[Samba] Prevent 'BDC' overtaking 'PDC'
Hello all, I have 2 PC setup as PDC and BDC (both Centos5, with samba 3.0.23c-2). The problem is, quite often client logon to BDC instead of PDC. I tried to tweak the OS level, but seems not affecting the problem. My understanding is that BDC will only taking charge of client logons when PDC is unavailable. Or is it that BDC will work hand-in-hand at the same time with PDC regarding domain logon? (Just like W2K DC?) I'm chatting in #samba IRC channel right now, and someone make a point by telling me that IT IS BDC role to handle logon. But, my concern is regarding roaming profiles. If we cannot predict in a consitent way into which server the clients logon into, it means that there will be 2 instances of roaming profiles (in PDC and BDC) and we won't be able to know which one holds the latest copy of it. Am I right? What is the proper way to setup this kind of PDC and BDC? This is the relevant smb.conf: PDC: OS level = 33 domain master = yes prefered master = yes domain logon = yes BDC: OS level = 66 domain master = no prefered master = no domain logon = yes Thank you so much for any clue/hints/directions, -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 13:36:26 up 2:10, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org pgpTaXLybSM17.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba ACLs?
On Friday 24 August 2007 08:49:34 Chuck Kollars wrote: From: Chuck Kollars ckollars9 at yahoo.com Subject: Samba ACLs? Date: 2006-08-19 02:46:45 GMT How exactly do Samba 3.x and ACLs interrelate? ... I started out naively assuming that the *nix uidNumber/gidNumber Samba mapped the end user to would behave exactly the same whether they were a Samba user or were logged on locally. ... After a year I think I understand well enough to answer my own question (of course I may be wrong anyway:-): The overdefined term ACL may refer to _either_ Windows file permissions (including the NT variant) _or_ the Linux/Posix file permissions extension. In the Samba context questions about ACLs can be indeterminate and often elicit answers from the other point of view. At root, Samba does everything in terms of the Windows ACL, then maps the result as best it can to *nix permissions. Samba offers a number of configuration options for tweaking the way it handles Windows ACLs, including some methods that have no exact analogue in the Windows world. Samba lets you mash --within limits-- the *nix permission bits it calculates. Recent versions of Samba are pretty good --again within limits-- at being compatible with Linux/Posix ACLs and assigning a Linux/Posix ACL to every file and folder when it's created. But despite all the possible tweaks, the unchanging core is that Samba always calculates the initial *nix permissions according to its mapping of permissions from the Windows world. So even though most of a Linux/Posix ACL may be retained and even honored, Samba ignores the default:user::xxx and default:group::xxx parts of a Linux/Posix ACL. There's no way to configure Samba so it assigns permissions to new files and folders _exactly_ the same way a native Linux user would see them. Hello Chuck, Thank you for your persistence and willingness to share your experience. Really interesting. I found an interesting thing too this morning. I'm using Samba LDAP. When I'm setting up a shared directory using ACL. [EMAIL PROTECTED] profiles]# getfacl profiles/userjauh1/ # file: userjauh1 # owner: userjauh1 # group: root user::rwx user:salesjauh1:rwx group::r-x mask::rwx other::r-x When client's XP logon as userjauh1 and share his directory to salesjauh1, it shows in Linux'es ACL. [EMAIL PROTECTED] profiles]# getfacl userjauh1/New\ Folder # file: New\040Folder # owner: userjauh1 # group: w2kfinance user::rwx user:salesjauh1:rwx group::r-x mask::rwx other::r-x default:user::rwx default:user:salesjauh1:rwx default:group::--- default:mask::rwx default:other::--- What do you think? -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 14:08:23 up 2:42, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org pgpNSGpdKmWxW.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] no local users at all while in ADS mode
Hi all am having problems I have my server configured as an ADS member. however all the local users like root dont let me login at all. I have created the relevent local smb user password with smbpasswd -a user the smbpasswd file has been created in /var/lib/samba/private with the user passwords in. but then trying to use smb shares with smbclient with the same password returns # smbclient -n \\linux01 -U root linux01\\homes # Password: root passwd # session setup failed: NT_STATUS_LOGON_FAILURE any ideas on how to get local users and ADS users ? [global] workgroup = MCKENNAGROUP realm = LOCAL.MCKENNAGROUP.CO.UK server string = Linux File Server interfaces = eth0, lo bind interfaces only = Yes security = ADS allow trusted domains = No client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No use kerberos keytab = Yes log level = 6 max log size = 50 debug timestamp = No smb ports = 445 min protocol = NT1 acl compatibility = win2k announce version = 4.99 name resolve order = host bcast client signing = Yes server signing = Yes enable asu support = Yes deadtime = 15 fam change notify = No socket options = TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=32768 IPTOS_THROUGHPUT load printers = Yes printcap name = cups printing = cups ; panic action = /etc/init.d/samba zap /etc/init.d/samba start preferred master = No local master = No domain master = No enhanced browsing = No dns proxy = No ldap ssl = no host msdfs = No read only = No create mask = 0660 security mask = 0770 directory mask = 0770 directory security mask = 0770 use sendfile = Yes csc policy = disable thanks Damien -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP + displayName attribute
I don't use nscd myself, for comparison On 8/24/07, John Drescher [EMAIL PROTECTED] wrote: On 23/08/07, Didster [EMAIL PROTECTED] wrote: Thanks, I haven't had any other responses to this :o( So I will try and a read though the archives [i did this before posting, but again wont hurt] Its driving me mad! Have you got nscd on? I do have nscd as without it my nfs transfers between my linux clients were horribly slow. I do not have winbind though. I have just noticed I have the same effect (I see my username in the start menu instead of my real name). No one has complained so I am not really worried. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] MacOsX client problem
I have an issue with Macos 10.4 clients accessing a linux (CentOS 5) Samba server - this is a users description of the problem :- I log on to the public area on the server. Then I create a folder in the root called 'thisisafolderwithaverylongname'. Then I enter this folder and create a folder in it called 'thisisasubfolderwithinthenamedfolder', and another one called 'andthisisjustanothersubfolder'. After this I will not be able to enter 'thisisasubfolderwithinthenamedfolder', because when I click it, it's name changes to 'andthisisjustanothersubfolder'. So both folders will be called the same. If at this point I look at the folders from a WinXP, they come up normally. Also, I cannot reproduce the problem on a WinXP. I cannot delete the containing folder on the mac, because it says that it is being used. If I put the server away, and open it up again, all the folders come up and work correctly. smbstatus reports the version as 3.0.23c-2.el5.2.0.2 the public share looks like this in smb.conf:- [public] comment = Public Share path = /home/site/public force user = shareuser force group = allusers read only = No I could not find anything in the samba archives, linux, XP and Win2k clients all work properly Regards Tim -- Tim Cairnes TCSYS Limited -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba on Debian with shares on nfs-filesystem
Am Mittwoch, 22. August 2007 12:36 schrieb Bernd Schubert: On Wednesday 22 August 2007 11:43:47 Thomas Flaig wrote: One potential workaround (no guarantees!) is to say posix locking = no on the relevant shares. Here this did not solve the problem (neither with nfs3 nor with nfs4). :( But on the web there are many reports where this was the solution. Can you try locking = no? This did not solve our problem. But Stefano Deponti suggested me today in a private mail: | kernel oplocks = no | to the global part of my smb.conf file. With this option in the global-section and without the other options (locking = no; posix locking = no in the share-section) this configurations solves the problem. Thomas -- Thomas Flaig mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net user ... /add /domain does not work with samba ?
Hello, I try to use the windows command net use ... /add /domain without success from Xp or Vista. I would realy appreciate to use this command from windows since usrmgr.exe seems not working on Vista and our accounts managers are not allowed to access Samba servers. Is it possible ? Thank you for your help. LG Here under is the network flow shown by Wireshark ... SamrConnect5 request, \\MYPDC SamrConnect5 response STATUS_SUCCESS SamrEnumerateDomainsInSamServer request (\\MYPDC) SamrEnumerateDomainsInSamServer response STATUS_SUCCESS SamrLookupDomainsInSamServer request (\\MYPDC) SamrLookupDomainsInSamServer response STATUS_SUCCESS SamrOpenDomain request (S-1-5-21-...) SamrOpenDomain response STATUS_SUCCESS SamrCreateUser2InDomain request (myuser, access ctrl=0x0010,access mask=0xe00500b0) SamrCreateUser2InDomain response STATUS_SUCCESS At this point the user might be created on the PDC but the conversation is not closed and the net command from windows queries the PDC. SamrQueryInformationUser request (Policy handle: createuser2 handle) SamrQueryInformationUser response STATUS_SUCCESS SamrGetUserDomainPasswordInformation request (Policy handle: createuser2 handle) SamrGetUserDomainPasswordInformation response STATUS_SUCCESS Then the command tries to set some information on the PDC accounts db. SamrSetInformationUser2 request (a lot of user infos) SamrSetInformationUser2 response STATUS_ACCESS_DENIED Since the windows net command is not happy to not be able to set the lot of user infos in account db it deletes the just created account on the PDC. SamrDeleteUser request (Policy handle: createuser2 handle) SamrDeleteUser response STATUS_SUCCESS I also debugged the network flow while using Samba net rpc user add command from another machine in the network. It showed a conversation looking ending at the first part of the windows one. The one difference is that Samba uses SamrConnect2 in place of SamrConnect5. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: net user ... /add /domain does not work with samba ?
Lou Gascou a écrit : Hello, I try to use the windows command net use ... /add /domain without success from Xp or Vista. I would realy appreciate to use this command from windows since usrmgr.exe seems not working on Vista and our accounts managers are not allowed to access Samba servers. Sorry but I omited to write that I use Samba 3.0.25c with smbpasswd password backend. Is it possible ? Thank you for your help. LG Here under is the network flow shown by Wireshark ... SamrConnect5 request, \\MYPDC SamrConnect5 response STATUS_SUCCESS SamrEnumerateDomainsInSamServer request (\\MYPDC) SamrEnumerateDomainsInSamServer response STATUS_SUCCESS SamrLookupDomainsInSamServer request (\\MYPDC) SamrLookupDomainsInSamServer response STATUS_SUCCESS SamrOpenDomain request (S-1-5-21-...) SamrOpenDomain response STATUS_SUCCESS SamrCreateUser2InDomain request (myuser, access ctrl=0x0010,access mask=0xe00500b0) SamrCreateUser2InDomain response STATUS_SUCCESS At this point the user might be created on the PDC but the conversation is not closed and the net command from windows queries the PDC. SamrQueryInformationUser request (Policy handle: createuser2 handle) SamrQueryInformationUser response STATUS_SUCCESS SamrGetUserDomainPasswordInformation request (Policy handle: createuser2 handle) SamrGetUserDomainPasswordInformation response STATUS_SUCCESS Then the command tries to set some information on the PDC accounts db. SamrSetInformationUser2 request (a lot of user infos) SamrSetInformationUser2 response STATUS_ACCESS_DENIED Since the windows net command is not happy to not be able to set the lot of user infos in account db it deletes the just created account on the PDC. SamrDeleteUser request (Policy handle: createuser2 handle) SamrDeleteUser response STATUS_SUCCESS I also debugged the network flow while using Samba net rpc user add command from another machine in the network. It showed a conversation looking ending at the first part of the windows one. The one difference is that Samba uses SamrConnect2 in place of SamrConnect5. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, Winbind and Active Directory
On 8/23/07, Kevin Gutch [EMAIL PROTECTED] wrote: I am trying to set up Samba joining Active Directory. I have done this successfully before and have most of my previous files. Here is the issue I am seeing. I can kinit [EMAIL PROTECTED] I cannot net ads join -U administrator I get thus message: Failed to join domain: Invalid credentials I was seeing this same behavior. Joining the domain as a different user in the Domain Admins group worked fine though. Once joined the adminisitrator user was able to access the shares as normal. Ed Plese -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP joining Samba/LDAP domain problem (User cannot be found) [SOLVED]
To anyone out there who's having problems joining their Samba/LDAP domain with XP here's a solution. The main symptom is that the XP join domain gui returns a user cannot be found error. The setup that I experienced this on was configured and managed using the smbldap-tools package. Usual disclaimer applies if it fails to work, you are responsible for backing up your installation and no responsibility will be accepted for anything. The problem arose after I configured my servers to use the Computers organisational unit in LDAP (ou=Computers) to store host names. The process of a Windows/Samba domain member joining a Samba domain is a two stage one as each Samba client has to have a matching Posix account in the LDAP directory. After clicking OK on the client the server first creates the POSIX entry and then adds the SambaSam attributes. For whatever reason, when the ou=Computers entry was used, smbldap-tools added the POSIX entry into the Computers ou but then tried to read it back out from the Users ou. As the entry was non-existent in Users it cannot add the Samba attributes to the POSIX side and hence windows declares user cannot be found. Some Googling revealed that you can store machine accounts in ou=Users so the solution I found was as follows: 1) Stop LDAP and Dump the directory into an ldif file using slapcat -l /root/userdump.ldif 2) Open the LDIF file in a text editor and use search and replace to change all machine account entries from ou=Computers to ou=Users. Note that at the top of your ldif file there's an entry that adds the Computers organisational unit. Do not change this. You can probably delete it but personally I just left it as it was. An easy way to only change the machine name entries is to search for $,ou=Computers and replace it with $,ou=Users as the computer name entries end with $ and will match this pattern. 3) Backup your directory databases using cp -R /var/lib/ldap /root (adjust to match your distro but this works on Redhat/Mandriva). You can also create a second backup using the slapcat command and dumping the ldif file to a safe place. 4) Delete the files in the LDAP database directory, in the above case rm -f /var/lib/ldap/* ,and then check the directory to make sure it's empty ls -la /var/lib/ldap. If you had a DB_CONFIG file in there, copy it back from the backup directory. 5) Run slapadd -v -l /root/userdump.ldif to add the modified ldif file back into LDAP. The -v forces slapadd into versbose mode so you should see all the entries scrolling up the screen as they're added. 6) Change ownership of the ldap directory and it's newly created databases to user/group ldap using chown -R ldap.ldap /var/lib/ldap . If you don't do this the server will bitch horribly when you try to start it. 7) Restart your ldap server . You should now find that the XP client says welcome to the whatever domain when you click OK. As I say, it worked for me after I'd spent hours searching for a solution without finding one. Good Luck!! Cheers, Jools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] The process cannot access the file because another process has locked a portion of the file
Author: Sandra Date: 2007-06-26 21:26 +200 To: samba Subject: [Samba] The process cannot access the file because another process has locked a portion of the file I have a directory in a linux server (Debian) and it was exported by nfs to another linux server (Debian). In this last server, the directory was included in smb.conf (Samba) for Windows users. I can access the share from windows and create news files, but I cannot move files inside the subdirectories of the share. When I try to do this, I receive the follow message: Cannot copy file_name. The process cannot access the file because another process has locked a portion of the file. Anybody knows something about it? Sandra Yup, samba's default strict locking has changed. Set strict locking = no in [global] and that should solve the problem. Horrible that it's not in the Debian changelog - took me a week to figure out! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA Team - Still no SiSE rpms for 3.0.25c
Jerry, all; Is anyone still building rpms for SuSE? They used to be built the same day of the release, now they are trailing far behind. Is Lars still with opensuse and still building?? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Team - 3.0.25c Seems Well in Standalone
David Rankin wrote: -Original Message- From: Gerald (Jerry) Carter Subject: Re: [Samba] Samba Team - 3.0.25c Seems Well in Standalone David C. Rankin wrote: Jerry, Everybody: 3.0.25c compiled from source on a mandriva 2005le server in my no (AD, LDAP, Kerbose) environment. A full day of production and nothing more that a whimper out of the system. So, at least in my case 3.0.25c looks good. Thanks for the feedback David. Jerry, Even my custom print to .pdf script work in 3.0.25c. I still haven't found the reason it stopped working on 2.0.25. Oh well, there are some things you just can't explain. Thanks again. David C. Rankin, J.D., P.E. David, I think I can answer that some. There where some changes in 3.0.25 in how scripts were run due to a security flaw. The fixes broke things and the samba team had to back out some of the changes and correct other inplementation details. Anyway, I believe 3.0.25c may have fixed all the problems created by the security updates and releases. -James Kosin -- Scanned by ClamAV - http://www.clamav.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA Team - Still no SiSE rpms for 3.0.25c
On Fri, Aug 24, 2007 at 08:40:33AM -0500, John H Terpstra wrote: Is anyone still building rpms for SuSE? They used to be built the same day of the release, now they are trailing far behind. Is Lars still with opensuse and still building?? I run OpenSUSE 10.2 x86_64 - you can download the RPMS from: ftp://ftp.primastasys.com/pub/ Note: To build x86 (32-bit) binaries, just fetch the SRPM file, then built on your own system by running: Alternatively, try ftp.sernet.de. Volker pgpoAPod6yLAA.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA Team - Still no SiSE rpms for 3.0.25c
On Friday 24 August 2007 07:59, David C. Rankin wrote: Jerry, all; Is anyone still building rpms for SuSE? They used to be built the same day of the release, now they are trailing far behind. Is Lars still with opensuse and still building?? I run OpenSUSE 10.2 x86_64 - you can download the RPMS from: ftp://ftp.primastasys.com/pub/ Note: To build x86 (32-bit) binaries, just fetch the SRPM file, then built on your own system by running: rpmbuild --rebuild samba-3.0.25c-2.src.rpm The built RPMS will be found on your system under: /usr/src/packagse/RPMS/... - John T. pgpcF0PVx2wWr.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba tuning - ldapsam:trusted
I have a samba configured as PDC and LDAP installed in the same machine. Ok. Everything is working correctly, but I want to enhance the performance. So, I read that if I set the ldapsam:trusted option, samba will directly communicate to ldap to get informations (not using NSS anymore). So, I decided to put ldapsam:trusted = yes and guest account = nobody in my config file. Therefore, everytime that I start/restart samba server it complains about it (and remains stopped). So, I don't know what should I do... because I already tried these steps: # userdel nobody # groupdel nobody # smbldap-groupadd -g 65534 -o nobody # smbldap-useradd -a -u 65534 -g 65534 -n -s /bin/false -d / nobody and I still can't start samba. Sorry don't know anything about smbldap utilities; but the user needs to exist as a valid account in LDAP. I assume that is what you are doing in the above. The user account nobody is used for a several applications as dhcpd and others services in my box. Can I use another account to set this?! Sure, we create an account pcnet for Samba to use as the anonymous account. Not shared with anything else it is a bit simpler. I can post my config file if it's necessary... just ask me :) -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA Team - Still no SiSE rpms for 3.0.25c
On Friday 24 August 2007 08:57, Volker Lendecke wrote: On Fri, Aug 24, 2007 at 08:40:33AM -0500, John H Terpstra wrote: Is anyone still building rpms for SuSE? They used to be built the same day of the release, now they are trailing far behind. Is Lars still with opensuse and still building?? I run OpenSUSE 10.2 x86_64 - you can download the RPMS from: ftp://ftp.primastasys.com/pub/ Note: To build x86 (32-bit) binaries, just fetch the SRPM file, then built on your own system by running: Alternatively, try ftp.sernet.de. Not alternativly - SerNet is the preferred location. - john T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba tuning - ldapsam:trusted
but this account called pcnet need to have any relation to LDAP server? I mean... LDAP server processes must be running with pcnet account?! If no, I do not set any kind of password?! and guest account should be set to guest account = pcnet ?!? thanks for your answer. On 8/24/07, Adam Tauno Williams [EMAIL PROTECTED] wrote: I have a samba configured as PDC and LDAP installed in the same machine. Ok. Everything is working correctly, but I want to enhance the performance. So, I read that if I set the ldapsam:trusted option, samba will directly communicate to ldap to get informations (not using NSS anymore). So, I decided to put ldapsam:trusted = yes and guest account = nobody in my config file. Therefore, everytime that I start/restart samba server it complains about it (and remains stopped). So, I don't know what should I do... because I already tried these steps: # userdel nobody # groupdel nobody # smbldap-groupadd -g 65534 -o nobody # smbldap-useradd -a -u 65534 -g 65534 -n -s /bin/false -d / nobody and I still can't start samba. Sorry don't know anything about smbldap utilities; but the user needs to exist as a valid account in LDAP. I assume that is what you are doing in the above. The user account nobody is used for a several applications as dhcpd and others services in my box. Can I use another account to set this?! Sure, we create an account pcnet for Samba to use as the anonymous account. Not shared with anything else it is a bit simpler. I can post my config file if it's necessary... just ask me :) -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba tuning - ldapsam:trusted
On Fri, 2007-08-24 at 11:30 -0300, Guilherme Sperb Machado wrote: but this account called pcnet need to have any relation to LDAP server? It needs to be a valid account. I mean... LDAP server processes must be running with pcnet account?! No? Where did you get this idea? it is just a user context to map anonymous connections to. If no, I do not set any kind of password?! Nope, and guest account should be set to guest account = pcnet ?!? Yep, or whatever account you use. guest account = pcnet Note this section from the smb.conf man page: - Note that the name of the resource being requested is not sent to the server until after the server has successfully authenti‐ cated the client. This is why guest shares don't work in user level security without allowing the server to automatically map unknown users into the guest account. See the map to guest parameter for details on doing this. And the map to guest directive: - Note that this parameter is needed to set up Guest share ser‐ vices when using security modes other than share. This is because in these modes the name of the resource being requested is not sent to the server until after the server has success‐ fully authenticated the client so the server cannot make authen‐ tication decisions at the correct time (connection to the share) for Guest shares. You probably want: map to guest = Bad User - if you are actually running guest access shares. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NT_STATUS_LOGON_FAILURE
All, I am having a problem that I can not solve for the last 2 weeks. I mounted a shared drive on the Samba server, and from the XP Home machine I can view the shared folder but cannot *write *to it. I followed the samba setup instructions as given in http://ubuntuforums.org/showthread.php?t=202605highlight=howto+windows+file+sharing+samba Through the Samba diagnostic test procedure, I encountered the following problem : [EMAIL PROTECTED]:/etc/samba# smbclient -L localhost Password: session setup failed: NT_STATUS_LOGON_FAILURE [EMAIL PROTECTED]:/etc/samba# For your information, I am using the latest version of Samba. I used to use an older Samba version and it works fine e.g. I can read/write to the shared folder. What would cause the NT_STATUS_LOGON_FAILURE problem ? I scanned the web for an answer and apparently there are no solutions, except that some users mentioned the latest Samba version patches is not working correctly under certain conditions. I am running out of options to fix this problem, and will appreciate any help from the community so that I can get some sleep. Thanks, Khanh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Login-Problem with DFS-Share
Holger Biber Holger.Biber at Teleos-web.de writes: ... But trying to use net use l: \\samba\agbhome /USER:myuser I'll be prompted for the password, and the error message is displayed: Systemfehler 59 aufgetreten Ein unerwarteter Netzwerkfehler ist aufgetreten (translated: Systemerror 59 occured. An unexpected networkerror occured You're configuration is a little funny, but I don't think that has anything to do with your problems. I'm assuming that the user you are logged onto XP with doesn't have access to agbhome. From the network traces I've done w/ dfs I see: 1. client connects to samba server (using the userid from /user if one is specified) 2. The samba server sends back the dfs referral 3. The XP client initiates a new connect to the target server -- but it doesn't use the ID specified with /user. I have assumed this was a MS bug or feature. They probably assume everyone signs onto a domain and only connects w/ that userid. As for your config, since you are using msdfs proxy, I don't think Samba is ever looking at your symlinks. Strange, because directly on samba I use: admin:~ # smbclient samba\\agbhome -U AGB\\agb.bib Password: Domain=[AGB-NB] OS=[Unix] Server=[Samba 3.0.20b-3.21-1370-SUSE] session request to 172.18.160.11 failed (Called name not present) session request to 172 failed (Called name not present) session request to 172.18.160.11 failed (Called name not present) session request to 172 failed (Called name not present) smb: \ ls Smbclient is probably sending specified userid on all the connections. Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Interdomain Trusts and Winbind
Hello all, I want two Samba PDC's to trust each other. It says I need Winbind to be running on the trusting domain. To run Winbind, one of the steps is to join the PDC domain. Can one PDC join another PDC's domain?? Can someone please tell if i'm configuring this correctly? Thanks. Jason. -- Jason Coo Computer Engineer, P.Eng. The Fluid Life Corporation 1-877-962-2400 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind uid problem
You probably need to remove the winbindd_idmap.tdb file and restart winbindd. Be advised this will delete all current mappings so any files with those UID/GID's may get different owners. The other more complicated option is to run tdbtool on the file and only delete the bad mappings. If you don't know where to find that file run smbd -b | grep LOCKDIR [EMAIL PROTECTED] wrote: I have installed winbind and it is working, but I need to change the uid/gid being used by winbind since I am running into some conflicts with UIDs. UID 10071 is being used by my spamfilter and winbindd is also mapping one of the user IDs from the W2K3 server to 10071. In an attempt to change this, I modified my smb.conf file as follows. [global] workgroup = MO idmap gid = 15000-2 idmap uid = 15000-2 winbind enum users = yes winbind enum groups = yes winbind separator = + security = domain password server = 10.129.10.41 wins server = 10.129.10.41 I restarted the server thinking my users would be remapped in the range 15000-2. However, they are still mapped in the 1-2 as I had originally set in the smb.conf file. I confirmed this using getent passwd. I am running 3.0.23c on FreeBSD 6.2. Any suggestions would be greatly appreciated. Thanks, Jay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind usage
With only a Samba PDC, with everything defined in LDAP, is there any requirement for Winbind? -- Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind usage
On 8/24/07, Daniel L. Miller [EMAIL PROTECTED] wrote: With only a Samba PDC, with everything defined in LDAP, is there any requirement for Winbind? We have never used it in our samba PDC/LDAP environment however with this setup the security dialog of windows does not correctly list the groups who have permissions on each file or folder. For each object regardless of the ACL we see only entries for Administrators, Everyone and Users. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Group add trouble
I am trying to add domain user 'mlander' to the Domain Admin group via srvtools user manager and at the suse command prompt with denied errors both instances logged in as root. Version 3.0.23d-19.7-1354-SUSE-SL10.2 I am now trying to upgrade to 3.0.25c. I am on the right track here? Thanks Mike log from laptop logged into the domain as root below [2007/08/25 02:07:49, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 7511 [2007/08/25 02:07:53, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service root initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:19, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service profiles initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:19, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service profiles initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:21, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service root [2007/08/25 02:08:28, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service netlogon initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:29, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service root initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:33, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service profiles [2007/08/25 02:08:33, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service profiles /usr/sbin/usermod: invalid option -- a Try `usermod --help' or `usermod --usage' for more information. [2007/08/25 02:09:09, 0] groupdb/mapping.c:smb_add_user_group(978) smb_add_user_group: Running the command `/usr/sbin/usermod -a -G 'users' 'root'' gave 2 /usr/sbin/usermod: invalid option -- a Try `usermod --help' or `usermod --usage' for more information. [2007/08/25 02:09:44, 0] groupdb/mapping.c:smb_add_user_group(978) smb_add_user_group: Running the command `/usr/sbin/usermod -a -G 'root' 'mlander'' gave 2 [2007/08/25 02:19:07, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service netlogon [2007/08/25 02:55:40, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 10.194.79.195. Error = No route to host [2007/08/25 02:55:40, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service root -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind usage
On Friday 24 August 2007, Daniel L. Miller wrote: With only a Samba PDC, with everything defined in LDAP, is there any requirement for Winbind? I think the only reason to use it in this case (or even with a different passdb backend - any time when you are not authenticating against a Windows DC) is to absolutely distinguish between access from non-local domain member systems and local domain member systems. From the Official HOWTO: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id412001 If the Samba server will be accessed from a domain other than the local Samba domain, or if there will be access from machines that are not local domain members, winbind will permit the allocation of UIDs and GIDs from the assigned pool that will keep the identity of the foreign user separate from users that are members of the Samba domain. -- Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Group add trouble
On Friday 24 August 2007 13:45, Mike Lander wrote: I am trying to add domain user 'mlander' to the Domain Admin group via srvtools user manager and at the suse command prompt with denied errors both instances logged in as root. Version 3.0.23d-19.7-1354-SUSE-SL10.2 I am now trying to upgrade to 3.0.25c. I am on the right track here? Look closely at the error message below. You will note that the -a option to the usremod command is not valid for SUSE Linux. In place of -a you need to use only -G. - John T. Thanks Mike log from laptop logged into the domain as root below [2007/08/25 02:07:49, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 7511 [2007/08/25 02:07:53, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service root initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:19, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service profiles initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:19, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service profiles initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:21, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service root [2007/08/25 02:08:28, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service netlogon initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:29, 1] smbd/service.c:make_connection_snum(950) mikeslap (10.194.79.195) connect to service root initially as user root (uid=0, gid=0) (pid 30916) [2007/08/25 02:08:33, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service profiles [2007/08/25 02:08:33, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service profiles /usr/sbin/usermod: invalid option -- a Try `usermod --help' or `usermod --usage' for more information. [2007/08/25 02:09:09, 0] groupdb/mapping.c:smb_add_user_group(978) smb_add_user_group: Running the command `/usr/sbin/usermod -a -G 'users' 'root'' gave 2 /usr/sbin/usermod: invalid option -- a Try `usermod --help' or `usermod --usage' for more information. [2007/08/25 02:09:44, 0] groupdb/mapping.c:smb_add_user_group(978) smb_add_user_group: Running the command `/usr/sbin/usermod -a -G 'root' 'mlander'' gave 2 [2007/08/25 02:19:07, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service netlogon [2007/08/25 02:55:40, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 10.194.79.195. Error = No route to host [2007/08/25 02:55:40, 1] smbd/service.c:close_cnum(1150) mikeslap (10.194.79.195) closed connection to service root -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.25c Going Nuts on our Network???
POSTED TO THE LIST W/O ATTACHMENTS Jerry, I am sending this to you directly because it contains the tcpdump information in addition to the samba logs just in case there is sensitive information contained in the files. What is happening is that samba 3.0.25c, after first running smoothly, is becoming very chatty across our LAN. I don't know why, but with no files or applications open, smb is throwing about 4-5 packets a second at each windows XP client. This was causing noticeable network slowness. It is definitely 3.0.25c because after I grabbed the packets and the logs, I did a make revert to 3.0.25 and the noise on the network completely stopped. It seems like there is a race condition somewhere. I may need to send you a level 10, but when this occurred, I didn't have level 10 set so I just grabbed a tcpdump of the traffic and the log files I had. I will switch back to 3.0.25c this evening with level 10 set and see if I can duplicate the problem. In the mean time here are the files. David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.25c Going Nuts on our Network???
On Fri, Aug 24, 2007 at 04:07:50PM -0500, David Rankin wrote: POSTED TO THE LIST W/O ATTACHMENTS Jerry, I am sending this to you directly because it contains the tcpdump information in addition to the samba logs just in case there is sensitive information contained in the files. What is happening is that samba 3.0.25c, after first running smoothly, is becoming very chatty across our LAN. I don't know why, but with no files or applications open, smb is throwing about 4-5 packets a second at each windows XP client. This was causing noticeable network slowness. It is definitely 3.0.25c because after I grabbed the packets and the logs, I did a make revert to 3.0.25 and the noise on the network completely stopped. It seems like there is a race condition somewhere. I may need to send you a level 10, but when this occurred, I didn't have level 10 set so I just grabbed a tcpdump of the traffic and the log files I had. Can you get a network trace here please so we can see what the packets are ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba Team - 3.0.25c Seems Well in Standalone
-Original Message- On Behalf Of James Kosin Subject: Re: [Samba] Samba Team - 3.0.25c Seems Well in Standalone David Rankin wrote: -Original Message- From: Gerald (Jerry) Carter Subject: Re: [Samba] Samba Team - 3.0.25c Seems Well in Standalone David C. Rankin wrote: Jerry, Everybody: 3.0.25c compiled from source on a mandriva 2005le server in my no (AD, LDAP, Kerbose) environment. A full day of production and nothing more that a whimper out of the system. So, at least in my case 3.0.25c looks good. Thanks for the feedback David. Jerry, Even my custom print to .pdf script work in 3.0.25c. I still haven't found the reason it stopped working on 2.0.25. Oh well, there are some things you just can't explain. Thanks again. David C. Rankin, J.D., P.E. David, I think I can answer that some. There where some changes in 3.0.25 in how scripts were run due to a security flaw. The fixes broke things and the samba team had to back out some of the changes and correct other inplementation details. Anyway, I believe 3.0.25c may have fixed all the problems created by the security updates and releases. -James Kosin -- James, Thank you for the follow up! I have been tearing 2.0.25b packets apart trying to figure out why the print to pdf stopped working. I thought it was on my end, but I checked everything with a fine toothed comb and still couldn't find the answer. I'll sleep better tonight! -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind uid problem
Thank you!!! I had thought it was stored somewhere, but did not know where. I will give this a try tomorrow, after all of the storms pass. Thanks again. Jay Once a uid mapping has been made,it is persistent, and it is stored in the winbindd_idmap.tdb file in the locks directory. If you want the mapping to remap your users, you would have to remove this file. I'd suggest copying it somewhere safe until you're sure this new mapping works for you. hope this helps, Don - Original Message From: [EMAIL PROTECTED] [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Thursday, August 23, 2007 7:42:40 PM Subject: [Samba] winbind uid problem I have installed winbind and it is working, but I need to change the uid/gid being used by winbind since I am running into some conflicts with UIDs. UID 10071 is being used by my spamfilter and winbindd is also mapping one of the user IDs from the W2K3 server to 10071. In an attempt to change this, I modified my smb.conf file as follows. [global] workgroup = MO idmap gid = 15000-2 idmap uid = 15000-2 winbind enum users = yes winbind enum groups = yes winbind separator = + security = domain password server = 10.129.10.41 wins server = 10.129.10.41 I restarted the server thinking my users would be remapped in the range 15000-2. However, they are still mapped in the 1-2 as I had originally set in the smb.conf file. I confirmed this using getent passwd. I am running 3.0.23c on FreeBSD 6.2. Any suggestions would be greatly appreciated. Thanks, Jay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA Team - Still no SiSE rpms for 3.0.25c
John H Terpstra wrote: On Friday 24 August 2007 08:57, Volker Lendecke wrote: On Fri, Aug 24, 2007 at 08:40:33AM -0500, John H Terpstra wrote: Is anyone still building rpms for SuSE? They used to be built the same day of the release, now they are trailing far behind. Is Lars still with opensuse and still building?? I run OpenSUSE 10.2 x86_64 - you can download the RPMS from: ftp://ftp.primastasys.com/pub/ Note: To build x86 (32-bit) binaries, just fetch the SRPM file, then built on your own system by running: Alternatively, try ftp.sernet.de. Not alternativly - SerNet is the preferred location. - john T. John T. Why are there different packages being built for SuSE between the samba.org repo and the ftp.sernet.de repo??? Specifically, here are the differences: www.samba.org binaries for SuSE 10.0 not included in sernet.de: cifs-mount-3.0.25b-1.1.72.i586.rpm ldapsmb-1.34b-80.1.72.i586.rpm libmsrpc-3.0.25b-1.1.72.i586.rpm libmsrpc-devel-3.0.25b-1.1.72.i586.rpm samba-krb-printing-3.0.25b-1.1.72.i586.rpm samba-pdb-3.0.25b-1.1.72.i586.rpm samba-python-3.0.25b-1.1.72.i586.rpm samba-vscan-0.3.6b-4.12.72.i586.rpm ftp.sernet.de binaries for SuSE 10.0 not included in the samba.org binaries: samba3-cifsmount-3.0.25c-33.i586.rpm samba3-debuginfo-3.0.25c-33.i586.rpm samba3-doc-3.0.25c-33.i586.rpm samba3-utils-3.0.25c-33.i586.rpm Obviously, the only one that is troublesome is the cifsmount package. Won't the naming difference screw up the Yast database by allowing two different versions of cifs to be installed under different package names?? Or, is Yast smart enough to figure that out? Just a curiosity... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.25c Going Nuts on our Network???
Jeremy Allison wrote: On Fri, Aug 24, 2007 at 04:22:14PM -0500, David Rankin wrote: Sure Jerry, They are attached. One is a 18 second capture, the second is a 60 second capture. Is any linux process writing into that directory or changing the directory timestamp ? Jeremy. No, at the time I made the capture, the system was sitting at idle and ethereal was the only thing active. I specifically made sure that there was nothing active on the link between 192.168.7.15 and .98. Further, the entire net was slowing down. I apologize that the dump was from the wireless card that couldn't be put into promiscuous mode, but such is life. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r24647 - in branches/SAMBA_4_0/source: .
Author: tridge Date: 2007-08-24 06:10:16 + (Fri, 24 Aug 2007) New Revision: 24647 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24647 Log: this passes now Modified: branches/SAMBA_4_0/source/samba4-knownfail Changeset: Modified: branches/SAMBA_4_0/source/samba4-knownfail === --- branches/SAMBA_4_0/source/samba4-knownfail 2007-08-24 03:40:40 UTC (rev 24646) +++ branches/SAMBA_4_0/source/samba4-knownfail 2007-08-24 06:10:16 UTC (rev 24647) @@ -9,4 +9,3 @@ RPC-WKSSVC.*NetWkstaGetInfo RPC-WKSSVC.*NetWkstaTransportEnum blackbox.smbclient.*USER.*PASSWD -RAW-SAMBA3CASEINSENSITIVE
svn commit: samba r24648 - in branches/SAMBA_4_0/source/dsdb/common: .
Author: abartlet Date: 2007-08-24 06:29:20 + (Fri, 24 Aug 2007) New Revision: 24648 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24648 Log: Found out the meaning of a few more flags. Modified: branches/SAMBA_4_0/source/dsdb/common/flags.h Changeset: Modified: branches/SAMBA_4_0/source/dsdb/common/flags.h === --- branches/SAMBA_4_0/source/dsdb/common/flags.h 2007-08-24 06:10:16 UTC (rev 24647) +++ branches/SAMBA_4_0/source/dsdb/common/flags.h 2007-08-24 06:29:20 UTC (rev 24648) @@ -19,7 +19,7 @@ */ /* UserFlags for userAccountControl */ -#define UF_SCRIPT 0x0001 +#define UF_SCRIPT 0x0001 /* NT or Lan Manager Login script must be executed */ #define UF_ACCOUNTDISABLE 0x0002 #define UF_00040x0004 #define UF_HOMEDIR_REQUIRED0x0008 @@ -29,7 +29,7 @@ #define UF_PASSWD_CANT_CHANGE 0x0040 #define UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED 0x0080 -#define UF_TEMP_DUPLICATE_ACCOUNT 0x0100 +#define UF_TEMP_DUPLICATE_ACCOUNT 0x0100 /* Local user account in usrmgr */ #define UF_NORMAL_ACCOUNT 0x0200 #define UF_04000x0400 #define UF_INTERDOMAIN_TRUST_ACCOUNT 0x0800
svn commit: samba r24649 - in branches: SAMBA_3_0_25/source/nsswitch SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: vlendec Date: 2007-08-24 11:25:38 + (Fri, 24 Aug 2007) New Revision: 24649 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24649 Log: Attempt to fix bug 4917. Simo, please check! Thanks Patrick Rynhart for reporting this. Modified: branches/SAMBA_3_0_25/source/nsswitch/idmap_ldap.c branches/SAMBA_3_2/source/nsswitch/idmap_ldap.c branches/SAMBA_3_2_0/source/nsswitch/idmap_ldap.c Changeset: Modified: branches/SAMBA_3_0_25/source/nsswitch/idmap_ldap.c === --- branches/SAMBA_3_0_25/source/nsswitch/idmap_ldap.c 2007-08-24 06:29:20 UTC (rev 24648) +++ branches/SAMBA_3_0_25/source/nsswitch/idmap_ldap.c 2007-08-24 11:25:38 UTC (rev 24649) @@ -894,7 +894,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */ @@ -,7 +,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */ Modified: branches/SAMBA_3_2/source/nsswitch/idmap_ldap.c === --- branches/SAMBA_3_2/source/nsswitch/idmap_ldap.c 2007-08-24 06:29:20 UTC (rev 24648) +++ branches/SAMBA_3_2/source/nsswitch/idmap_ldap.c 2007-08-24 11:25:38 UTC (rev 24649) @@ -896,7 +896,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */ @@ -1113,7 +1113,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */ Modified: branches/SAMBA_3_2_0/source/nsswitch/idmap_ldap.c === --- branches/SAMBA_3_2_0/source/nsswitch/idmap_ldap.c 2007-08-24 06:29:20 UTC (rev 24648) +++ branches/SAMBA_3_2_0/source/nsswitch/idmap_ldap.c 2007-08-24 11:25:38 UTC (rev 24649) @@ -893,7 +893,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */ @@ -1110,7 +1110,7 @@ uidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_UIDNUMBER); gidNumber = get_attr_key2string(idpool_attr_list, LDAP_ATTR_GIDNUMBER); - attr_list = get_attr_list(ctx, sidmap_attr_list); + attr_list = get_attr_list(memctx, sidmap_attr_list); if ( ! ids[1]) { /* if we are requested just one mapping use the simple filter */
Re: svn commit: samba r24649 - in branches: SAMBA_3_0_25/source/nsswitch SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
On Fri, 2007-08-24 at 11:25 +, [EMAIL PROTECTED] wrote: Log: Attempt to fix bug 4917. Simo, please check! Thanks Patrick Rynhart for reporting this. Oh thanks for this fix, looks good. This must have been a huge memory leak on long running winbindd processes. Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org
svn commit: samba r24650 - in branches/SAMBA_4_0/source/setup: .
Author: idra Date: 2007-08-24 13:21:43 + (Fri, 24 Aug 2007) New Revision: 24650 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24650 Log: Some more instructions to have make GSS-TSIG work Modified: branches/SAMBA_4_0/source/setup/named.conf Changeset: Modified: branches/SAMBA_4_0/source/setup/named.conf === --- branches/SAMBA_4_0/source/setup/named.conf 2007-08-24 11:25:38 UTC (rev 24649) +++ branches/SAMBA_4_0/source/setup/named.conf 2007-08-24 13:21:43 UTC (rev 24650) @@ -1,10 +1,22 @@ # -# Insert this snippit into your named.conf or bind.conf to configure +# Insert these snippets into your named.conf or bind.conf to configure # the BIND nameserver. # +#insert this into options {} +tkey-gssapi-credential DNS/${DNSDOMAIN} +tkey-domain ${REALM}; + +#the zone file zone ${DNSDOMAIN}. IN { type master; file ${DNSDOMAIN}.zone; }; +# Also, you need to change your init scripts to set this environment variable +# for named: KRB_KTNAME so that it points to the keytab generated. +# In RedHat derived systems such RHEL/CentOS/Fedora you can add the following +# line to the /etc/sysconfig/named file +# export KRB_KTNAME=/etc/named.keytab + +# *TODO*: generate and install a keytab file in /etc/named.keytab
svn commit: samba r24651 - in branches/SAMBA_4_0/source/setup: .
Author: idra Date: 2007-08-24 13:31:05 + (Fri, 24 Aug 2007) New Revision: 24651 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24651 Log: Allow dynamic updates for the domain controller over its own name Modified: branches/SAMBA_4_0/source/setup/named.conf Changeset: Modified: branches/SAMBA_4_0/source/setup/named.conf === --- branches/SAMBA_4_0/source/setup/named.conf 2007-08-24 13:21:43 UTC (rev 24650) +++ branches/SAMBA_4_0/source/setup/named.conf 2007-08-24 13:31:05 UTC (rev 24651) @@ -11,6 +11,11 @@ zone ${DNSDOMAIN}. IN { type master; file ${DNSDOMAIN}.zone; + update-policy { + /* use ANY only for Domain controllers for now */ + /* for normal machines A PTR is probbaly all is needed */ + grant [EMAIL PROTECTED] name ${HOSTNAME}.${DNSDOMAIN} ANY; + }; }; # Also, you need to change your init scripts to set this environment variable
svn commit: samba r24652 - in branches/SAMBA_3_2_0/source/lib/tdb/common: .
Author: vlendec Date: 2007-08-24 14:36:13 + (Fri, 24 Aug 2007) New Revision: 24652 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24652 Log: Janitor for jelmer, merge r24340: Use standard data type uint32_t rather than tdb-specific u32. Modified: branches/SAMBA_3_2_0/source/lib/tdb/common/error.c branches/SAMBA_3_2_0/source/lib/tdb/common/io.c branches/SAMBA_3_2_0/source/lib/tdb/common/lock.c branches/SAMBA_3_2_0/source/lib/tdb/common/open.c branches/SAMBA_3_2_0/source/lib/tdb/common/tdb.c branches/SAMBA_3_2_0/source/lib/tdb/common/tdb_private.h branches/SAMBA_3_2_0/source/lib/tdb/common/transaction.c branches/SAMBA_3_2_0/source/lib/tdb/common/traverse.c Changeset: Modified: branches/SAMBA_3_2_0/source/lib/tdb/common/error.c === --- branches/SAMBA_3_2_0/source/lib/tdb/common/error.c 2007-08-24 13:31:05 UTC (rev 24651) +++ branches/SAMBA_3_2_0/source/lib/tdb/common/error.c 2007-08-24 14:36:13 UTC (rev 24652) @@ -48,7 +48,7 @@ /* Error string for the last tdb error */ const char *tdb_errorstr(struct tdb_context *tdb) { - u32 i; + uint32_t i; for (i = 0; i sizeof(emap) / sizeof(struct tdb_errname); i++) if (tdb-ecode == emap[i].ecode) return emap[i].estring; Modified: branches/SAMBA_3_2_0/source/lib/tdb/common/io.c === --- branches/SAMBA_3_2_0/source/lib/tdb/common/io.c 2007-08-24 13:31:05 UTC (rev 24651) +++ branches/SAMBA_3_2_0/source/lib/tdb/common/io.c 2007-08-24 14:36:13 UTC (rev 24652) @@ -99,9 +99,9 @@ } /* Endian conversion: we only ever deal with 4 byte quantities */ -void *tdb_convert(void *buf, u32 size) +void *tdb_convert(void *buf, uint32_t size) { - u32 i, *p = (u32 *)buf; + uint32_t i, *p = (uint32_t *)buf; for (i = 0; i size / 4; i++) p[i] = TDB_BYTEREV(p[i]); return buf; @@ -142,17 +142,17 @@ do an unlocked scan of the hash table heads to find the next non-zero head. The value will then be confirmed with the lock held */ -static void tdb_next_hash_chain(struct tdb_context *tdb, u32 *chain) +static void tdb_next_hash_chain(struct tdb_context *tdb, uint32_t *chain) { - u32 h = *chain; + uint32_t h = *chain; if (tdb-map_ptr) { for (;h tdb-header.hash_size;h++) { - if (0 != *(u32 *)(TDB_HASH_TOP(h) + (unsigned char *)tdb-map_ptr)) { + if (0 != *(uint32_t *)(TDB_HASH_TOP(h) + (unsigned char *)tdb-map_ptr)) { break; } } } else { - u32 off=0; + uint32_t off=0; for (;h tdb-header.hash_size;h++) { if (tdb_ofs_read(tdb, TDB_HASH_TOP(h), off) != 0 || off != 0) { break; Modified: branches/SAMBA_3_2_0/source/lib/tdb/common/lock.c === --- branches/SAMBA_3_2_0/source/lib/tdb/common/lock.c 2007-08-24 13:31:05 UTC (rev 24651) +++ branches/SAMBA_3_2_0/source/lib/tdb/common/lock.c 2007-08-24 14:36:13 UTC (rev 24652) @@ -400,7 +400,7 @@ int tdb_unlock_record(struct tdb_context *tdb, tdb_off_t off) { struct tdb_traverse_lock *i; - u32 count = 0; + uint32_t count = 0; if (off == 0) return 0; Modified: branches/SAMBA_3_2_0/source/lib/tdb/common/open.c === --- branches/SAMBA_3_2_0/source/lib/tdb/common/open.c 2007-08-24 13:31:05 UTC (rev 24651) +++ branches/SAMBA_3_2_0/source/lib/tdb/common/open.c 2007-08-24 14:36:13 UTC (rev 24652) @@ -34,8 +34,8 @@ /* This is based on the hash algorithm from gdbm */ static unsigned int default_tdb_hash(TDB_DATA *key) { - u32 value; /* Used to compute the hash value. */ - u32 i;/* Used to cycle through random values. */ + uint32_t value; /* Used to compute the hash value. */ + uint32_t i; /* Used to cycle through random values. */ /* Set the initial value from the key size. */ for (value = 0x238F13AF * key-dsize, i=0; i key-dsize; i++) @@ -151,7 +151,7 @@ struct stat st; int rev = 0, locked = 0; unsigned char *vp; - u32 vertest; + uint32_t vertest; if (!(tdb = (struct tdb_context *)calloc(1, sizeof *tdb))) { /* Can't log this */ @@ -249,8 +249,8 @@ rev = (tdb-flags TDB_CONVERT); } vp = (unsigned char *)tdb-header.version; - vertest = (((u32)vp[0]) 24) | (((u32)vp[1]) 16) | - (((u32)vp[2]) 8) | (u32)vp[3]; + vertest = (((uint32_t)vp[0]) 24) | (((uint32_t)vp[1]) 16) | + (((uint32_t)vp[2]) 8) |
svn commit: samba r24653 - in branches/SAMBA_3_2_0/source: include lib libads libsmb rpc_client smbd
Author: vlendec Date: 2007-08-24 15:00:26 + (Fri, 24 Aug 2007) New Revision: 24653 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24653 Log: Some trivial 3_2-3_2_0 merges Modified: branches/SAMBA_3_2_0/source/include/client.h branches/SAMBA_3_2_0/source/include/ntdomain.h branches/SAMBA_3_2_0/source/include/rpc_samr.h branches/SAMBA_3_2_0/source/include/trans2.h branches/SAMBA_3_2_0/source/lib/dbwrap_tdb.c branches/SAMBA_3_2_0/source/lib/util_sock.c branches/SAMBA_3_2_0/source/libads/ads_status.c branches/SAMBA_3_2_0/source/libsmb/clispnego.c branches/SAMBA_3_2_0/source/libsmb/smb_signing.c branches/SAMBA_3_2_0/source/rpc_client/cli_pipe.c branches/SAMBA_3_2_0/source/smbd/lanman.c branches/SAMBA_3_2_0/source/smbd/msdfs.c Changeset: Modified: branches/SAMBA_3_2_0/source/include/client.h === --- branches/SAMBA_3_2_0/source/include/client.h2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/include/client.h2007-08-24 15:00:26 UTC (rev 24653) @@ -34,8 +34,7 @@ * These definitions depend on smb.h */ -struct print_job_info -{ +struct print_job_info { uint16 id; uint16 priority; size_t size; Modified: branches/SAMBA_3_2_0/source/include/ntdomain.h === --- branches/SAMBA_3_2_0/source/include/ntdomain.h 2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/include/ntdomain.h 2007-08-24 15:00:26 UTC (rev 24653) @@ -264,7 +264,7 @@ */ BOOL bad_handle_fault_state; - + /* * Set to true when the backend does not support a call. */ Modified: branches/SAMBA_3_2_0/source/include/rpc_samr.h === --- branches/SAMBA_3_2_0/source/include/rpc_samr.h 2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/include/rpc_samr.h 2007-08-24 15:00:26 UTC (rev 24653) @@ -288,7 +288,6 @@ UNISTR2 uni_comment; UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */ LOGON_HRS logon_hrs; - } SAM_USER_INFO_25; /* SAM_USER_INFO_26 */ Modified: branches/SAMBA_3_2_0/source/include/trans2.h === --- branches/SAMBA_3_2_0/source/include/trans2.h2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/include/trans2.h2007-08-24 15:00:26 UTC (rev 24653) @@ -552,6 +552,21 @@ (NB statfs field flags can come from FILE_SYSTEM_DEVICE_INFO call) */ +#define SMB_QUERY_POSIX_WHO_AM_I 0x202 /* QFS Info */ +/* returns: +__u32 flags; 0 = Authenticated user 1 = GUEST +__u32 mask; which flags bits server understands ie 0x0001 +__u64 unix_user_id; +__u64 unix_user_gid; +__u32 number_of_supplementary_gids; may be zero +__u32 number_of_sids; may be zero +__u32 length_of_sid_array; in bytes - may be zero +__u32 pad; reserved - MBZ +__u64 gid_array[0]; may be empty +__u8 * psid_list may be empty +*/ + + /* ... more as we think of them :-). */ /* SMB POSIX ACL definitions. */ Modified: branches/SAMBA_3_2_0/source/lib/dbwrap_tdb.c === --- branches/SAMBA_3_2_0/source/lib/dbwrap_tdb.c2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/lib/dbwrap_tdb.c2007-08-24 15:00:26 UTC (rev 24653) @@ -57,8 +57,7 @@ } result-key.dsize = key.dsize; - result-key.dptr = (unsigned char *)talloc_memdup(result, key.dptr, - key.dsize); + result-key.dptr = (uint8 *)talloc_memdup(result, key.dptr, key.dsize); if (result-key.dptr == NULL) { DEBUG(0, (talloc failed\n)); TALLOC_FREE(result); @@ -92,8 +91,8 @@ } result-value.dsize = value.dsize; - result-value.dptr = (unsigned char *)talloc_memdup(result, value.dptr, - value.dsize); + result-value.dptr = (uint8 *)talloc_memdup(result, value.dptr, + value.dsize); if (result-value.dptr == NULL) { DEBUG(3, (talloc failed\n)); TALLOC_FREE(result); Modified: branches/SAMBA_3_2_0/source/lib/util_sock.c === --- branches/SAMBA_3_2_0/source/lib/util_sock.c 2007-08-24 14:36:13 UTC (rev 24652) +++ branches/SAMBA_3_2_0/source/lib/util_sock.c 2007-08-24 15:00:26 UTC (rev 24653) @@ -744,12 +744,13 @@ /* Check the incoming SMB signature. */ if (!srv_check_sign_mac(buffer, True)) { DEBUG(0, (receive_smb: SMB
svn commit: samba r24654 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-08-24 15:50:12 + (Fri, 24 Aug 2007) New Revision: 24654 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24654 Log: Adapt to coding conventions. Guenther Modified: branches/SAMBA_3_2/source/libads/smb_krb5_locator.c branches/SAMBA_3_2_0/source/libads/smb_krb5_locator.c Changeset: Modified: branches/SAMBA_3_2/source/libads/smb_krb5_locator.c === --- branches/SAMBA_3_2/source/libads/smb_krb5_locator.c 2007-08-24 15:00:26 UTC (rev 24653) +++ branches/SAMBA_3_2/source/libads/smb_krb5_locator.c 2007-08-24 15:50:12 UTC (rev 24654) @@ -1,18 +1,18 @@ -/* +/* Unix SMB/CIFS implementation. kerberos locator plugin Copyright (C) Guenther Deschner 2007 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. */ @@ -92,7 +92,7 @@ /** * Check input parameters, return KRB5_PLUGIN_NO_HANDLE for unsupported ones * - * @param svc + * @param svc * @param realm string * @param socktype integer * @param family integer @@ -163,7 +163,7 @@ * @return krb5_error_code. */ -static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, +static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, const char *service, struct addrinfo *in, int (*cbfunc)(void *, int, struct sockaddr *), @@ -185,7 +185,7 @@ continue; } - DEBUG(10,(smb_krb5_locator_lookup: got ret: %s (%d)\n, + DEBUG(10,(smb_krb5_locator_lookup: got ret: %s (%d)\n, gai_strerror(ret), ret)); #ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; @@ -196,7 +196,8 @@ ret = cbfunc(cbdata, out-ai_socktype, out-ai_addr); if (ret) { - DEBUG(10,(smb_krb5_locator_lookup: failed to call callback: %s (%d)\n, + DEBUG(10,(smb_krb5_locator_lookup: + failed to call callback: %s (%d)\n, error_message(ret), ret)); } @@ -214,7 +215,7 @@ * @return krb5_error_code. */ -krb5_error_code smb_krb5_locator_init(krb5_context context, +krb5_error_code smb_krb5_locator_init(krb5_context context, void **private_data) { setup_logging(smb_krb5_locator, True); @@ -270,18 +271,20 @@ int count = 0; struct addrinfo aihints; char *saf_name = NULL; + const char *service = get_service_from_locate_service_type(svc); int i; DEBUG(10,(smb_krb5_locator_lookup: called for\n)); - DEBUGADD(10,(\tsvc: %s (%d), realm: %s\n, + DEBUGADD(10,(\tsvc: %s (%d), realm: %s\n, locate_service_type_name(svc), svc, realm)); - DEBUGADD(10,(\tsocktype: %s (%d), family: %s (%d)\n, + DEBUGADD(10,(\tsocktype: %s (%d), family: %s (%d)\n, socktype_name(socktype), socktype, family_name(family), family)); - ret = smb_krb5_locator_lookup_sanity_check(svc, realm, socktype, family); + ret = smb_krb5_locator_lookup_sanity_check(svc, realm, socktype, + family); if (ret) { - DEBUG(10,(smb_krb5_locator_lookup: returning ret: %s (%d)\n, + DEBUG(10,(smb_krb5_locator_lookup: returning ret: %s (%d)\n, error_message(ret), ret)); return ret; } @@ -290,22 +293,23 @@ saf_name = saf_fetch(realm); if (!saf_name || strlen(saf_name) == 0) { - DEBUG(10,(smb_krb5_locator_lookup: no SAF name stored for %s\n, + DEBUG(10,(smb_krb5_locator_lookup: + no SAF name stored for %s\n, realm)); goto find_kdc; } - DEBUG(10,(smb_krb5_locator_lookup: got %s for %s from SAF cache\n, + DEBUG(10,(smb_krb5_locator_lookup: got %s for %s from SAF cache\n, saf_name, realm)); ZERO_STRUCT(aihints); - + aihints.ai_family = family; aihints.ai_socktype = socktype; - ret = smb_krb5_locator_call_cbfunc(saf_name, -
svn commit: samba r24655 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2007-08-24 22:58:29 + (Fri, 24 Aug 2007) New Revision: 24655 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24655 Log: Fix bug 4919 reported by Matthias Walln?\195?\182fer [EMAIL PROTECTED]: When you change to the SAMBA private directory on a shell (default /usr/local/samba/private) and start there for example ldbedit with the sam.ldb, the application crashes if you don't put the ./ before the filename. I've adapted Matthias's patch. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c 2007-08-24 15:50:12 UTC (rev 24654) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c 2007-08-24 22:58:29 UTC (rev 24655) @@ -722,11 +722,10 @@ } if ( (p = strrchr(path, '/')) != NULL) { p[0] = '\0'; + full_name = talloc_asprintf(mem_ctx, %s/%s, path, name); } else { - talloc_free(path); - return NULL; + full_name = talloc_asprintf(mem_ctx, ./%s, name); } - full_name = talloc_asprintf(mem_ctx, %s/%s, path, name); talloc_free(path); return full_name; }
Build status as of Sat Aug 25 00:00:01 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-08-24 00:01:50.0 + +++ /home/build/master/cache/broken_results.txt 2007-08-25 00:01:42.0 + @@ -1,24 +1,24 @@ -Build status as of Fri Aug 24 00:00:02 2007 +Build status as of Sat Aug 25 00:00:01 2007 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 32 9 0 +ccache 31 9 0 ctdb 0 0 0 distcc 2 0 0 ldb 30 5 0 -libreplace 30 8 0 -lorikeet-heimdal 27 15 0 -pidl 18 3 0 +libreplace 29 8 0 +lorikeet-heimdal 26 14 0 +pidl 17 3 0 ppp 13 9 0 python 0 0 0 -rsync32 10 0 +rsync31 10 0 samba-docs 0 0 0 samba-gtk3 3 0 -samba4 28 26 0 -samba_3_233 19 0 -smb-build29 29 0 -talloc 32 1 0 -tdb 31 4 0 +samba4 27 19 0 +samba_3_232 19 0 +smb-build28 28 0 +talloc 31 1 0 +tdb 30 4 0