'. I [05/Oct/2005:12:28:28 -0700] Started backend /usr/lib/cups/backend/usb (PID 8809) for job 1. I [05/Oct/2005:12:28:32 -0700] Started /usr/lib/cups/cgi-bin/printers.cgi (pid=8810) I [05/Oct/2005:12:30:39 -0700] Started /usr/lib/cups/cgi-bin/printers.cgi (pid=8823) I [05/Oct/2005:12:30:49 -0700] Started /usr/lib/cups/cgi-bin/jobs.cgi (pid=8824) I [05/Oct/2005:12:30:51 -0700] Started /usr/lib/cups/cgi-bin/jobs.cgi (pid=8825) I [05/Oct/2005:12:30:59 -0700] Started /usr/lib/cups/cgi-bin/printers.cgi (pid=8826) The last five lines are generated by me clicking on other buttons in the web interface before typing in the tail command. This shows that cups can communicate with the printer, but it is trying to send a postscript file to a raw print queue, so I'm getting garbage output. I think this means the problem is at the cups/samba interface or just that samba is not serving the print share properly. I checked to see if cups support was compiled into Samba with ldd `which smbd` and it showed up properly. If anyone has any idea where I'm going wrong, please tell me, also, if more info about my system is needed, please post. Thanks, ds -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Cups Windows 98 Raw Printing - need help
On Thu, 2005-10-06 at 13:03 -0700, Dave Sheckells wrote: Hello - I am trying to use Samba and Cups to serve a file share and a raw printer to a Windows 98 client. I am using Gentoo Linux, kernel 2.6.12, Samba 3.0.14a, and Cups 1.1.23. I can access the data share from the Samba server, but the printer share does not show up when I try to use it, even if I specifically type in the name of the share (\\data_dog\win98_photosmart) it still doesn't work. I had this working with this laptop and a practice file server I had, the hard drive died in that machine, so I've set up my new file server and I can't get this to work. Before I had either of the file servers I had installed the printer directly on this laptop. When I set up the practice file server I was able to make it work by changing the port the printer used from it's own usb to the printer share, \\data_dog\win98_photosmart (to change the printer port in Win 98 you go to the detail tab of the printer properties dialog box). I have been trying every different samba and cups option I could google for the last week. Please look over my smb.conf and cupsd.conf and tell me where I'm going wrong. data_dog ~ # cat /etc/samba/smb.conf [global] netbios name = data_dog workgroup = sheckellfield server string = samba %v on %L security = user encrypt passwords = yes wins support = yes local master = yes os level = 128 log level = 3 log file = /var/log/samba.log max log size = 50 hosts allow = 192.168.0. read only = no printing = cups printcap = cups load printers = yes [data] path = /srv/samba/data_share comment = %S on %L volume = data_share create mask = 0660 directory mask = 0770 force create mode = 0660 force directory mode = 0770 [win98_photosmart] comment = HP Photosmart 7150 printer = win98_photosmart path = /var/spool/samba/win98_photosmart browseable = yes guest ok = yes writable = no printable = yes printer admin = root, @wheel use client driver = yes maybe it's just me but I've had problems using the underscore in machine names and have resorted to only letters/numbers/hyphens Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Cups Windows 98 Raw Printing - need help
I have used both with and without '_' and I am still unable to get Samba CUPS printing to work... in either direction (linux - W2K). I can even get smbclient printing to work. Joe Craig White wrote: On Thu, 2005-10-06 at 13:03 -0700, Dave Sheckells wrote: Hello - I am trying to use Samba and Cups to serve a file share and a raw printer to a Windows 98 client. I am using Gentoo Linux, kernel 2.6.12, Samba 3.0.14a, and Cups 1.1.23. I can access the data share from the Samba server, but the printer share does not show up when I try to use it, even if I specifically type in the name of the share (\\data_dog\win98_photosmart) it still doesn't work. I had this working with this laptop and a practice file server I had, the hard drive died in that machine, so I've set up my new file server and I can't get this to work. Before I had either of the file servers I had installed the printer directly on this laptop. When I set up the practice file server I was able to make it work by changing the port the printer used from it's own usb to the printer share, \\data_dog\win98_photosmart (to change the printer port in Win 98 you go to the detail tab of the printer properties dialog box). I have been trying every different samba and cups option I could google for the last week. Please look over my smb.conf and cupsd.conf and tell me where I'm going wrong. data_dog ~ # cat /etc/samba/smb.conf [global] netbios name = data_dog workgroup = sheckellfield server string = samba %v on %L security = user encrypt passwords = yes wins support = yes local master = yes os level = 128 log level = 3 log file = /var/log/samba.log max log size = 50 hosts allow = 192.168.0. read only = no printing = cups printcap = cups load printers = yes [data] path = /srv/samba/data_share comment = %S on %L volume = data_share create mask = 0660 directory mask = 0770 force create mode = 0660 force directory mode = 0770 [win98_photosmart] comment = HP Photosmart 7150 printer = win98_photosmart path = /var/spool/samba/win98_photosmart browseable = yes guest ok = yes writable = no printable = yes printer admin = root, @wheel use client driver = yes maybe it's just me but I've had problems using the underscore in machine names and have resorted to only letters/numbers/hyphens Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can not change password via winbind
OS: Redhat Enterprise Linux V.4 update1 samba-client-3.0.10-1.4E samba-common-3.0.10-1.4E system-config-samba-1.2.21-1 samba-common-3.0.10-1.4E samba-3.0.10-1.4E ### nsswitch.conf ### passwd: file winbind group: file winbind shadow: file winbind /etc/pam.d/system-auth ## authrequired /lib/security/$ISA/pam_env.so authsufficient/lib/security/$ISA/pam_unix.so likeauth nullok authsufficient/lib/security/$ISA/pam_winbind.so use_first_pass authrequired /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficient/lib/security/$ISA/pam_succeed_if.so uid 100 quiet account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_permit.so passwordrequisite /lib/security/$ISA/pam_cracklib.so retry=3 passwordsufficient/lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow passwordsufficient/lib/security/$ISA/pam_winbind.so use_authtok passwordrequired /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so ## I can join window2003 as member server and everything work fine except when i try change password for user that i got from active directory via winbind , output show as below [EMAIL PROTECTED] ~]# passwd user1 Changing password for user user1. Changing password for user1 (current) NT password: New UNIX password: Retype new UNIX password: passwd: System error #/var/log/messages Oct 7 03:00:37 localhost pam_winbind[25244]: user 'user1' granted access Oct 7 03:00:45 localhost pam_winbind[25244]: request failed: NT_STATUS_PASSWORD_RESTRICTION, PAM error was 4, NT error was NT_STATUS_PASSWORD_RESTRICTION Oct 7 03:00:45 localhost pam_winbind[25244]: internal module error (retval = 4, user = `user1' I try to let my users to change to their own password So have anyway to change password on Active Directory in linux box command line ? Regards, Nattapon _ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Cups Windows 98 Raw Printing - need help
On Thu, 2005-10-06 at 13:19 -0700, Joe Cipale wrote: I have used both with and without '_' and I am still unable to get Samba CUPS printing to work... in either direction (linux - W2K). I can even get smbclient printing to work. --- make sure the host machine can print first Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] what's the best filesystem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi @ll, last time i tested xfs on suse 9 i cant get acl to work...this maybe fixed in suse 10 from the pure paper xfs reads itself as the best solution, but whatever ext3 has the biggest compatility. I agree for problems on big file server with reiser. In case of heavy failures on reiser, its nearly impossible to fix it. Regards Christopher Smith schrieb: | I vote for XFS, it is much faster than EXT3 with lower processor load when | you get up over 100gigs of storage. I've had some stability issues with | software RAID5 though. | | | | | | -Original Message- | From: [EMAIL PROTECTED] | [mailto:[EMAIL PROTECTED] On Behalf | Of Deryck Hodge | Sent: Tuesday, October 04, 2005 1:12 PM | To: Eric A. Hall | Cc: samba@lists.samba.org | Subject: Re: [Samba] what's the best filesystem | | Eric A. Hall wrote: | |I'm using Reiser now but its slow and doesn't work good XP attributes. |I've also used XFS (a couple of years ago) and liked it but had some |troubles with cross-platform Unix and the extended ACLs. | | | | As a wise man once said to me -- Reiser eats files. I had to learn the hard | way. Don't make the same mistake I did. :-) | | Cheers, | deryck | -- | Deryck Hodgehttp://www.devurandom.org/ | Samba Team http://www.samba.org/ | This is the 21st century ... Magic isn't dead. --Marillion (2001) - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - -- Mit freundlichen Gruessen Best Regards Robert Schetterer robert_at_schetterer.org Munich / Bavaria / Germany https://www.schetterer.org \** \* gnupgp \* public key: \* https://www.schetterer.org/public.key \** -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDRYnOb0iqzJq+0MgRAgtwAJ409rOtQiFbYXycC2A2moiVGDJzAACeKxt2 9vgmPtXzqL2FtqWas6ninRw= =1u15 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba and mysql
hello everybody , before sorry bad english . my consults is , the configuration samba with passdb backend mysql , is necessary, create user unix system ? is necessary, adduser user ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind problem - 3.0.20a and NT4 domain
All - We are using 3.0.20a on SLES 9 and are trying to configure a member server for our NT4 domain. The wbinfo commands (-u and -g) show correct information. The getent commands (passwd and group) work fine also. If Samba is running without winbind, I can see the shares in the config file (net view \\) from a PC. With winbind running I get an error message about the computer name being in an invalid format. Below is a portion of the log.winbind during the net view \\xxx: [2005/10/06 17:08:41, 3] smbd/oplock.c:init_oplocks(1380) open_oplock_ipc: opening loopback UDP socket. [2005/10/06 17:08:41, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(309) Linux kernel oplocks enabled [2005/10/06 17:08:41, 3] smbd/oplock.c:init_oplocks(1411) open_oplock ipc: pid = 30366, global_oplock_port = 32788 [2005/10/06 17:08:41, 3] smbd/process.c:process_smb(1114) Transaction 0 of length 137 [2005/10/06 17:08:41, 3] smbd/process.c:switch_message(900) switch message SMBnegprot (pid 30366) conn 0x0 [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [PC NETWORK PROGRAM 1.0] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [LANMAN1.0] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [Windows for Workgroups 3.1a] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [LM1.2X002] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [LANMAN2.1] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(466) Requested protocol [NT LM 0.12] [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_nt1(337) using SPNEGO [2005/10/06 17:08:41, 3] smbd/negprot.c:reply_negprot(559) Selected protocol NT LM 0.12 [2005/10/06 17:08:41, 3] smbd/process.c:process_smb(1114) Transaction 1 of length 240 [2005/10/06 17:08:41, 3] smbd/process.c:switch_message(900) switch message SMBsesssetupX (pid 30366) conn 0x0 [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(751) wct=12 flg2=0xc807 [2005/10/06 17:08:41, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(588) Doing spnego session setup [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(619) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_spnego_negotiate(480) Got OID 1 3 6 1 4 1 311 2 2 10 [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_spnego_negotiate(483) Got secblob of size 40 [2005/10/06 17:08:41, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) Got NTLMSSP neg_flags=0xe2088297 [2005/10/06 17:08:41, 3] smbd/process.c:process_smb(1114) Transaction 2 of length 356 [2005/10/06 17:08:41, 3] smbd/process.c:switch_message(900) switch message SMBsesssetupX (pid 30366) conn 0x0 [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(751) wct=12 flg2=0xc807 [2005/10/06 17:08:41, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(588) Doing spnego session setup [2005/10/06 17:08:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(619) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2005/10/06 17:08:41, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606) Got user=[bdehn] domain=[OREILLY] workstation=[IS101180] len1=24 len2=24 [2005/10/06 17:08:41, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/10/06 17:08:41, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/10/06 17:08:41, 3] smbd/uid.c:push_conn_ctx(388) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/10/06 17:08:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/10/06 17:08:41, 2] auth/auth.c:check_ntlm_password(317) check_ntlm_password: Authentication for user [bdehn] - [bdehn] FAILED with error NT_STATUS_INVALID_COMPUTER_NAME [2005/10/06 17:08:41, 3] smbd/process.c:process_smb(1114) Transaction 3 of length 240 [2005/10/06 17:08:41, 3]
[Samba] error , mysql and samba
hello everybody , before sorry bad english . my consults is , the configuration samba with passdb backend mysql , is necessary, create user unix system ? is necessary, adduser user ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, OpenLDAP, numeric logins and vampire
Hi All, I have a query regarding the interaction between Samba, LDAP and vampire. The situation is as follows. I have five NT4 servers serving 1000 users 700 of which have 4-digit numeric logins. I have a Samba PDC that I'd like to transfer all the accounts and data to, Vampire being the obvious method. I can't transfer the logins to POSIX accounts due to the numeric uid/gid system used by Linux so I elected to use OpenLDAP. I am now at the stage where I have an LDAP server running and have created all of the NT domain groups in the LDAP directory. I have successfully created numeric id accounts in LDAP and an attempt to Vampire the accounts from the old NT4 PDC to the Samba PDC resulted in all the users appearing in directory_administrator but no Samba logins working as the XP clients reported that the accounts didn't exist on the server. Running pdbedit -Lw showed only about 5 accounts so I'm guessing there's a problem somewhere along the lines. My question is therefore, is Vampire going to work in a situation where POSIX accounts can't be created as part of the migration process and if not, can I migrate the client accounts and SIDS from the old PDC to the new one in order to save having to log all of the clients onto the new PDC again. Cheers, Jools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] idmap problem / Where is the shared module documentation?
I've spent a couple of hours trying to figure out why the Samba 3.0.20aidmap facility doesn't appear to be working when it works just fine with my current config file and 3.0.14a. I'm getting Username DOMAIN\MACHINE$ is invalid on this system errors in the logs - which I believe I used to get with 3.0.14a until I enabled idmap. Is this something to do with the --with-shared-modules config option? I can't find documentation anywhere on what this option does, other than someone mentioning that idmap_rid needs to be explicitly specified here. Where are the docs? Can anyone tell me why I'm getting the above error? Please CC me as I'm not subscribed to the list. Thanks, Joshua Weage -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] slow down with WS 2003
Debian Sarge as fileserver. W2003 as an application server on an HP desktop, only providing services to 3 other machines. A DOS application, whcih of course is not g'teed by MS to run on Terminal Server, but has seemed OK. Now it produces extreme slowdowns, I think unpredictably. It seemed to start suddenly last week, raising the question of an MS update that has altered behaviour... I've turned off oplocks on the Windows box, which hasn't altered it. THey were always off in the Samba conf.. I'd be grateful for any ideas on where to look, or what to tweak, before I give up on the idea. -- Adrian Midgley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Problem
Hallo my name is Hannes Grüner. I have some problem with the samba server and don't know is it possible to help me. I'm use the Samba Version 3.0.14a and authenticate this over Kerberos to a windows 2003 domain. This works fine because I have some Problems with the folder permissions: I'm using an server with is connected with USB 2.0 to an external storage. If change the owner permissions to a domain user it works fine but when I change the group permissions to a domain group it doesn't work. When I make this on the local disk everything works. Is there some Problems witch authentication over USB 2.0? If you can help me Thanks Very much Hannes Grüner -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain Authentication oddities
Hello List, I am running Samba 3.0.10-1.4E on RHEL 4.0. I was able to join this server to the domain using the 'net ads join' command and it created a machine account in AD with the name of the server. My issue is that I can authenticate using domain credentials when I access the server from a Windows computer using //SMBSERVERNAME/SHARE, however when I access the server using //SMBSERVERIPADDRESS/SHARE I can not authenticate with domain credentials, I must use an account local to the SMB Server. (SMBSERVERNAME/username) Please help me with this issue, I have checked a fair amount of the archive and google to no avail. I have included snippets of log files, config files, and some results from commands below: THANKS FOR THE HELP!!! Smb.conf: [global] realm = metrolist.dmz security = ADS workgroup = MTRODMZ netbios name = FS03 server string = Samba %v on %m encrypt passwords = Yes username map = /etc/samba/smbusers password server = DMZDC02.METROLIST.DMZ log level = 1 log file = /var/log/samba/%m.log max log size = 1000 socket options = IPTOS_LOWDELAY TCP_NODELAY os level = 1 preferred master = False local master = No template primary group = Domain Users template shell = /bin/bash winbind separator = + domain master = False dns proxy = No guest ok = Yes hosts allow = 192.168. 127.0.0.1 printing = lprng idmap uid = 1-2 idmap gid = 1-2 nsswitch.conf: passwd: files winbindd shadow: files winbindd group: files winbindd hosts: files dns wins smbd.log: [2005/10/03 15:53:41, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/03 15:53:55, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:50:36, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:50:39, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:50:47, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:50:52, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:50:55, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:56:10, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 08:56:16, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 09:01:45, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/04 09:06:13, 1] smbd/server.c:open_sockets_smbd(348) Reloading services after SIGHUP [2005/10/04 09:06:13, 1] printing/printing.c:start_background_queue(1257) Reloading services after SIGHUP winbindd.log: [2005/10/06 10:37:06, 0] libsmb/cliconnect.c:cli_session_setup_spnego(764) Kinit failed: Preauthentication failed [2005/10/06 10:37:15, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password host/[EMAIL PROTECTED] failed: Preauthentication failed [2005/10/06 10:37:15, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain MTRODMZ failed: Preauthentication failed [2005/10/06 10:39:44, 0] libsmb/cliconnect.c:cli_session_setup_spnego(764) Kinit failed: Preauthentication failed 0.0.0.0.log [2005/10/06 09:58:40, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/06 09:58:44, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/06 09:58:48, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/06 10:36:56, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/06 10:36:58, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer Nmbd.log [2005/10/05 04:02:02, 0] nmbd/nmbd.c:process(542) Got SIGHUP dumping debug info. [2005/10/05 04:02:02, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) dump_workgroups() dump workgroup on subnet 192.168.250.78: netmask= 255.255.255.0: MTRODMZ(1) current master browser = DMZDC02 FS03 40009b03 (FS03) DMZDC02 4204102b () WEBS10 40849003 () WEBS09 40849003 ()
[Samba] slow down with WS 2003
Debian Sarge as fileserver. W2003 as an application server on an HP desktop, only providing services to 3 other machines. A DOS application, whcih of course is not g'teed by MS to run on Terminal Server, but has seemed OK. Now it produces extreme slowdowns, I think unpredictably. It seemed to start suddenly last week, raising the question of an MS update that has altered behaviour... I've turned off oplocks on the Windows box, which hasn't altered it. THey were always off in the Samba conf.. I'd be grateful for any ideas on where to look, or what to tweak, before I give up on the idea. -- Dr Adrian Midgleyfrom Homefield Surgery 01392 214151 using Thunderbird -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Patch: FC4 spec file
The patch below modifies the spec file for FC4 RPM builds as follows: 1.) Build binaries using the -lmcheck option; various samba commands and smbd process crash badly without; see, for example: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164353 2.) The Fedora project's samba RPMS install mount.cifs; it would help to have samba.org's RPMS do the same. It would be nice to see these patched incorporated into the next version. Thanks, Murthy Patch again 3.0.20 spec file follows: --- samba.spec 2005-09-27 01:15:16.223751176 -0400 +++ samba.spec.3.0.20-2_new 2005-09-27 01:15:49.973620416 -0400 @@ -4,7 +4,7 @@ Summary: The Samba SMB server. Name: samba Version: 3.0.20 -Release: 2 +Release: 2_new License: GNU GPL Version 2 Group: System Environment/Daemons URL: http://www.samba.org/ @@ -105,7 +105,7 @@ ./autogen.sh fi -CFLAGS=$RPM_OPT_FLAGS ./configure \ +CFLAGS=$RPM_OPT_FLAGS LIBS=-lmcheck ./configure \ --prefix=%{_prefix} \ --localstatedir=/var \ --sysconfdir=/etc \ @@ -127,6 +127,7 @@ make proto make %{?_smp_mflags} all modules nsswitch/libnss_wins.so debug2html +( cd client ; gcc -lmcheck -o mount.cifs $RPM_OPT_FLAGS -Wall -O -D_GNU_SOURCE -D_LARGEFILE64_SOURCE mount.cifs.c ) %install rm -rf $RPM_BUILD_ROOT @@ -153,6 +154,7 @@ install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/samba install -m644 %{SOURCE1} $RPM_BUILD_ROOT/etc/logrotate.d/samba install -m755 source/script/mksmbpasswd.sh $RPM_BUILD_ROOT%{_bindir} +install -m755 source/client/mount.cifs $RPM_BUILD_ROOT/sbin/mount.cifs install -m755 %{SOURCE5} $RPM_BUILD_ROOT%{initdir}/smb install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{initdir}/winbind @@ -204,7 +206,6 @@ rm -f $RPM_BUILD_ROOT%{_mandir}/man1/smbsh.1* rm -f $RPM_BUILD_ROOT%{_mandir}/man1/smbget.1* rm -f $RPM_BUILD_ROOT%{_mandir}/man5/smbgetrc.5* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/mount.cifs.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/umount.cifs.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man1/testprns.1* @@ -311,6 +312,7 @@ %defattr(-,root,root) /sbin/mount.smb /sbin/mount.smbfs +/sbin/mount.cifs %{_libdir}/samba/lowcase.dat %{_libdir}/samba/upcase.dat %{_libdir}/samba/valid.dat @@ -324,6 +326,7 @@ %{_mandir}/man8/tdbdump.8* %{_mandir}/man8/smbmnt.8* %{_mandir}/man8/smbmount.8* +%{_mandir}/man8/mount.cifs.8* %{_mandir}/man8/smbumount.8* %{_mandir}/man8/smbspool.8* %{_bindir}/nmblookup __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: SAMBA/PDC + LDAP HELP please?
Ok, I figured it out!! Thank you for the help and for others the change was in /etc/ldap.conf and I had: rootbinddn = cn=root,ou=???,dc=beefylinux,dc=com i removed the ou=group after root and changed rootbinddn to just binddn and that did it.. Everything works great except for the profiles which the windows machine doesn't seem to know about %L variable. I imagine this is because I am on Samba 3.0.10 not 3.0.20a so maybe its a new variable... Anyway, just wanted to say Thank you to everyone for the help. The microsoft rep. assigned to out company is not going to be happy next week when time to renew!! ha, i love it. --Ryan Taylor [EMAIL PROTECTED] Micro Consultants -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba support for local profiles
Milo a écrit : Hi, I tried searching the list and could not find a straight answer. Does samba support local profiles? How does one enable/setup local profiles? What version of samba has best support for local profiles? We are having trouble with a novell-samba migration and would like to use local profiles if possible. It would take alot of work off our hands to migrate the profiles correctly. Any suggestions are appreciated, Milan Andric Greeting Milan Andric, Yes Samba support local profile. For using local profile with Samba 3, be sure to not have set /SambaProfilePath /and /sambaHomePath/ in /global/ section/. /To not have trouble with Windows professional client 2000/XP (I don't have try local profile with 9x clients), open /MMC /and add the snap-in /Group Policy/. Browse in /Local Computer Policy/ / /Computer Configuration/ / Administrative Template / /System // /Login and change //Only allow local user profiles/ value. For Windows 2000, you need SP3 and more install. And run /secedit /refreshpolicy machine_policy (W2K) or //gpupdate (XP)./ Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] backup LDAP
does winbind have the capability to have a backup idmap backend via ldap? ie: idmap_backend = ldap://primary idmap_backend = ldap://secondary I know this syntax is not allowed but I'm wondering if anybody sees this as a usable feature. I apologize ahead of time if this is not the catalyst of a relevant discussion. Thanks all -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] inherit owner parameter
Greeting all, First, I'm using Samba 3.0.20-r1 with OpenLDAP 2.2.28 I trying to use the new parameter inherit owner and samba don't seems to reconize it. I compile Samba with acl flags. Anybody have the solution? It's to solve a ACL(EA) problem, because if a user modify a file, the old owner will be add in the entry of the ACL. The limit is 28 entries usables. Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] nt migration concerns
hi! we have completed testing samba pdc on a small network using fc3. we have been succesful so far. we now intend to totally replace our nt4 pdc with samba pdc. the following will be the main components of the network: 1. 300++ win98/2000/xx clients 2. win2003 db servers 3. terminal services with 100 clients before we shutdown the network and do the switch may i ask your inputs about the following: 1. what are the catches or gotcha's that i have to anticipate? 2. what approach should i take before i take the leap? 3. do i need ldap for samba pdc? 4. it simpliest terms what does ldap do? 5. just in case can i make our current nt4.0 become bdc? 6. having samba pdc, is it possible to authenticate from nt 4. bdc? 7. any other tips? thank you! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] nt migration concerns
Joey S. Eisma wrote: hi! we have completed testing samba pdc on a small network using fc3. we have been succesful so far. we now intend to totally replace our nt4 pdc with samba pdc. the following will be the main components of the network: 1. 300++ win98/2000/xx clients 2. win2003 db servers 3. terminal services with 100 clients before we shutdown the network and do the switch may i ask your inputs about the following: 1. what are the catches or gotcha's that i have to anticipate? 2. what approach should i take before i take the leap? 3. do i need ldap for samba pdc? 4. it simpliest terms what does ldap do? 5. just in case can i make our current nt4.0 become bdc? 6. having samba pdc, is it possible to authenticate from nt 4. bdc? 7. any other tips? thank you! 2. make sure you have a working PDC and BDC. Make sure you understand exactly what is going on. Make sure you have your policies in place! 3. recommended, especially with the number of clients you have. 4. It allows your user information to be stored in a common, replicatable, format. It is not limited to NT authentication but can also handle Unix and Internet clients. From what I've read, it is preferred if you have more than a few clients. 5. Yes. Your PDC can be demoted. 6. Yes. If you read the Samba 3 documentation, Samba 3 can fully participate in an NT domain. 7. Go through the two Samba 3 books at www.samba.org and read them. Since you don't appear to have implemented LDAP yet, test that out first before going live. Also, you can set up the system so that your Samba server comes in as a BDC before being promoted. You may want to let it serve in that role for a while until you're comfortable with it, then promote it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] hp officejet 9130 and samba
we're using an hp officejet 9130 (all in one printer/scanner), wich has the possibility to store scans on a network share (smb). path, username and password are checked on a workstation and are ok. the printer has full access to the network. unfortunally samba denies access: snip filename=log.smbd [2005/10/06 14:46:22, 0] smbd/negprot.c:reply_negprot(557) No protocol supported ! /snip in smb.conf we'd defined the max protocol as LANMAN2 on the printer we've tested following options: LM/NTLM NTLM NTLM2 allways the same message. samba version: 3.0.11 can somebody help / has somebody experiences? thx in adv kurt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba errors: (87) The parameter is incorrect. (1326) Logon failure: unknown user name or bad password.
I get these repeated errors from my windows server but cannot understand why. I am running samba on fedora 4 boxes and my servers run on windows 2000. Whenever someone attempts to manually access a shared volume on a linux box and use the right credentials we never experience the 1326 error. I included the samba config file below and more details of both errors from event viewer. Does anyone have a clue why both errors occur like dozens of times daily? We are using samba 3.0.14 and the error appears more frequently with more load. Error messages on the Windows servers: (87) The parameter is incorrect. or (1326) Logon failure: unknown user name or bad password. smb.conf file: #=== Global Settings = [global] workgroup = WORKGROUP server string = Server log level = 0 log file = /var/log/samba/log.%m max log size = 50 security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no dns proxy = no syslog only = yes # Share Definitions == [sharea$] path = /a writeable = no write list = @group create mask = 775 [shareb$] path = /b writeable = no write list = @group create mask = 775 [sharec$] path = /c writeable = no write list= @group create mask = 775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r10757 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: tridge Date: 2005-10-06 06:01:56 + (Thu, 06 Oct 2005) New Revision: 10757 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10757 Log: remove the proxy module (it is not complete yet) Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c 2005-10-06 05:53:46 UTC (rev 10756) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c 2005-10-06 06:01:56 UTC (rev 10757) @@ -133,7 +133,6 @@ { objectguid, objectguid_module_init }, { samldb, samldb_module_init }, { samba3sam, ldb_samba3sam_module_init }, - { proxy, proxy_module_init }, #endif { NULL, NULL } };
Re: svn commit: samba r10741 - in trunk/source: include services
+ { courier-imap, NULL, NIS Directory Service, NULL }, Hi Jerry, shouldn't this be something like IMAP4 Mail-Service? metze
svn commit: samba r10758 - in branches/tmp/samba4-winsrepl: . source/dsdb/samdb/ldb_modules source/lib/ldb/common source/lib/ldb/include source/lib/ldb/ldb_ildap source/lib/ldb/ldb_ldap source/lib/ldb
Author: metze Date: 2005-10-06 06:11:29 + (Thu, 06 Oct 2005) New Revision: 10758 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10758 Log: [EMAIL PROTECTED] (orig r10732): jelmer | 2005-10-05 16:52:35 +0200 Generate _ctr structures for unions [EMAIL PROTECTED] (orig r10734): jelmer | 2005-10-05 19:13:29 +0200 Generate ptr, size, offset, and length elements in unions just once. [EMAIL PROTECTED] (orig r10737): jelmer | 2005-10-05 21:41:53 +0200 Fix some alignment issues [EMAIL PROTECTED] (orig r10739): jelmer | 2005-10-05 21:53:41 +0200 Reduce number of calls to prs_align_custom() [EMAIL PROTECTED] (orig r10742): jelmer | 2005-10-06 00:18:59 +0200 Support multi-level pointers + ref pointer fixes [EMAIL PROTECTED] (orig r10752): tridge | 2005-10-06 06:45:33 +0200 make sure we set the exist status correctly for the tdb tests [EMAIL PROTECTED] (orig r10753): tridge | 2005-10-06 07:24:46 +0200 don't require every ldb module to implement both a search_bytree() and a search() function, instead each module now only implements the bytree method, and the expression based search is handled generically by the modules code. This makes for more consistency and less code duplication. fixed the tdb backend to handle BASE searches much more efficiently. They now always only lookup one record, regardless of the search expression [EMAIL PROTECTED] (orig r10754): tridge | 2005-10-06 07:25:35 +0200 fixed a valgrind error for unmatched SMB replies [EMAIL PROTECTED] (orig r10755): tridge | 2005-10-06 07:41:32 +0200 fixed the construction of expressions from subtrees for SUBSTRING searches [EMAIL PROTECTED] (orig r10756): tridge | 2005-10-06 07:53:46 +0200 another fix for the construction of expressions from subtrees for SUBSTRING searches. This time fix multi-part substring searches. [EMAIL PROTECTED] (orig r10757): tridge | 2005-10-06 08:01:56 +0200 remove the proxy module (it is not complete yet) Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/dsdb/samdb/ldb_modules/objectguid.c branches/tmp/samba4-winsrepl/source/dsdb/samdb/ldb_modules/samldb.c branches/tmp/samba4-winsrepl/source/lib/ldb/common/ldb.c branches/tmp/samba4-winsrepl/source/lib/ldb/common/ldb_modules.c branches/tmp/samba4-winsrepl/source/lib/ldb/common/ldb_parse.c branches/tmp/samba4-winsrepl/source/lib/ldb/include/ldb_private.h branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_ildap/ldb_ildap.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_ldap/ldb_ldap.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_index.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_search.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_tdb.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_tdb.h branches/tmp/samba4-winsrepl/source/lib/ldb/modules/ldb_map.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/rdn_name.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/schema.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/skel.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/timestamps.c branches/tmp/samba4-winsrepl/source/libcli/raw/clitransport.c branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/NDR.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Client.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Header.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Types.pm branches/tmp/samba4-winsrepl/source/script/tests/test_ldap.sh Changeset: Sorry, the patch is too large (1505 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10758
svn commit: samba r10759 - in branches/SAMBA_4_0/source: dsdb/samdb/ldb_modules lib/ldb/common lib/ldb/modules
Author: tridge Date: 2005-10-06 06:57:09 + (Thu, 06 Oct 2005) New Revision: 10759 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10759 Log: make modules easier to write by allowing modules to only implement the functions they care about, instead of all functions. This also makes it more likely that future changes to ldb will not break existing modules Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map.c branches/SAMBA_4_0/source/lib/ldb/modules/rdn_name.c branches/SAMBA_4_0/source/lib/ldb/modules/schema.c branches/SAMBA_4_0/source/lib/ldb/modules/timestamps.c Changeset: Sorry, the patch is too large (658 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10759
svn commit: samba r10760 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba: .
Author: metze Date: 2005-10-06 07:04:36 + (Thu, 06 Oct 2005) New Revision: 10760 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10760 Log: remove only one star from the pointers, and not from the stars that come from the array nesting this fixes a compiler warning and but in the eventlog.h, where the idl uses nstring strings[num_strings] metze Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/Header.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/Header.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/Header.pm 2005-10-06 06:57:09 UTC (rev 10759) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/Header.pm 2005-10-06 07:04:36 UTC (rev 10760) @@ -60,13 +60,15 @@ HeaderType($element, $element-{TYPE}, ); pidl ; my $numstar = $element-{POINTERS}; + if ($numstar = 1) { + $numstar-- if Parse::Pidl::Typelist::scalar_is_reference($element-{TYPE}); + } foreach (@{$element-{ARRAY_LEN}}) { next if is_constant($_) and not has_property($element, charset); $numstar++; } - $numstar-- if Parse::Pidl::Typelist::scalar_is_reference($element-{TYPE}); pidl * foreach (1..$numstar); pidl $element-{NAME}; foreach (@{$element-{ARRAY_LEN}}) {
svn commit: samba r10761 - in branches/SAMBA_4_0/source: libcli/nbt libcli/wrepl pidl/lib/Parse/Pidl
Author: metze Date: 2005-10-06 07:26:05 + (Thu, 06 Oct 2005) New Revision: 10761 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10761 Log: we need to use a pointer to a nbt_name to fix compiler warnings, because we can only use a pointers to unknown types in proto.h metze Modified: branches/SAMBA_4_0/source/libcli/nbt/nbtname.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Typelist.pm Changeset: Modified: branches/SAMBA_4_0/source/libcli/nbt/nbtname.c === --- branches/SAMBA_4_0/source/libcli/nbt/nbtname.c 2005-10-06 07:04:36 UTC (rev 10760) +++ branches/SAMBA_4_0/source/libcli/nbt/nbtname.c 2005-10-06 07:26:05 UTC (rev 10761) @@ -474,8 +474,9 @@ /* pull a nbt name, WINS Replication uses another on wire format for nbt name */ -NTSTATUS ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name *r) +NTSTATUS ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr_flags, const struct nbt_name **_r) { + struct nbt_name *r; uint8_t *namebuf; uint32_t namebuf_len; @@ -491,6 +492,8 @@ NDR_PULL_ALLOC_N(ndr, namebuf, namebuf_len); NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len)); + NDR_PULL_ALLOC(ndr, r); + /* oh wow, what a nasty bug in windows ... */ if (namebuf[0] == 0x1b namebuf_len = 16) { namebuf[0] = namebuf[15]; @@ -500,12 +503,13 @@ if (namebuf_len 17) { r-type = 0x00; - r-name = talloc_strndup(ndr-current_mem_ctx, (char *)namebuf, namebuf_len); + r-name = talloc_strndup(r, (char *)namebuf, namebuf_len); if (!r-name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, out of memory); r-scope= NULL; talloc_free(namebuf); + *_r = r; return NT_STATUS_OK; } @@ -513,49 +517,52 @@ namebuf[15] = '\0'; trim_string((char *)namebuf, NULL, ); - r-name = talloc_strdup(ndr-current_mem_ctx, (char *)namebuf); + r-name = talloc_strdup(r, (char *)namebuf); if (!r-name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, out of memory); if (namebuf_len 18) { - r-scope = talloc_strndup(ndr-current_mem_ctx, (char *)(namebuf+17), namebuf_len-17); + r-scope = talloc_strndup(r, (char *)(namebuf+17), namebuf_len-17); if (!r-scope) return ndr_pull_error(ndr, NDR_ERR_ALLOC, out of memory); } else { r-scope = NULL; } talloc_free(namebuf); + *_r = r; return NT_STATUS_OK; } /* push a nbt name, WINS Replication uses another on wire format for nbt name */ -NTSTATUS ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name r) +NTSTATUS ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r) { uint8_t *namebuf; uint32_t namebuf_len; uint32_t name_len; uint32_t scope_len = 0; + if (r == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; + if (!(ndr_flags NDR_SCALARS)) { return NT_STATUS_OK; } - name_len = strlen(r.name); + name_len = strlen(r-name); if (name_len 15) { return NT_STATUS_INVALID_PARAMETER_MIX; } - if (r.scope) { - scope_len = strlen(r.scope); + if (r-scope) { + scope_len = strlen(r-scope); } if (scope_len 238) { return NT_STATUS_INVALID_PARAMETER_MIX; } namebuf = (uint8_t *)talloc_asprintf(ndr, %-15s%c%s, -r.name, 'X', -(r.scope?r.scope:)); +r-name, 'X', +(r-scope?r-scope:)); if (!namebuf) return ndr_push_error(ndr, NDR_ERR_ALLOC, out of memory); namebuf_len = strlen((char *)namebuf) + 1; @@ -564,10 +571,10 @@ * we need to set the type here, and use a place-holder in the talloc_asprintf() * as the type can be 0x00, and then the namebuf_len = strlen(namebuf); would give wrong results */ - namebuf[15] = r.type; + namebuf[15] = r-type; /* oh wow, what a nasty bug in windows ... */ - if (r.type == 0x1b) { + if (r-type == 0x1b) { namebuf[15] = namebuf[0]; namebuf[0] = 0x1b; } @@ -580,9 +587,9 @@ return NT_STATUS_OK; } -void ndr_print_wrepl_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name r) +void ndr_print_wrepl_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r) { - char *s = nbt_name_string(ndr, r); + char *s =
svn commit: samba r10762 - in branches/tmp/samba4-winsrepl: . source/dsdb/samdb/ldb_modules source/lib/ldb/common source/lib/ldb/modules source/libcli/nbt source/libcli/wrepl source/pidl/lib/Parse/Pid
Author: metze Date: 2005-10-06 07:36:29 + (Thu, 06 Oct 2005) New Revision: 10762 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10762 Log: [EMAIL PROTECTED] (orig r10759): tridge | 2005-10-06 08:57:09 +0200 make modules easier to write by allowing modules to only implement the functions they care about, instead of all functions. This also makes it more likely that future changes to ldb will not break existing modules [EMAIL PROTECTED] (orig r10760): metze | 2005-10-06 09:04:36 +0200 remove only one star from the pointers, and not from the stars that come from the array nesting this fixes a compiler warning and but in the eventlog.h, where the idl uses nstring strings[num_strings] metze [EMAIL PROTECTED] (orig r10761): metze | 2005-10-06 09:26:05 +0200 we need to use a pointer to a nbt_name to fix compiler warnings, because we can only use a pointers to unknown types in proto.h metze Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/dsdb/samdb/ldb_modules/objectguid.c branches/tmp/samba4-winsrepl/source/dsdb/samdb/ldb_modules/samldb.c branches/tmp/samba4-winsrepl/source/lib/ldb/common/ldb.c branches/tmp/samba4-winsrepl/source/lib/ldb/common/ldb_modules.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/ldb_map.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/rdn_name.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/schema.c branches/tmp/samba4-winsrepl/source/lib/ldb/modules/timestamps.c branches/tmp/samba4-winsrepl/source/libcli/nbt/nbtname.c branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.c branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba/Header.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Typelist.pm Changeset: Sorry, the patch is too large (850 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10762
svn commit: samba r10763 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: abartlet Date: 2005-10-06 10:29:28 + (Thu, 06 Oct 2005) New Revision: 10763 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10763 Log: PROOF of the single, easily understood cause of all of our schannel PAIN! This test currently passes against Win2k3 SP0, but not SP1. The problem was not a convoluted series of changes in policy handles, but a simple rule that schannel logins would be regarded as ANONYMOUS not SYSTEM. Andrew Bartlett Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c === --- branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-10-06 07:36:29 UTC (rev 10762) +++ branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-10-06 10:29:28 UTC (rev 10763) @@ -83,6 +83,57 @@ /* + do some lsa ops using the schannel connection + */ +static BOOL test_lsa_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) +{ + struct lsa_GetUserName r; + NTSTATUS status; + BOOL ret = True; + struct lsa_StringPointer authority_name_p; + int i; + + printf(\nTesting GetUserName\n); + + r.in.system_name = \\; + r.in.account_name = NULL; + r.in.authority_name = authority_name_p; + authority_name_p.string = NULL; + + /* do several ops to test credential chaining */ + for (i=0;i5;i++) { + status = dcerpc_lsa_GetUserName(p, mem_ctx, r); + + if (!NT_STATUS_IS_OK(status)) { + printf(GetUserName failed - %s\n, nt_errstr(status)); + return False; + } else { + if (!r.out.account_name) { + return False; + } + + if (strcmp(r.out.account_name-string, SYSTEM) != 0) { + printf(GetUserName returned wrong user: %s, expected %s\n, + r.out.account_name-string, SYSTEM); + return False; + } + if (!r.out.authority_name || !r.out.authority_name-string) { + return False; + } + + if (strcmp(r.out.authority_name-string-string, NT AUTHORITY) != 0) { + printf(GetUserName returned wrong user: %s, expected %s\n, + r.out.authority_name-string-string, NT AUTHORITY); + return False; + } + } + } + + return ret; +} + + +/* try a netlogon SamLogon */ static BOOL test_netlogon_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, @@ -146,12 +197,15 @@ uint16_t acct_flags, uint32_t dcerpc_flags, uint32_t schannel_type) { + BOOL ret = True; + void *join_ctx; NTSTATUS status; const char *binding = lp_parm_string(-1, torture, binding); struct dcerpc_binding *b; struct dcerpc_pipe *p = NULL; struct dcerpc_pipe *p_netlogon = NULL; + struct dcerpc_pipe *p_lsa = NULL; struct creds_CredentialState *creds; struct cli_credentials *credentials; @@ -185,8 +239,8 @@ } if (!test_samr_ops(p, test_ctx)) { - printf(Failed to process schannel secured ops\n); - goto failed; + printf(Failed to process schannel secured SAMR ops\n); + ret = False; } status = dcerpc_schannel_creds(p-conn-security_state.generic_state, test_ctx, creds); @@ -229,13 +283,42 @@ /* do a couple of logins */ if (!test_netlogon_ops(p_netlogon, test_ctx, creds)) { - printf(Failed to process schannel secured ops\n); + printf(Failed to process schannel secured NETLOGON ops\n); + ret = False; + } + + /* Swap the binding details from SAMR to LSARPC */ + status = dcerpc_epm_map_binding(test_ctx, b, DCERPC_LSARPC_UUID, + DCERPC_LSARPC_VERSION, NULL); + if (!NT_STATUS_IS_OK(status)) { goto failed; } + status = dcerpc_secondary_connection(p, p_lsa, +b); + + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + status = dcerpc_bind_auth_password(p_lsa, + DCERPC_LSARPC_UUID, + DCERPC_LSARPC_VERSION, + credentials, DCERPC_AUTH_TYPE_SCHANNEL, + NULL); + + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + if (!test_lsa_ops(p_lsa, test_ctx))
svn commit: samba r10764 - in branches/SAMBA_4_0/source: auth/gensec rpc_server/lsa torture/rpc
Author: abartlet Date: 2005-10-06 11:15:20 + (Thu, 06 Oct 2005) New Revision: 10764 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10764 Log: To match Win2k3 SP1, we need to set an anonymous user token for schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/gensec/schannel.c branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/torture/rpc/schannel.c Changeset: Modified: branches/SAMBA_4_0/source/auth/gensec/schannel.c === --- branches/SAMBA_4_0/source/auth/gensec/schannel.c2005-10-06 10:29:28 UTC (rev 10763) +++ branches/SAMBA_4_0/source/auth/gensec/schannel.c2005-10-06 11:15:20 UTC (rev 10764) @@ -160,23 +160,34 @@ /** - * Return the credentials of a logged on user, including session keys - * etc. + * Returns anonymous credentials for schannel, matching Win2k3. * - * Only valid after a successful authentication - * - * May only be called once per authentication. - * */ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security, - struct auth_session_info **session_info) +struct auth_session_info **_session_info) { - (*session_info) = talloc(gensec_security, struct auth_session_info); - NT_STATUS_HAVE_NO_MEMORY(*session_info); + NTSTATUS nt_status; + struct schannel_state *state = gensec_security-private_data; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info = NULL; + TALLOC_CTX *mem_ctx = talloc_new(state); + + nt_status = auth_anonymous_server_info(mem_ctx, + server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_free(mem_ctx); + return nt_status; + } - ZERO_STRUCTP(*session_info); + /* references the server_info into the session_info */ + nt_status = auth_generate_session_info(state, server_info, session_info); + talloc_free(mem_ctx); + NT_STATUS_NOT_OK_RETURN(nt_status); + + *_session_info = session_info; + return NT_STATUS_OK; } Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2005-10-06 10:29:28 UTC (rev 10763) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2005-10-06 11:15:20 UTC (rev 10764) @@ -2404,7 +2404,7 @@ lsa_GetUserName */ static NTSTATUS lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_GetUserName *r) + struct lsa_GetUserName *r) { NTSTATUS status = NT_STATUS_OK; const char *account_name; Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c === --- branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-10-06 10:29:28 UTC (rev 10763) +++ branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-10-06 11:15:20 UTC (rev 10764) @@ -112,9 +112,9 @@ return False; } - if (strcmp(r.out.account_name-string, SYSTEM) != 0) { + if (strcmp(r.out.account_name-string, ANONYMOUS LOGON) != 0) { printf(GetUserName returned wrong user: %s, expected %s\n, - r.out.account_name-string, SYSTEM); + r.out.account_name-string, ANONYMOUS LOGON); return False; } if (!r.out.authority_name || !r.out.authority_name-string) {
svn commit: samba r10765 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Ethereal: .
Author: jelmer Date: 2005-10-06 11:57:25 + (Thu, 06 Oct 2005) New Revision: 10765 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10765 Log: Actually use VALS() setting for enums Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Ethereal/NDR.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Ethereal/NDR.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Ethereal/NDR.pm 2005-10-06 11:15:20 UTC (rev 10764) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Ethereal/NDR.pm 2005-10-06 11:57:25 UTC (rev 10765) @@ -31,24 +31,6 @@ ptr = NDR_POINTER_PTR ); -sub type2ft($) -{ -my($t) = shift; - -return FT_UINT$1 if $t =~ /uint(8|16|32|64)/; -return FT_INT$1 if $t =~ /int(8|16|32|64)/; -return FT_UINT64, if $t eq HYPER_T or $t eq NTTIME_hyper - or $t eq hyper; - -# TODO: should NTTIME_hyper be a FT_ABSOLUTE_TIME as well? - -return FT_ABSOLUTE_TIME if $t eq NTTIME or $t eq NTTIME_1sec; - -return FT_STRING if ($t eq string); - -return FT_NONE; -} - sub StripPrefixes($) { my ($s) = @_; @@ -156,7 +138,7 @@ my $enum_size = $e-{BASE_TYPE}; $enum_size =~ s/uint//g; - register_type($name, offset = $dissectorname(tvb, offset, pinfo, tree, drep, [EMAIL PROTECTED]@, [EMAIL PROTECTED]@);, type2ft($e-{BASE_TYPE}), BASE_DEC, 0, VALS($valsstring), $enum_size / 8); + register_type($name, offset = $dissectorname(tvb, offset, pinfo, tree, drep, [EMAIL PROTECTED]@, [EMAIL PROTECTED]@);, FT_UINT$enum_size, BASE_DEC, 0, VALS($valsstring), $enum_size / 8); } sub Bitmap($$$) @@ -230,7 +212,7 @@ my $size = $e-{BASE_TYPE}; $size =~ s/uint//g; - register_type($name, offset = $dissectorname(tvb, offset, pinfo, tree, drep, [EMAIL PROTECTED]@, [EMAIL PROTECTED]@);, type2ft($e-{BASE_TYPE}), BASE_DEC, 0, NULL, $size/8); + register_type($name, offset = $dissectorname(tvb, offset, pinfo, tree, drep, [EMAIL PROTECTED]@, [EMAIL PROTECTED]@);, FT_UINT$size, BASE_DEC, 0, NULL, $size/8); } sub ElementLevel($) @@ -330,7 +312,19 @@ my $call_code = offset = $dissectorname(tvb, offset, pinfo, tree, drep);; - my $hf = register_hf_field(hf_$ifname\_$pn\_$e-{NAME}, field2name($e-{NAME}), $ifname.$pn.$e-{NAME}, type2ft($e-{TYPE}), BASE_HEX, NULL, 0, ); + my $type = find_type($e-{TYPE}); + + if (not defined($type)) { + # default settings + $type = { + MASK = 0, + VALSSTRING = NULL, + FT_TYPE = FT_NONE, + BASE_TYPE = BASE_HEX + }; + } + + my $hf = register_hf_field(hf_$ifname\_$pn\_$e-{NAME}, field2name($e-{NAME}), $ifname.$pn.$e-{NAME}, $type-{FT_TYPE}, $type-{BASE_TYPE}, $type-{VALSSTRING}, $type-{MASK}, ); $hf_used{$hf} = 1; my $eltname = StripPrefixes($pn) . .$e-{NAME}; @@ -685,7 +679,13 @@ pidl_hdr #endif /* $define */; } +sub find_type($) +{ + my $n = shift; + return $conformance-{types}-{$n}; +} + sub register_type($$$) { my ($type,$call,$ft,$base,$mask,$vals,$length) = @_;
svn commit: samba r10766 - in branches/SAMBA_4_0/source: include libcli/wrepl torture/nbt
Author: metze Date: 2005-10-06 14:38:07 + (Thu, 06 Oct 2005) New Revision: 10766 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10766 Log: - make it possible to mark a wrepl_request as send only, used for WREPL_REPL_INFORM* messsages - make it possible to close the connection after a request was send used for WREPL_ASSOCIATION_STOP - fix the torture test that tests the assoc context handling between connections, you can issue a request and get the reply on another connection, I think we should not implement that in our server code, as I think it's a security hole, you can cause a windows server to send the replies to someone another client, that doesn't wait for data, and as there're no massage_id in the protocol the client would be confused by a replies that doesn't belong to a query metze Modified: branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h branches/SAMBA_4_0/source/torture/nbt/winsreplication.c Changeset: Sorry, the patch is too large (297 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10766
svn commit: samba r10767 - in branches/tmp/samba4-winsrepl: . source/auth/gensec source/include source/libcli/wrepl source/pidl/lib/Parse/Pidl/Ethereal source/rpc_server/lsa source/torture/nbt source/
Author: metze Date: 2005-10-06 14:38:42 + (Thu, 06 Oct 2005) New Revision: 10767 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10767 Log: [EMAIL PROTECTED] (orig r10763): abartlet | 2005-10-06 12:29:28 +0200 PROOF of the single, easily understood cause of all of our schannel PAIN! This test currently passes against Win2k3 SP0, but not SP1. The problem was not a convoluted series of changes in policy handles, but a simple rule that schannel logins would be regarded as ANONYMOUS not SYSTEM. Andrew Bartlett [EMAIL PROTECTED] (orig r10764): abartlet | 2005-10-06 13:15:20 +0200 To match Win2k3 SP1, we need to set an anonymous user token for schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett [EMAIL PROTECTED] (orig r10765): jelmer | 2005-10-06 13:57:25 +0200 Actually use VALS() setting for enums [EMAIL PROTECTED] (orig r10766): metze | 2005-10-06 16:38:07 +0200 - make it possible to mark a wrepl_request as send only, used for WREPL_REPL_INFORM* messsages - make it possible to close the connection after a request was send used for WREPL_ASSOCIATION_STOP - fix the torture test that tests the assoc context handling between connections, you can issue a request and get the reply on another connection, I think we should not implement that in our server code, as I think it's a security hole, you can cause a windows server to send the replies to someone another client, that doesn't wait for data, and as there're no massage_id in the protocol the client would be confused by a replies that doesn't belong to a query metze Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/auth/gensec/schannel.c branches/tmp/samba4-winsrepl/source/include/structs.h branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.c branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.h branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Ethereal/NDR.pm branches/tmp/samba4-winsrepl/source/rpc_server/lsa/dcesrv_lsa.c branches/tmp/samba4-winsrepl/source/torture/nbt/winsreplication.c branches/tmp/samba4-winsrepl/source/torture/rpc/schannel.c Changeset: Sorry, the patch is too large (590 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10767
svn commit: samba r10768 - in branches/SAMBA_4_0/source/smbd: .
Author: metze Date: 2005-10-06 14:44:37 + (Thu, 06 Oct 2005) New Revision: 10768 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10768 Log: add a function to create a stream_connection from an already existing socket connection, that's used for protocols which switch the client/server roles inside a session metze Modified: branches/SAMBA_4_0/source/smbd/service_stream.c Changeset: Modified: branches/SAMBA_4_0/source/smbd/service_stream.c === --- branches/SAMBA_4_0/source/smbd/service_stream.c 2005-10-06 14:38:42 UTC (rev 10767) +++ branches/SAMBA_4_0/source/smbd/service_stream.c 2005-10-06 14:44:37 UTC (rev 10768) @@ -78,7 +78,40 @@ } } +/* + this creates a stream_connection from an already existing connection, + used for protocols, where a client connection needs to switched into + a server connection +*/ +NTSTATUS stream_new_connection_merge(struct event_context *ev, +const struct model_ops *model_ops, +struct socket_context *sock, +const struct stream_server_ops *stream_ops, +struct messaging_context *msg_ctx, +void *private_data, +struct stream_connection **_srv_conn) +{ + struct stream_connection *srv_conn; + srv_conn = talloc_zero(ev, struct stream_connection); + NT_STATUS_HAVE_NO_MEMORY(srv_conn); + + talloc_steal(srv_conn, sock); + + srv_conn-private = private_data; + srv_conn-model_ops = model_ops; + srv_conn-socket= sock; + srv_conn-server_id = 0; + srv_conn-ops = stream_ops; + srv_conn-msg_ctx = msg_ctx; + srv_conn-event.ctx = ev; + srv_conn-event.fde = event_add_fd(ev, srv_conn, socket_get_fd(sock), + EVENT_FD_READ, + stream_io_handler, srv_conn); + *_srv_conn = srv_conn; + return NT_STATUS_OK; +} + /* called when a new socket connection has been established. This is called in the process context of the new process (if appropriate)
svn commit: samba r10769 - in branches/tmp/samba4-winsrepl: . source/smbd
Author: metze Date: 2005-10-06 14:45:06 + (Thu, 06 Oct 2005) New Revision: 10769 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10769 Log: [EMAIL PROTECTED] (orig r10768): metze | 2005-10-06 16:44:37 +0200 add a function to create a stream_connection from an already existing socket connection, that's used for protocols which switch the client/server roles inside a session metze Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/smbd/service_stream.c Changeset: Property changes on: branches/tmp/samba4-winsrepl ___ Name: svk:merge - 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:10766 3a72dc49-98ff-0310-ab52-9b7ed7945d91:/local/samba4:9495 a953eb74-4aff-0310-a63c-855d20285ebb:/local/samba4:11632 + 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:10768 3a72dc49-98ff-0310-ab52-9b7ed7945d91:/local/samba4:9495 a953eb74-4aff-0310-a63c-855d20285ebb:/local/samba4:11632 Modified: branches/tmp/samba4-winsrepl/source/smbd/service_stream.c === --- branches/tmp/samba4-winsrepl/source/smbd/service_stream.c 2005-10-06 14:44:37 UTC (rev 10768) +++ branches/tmp/samba4-winsrepl/source/smbd/service_stream.c 2005-10-06 14:45:06 UTC (rev 10769) @@ -78,7 +78,40 @@ } } +/* + this creates a stream_connection from an already existing connection, + used for protocols, where a client connection needs to switched into + a server connection +*/ +NTSTATUS stream_new_connection_merge(struct event_context *ev, +const struct model_ops *model_ops, +struct socket_context *sock, +const struct stream_server_ops *stream_ops, +struct messaging_context *msg_ctx, +void *private_data, +struct stream_connection **_srv_conn) +{ + struct stream_connection *srv_conn; + srv_conn = talloc_zero(ev, struct stream_connection); + NT_STATUS_HAVE_NO_MEMORY(srv_conn); + + talloc_steal(srv_conn, sock); + + srv_conn-private = private_data; + srv_conn-model_ops = model_ops; + srv_conn-socket= sock; + srv_conn-server_id = 0; + srv_conn-ops = stream_ops; + srv_conn-msg_ctx = msg_ctx; + srv_conn-event.ctx = ev; + srv_conn-event.fde = event_add_fd(ev, srv_conn, socket_get_fd(sock), + EVENT_FD_READ, + stream_io_handler, srv_conn); + *_srv_conn = srv_conn; + return NT_STATUS_OK; +} + /* called when a new socket connection has been established. This is called in the process context of the new process (if appropriate)
svn commit: samba r10770 - in branches/tmp/samba4-winsrepl/source/wrepl_server: .
Author: metze Date: 2005-10-06 14:56:01 + (Thu, 06 Oct 2005) New Revision: 10770 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10770 Log: - move the table filling to a seperate function, will be reused later - fix the build, wrepl_nbt_name fixes - remove state - update_state metze Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_call.c branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.c Changeset: Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_call.c === --- branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_call.c 2005-10-06 14:45:06 UTC (rev 10769) +++ branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_call.c 2005-10-06 14:56:01 UTC (rev 10770) @@ -114,42 +114,12 @@ struct wreplsrv_service *service = call-wreplconn-service; struct wrepl_replication *repl_out = call-rep_packet.message.replication; struct wrepl_table *table_out = call-rep_packet.message.replication.info.table; - struct wreplsrv_owner *cur; - uint64_t local_max_version; - uint32_t i = 0; + const char *our_ip = call-wreplconn-our_ip; repl_out-command = WREPL_REPL_TABLE_REPLY; - table_out-partner_count= 0; - table_out-partners = NULL; - table_out-initiator= WINSDB_OWNER_LOCAL; - - local_max_version = wreplsrv_local_max_version(service); - if (local_max_version 0) { - table_out-partner_count++; - } - - for (cur = service-table; cur; cur = cur-next) { - table_out-partner_count++; - } - - table_out-partners = talloc_array(call, struct wrepl_wins_owner, table_out-partner_count); - NT_STATUS_HAVE_NO_MEMORY(table_out-partners); - - if (local_max_version 0) { - table_out-partners[i].address = call-wreplconn-our_ip; - table_out-partners[i].min_version = 0; - table_out-partners[i].max_version = local_max_version; - table_out-partners[i].type = 1; - i++; - } - - for (cur = service-table; cur; cur = cur-next) { - table_out-partners[i] = cur-owner; - i++; - } - - return NT_STATUS_OK; + return wreplsrv_fill_wrepl_table(service, call, table_out, +our_ip, our_ip, True); } static int wreplsrv_in_sort_wins_name(struct wrepl_wins_name *n1, @@ -168,9 +138,8 @@ uint32_t num_ips, i; struct wrepl_ip *ips; - name-name = *rec-name; - talloc_steal(mem_ctx, rec-name-name); - talloc_steal(mem_ctx, rec-name-scope); + name-name = rec-name; + talloc_steal(mem_ctx, rec-name); name-id= rec-version; name-unknown = WINSDB_GROUP_ADDRESS; @@ -317,15 +286,15 @@ static void wreplsrv_in_update_handler(struct composite_context *creq) { - struct wreplsrv_in_update_state *state= talloc_get_type(creq-async.private_data, - struct wreplsrv_in_update_state); + struct wreplsrv_in_update_state *update_state = talloc_get_type(creq-async.private_data, + struct wreplsrv_in_update_state); NTSTATUS status; status = wreplsrv_pull_cycle_recv(creq); - talloc_free(state-wrepl_out); + talloc_free(update_state-wrepl_out); - wreplsrv_terminate_in_connection(state-wrepl_in, nt_errstr(status)); + wreplsrv_terminate_in_connection(update_state-wrepl_in, nt_errstr(status)); } static NTSTATUS wreplsrv_in_update(struct wreplsrv_in_call *call) Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.c === --- branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.c 2005-10-06 14:45:06 UTC (rev 10769) +++ branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.c 2005-10-06 14:56:01 UTC (rev 10770) @@ -160,6 +160,49 @@ return maxVersion; } +NTSTATUS wreplsrv_fill_wrepl_table(struct wreplsrv_service *service, + TALLOC_CTX *mem_ctx, + struct wrepl_table *table_out, + const char *our_ip, + const char *initiator, + BOOL full_table) +{ + struct wreplsrv_owner *cur; + uint64_t local_max_version; + uint32_t i = 0; + + table_out-partner_count= 0; + table_out-partners = NULL; + table_out-initiator= initiator; + + local_max_version = wreplsrv_local_max_version(service); + if (local_max_version 0) { +
svn commit: samba r10771 - in branches/tmp/samba4-winsrepl/source/wrepl_server: .
Author: metze Date: 2005-10-06 15:04:48 + (Thu, 06 Oct 2005) New Revision: 10771 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10771 Log: add a function to create a wreplsrv_in_connection from a client connection metze Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_connection.c Changeset: Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_connection.c === --- branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_connection.c 2005-10-06 14:56:01 UTC (rev 10770) +++ branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_in_connection.c 2005-10-06 15:04:48 UTC (rev 10771) @@ -267,6 +267,48 @@ }; /* + called when we get a new connection +*/ +NTSTATUS wreplsrv_in_connection_merge(struct wreplsrv_partner *partner, + struct socket_context *sock, + struct wreplsrv_in_connection **_wrepl_in) +{ + struct wreplsrv_service *service = partner-service; + struct wreplsrv_in_connection *wrepl_in; + const struct model_ops *model_ops; + struct stream_connection *conn; + NTSTATUS status; + + /* within the wrepl task we want to be a single process, so + ask for the single process model ops and pass these to the + stream_setup_socket() call. */ + model_ops = process_model_byname(single); + if (!model_ops) { + DEBUG(0,(Can't find 'single' process model_ops)); + return NT_STATUS_INTERNAL_ERROR; + } + + wrepl_in = talloc_zero(partner, struct wreplsrv_in_connection); + NT_STATUS_HAVE_NO_MEMORY(wrepl_in); + + wrepl_in-service = service; + wrepl_in-partner = partner; + wrepl_in-our_ip= socket_get_my_addr(sock, wrepl_in); + NT_STATUS_HAVE_NO_MEMORY(wrepl_in-our_ip); + + status = stream_new_connection_merge(service-task-event_ctx, model_ops, +sock, wreplsrv_stream_ops, service-task-msg_ctx, +wrepl_in, conn); + NT_STATUS_NOT_OK_RETURN(status); + + wrepl_in-conn = conn; + talloc_steal(conn, wrepl_in); + + *_wrepl_in = wrepl_in; + return NT_STATUS_OK; +} + +/* startup the wrepl port 42 server sockets */ NTSTATUS wreplsrv_setup_sockets(struct wreplsrv_service *service)
svn commit: samba r10772 - in branches/tmp/samba4-winsrepl/source/wrepl_server: .
Author: metze Date: 2005-10-06 15:13:51 + (Thu, 06 Oct 2005) New Revision: 10772 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10772 Log: - make the connection code more generic to handle the pull cached connection, push cached connection or given connections - when we don't use a cached connection, disconnection when a pull_cycle is done - fix the build and use the configured source ip metze Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_helpers.c branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.h Changeset: Sorry, the patch is too large (329 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10772
svn commit: samba r10773 - in branches/tmp/samba4-winsrepl/source: include wrepl_server
Author: metze Date: 2005-10-06 15:18:49 + (Thu, 06 Oct 2005) New Revision: 10773 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10773 Log: - add composite functions for push notification metze Modified: branches/tmp/samba4-winsrepl/source/include/structs.h branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_helpers.c branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_helpers.h branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.h Changeset: Sorry, the patch is too large (325 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10773
svn commit: samba r10774 - in branches/tmp/samba4-winsrepl/source/wrepl_server: .
Author: metze Date: 2005-10-06 15:23:46 + (Thu, 06 Oct 2005) New Revision: 10774 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10774 Log: - use periodic push notifycation, this is just for now as it needs to be configurable and and be triggered when the local database has changes since the last notify - I also need to work out how to decide if the partner supports persistent connections and WREPL_REPL_INFORM* messages metze Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_connection.c Changeset: Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_connection.c === --- branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_connection.c 2005-10-06 15:18:49 UTC (rev 10773) +++ branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_connection.c 2005-10-06 15:23:46 UTC (rev 10774) @@ -158,6 +158,79 @@ return NT_STATUS_OK; } +static void wreplsrv_push_handler_te(struct event_context *ev, struct timed_event *te, +struct timeval t, void *ptr); + +static void wreplsrv_push_handler_creq(struct composite_context *creq) +{ + struct wreplsrv_partner *partner = talloc_get_type(creq-async.private_data, struct wreplsrv_partner); + uint32_t interval; + + partner-push.last_status = wreplsrv_push_notify_recv(partner-push.creq); + partner-push.creq = NULL; + talloc_free(partner-push.notify_io); + partner-push.notify_io = NULL; + + if (!NT_STATUS_IS_OK(partner-push.last_status)) { + interval = 15; + + DEBUG(1,(wreplsrv_push_notify(%s): %s: next: %us\n, +partner-address, nt_errstr(partner-push.last_status), +interval)); + } else { + interval = 100; + + DEBUG(2,(wreplsrv_push_notify(%s): %s: next: %us\n, +partner-address, nt_errstr(partner-push.last_status), +interval)); + } + + partner-push.te = event_add_timed(partner-service-task-event_ctx, partner, + timeval_current_ofs(interval, 0), + wreplsrv_push_handler_te, partner); + if (!partner-push.te) { + DEBUG(0,(wreplsrv_push_handler_creq: event_add_timed() failed! no memory!\n)); + } +} + +static void wreplsrv_push_handler_te(struct event_context *ev, struct timed_event *te, +struct timeval t, void *ptr) +{ + struct wreplsrv_partner *partner = talloc_get_type(ptr, struct wreplsrv_partner); + + partner-push.te = NULL; + + partner-push.notify_io = talloc(partner, struct wreplsrv_push_notify_io); + if (!partner-push.notify_io) { + goto requeue; + } + + partner-push.notify_io-in.partner = partner; + partner-push.notify_io-in.inform = False; + partner-push.notify_io-in.propagate = False; + partner-push.creq = wreplsrv_push_notify_send(partner-push.notify_io, partner-push.notify_io); + if (!partner-push.creq) { + DEBUG(1,(wreplsrv_push_notify_send(%s) failed\n, +partner-address)); + goto requeue; + } + + partner-push.creq-async.fn= wreplsrv_push_handler_creq; + partner-push.creq-async.private_data = partner; + + return; +requeue: + talloc_free(partner-push.notify_io); + partner-push.notify_io = NULL; + /* retry later */ + partner-push.te = event_add_timed(partner-service-task-event_ctx, partner, + timeval_add(t, 5, 0), + wreplsrv_push_handler_te, partner); + if (!partner-push.te) { + DEBUG(0,(wreplsrv_push_handler_te: event_add_timed() failed! no memory!\n)); + } +} + NTSTATUS wreplsrv_setup_out_connections(struct wreplsrv_service *service) { struct wreplsrv_partner *cur; @@ -168,6 +241,11 @@ timeval_zero(), wreplsrv_pull_handler_te, cur); NT_STATUS_HAVE_NO_MEMORY(cur-pull.te); } + if (cur-type WINSREPL_PARTNER_PUSH) { + cur-push.te = event_add_timed(service-task-event_ctx, cur, + timeval_zero(), wreplsrv_push_handler_te, cur); + NT_STATUS_HAVE_NO_MEMORY(cur-push.te); + } } return NT_STATUS_OK;
svn commit: samba r10775 - in trunk/source/services: .
Author: jerry Date: 2005-10-06 15:25:53 + (Thu, 06 Oct 2005) New Revision: 10775 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10775 Log: * update the common unix service displayname table a bit * read the description from the init file if possible (Default to External Unix Service) although the descriptions on SuSE 9.3 are not that helpful. Modified: trunk/source/services/services_db.c trunk/source/services/svc_rcinit.c Changeset: Sorry, the patch is too large (307 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10775
svn commit: samba r10776 - in trunk/source: include rpc_parse rpc_server
Author: jerry Date: 2005-10-06 16:23:51 + (Thu, 06 Oct 2005) New Revision: 10776 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10776 Log: I admit that I don't completely understand the \ntsvcs pipe and that this is a really horrible hack. But since I just need enough of the pipe to get rid of warnings when launching the MMC services plugin, I can live with myself. This fixes the final Invalid Device ID warning popup by ensuring that the device list is double NULL terminated. I added a new UNI_STR_DBLTERMINATE flag to init_unistr2(). It was easy and cleaner than coming up with a new set of UNISTR2 initialization functions. I know we will have to eventually clean this up, but its enough for now. Modified: trunk/source/include/rpc_misc.h trunk/source/rpc_parse/parse_misc.c trunk/source/rpc_parse/parse_ntsvcs.c trunk/source/rpc_server/srv_ntsvcs_nt.c Changeset: Modified: trunk/source/include/rpc_misc.h === --- trunk/source/include/rpc_misc.h 2005-10-06 15:25:53 UTC (rev 10775) +++ trunk/source/include/rpc_misc.h 2005-10-06 16:23:51 UTC (rev 10776) @@ -27,7 +27,7 @@ #define SMB_RPC_INTERFACE_VERSION 1 #define PRS_POINTER_CAST BOOL (*)(const char*, prs_struct*, int, void*) -enum unistr2_term_codes { UNI_FLAGS_NONE = 0, UNI_STR_TERMINATE = 1, UNI_MAXLEN_TERMINATE = 2, UNI_BROKEN_NON_NULL = 3 }; +enum unistr2_term_codes { UNI_FLAGS_NONE = 0, UNI_STR_TERMINATE = 1, UNI_MAXLEN_TERMINATE = 2, UNI_BROKEN_NON_NULL = 3, UNI_STR_DBLTERMINATE = 4 }; Modified: trunk/source/rpc_parse/parse_misc.c === --- trunk/source/rpc_parse/parse_misc.c 2005-10-06 15:25:53 UTC (rev 10775) +++ trunk/source/rpc_parse/parse_misc.c 2005-10-06 16:23:51 UTC (rev 10776) @@ -830,6 +830,8 @@ if (buf) { /* We always null terminate the copy. */ len = strlen(buf) + 1; + if ( flags == UNI_STR_DBLTERMINATE ) + len++; } else { /* no buffer -- nothing to do */ str-uni_max_len = 0; @@ -859,6 +861,8 @@ if (flags == UNI_STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) { num_chars++; } + if ( flags == UNI_STR_DBLTERMINATE ) + num_chars += 2; } str-uni_max_len = num_chars; Modified: trunk/source/rpc_parse/parse_ntsvcs.c === --- trunk/source/rpc_parse/parse_ntsvcs.c 2005-10-06 15:25:53 UTC (rev 10775) +++ trunk/source/rpc_parse/parse_ntsvcs.c 2005-10-06 16:23:51 UTC (rev 10776) @@ -79,7 +79,7 @@ if ( !prs_pointer(devicename, ps, depth, (void**)q_u-devicename, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2) ) return False; - if( !prs_align(ps) ) + if ( !prs_align(ps) ) return False; if ( !prs_uint32(flags, ps, depth, q_u-flags) ) Modified: trunk/source/rpc_server/srv_ntsvcs_nt.c === --- trunk/source/rpc_server/srv_ntsvcs_nt.c 2005-10-06 15:25:53 UTC (rev 10775) +++ trunk/source/rpc_server/srv_ntsvcs_nt.c 2005-10-06 16:23:51 UTC (rev 10776) @@ -80,11 +80,9 @@ rpcstr_pull(device, q_u-devicename-buffer, sizeof(device), q_u-devicename-uni_str_len*2, 0); devicepath = get_device_path( device ); - /* From the packet traces I've see, I think this really should be an array - of UNISTR2's. But I've never seen more than one string in spite of the - fact that the string in double NULL terminated. -- jerry */ + /* This has to be DOUBLE NULL terminated */ - init_unistr2( r_u-devicepath, devicepath, UNI_STR_TERMINATE ); + init_unistr2( r_u-devicepath, devicepath, UNI_STR_DBLTERMINATE ); r_u-needed = r_u-devicepath.uni_str_len; return WERR_OK;
svn commit: samba r10777 - in trunk/source/rpc_client: .
Author: jra Date: 2005-10-06 16:51:08 + (Thu, 06 Oct 2005) New Revision: 10777 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10777 Log: Allow schannel setup over NTLMSSP authenticated pipes. Jeremy. Modified: trunk/source/rpc_client/cli_pipe.c Changeset: Modified: trunk/source/rpc_client/cli_pipe.c === --- trunk/source/rpc_client/cli_pipe.c 2005-10-06 16:23:51 UTC (rev 10776) +++ trunk/source/rpc_client/cli_pipe.c 2005-10-06 16:51:08 UTC (rev 10777) @@ -2500,6 +2500,112 @@ / Open a named pipe to an SMB server and bind using schannel (bind type 68). + Fetch the session key ourselves using a temporary netlogon pipe. This + version uses an ntlmssp auth bound netlogon pipe to get the key. + / + +static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_state *cli, + const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; + struct rpc_pipe_client *netlogon_pipe = NULL; + uint32 sec_chan_type = 0; + char machine_pwd[16]; + fstring machine_account; + + netlogon_pipe = cli_rpc_pipe_open_spnego_ntlmssp(cli, PI_NETLOGON, PIPE_AUTH_LEVEL_PRIVACY, domain, username, password, perr); + if (!netlogon_pipe) { + return NULL; + } + + /* Get the machine account credentials from secrets.tdb. */ + if (!get_trust_pw(domain, machine_pwd, sec_chan_type)) { + DEBUG(0, (get_schannel_session_key_auth_ntlmssp: could not fetch + trust account password for domain '%s'\n, + domain)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + return NULL; + } + + if ( IS_DC ) { + fstrcpy( machine_account, lp_workgroup() ); +} else { +/* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */ +if (strequal(domain, lp_workgroup())) { +fstrcpy(machine_account, global_myname()); +} else { +fstrcpy(machine_account, domain); +} +} + + *perr = rpccli_netlogon_setup_creds(netlogon_pipe, + cli-desthost, + domain, + machine_account, + machine_pwd, + sec_chan_type, + neg_flags); + + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(3,(get_schannel_session_key_auth_ntlmssp: rpccli_netlogon_setup_creds + failed with result %s\n, + nt_errstr(*perr) )); + cli_rpc_pipe_close(netlogon_pipe); + return NULL; + } + + if ((neg_flags NETLOGON_NEG_SCHANNEL) == 0) { + DEBUG(3, (get_schannel_session_key_auth_ntlmssp: Server %s did not offer schannel\n, + cli-desthost)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_INVALID_NETWORK_RESPONSE; + return NULL; + } + + return netlogon_pipe; +} + +/ + Open a named pipe to an SMB server and bind using schannel (bind type 68). + Fetch the session key ourselves using a temporary netlogon pipe. This version + uses an ntlmssp bind to get the session key. + / + +struct rpc_pipe_client *cli_rpc_pipe_open_ntlmttp_auth_schannel(struct cli_state *cli, +int pipe_idx, + enum pipe_auth_level auth_level, +const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + struct rpc_pipe_client *netlogon_pipe = NULL; + struct rpc_pipe_client *result = NULL; + + netlogon_pipe = get_schannel_session_key_auth_ntlmssp(cli, domain, username, password, perr); + if (!netlogon_pipe) { + DEBUG(0,(cli_rpc_pipe_open_ntlmssp_auth_schannel: failed to get schannel
svn commit: samba r10778 - in branches/SAMBA_3_0/source/rpc_client: .
Author: jra Date: 2005-10-06 16:51:10 + (Thu, 06 Oct 2005) New Revision: 10778 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10778 Log: Allow schannel setup over NTLMSSP authenticated pipes. Jeremy. Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c === --- branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-06 16:51:08 UTC (rev 10777) +++ branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-06 16:51:10 UTC (rev 10778) @@ -2500,6 +2500,112 @@ / Open a named pipe to an SMB server and bind using schannel (bind type 68). + Fetch the session key ourselves using a temporary netlogon pipe. This + version uses an ntlmssp auth bound netlogon pipe to get the key. + / + +static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_state *cli, + const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; + struct rpc_pipe_client *netlogon_pipe = NULL; + uint32 sec_chan_type = 0; + char machine_pwd[16]; + fstring machine_account; + + netlogon_pipe = cli_rpc_pipe_open_spnego_ntlmssp(cli, PI_NETLOGON, PIPE_AUTH_LEVEL_PRIVACY, domain, username, password, perr); + if (!netlogon_pipe) { + return NULL; + } + + /* Get the machine account credentials from secrets.tdb. */ + if (!get_trust_pw(domain, machine_pwd, sec_chan_type)) { + DEBUG(0, (get_schannel_session_key_auth_ntlmssp: could not fetch + trust account password for domain '%s'\n, + domain)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + return NULL; + } + + if ( IS_DC ) { + fstrcpy( machine_account, lp_workgroup() ); +} else { +/* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */ +if (strequal(domain, lp_workgroup())) { +fstrcpy(machine_account, global_myname()); +} else { +fstrcpy(machine_account, domain); +} +} + + *perr = rpccli_netlogon_setup_creds(netlogon_pipe, + cli-desthost, + domain, + machine_account, + machine_pwd, + sec_chan_type, + neg_flags); + + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(3,(get_schannel_session_key_auth_ntlmssp: rpccli_netlogon_setup_creds + failed with result %s\n, + nt_errstr(*perr) )); + cli_rpc_pipe_close(netlogon_pipe); + return NULL; + } + + if ((neg_flags NETLOGON_NEG_SCHANNEL) == 0) { + DEBUG(3, (get_schannel_session_key_auth_ntlmssp: Server %s did not offer schannel\n, + cli-desthost)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_INVALID_NETWORK_RESPONSE; + return NULL; + } + + return netlogon_pipe; +} + +/ + Open a named pipe to an SMB server and bind using schannel (bind type 68). + Fetch the session key ourselves using a temporary netlogon pipe. This version + uses an ntlmssp bind to get the session key. + / + +struct rpc_pipe_client *cli_rpc_pipe_open_ntlmttp_auth_schannel(struct cli_state *cli, +int pipe_idx, + enum pipe_auth_level auth_level, +const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + struct rpc_pipe_client *netlogon_pipe = NULL; + struct rpc_pipe_client *result = NULL; + + netlogon_pipe = get_schannel_session_key_auth_ntlmssp(cli, domain, username, password, perr); + if (!netlogon_pipe) { +
svn commit: samba r10779 - in trunk/source/rpc_client: .
Author: jra Date: 2005-10-06 17:42:42 + (Thu, 06 Oct 2005) New Revision: 10779 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10779 Log: Fix typo noticed by Volker. Jeremy. Modified: trunk/source/rpc_client/cli_pipe.c Changeset: Modified: trunk/source/rpc_client/cli_pipe.c === --- trunk/source/rpc_client/cli_pipe.c 2005-10-06 16:51:10 UTC (rev 10778) +++ trunk/source/rpc_client/cli_pipe.c 2005-10-06 17:42:42 UTC (rev 10779) @@ -2575,7 +2575,7 @@ uses an ntlmssp bind to get the session key. / -struct rpc_pipe_client *cli_rpc_pipe_open_ntlmttp_auth_schannel(struct cli_state *cli, +struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, int pipe_idx, enum pipe_auth_level auth_level, const char *domain,
svn commit: samba r10780 - in branches/SAMBA_3_0/source/rpc_client: .
Author: jra Date: 2005-10-06 17:43:18 + (Thu, 06 Oct 2005) New Revision: 10780 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10780 Log: Fix typo noticed by Volker. Jeremy. Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c === --- branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-06 17:42:42 UTC (rev 10779) +++ branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-06 17:43:18 UTC (rev 10780) @@ -2575,7 +2575,7 @@ uses an ntlmssp bind to get the session key. / -struct rpc_pipe_client *cli_rpc_pipe_open_ntlmttp_auth_schannel(struct cli_state *cli, +struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, int pipe_idx, enum pipe_auth_level auth_level, const char *domain,
svn commit: samba r10781 - in branches/SAMBA_3_0/source: . include param registry rpc_parse rpc_server services
Author: jerry Date: 2005-10-06 17:48:03 + (Thu, 06 Oct 2005) New Revision: 10781 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10781 Log: merging eventlog and svcctl code from trunk Added: branches/SAMBA_3_0/source/rpc_server/srv_eventlog_lib.c branches/SAMBA_3_0/source/services/svc_wins.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/include/rpc_eventlog.h branches/SAMBA_3_0/source/include/rpc_misc.h branches/SAMBA_3_0/source/include/rpc_svcctl.h branches/SAMBA_3_0/source/param/loadparm.c branches/SAMBA_3_0/source/registry/reg_eventlog.c branches/SAMBA_3_0/source/registry/reg_frontend.c branches/SAMBA_3_0/source/rpc_parse/parse_misc.c branches/SAMBA_3_0/source/rpc_parse/parse_ntsvcs.c branches/SAMBA_3_0/source/rpc_server/srv_eventlog_nt.c branches/SAMBA_3_0/source/rpc_server/srv_ntsvcs_nt.c branches/SAMBA_3_0/source/rpc_server/srv_reg_nt.c branches/SAMBA_3_0/source/rpc_server/srv_svcctl_nt.c branches/SAMBA_3_0/source/services/services_db.c branches/SAMBA_3_0/source/services/svc_rcinit.c Changeset: Sorry, the patch is too large (3325 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10781
svn commit: samba r10782 - branches/SAMBA_3_0/source/rpc_parse trunk/source/rpc_parse
Author: gd Date: 2005-10-06 18:00:19 + (Thu, 06 Oct 2005) New Revision: 10782 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10782 Log: Only parse the group rid_array in net_user_info3() when num_group is 0. This fixes the PAC parsing for win2k DCs up to SP3. (Where full SIDs are stored in the PAC instead of RIDs). Guenther Modified: branches/SAMBA_3_0/source/rpc_parse/parse_net.c trunk/source/rpc_parse/parse_net.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_parse/parse_net.c === --- branches/SAMBA_3_0/source/rpc_parse/parse_net.c 2005-10-06 17:48:03 UTC (rev 10781) +++ branches/SAMBA_3_0/source/rpc_parse/parse_net.c 2005-10-06 18:00:19 UTC (rev 10782) @@ -1622,18 +1622,30 @@ if(!prs_align(ps)) return False; - if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups */ - return False; - if (UNMARSHALLING(ps) usr-num_groups2 0) { - usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups2); - if (usr-gids == NULL) + if (usr-num_groups 0) { + + if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups2 */ return False; - } - for (i = 0; i usr-num_groups2; i++) { - if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + if (usr-num_groups != usr-num_groups2) { + DEBUG(3,(net_io_user_info3: num_groups mismatch! (%d != %d)\n, + usr-num_groups, usr-num_groups2)); return False; + } + + + if (UNMARSHALLING(ps)) { + usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups); + if (usr-gids == NULL) + return False; + } + + for (i = 0; i usr-num_groups; i++) { + if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + return False; + } + } if(!smb_io_unistr2(uni_logon_srv, usr-uni_logon_srv, usr-hdr_logon_srv.buffer, ps, depth)) /* logon server unicode string */ Modified: trunk/source/rpc_parse/parse_net.c === --- trunk/source/rpc_parse/parse_net.c 2005-10-06 17:48:03 UTC (rev 10781) +++ trunk/source/rpc_parse/parse_net.c 2005-10-06 18:00:19 UTC (rev 10782) @@ -1622,18 +1622,30 @@ if(!prs_align(ps)) return False; - if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups */ - return False; - if (UNMARSHALLING(ps) usr-num_groups2 0) { - usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups2); - if (usr-gids == NULL) + if (usr-num_groups 0) { + + if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups2 */ return False; - } - for (i = 0; i usr-num_groups2; i++) { - if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + if (usr-num_groups != usr-num_groups2) { + DEBUG(3,(net_io_user_info3: num_groups mismatch! (%d != %d)\n, + usr-num_groups, usr-num_groups2)); return False; + } + + + if (UNMARSHALLING(ps)) { + usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups); + if (usr-gids == NULL) + return False; + } + + for (i = 0; i usr-num_groups; i++) { + if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + return False; + } + } if(!smb_io_unistr2(uni_logon_srv, usr-uni_logon_srv, usr-hdr_logon_srv.buffer, ps, depth)) /* logon server unicode string */
svn commit: samba r10783 - in branches/SAMBA_3_0_RELEASE: . examples examples/LDAP source source/auth source/client source/groupdb source/include source/lib source/libads source/libsmb source/locking
Author: jerry Date: 2005-10-06 18:06:46 + (Thu, 06 Oct 2005) New Revision: 10783 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10783 Log: merging up for 3.0.21pre1 (in a few days) Added: branches/SAMBA_3_0_RELEASE/examples/libmsrpc/ branches/SAMBA_3_0_RELEASE/source/auth/auth_script.c branches/SAMBA_3_0_RELEASE/source/client/smbctool.c branches/SAMBA_3_0_RELEASE/source/include/libmsrpc.h branches/SAMBA_3_0_RELEASE/source/include/libmsrpc_internal.h branches/SAMBA_3_0_RELEASE/source/include/rpc_ntsvcs.h branches/SAMBA_3_0_RELEASE/source/include/rpc_perfcount.h branches/SAMBA_3_0_RELEASE/source/include/rpc_perfcount_defs.h branches/SAMBA_3_0_RELEASE/source/include/smb_ldap.h branches/SAMBA_3_0_RELEASE/source/lib/arc4.c branches/SAMBA_3_0_RELEASE/source/libmsrpc/ branches/SAMBA_3_0_RELEASE/source/printing/print_iprint.c branches/SAMBA_3_0_RELEASE/source/registry/reg_perfcount.c branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_ntsvcs.c branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_eventlog_lib.c branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_ntsvcs.c branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_ntsvcs_nt.c branches/SAMBA_3_0_RELEASE/source/rpcclient/cmd_test.c branches/SAMBA_3_0_RELEASE/source/sam/idmap_smbldap.c branches/SAMBA_3_0_RELEASE/source/script/tests/ branches/SAMBA_3_0_RELEASE/source/services/svc_netlogon.c branches/SAMBA_3_0_RELEASE/source/services/svc_winreg.c branches/SAMBA_3_0_RELEASE/source/services/svc_wins.c branches/SAMBA_3_0_RELEASE/source/stf/ branches/SAMBA_3_0_RELEASE/source/torture/t_asn1.c branches/SAMBA_3_0_RELEASE/source/torture/t_strappend.c Modified: branches/SAMBA_3_0_RELEASE/MAINTAINERS branches/SAMBA_3_0_RELEASE/Manifest branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema branches/SAMBA_3_0_RELEASE/source/Makefile.in branches/SAMBA_3_0_RELEASE/source/VERSION branches/SAMBA_3_0_RELEASE/source/aclocal.m4 branches/SAMBA_3_0_RELEASE/source/auth/auth.c branches/SAMBA_3_0_RELEASE/source/auth/auth_domain.c branches/SAMBA_3_0_RELEASE/source/auth/auth_ntlmssp.c branches/SAMBA_3_0_RELEASE/source/auth/auth_util.c branches/SAMBA_3_0_RELEASE/source/auth/auth_winbind.c branches/SAMBA_3_0_RELEASE/source/client/mount.cifs.c branches/SAMBA_3_0_RELEASE/source/client/smbspool.c branches/SAMBA_3_0_RELEASE/source/configure.in branches/SAMBA_3_0_RELEASE/source/groupdb/mapping.c branches/SAMBA_3_0_RELEASE/source/include/ads.h branches/SAMBA_3_0_RELEASE/source/include/adt_tree.h branches/SAMBA_3_0_RELEASE/source/include/asn_1.h branches/SAMBA_3_0_RELEASE/source/include/authdata.h branches/SAMBA_3_0_RELEASE/source/include/client.h branches/SAMBA_3_0_RELEASE/source/include/dlinklist.h branches/SAMBA_3_0_RELEASE/source/include/doserr.h branches/SAMBA_3_0_RELEASE/source/include/includes.h branches/SAMBA_3_0_RELEASE/source/include/messages.h branches/SAMBA_3_0_RELEASE/source/include/module.h branches/SAMBA_3_0_RELEASE/source/include/nt_printing.h branches/SAMBA_3_0_RELEASE/source/include/ntdomain.h branches/SAMBA_3_0_RELEASE/source/include/ntlmssp.h branches/SAMBA_3_0_RELEASE/source/include/passdb.h branches/SAMBA_3_0_RELEASE/source/include/printing.h branches/SAMBA_3_0_RELEASE/source/include/privileges.h branches/SAMBA_3_0_RELEASE/source/include/reg_objects.h branches/SAMBA_3_0_RELEASE/source/include/rpc_client.h branches/SAMBA_3_0_RELEASE/source/include/rpc_dce.h branches/SAMBA_3_0_RELEASE/source/include/rpc_dfs.h branches/SAMBA_3_0_RELEASE/source/include/rpc_ds.h branches/SAMBA_3_0_RELEASE/source/include/rpc_eventlog.h branches/SAMBA_3_0_RELEASE/source/include/rpc_lsa.h branches/SAMBA_3_0_RELEASE/source/include/rpc_misc.h branches/SAMBA_3_0_RELEASE/source/include/rpc_netlogon.h branches/SAMBA_3_0_RELEASE/source/include/rpc_reg.h branches/SAMBA_3_0_RELEASE/source/include/rpc_samr.h branches/SAMBA_3_0_RELEASE/source/include/rpc_secdes.h branches/SAMBA_3_0_RELEASE/source/include/rpc_svcctl.h branches/SAMBA_3_0_RELEASE/source/include/smb.h branches/SAMBA_3_0_RELEASE/source/include/smb_macros.h branches/SAMBA_3_0_RELEASE/source/include/smb_share_modes.h branches/SAMBA_3_0_RELEASE/source/include/smbldap.h branches/SAMBA_3_0_RELEASE/source/include/spnego.h branches/SAMBA_3_0_RELEASE/source/include/srvstr.h branches/SAMBA_3_0_RELEASE/source/lib/account_pol.c branches/SAMBA_3_0_RELEASE/source/lib/adt_tree.c branches/SAMBA_3_0_RELEASE/source/lib/data_blob.c branches/SAMBA_3_0_RELEASE/source/lib/debug.c branches/SAMBA_3_0_RELEASE/source/lib/dmallocmsg.c branches/SAMBA_3_0_RELEASE/source/lib/gencache.c branches/SAMBA_3_0_RELEASE/source/lib/genrand.c branches/SAMBA_3_0_RELEASE/source/lib/messages.c branches/SAMBA_3_0_RELEASE/source/lib/module.c branches/SAMBA_3_0_RELEASE/source/lib/pidfile.c
svn commit: samba r10784 - in branches/SAMBA_3_0_RELEASE: .
Author: jerry Date: 2005-10-06 18:10:23 + (Thu, 06 Oct 2005) New Revision: 10784 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10784 Log: outline for release notes draft Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt Changeset: Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt === --- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2005-10-06 18:06:46 UTC (rev 10783) +++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2005-10-06 18:10:23 UTC (rev 10784) @@ -1,3 +1,42 @@ + == + Release Notes for Samba 3.0.21pre1 + Oct XX, 2005 + == + +This is a preview release of the Samba 3.0.21 code base and +is provided for testing only. This release is *not* intended +for production servers. There has been a substantial amount +of development since the 3.0.20 series of stable releases. +We would like to ask the Samba community for help in testing +these changes as we work towards the next significant production +upgrade Samba 3.0 release. + +Common bugs fixed in 3.0.21pre1 include: + + o + +Additional features introduced in Samba 3.0.21pre1 include: + + o + + +## +Changes +### + + +Changes since 3.0.20a + + +commits +--- + + + + +Release Notes for older release follow: + + -- === Release Notes for Samba 3.0.20a Sept 30, 2005 @@ -3,9 +42,4 @@ === -This is the latest stable release of Samba. This is the version -that production Samba servers should be running for all current -bug-fixes. Please read the following important changes in this -release. - Common bugs fixed in 3.0.20a include: @@ -154,8 +188,6 @@ * BUG 3052: Fix compile issues on OpenBSD. -Release Notes for older release follow: - -- == Release Notes for Samba 3.0.20
svn commit: samba r10785 - in branches/SAMBA_3_0_RELEASE/source/rpc_parse: .
Author: jerry Date: 2005-10-06 18:17:09 + (Thu, 06 Oct 2005) New Revision: 10785 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10785 Log: adding gd's group parsing fix (current up to r10784) Modified: branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_net.c Changeset: Modified: branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_net.c === --- branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_net.c 2005-10-06 18:10:23 UTC (rev 10784) +++ branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_net.c 2005-10-06 18:17:09 UTC (rev 10785) @@ -1622,18 +1622,30 @@ if(!prs_align(ps)) return False; - if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups */ - return False; - if (UNMARSHALLING(ps) usr-num_groups2 0) { - usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups2); - if (usr-gids == NULL) + if (usr-num_groups 0) { + + if(!prs_uint32(num_groups2 , ps, depth, usr-num_groups2)) /* num groups2 */ return False; - } - for (i = 0; i usr-num_groups2; i++) { - if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + if (usr-num_groups != usr-num_groups2) { + DEBUG(3,(net_io_user_info3: num_groups mismatch! (%d != %d)\n, + usr-num_groups, usr-num_groups2)); return False; + } + + + if (UNMARSHALLING(ps)) { + usr-gids = PRS_ALLOC_MEM(ps, DOM_GID, usr-num_groups); + if (usr-gids == NULL) + return False; + } + + for (i = 0; i usr-num_groups; i++) { + if(!smb_io_gid(, usr-gids[i], ps, depth)) /* group info */ + return False; + } + } if(!smb_io_unistr2(uni_logon_srv, usr-uni_logon_srv, usr-hdr_logon_srv.buffer, ps, depth)) /* logon server unicode string */
svn commit: samba r10786 - in branches/SAMBA_3_0_RELEASE/source/libsmb: .
Author: jerry Date: 2005-10-06 18:19:29 + (Thu, 06 Oct 2005) New Revision: 10786 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10786 Log: remove forgotten files Removed: branches/SAMBA_3_0_RELEASE/source/libsmb/samlogon_cache.c Changeset: Sorry, the patch is too large (252 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10786
svn commit: samba r10787 - in branches/SAMBA_4_0/source/pidl: . lib/Parse/Pidl/Samba3
Author: jelmer Date: 2005-10-06 20:07:53 + (Thu, 06 Oct 2005) New Revision: 10787 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10787 Log: Fix silly nodiscriminant-issue Modified: branches/SAMBA_4_0/source/pidl/TODO branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/TODO === --- branches/SAMBA_4_0/source/pidl/TODO 2005-10-06 18:19:29 UTC (rev 10786) +++ branches/SAMBA_4_0/source/pidl/TODO 2005-10-06 20:07:53 UTC (rev 10787) @@ -10,3 +10,7 @@ a (regular) remote error occurs - support nested elements + +- Don't output [ref] pointers for Samba 4? + +- alternative to subcontext() Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm 2005-10-06 18:19:29 UTC (rev 10786) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm 2005-10-06 20:07:53 UTC (rev 10787) @@ -394,7 +394,7 @@ indent; DeclareArrayVariables($u-{ELEMENTS}); - if (has_property($u, nodiscriminant)) { + unless (has_property($u, nodiscriminant)) { pidl if (!prs_uint32(\switch_value\, ps, depth, v-switch_value)); pidl \treturn False;; pidl ;
svn commit: samba r10788 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3: .
Author: jelmer Date: 2005-10-06 20:53:55 + (Thu, 06 Oct 2005) New Revision: 10788 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10788 Log: - Give unions a name - Check initialisation function return value Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm 2005-10-06 20:07:53 UTC (rev 10787) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm 2005-10-06 20:53:55 UTC (rev 10788) @@ -71,7 +71,8 @@ pidl ; pidl /* Marshall data and send request */; pidl ; - pidl init_$if-{NAME}_q_$fn-{NAME}(q$inargs);; + pidl if (!init_$if-{NAME}_q_$fn-{NAME}(q$inargs)); + pidl \treturn NT_STATUS_INVALID_PARAMETER;; pidl ; pidl CLI_DO_RPC(cli, mem_ctx, PI_$uif, $ufn,; pidl \tq, r,; Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm 2005-10-06 20:07:53 UTC (rev 10787) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm 2005-10-06 20:53:55 UTC (rev 10788) @@ -130,7 +130,7 @@ pidl typedef struct $if-{NAME}_$n\_ctr {; indent; pidl uint32 $_; foreach (keys %$extra); - pidl union {; + pidl union $if-{NAME}_$n {; indent; foreach (@{$u-{ELEMENTS}}) { next if ($_-{TYPE} eq EMPTY);
svn commit: samba r10789 - in trunk/source: registry rpc_server services
Author: jerry Date: 2005-10-06 23:06:09 + (Thu, 06 Oct 2005) New Revision: 10789 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10789 Log: only keep the registry.tdb open when there is an open key handle; use a ref count on the tdb Modified: trunk/source/registry/reg_db.c trunk/source/registry/reg_frontend.c trunk/source/rpc_server/srv_eventlog_lib.c trunk/source/rpc_server/srv_eventlog_nt.c trunk/source/rpc_server/srv_reg_nt.c trunk/source/services/services_db.c Changeset: Sorry, the patch is too large (388 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10789
Build status as of Fri Oct 7 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-10-06 00:00:11.0 + +++ /home/build/master/cache/broken_results.txt 2005-10-07 00:00:09.0 + @@ -1,17 +1,17 @@ -Build status as of Thu Oct 6 00:00:02 2005 +Build status as of Fri Oct 7 00:00:02 2005 Build counts: Tree Total Broken Panic -ccache 10 2 0 +ccache 9 2 0 distcc 10 2 0 -lorikeet-heimdal 13 9 0 +lorikeet-heimdal 15 10 0 ppp 20 0 0 -rsync39 2 0 +rsync40 3 0 samba2 0 0 samba-docs 0 0 0 samba4 40 17 4 -samba_3_040 7 0 -smb-build30 5 0 +samba_3_040 16 0 +smb-build28 5 0 talloc 36 14 0 tdb 8 3 0
svn commit: samba r10790 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: tridge Date: 2005-10-07 00:40:29 + (Fri, 07 Oct 2005) New Revision: 10790 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10790 Log: allow updating of existing ldb opaque values (thanks to abartlet for spotting this) Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2005-10-06 23:06:09 UTC (rev 10789) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2005-10-07 00:40:29 UTC (rev 10790) @@ -350,7 +350,17 @@ */ int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value) { - struct ldb_opaque *o = talloc(ldb, struct ldb_opaque); + struct ldb_opaque *o; + + /* allow updating an existing value */ + for (o=ldb-opaque;o;o=o-next) { + if (strcmp(o-name, name) == 0) { + o-value = value; + return LDB_SUCCESS; + } + } + + o = talloc(ldb, struct ldb_opaque); if (o == NULL) { ldb_oom(ldb); return LDB_ERR_OTHER;
svn commit: samba r10791 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2005-10-07 01:01:44 + (Fri, 07 Oct 2005) New Revision: 10791 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10791 Log: Add copyright, fix comments (this isn't the timestamps module any more) Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c 2005-10-07 00:40:29 UTC (rev 10790) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c 2005-10-07 01:01:44 UTC (rev 10791) @@ -2,6 +2,7 @@ ldb database library Copyright (C) Simo Sorce 2004 + Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2005 ** NOTE! The following LGPL license applies to the ldb ** library. This does NOT imply that all of Samba is released @@ -36,7 +37,6 @@ #include ldb/include/ldb.h #include ldb/include/ldb_private.h #include librpc/gen_ndr/ndr_misc.h -#include time.h static int objectguid_search_bytree(struct ldb_module *module, const struct ldb_dn *base, enum ldb_scope scope, struct ldb_parse_tree *tree, @@ -59,7 +59,7 @@ return NULL; } -/* add_record: add crateTimestamp/modifyTimestamp attributes */ +/* add_record: add objectGUID attribute */ static int objectguid_add_record(struct ldb_module *module, const struct ldb_message *msg) { struct ldb_val v; @@ -112,7 +112,6 @@ return ret; } - static const struct ldb_module_ops objectguid_ops = { .name = objectguid, .search_bytree = objectguid_search_bytree,
svn commit: samba r10792 - in branches/SAMBA_3_0/source: include passdb rpc_server
Author: jra Date: 2005-10-07 01:46:19 + (Fri, 07 Oct 2005) New Revision: 10792 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10792 Log: Fix the schannel not stored across client disconnects problem. Based on the Samba4 solution - stores data in $samba/private/schannel_store.tdb. This tdb is not left open but open and closed on demand. Jeremy. Modified: branches/SAMBA_3_0/source/include/secrets.h branches/SAMBA_3_0/source/passdb/secrets.c branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c branches/SAMBA_3_0/source/rpc_server/srv_pipe.c Changeset: Sorry, the patch is too large (328 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10792
svn commit: samba r10793 - in trunk/source: include passdb rpc_server
Author: jra Date: 2005-10-07 01:46:34 + (Fri, 07 Oct 2005) New Revision: 10793 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10793 Log: Fix the schannel not stored across client disconnects problem. Based on the Samba4 solution - stores data in $samba/private/schannel_store.tdb. This tdb is not left open but open and closed on demand. Jeremy. Modified: trunk/source/include/secrets.h trunk/source/passdb/secrets.c trunk/source/rpc_server/srv_netlog_nt.c trunk/source/rpc_server/srv_pipe.c Changeset: Sorry, the patch is too large (328 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10793
svn commit: samba r10794 - in trunk/source/rpc_server: .
Author: jra Date: 2005-10-07 01:52:45 + (Fri, 07 Oct 2005) New Revision: 10794 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10794 Log: Fix code before decl error. Jeremy. Modified: trunk/source/rpc_server/srv_eventlog_lib.c Changeset: Modified: trunk/source/rpc_server/srv_eventlog_lib.c === --- trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-07 01:46:34 UTC (rev 10793) +++ trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-07 01:52:45 UTC (rev 10794) @@ -54,9 +54,10 @@ /* make the tdb file name for an event log, given destination buffer and size */ char *mk_tdbfilename( char *dest_buffer, char *eventlog_name, int size_dest ) { + pstring ondisk_name; + if ( !dest_buffer ) return NULL; - pstring ondisk_name; pstrcpy( ondisk_name, EV ); pstrcat( ondisk_name, eventlog_name );
svn commit: samba r10795 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jra Date: 2005-10-07 01:52:48 + (Fri, 07 Oct 2005) New Revision: 10795 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10795 Log: Fix code before decl error. Jeremy. Modified: branches/SAMBA_3_0/source/rpc_server/srv_eventlog_lib.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_eventlog_lib.c === --- branches/SAMBA_3_0/source/rpc_server/srv_eventlog_lib.c 2005-10-07 01:52:45 UTC (rev 10794) +++ branches/SAMBA_3_0/source/rpc_server/srv_eventlog_lib.c 2005-10-07 01:52:48 UTC (rev 10795) @@ -54,9 +54,10 @@ /* make the tdb file name for an event log, given destination buffer and size */ char *mk_tdbfilename( char *dest_buffer, char *eventlog_name, int size_dest ) { + pstring ondisk_name; + if ( !dest_buffer ) return NULL; - pstring ondisk_name; pstrcpy( ondisk_name, EV ); pstrcat( ondisk_name, eventlog_name );
svn commit: samba r10796 - in branches/SAMBA_4_0/source/auth: . gensec
Author: abartlet Date: 2005-10-07 02:07:25 + (Fri, 07 Oct 2005) New Revision: 10796 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10796 Log: Make getting an anonymous session info a utility function. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/auth_util.c branches/SAMBA_4_0/source/auth/gensec/schannel.c Changeset: Modified: branches/SAMBA_4_0/source/auth/auth_util.c === --- branches/SAMBA_4_0/source/auth/auth_util.c 2005-10-07 01:52:48 UTC (rev 10795) +++ branches/SAMBA_4_0/source/auth/auth_util.c 2005-10-07 02:07:25 UTC (rev 10796) @@ -456,6 +456,32 @@ return NT_STATUS_OK; } +NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, +struct auth_session_info **_session_info) +{ + NTSTATUS nt_status; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info = NULL; + TALLOC_CTX *mem_ctx = talloc_new(parent_ctx); + + nt_status = auth_anonymous_server_info(mem_ctx, + server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_free(mem_ctx); + return nt_status; + } + + /* references the server_info into the session_info */ + nt_status = auth_generate_session_info(parent_ctx, server_info, session_info); + talloc_free(mem_ctx); + + NT_STATUS_NOT_OK_RETURN(nt_status); + + *_session_info = session_info; + + return NT_STATUS_OK; +} + / prints a struct auth_session_info security token to debug output. / Modified: branches/SAMBA_4_0/source/auth/gensec/schannel.c === --- branches/SAMBA_4_0/source/auth/gensec/schannel.c2005-10-07 01:52:48 UTC (rev 10795) +++ branches/SAMBA_4_0/source/auth/gensec/schannel.c2005-10-07 02:07:25 UTC (rev 10796) @@ -167,28 +167,8 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security, struct auth_session_info **_session_info) { - NTSTATUS nt_status; struct schannel_state *state = gensec_security-private_data; - struct auth_serversupplied_info *server_info = NULL; - struct auth_session_info *session_info = NULL; - TALLOC_CTX *mem_ctx = talloc_new(state); - - nt_status = auth_anonymous_server_info(mem_ctx, - server_info); - if (!NT_STATUS_IS_OK(nt_status)) { - talloc_free(mem_ctx); - return nt_status; - } - - /* references the server_info into the session_info */ - nt_status = auth_generate_session_info(state, server_info, session_info); - talloc_free(mem_ctx); - - NT_STATUS_NOT_OK_RETURN(nt_status); - - *_session_info = session_info; - - return NT_STATUS_OK; + return auth_anonymous_session_info(state, _session_info); } static NTSTATUS schannel_start(struct gensec_security *gensec_security)
svn commit: samba r10797 - in trunk/source/rpc_client: .
Author: tpot Date: 2005-10-07 02:08:38 + (Fri, 07 Oct 2005) New Revision: 10797 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10797 Log: Fix warning if not compiling with kerberos. Modified: trunk/source/rpc_client/cli_pipe.c Changeset: Modified: trunk/source/rpc_client/cli_pipe.c === --- trunk/source/rpc_client/cli_pipe.c 2005-10-07 02:07:25 UTC (rev 10796) +++ trunk/source/rpc_client/cli_pipe.c 2005-10-07 02:08:38 UTC (rev 10797) @@ -2636,6 +2636,8 @@ return result; } +#ifdef HAVE_KRB5 + / Free function for the kerberos spcific data. / @@ -2645,6 +2647,8 @@ data_blob_free(a-a_u.kerberos_auth-session_key); } +#endif + / Open a named pipe to an SMB server and bind using krb5 (bind type 16). The idea is this can be called with service_princ, username and password all
svn commit: samba r10798 - in trunk/source/python: .
Author: tpot Date: 2005-10-07 03:48:43 + (Fri, 07 Oct 2005) New Revision: 10798 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10798 Log: Cleanup of yucky code in setup.py with patch from Christian Andreetta. Bugzilla #3141. Modified: trunk/source/python/setup.py Changeset: Modified: trunk/source/python/setup.py === --- trunk/source/python/setup.py2005-10-07 02:08:38 UTC (rev 10797) +++ trunk/source/python/setup.py2005-10-07 03:48:43 UTC (rev 10798) @@ -52,21 +52,28 @@ libraries = [] library_dirs = [] +next_is_path = 0 +next_is_flag = 0 + for lib in string.split(samba_libs): -if lib[0:2] == -l: +if next_is_path != 0: +library_dirs.append(lib); +next_is_path = 0; +elif next_is_flag != 0: +next_is_flag = 0; +elif lib == -Wl,-rpath: +next_is_path = 1; +elif lib[0:2] in (-l,-pthread): libraries.append(lib[2:]) -continue -if lib[0:8] == -pthread: -libraries.append(lib[2:]) -continue -if lib[0:2] == -L: +elif lib[0:2] == -L: library_dirs.append(lib[2:]) -continue -if lib[0:2] == -W: -# Skip linker flags -continue -print Unknown entry '%s' in $LIBS variable passed to setup.py % lib -sys.exit(1) +elif lib[0:2] in (-W,-s): +pass # Skip linker flags +elif lib[0:2] == -z: +next_is_flag = 1 # Skip linker flags +else: +print Unknown entry '%s' in $LIBS variable passed to setup.py % lib +sys.exit(1) flags_list = string.split(samba_cflags)
svn commit: samba r10801 - in branches/SAMBA_3_0/source/rpc_client: .
Author: jra Date: 2005-10-07 04:53:30 + (Fri, 07 Oct 2005) New Revision: 10801 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10801 Log: Janitor for tpot - remember to keep 3.0 in sync. Jeremy. Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c === --- branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-07 04:00:11 UTC (rev 10800) +++ branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2005-10-07 04:53:30 UTC (rev 10801) @@ -2636,6 +2636,8 @@ return result; } +#ifdef HAVE_KRB5 + / Free function for the kerberos spcific data. / @@ -2645,6 +2647,8 @@ data_blob_free(a-a_u.kerberos_auth-session_key); } +#endif + / Open a named pipe to an SMB server and bind using krb5 (bind type 16). The idea is this can be called with service_princ, username and password all