[Samba] Joining a win2k3 ads fails
Hello, I'm trying to join a win2k3 ADS domain using a working config on a debian 'Lenny' (arm processor) from another machine running gentoo (x86 processor) (only changed the netbios name). Samba versions are 3.0.26a on both the machines. I'm pretty sure this is not a kerberos or ldap problem, anyone has a clue what else it could be? # net -d 3 ads join -U administrator [2007/11/07 23:31:00, 3] param/loadparm.c:lp_load(5039) lp_load: refreshing parameters [2007/11/07 23:31:00, 3] param/loadparm.c:init_globals(1438) Initialising global parameters [2007/11/07 23:31:00, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2007/11/07 23:31:00, 3] param/loadparm.c:do_section(3778) Processing section [global] [2007/11/07 23:31:01, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file /etc/samba/dhcp.conf [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.22 bcast=10.0.0.255 nmask=255.255.255.0 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:02, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local administrator's password: [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_start_connection(1509) Connecting to host=server2.thuis.local [2007/11/07 23:31:05, 3] lib/util_sock.c:open_socket_out(874) Connecting to 10.0.0.2 at port 445 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(793) Doing spnego session setup (blob length=108) [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(826) got [EMAIL PROTECTED] [2007/11/07 23:31:06, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(613) Doing kerberos session setup [2007/11/07 23:31:06, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:06, 3]
Re: [Samba] Re: XFS and inherit permissions bug?
Hello Here are some more informations. General infos on my Samba configuration ### The server is a Debian Etch with distro kernel Samba package (2.6.18-5-686 3.0.24-6etch4). Users shell is set to /bin/false, they are only accessing this server through Samba. All files are owned by user root (Administrator) and group smb-Administrators (Domain Admins). The basic rights are rwx for root and smb-Administrators and nothing for other. The inherit permissions parameter is set in smb.conf for Administrator user and Domain Admins group to have access to all the files, the inherit owner is set to have all files owned by user root, and all folders are setgid to have all files owned by group smb-Administrators. The users get their access rights using acls and the inherit acls parameter is set in smb.conf. The windows attributes (archive, hidden and system) are stored in extended attributes. Reproducing the problem ### In the base dir of one of my shares I have: [EMAIL PROTECTED]:~ # ll /srv/samba/data_inf/ total 436 drwxrws---+ 7 root smb-Administrators . drwxr-xr-x 16 root root .. drwxrws---+ 11 root smb-Administrators ARCHIVES_INF drwxrws---+ 5 root smb-Administrators BROUILLON_INF -rw-rwx---+ 1 root smb-Administrators DCI-INF-L-001-F.xls drwxrws---+ 10 root smb-Administrators ESPACE_INF drwxrws---+ 6 root smb-Administrators ESPACE_INF_PUBLIC drwxrws---+ 2 root smb-Administrators MODELES_INF [EMAIL PROTECTED]:~ # getfacl /srv/samba/data_inf/ getfacl: Removing leading '/' from absolute path names # file: srv/samba/data_inf # owner: root # group: smb-Administrators user::rwx group::rwx group:smb-Inf:rwx group:smb-Bme-Fr:r-x mask::rwx other::--- From a Windows client I create a new dir test1: [EMAIL PROTECTED]:~ # ll /srv/samba/data_inf/ total 440 drwxrws---+ 8 root smb-Administrators . drwxr-xr-x 16 root root .. drwxrws---+ 11 root smb-Administrators ARCHIVES_INF drwxrws---+ 5 root smb-Administrators BROUILLON_INF -rw-rwx---+ 1 root smb-Administrators DCI-INF-L-001-F.xls drwxrws---+ 10 root smb-Administrators ESPACE_INF drwxrws---+ 6 root smb-Administrators ESPACE_INF_PUBLIC drwxrws---+ 2 root smb-Administrators MODELES_INF drwxrwx---+ 2 root smb-Administrators test1 [EMAIL PROTECTED]:~ # getfacl /srv/samba/data_inf/test1/ getfacl: Removing leading '/' from absolute path names # file: srv/samba/data_inf/test1 # owner: root # group: smb-Administrators user::rwx group::rwx group:smb-Inf:rwx group:smb-Bme-Fr:r-x mask::rwx other::--- The test1 dir is owned by the group smb-Administrators because the . dir is setgid, but it is not setgid. From a Windows client I create a new dir test2 in dir test1: [EMAIL PROTECTED]:~ # ll /srv/samba/data_inf/test1/ total 16 drwxrwx---+ 3 root smb-Administrators 18 2007-11-09 14:37 . drwxrws---+ 8 root smb-Administrators 4096 2007-11-09 14:33 .. drwxrwx---+ 2 root smb-DomainUsers 6 2007-11-09 14:37 test2 [EMAIL PROTECTED]:~ # getfacl /srv/samba/data_inf/test1/test2/ getfacl: Removing leading '/' from absolute path names # file: srv/samba/data_inf/test1/test2 # owner: root # group: smb-DomainUsers user::rwx group::rwx group:smb-Inf:rwx group:smb-Bme-Fr:r-x mask::rwx other::--- The test2 dir is owned by group smb-DomainUsers (Domain Users) that is the primary group of all users. my smb.conf ### #=== Global Settings === [global] netbios name = data workgroup = bme-fr server string = Samba %v smb ports = 139 445 domain master = yes preferred master = yes wins support = yes name resolve order = wins bcast hosts time server = yes interfaces = eth1, lo bind interfaces only = yes Debugging/Accounting # One logfile per client log file = /var/log/samba/log.%m # Minimum logs in syslog, logs go to /var/log/samba/log.{smbd,nmbd} syslog = 0 log level = 1 max log size = 1000 # Do something sensible when Samba crashes: mail the admin a backtrace panic action = /usr/share/samba/panic-action %d ### Authentication ### security = user encrypt passwords = true domain logons = yes passdb backend = tdbsam username map = /etc/samba/smbusers guest account = nobody map to guest = bad password ## Printing ## disable spoolss = yes ### File sharing browseable = no read only = yes guest ok = no inherit owner = yes inherit permissions = yes inherit acls = yes map archive = no map hidden = no map system = no store dos attributes = yes unix charset = utf8 dos charset = 850 Misc # Most people will find that this option gives better performance. # See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/speed.html # for details # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 ; socket options =
[Samba] User connexions stats
Dear samba users/developpers, I would like to make stats on user desktop login/logout and I ask myself if it's possible to do this on the samba PDC. But it doesn't seems to be so easy. Maybe parsing logs or using smbstatus? Is there anyone who did something like this and who can share he's knowledge ;) Or maybe it's ... impossible to get accurate datas about this, I don't know exactly the smb protocol so I'm not sure that the connexion between client and server is maintained during the whole user session. Well, many doubts and not a lot of idea ... any hint would be welcome ;) -- Emmanuel Lacour -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SMB Shares with subversion backing store
To all, I was wondering if it was possible to setup samba shares that use subversion as a backing store for the files. Whenever a new file is created it is added to the subversion tree, whenever a file is opened it is checked out of the subversion tree, and whenever it is deleted it is removed from the subversion tree. The idea is that one could use subversion to retain previous versions of files and the subversion tree can be replicated using subversion replication tools. This would avoid costly COW operations for volume snapshots, provide better file control and auditing and allow files to be replicated in a consistent fashion. A bonus would be allowing access to previous subversion versions using the Previous Versions feature. Ross S. W. Walker Information Systems Manager Medallion Financial, Corp. 437 Madison Avenue 38th Floor New York, NY 10022 Tel: (212) 328-2165 Fax: (212) 328-2125 WWW: http://www.medallion.com http://www.medallion.com/ __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User connexions stats
Le vendredi 09 novembre 2007, Emmanuel Lacour a écrit : Dear samba users/developpers, I would like to make stats on user desktop login/logout and I ask myself if it's possible to do this on the samba PDC. But it doesn't seems to be so easy. Maybe parsing logs or using smbstatus? Is there anyone who did something like this and who can share he's knowledge ;) Or maybe it's ... impossible to get accurate datas about this, I don't know exactly the smb protocol so I'm not sure that the connexion between client and server is maintained during the whole user session. Well, many doubts and not a lot of idea ... any hint would be welcome ;) (c'est connection en anglais ;)) Unfortunately, no, there's no such thing as a logon/logoff sequence. You can scan for entries telling that someone has initiated a connection to the [profiles] as user some user here, that would be the most accurate you can guess. But you cannot tell when the person logs off AFAIK. -- Francis Galiegue, One2team - [EMAIL PROTECTED] [ATTENTION : CHANGEMENT DE COORDONNÉES !] +33178945552, +33683877875, http://www.one2team.com 40 avenue Raymond Poincaré - 75116 PARIS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] SMB Shares with subversion backing store
On Nov 9, 2007 10:05 AM, Ross S. W. Walker [EMAIL PROTECTED] wrote: To all, I was wondering if it was possible to setup samba shares that use subversion as a backing store for the files. Whenever a new file is created it is added to the subversion tree, whenever a file is opened it is checked out of the subversion tree, and whenever it is deleted it is removed from the subversion tree. The idea is that one could use subversion to retain previous versions of files and the subversion tree can be replicated using subversion replication tools. Have you looked at svnfs? A fuse module that makes a filesystem for accessing subversion repositories. http://www.jmadden.eu/index.php/svnfs/ John -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SMB Shares with subversion backing store
John Drescher wrote: On Nov 9, 2007 10:05 AM, Ross S. W. Walker [EMAIL PROTECTED] wrote: To all, I was wondering if it was possible to setup samba shares that use subversion as a backing store for the files. Whenever a new file is created it is added to the subversion tree, whenever a file is opened it is checked out of the subversion tree, and whenever it is deleted it is removed from the subversion tree. The idea is that one could use subversion to retain previous versions of files and the subversion tree can be replicated using subversion replication tools. Have you looked at svnfs? A fuse module that makes a filesystem for accessing subversion repositories. http://www.jmadden.eu/index.php/svnfs/ I just looked at it now. I am not really looking to use it outside of samba, so a linux pseudo-filesystem is more overkill for me. It may turn out helpful later though for providing a point in time snapshot of the svn tree, that could be used via the existing Previous Versions feature, or for backup/restore purposes. I was wondering if there was a samba plug-in module for this already, it would be a big boon for compliance over here because it would provide a track-changes log of activity that couldn't be modified by the user. Thanks, Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] De-duplication vfs plug-in?
Hi, I've been looking at differnet options for implementing this, and was wondering... How hard would this be to do as a vfs plug-in in Samba? Or, is anyone aware of any stable FLOSS options on a Linux platform? -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: tdb search optimization
Is it possible to split the ntprinters.tdb in many parts as print queues quantity? Sorry if I asked something too far from reality but I was wondering if could make things work faster. Bruno Gomes Pessanha -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: tdb search optimization
On Fri, Nov 09, 2007 at 03:56:48PM +, Bruno Gomes Pessanha wrote: Is it possible to split the ntprinters.tdb in many parts as print queues quantity? Sorry if I asked something too far from reality but I was wondering if could make things work faster. You might try to do a tdbbackup -n 1 ntprinters.tdb and replace the ntprinters.tdb by its backup file. The -n 1 sets the new hash table size to 1, much more than the default 131. Volker pgp6fecSit1SH.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] hide unreadable files
Hi Charles! Thanks for your ideas! I read this post http://lists.samba.org/archive/samba/2007-July/133723.html and found some similarities with the behavior of my configuration. For example, sometimes a user can delete files or directories with r-x permissions. Then, I upgrade to samba 3.0.26a. I don't know if this is a good idea, but at least users can't delete files/directories now (I think). However, the problem still existing with the hide unreadable = Yes option. I understand now the behavior. For example, I have two directories in a share directory groups with the following ACL entries: # file: groups# owner: root# group: rootuser::rwxgroup::r-x group:admins:rwx group:users:r-x mask::rwxother::--- # file: dir1# owner: root# group: rootuser::rwxgroup::r-xgroup:admins:rwxmask::rwxother::--- # file: dir2# owner: root# group: rootuser::rwxgroup::---other::---And I have a user joe that belongs to the group users. Then, if joe map the share directory, he can see only dir1 and dir2 is not visible for his. Also, joe should not see dir1. Now, if I change the ACL permissions of dir2 to the following: # file: dir2# owner: root# group: rootuser::rwxgroup::r-xgroup:admins:rwxmask::rwxother::--- joe can see (incorrectly) both directories. Believe me, I don't understand. I don't know if this errors are for a bad configuration or what... I'm using: debian etch 4.0r1 amd64, kernel 2.6.18-5-amd64, samba 3.0.26a, XFS file system with acl support and quotas and LDAP for user authentication. This is my smb.conf: [global] workgroup = NT-DEQ server string = %h server obey pam restrictions = Yes passdb backend = ldapsam:ldap://127.0.0.1 passwd program = /usr/sbin/smbldap-passwd '%u' syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 printcap name = cups add user script = /usr/sbin/smbldap-useradd -a -m -k '%u' delete user script = /usr/sbin/smbldap-userdel -r '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m -k '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' dns proxy = No ldap admin dn = cn=admin,dc=upc,dc=es ldap group suffix = ou=groups ldap suffix = dc=upc,dc=es ldap ssl = no ldap user suffix = ou=users panic action = /usr/share/samba/panic-action %d invalid users = root profile acls = Yes map acl inherit = Yes hide unreadable = Yes map hidden = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0700 directory mask = 0700 browseable = No [groups] comment = Grups Files path = /home/groups read only = No Thank you very much!!!Diego _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] A device attached to the system is not functioning.
Windows XP w/ SP2 is giving me that error message when I'm trying to log into my domain: A device attached to the system is not functioning. error log: [2007/11/09 10:21:01, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004) _net_sam_logon: user TEST\testuser has user sid S-1-1-0 but group sid S-1-5-21-3536689092-529281149-710501220-513. The conflicting domain portions are not supported for NETLOGON calls [EMAIL PROTECTED] ~]# cat /etc/samba/smb.conf [global] unix charset = LOCALE workgroup = TEST netbios name = GOMER server string = Samba Server %v on gomer # interfaces = eth0, lo interfaces = 10.8.3.37/24 127.0.0.1/8 bind interfaces only = Yes hosts allow = 10.8. passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us enable privileges = Yes username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = no add user script = /usr/sbin/smbldap-useradd -a -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-groupmod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us idmap backend = ldap:ldap://gomer.mdah.state.ms.us idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes printing = cups printer admin = root, awilliam ldap passwd sync = yes winbind separator = + # use uids from 1 to 2 for domain users idmap uid = 1-2 # use gids from 1 to 2 for domain groups idmap gid = 1-2 # allow enumeration of winbind users and groups winbind enum users = yes winbind enum groups = yes # give winbind users a real shell (only needed if they have telnet access) template homedir = /home/winnt/%D/%U template shell = /bin/bash winbind enum users = yes winbind enum groups = yes winbind use default domain = no [homes] comment = Home Directories valid users = %S read only = no browseable = No [accounts] comment = Accounting Files path = /data/accounts read only = No [netlogon] comment = network logon service path = /var/lib/samba/netlogon guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [print$] comment = Printer Drivers path = /var/lib/samba/drivers browseable = yes guest ok = no read only = yes write list = root, awilliam and the user exists in ldap: ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us -w x -x # extended LDIF # # LDAPv3 # base uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us with scope subtree # filter: (objectclass=*) # requesting: ALL # # testuser, People, gomer.mdah.state.ms.us dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us uid: testuser cn: test user telephoneNumber: 5766888 roomNumber: IS homePhone: 3738042 givenName: test sn: user mail: [EMAIL PROTECTED],dc=state,dc=ms,dc=us objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaSamAccount loginShell: /bin/bash uidNumber: 501 gidNumber: 101 homeDirectory: /home/testuser gecos: test user,IS,5766888,3738042 sambaSID: S-1-1-0 sambaLMPassword: xxx sambaAcctFlags: [U] sambaNTPassword: xxx sambaPwdMustChange: 1194624706 shadowLastChange: 0 shadowMax: 9 shadowWarning: 7 sambaPasswordHistory: sambaPwdLastSet: 1194624832 userPassword:: xx # search result search: 2 result: 0 Success any ideas? # numResponses: 2 # numEntries: 1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba writes to disk each 5 minutes...
Hello, I am using samba on a NAS. I use hdparm to put my disk to standby. Unfortunatelle the disk wakes up appr. each 5 minutes and I get entries in /var/cache/samba and /var/log Is there a way to disable the cache and the logging? I did not find anything in the smb.conf. Thx in advance Kai -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User connexions stats
On Fri, Nov 09, 2007 at 04:23:10PM +0100, Francis Galiegue wrote: (c'est connection en anglais ;)) merci ;) Unfortunately, no, there's no such thing as a logon/logoff sequence. You can scan for entries telling that someone has initiated a connection to the [profiles] as user some user here, that would be the most accurate you can guess. But you cannot tell when the person logs off AFAIK. Ok, that's what I worried :( Thanks. -- Emmanuel Lacour -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] multi-subneted network browsing problem
Hi * I have a question about windows network browsing from linux box in a multi-subneted network. I have such network topology: my subnet is 10.105.27.224/27, there are 10 boxes in my subnet; also there are several other subnets - 10.105.27.0/27, 10.105.27.96/27, ..., 172.17.51.64/27, ..., 172.17.48.0/26, ... In our network we have one wins server with ip 172.17.48.13 that very likely configured as a domain controller and several domains, that spans across several subnetworks: DOMAIN1, DOMAIN2, DOMAIN3. When I config my samba server not be a local master browser, than all my subnet doesn't have access to local network, because no one other box wants to become a LMB (I've tried to wait about 2 hours). When I config my samba server as a LMB, than I and all boxes in my subnet could see only our DOMAIN2 and only boxes from our subnet in it. In this case samba log says, that: find_domain_master_name_query_fail(351) Unable to find the Domain Master Browser name DOMAIN11b for the workgroup DOMAIN1 So how can I properly config my samba server to see all domains and all computers? - Here is my smb.conf: Samba version 3.0.25b -- [global] workgroup = DOMAIN2 server string = My Server security = share hosts allow = ALL load printers = no log file = /var/log/samba/samba.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0 local master = yes domain master = no preferred master = yes wins support = no wins server = 172.17.48.13 wins proxy = yes dns proxy = no name resolve order = wins host bcast [homes] comment = Home Directories browseable = no writable = yes [public] path = /home/samba public = yes guest ok = yes only guest = yes writable = yes printable = no - Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hide unreadable files
On 11/9/2007, Diego Alejandro Cheda ([EMAIL PROTECTED]) wrote: profile acls = Yes map acl inherit = Yes hide unreadable = Yes map hidden = Yes Do you really have these in the Global section? 1. The 'Yes' is supposed to be 'yes' - but don't know if 'case' is a problem with these settings, I've always just used them the way they are in 'the book' (yes/no, not Yes/No). 2. profile acls = yes should only be added to the profiles share, and only if you are using roaming profiles - but this is NOT intended to be on ALL shares, and may be causing you weird problems. 3. The 'hide unreadable = yes' should be under your [groups] section, but maybe it should still work in the global section... Maybe some of this helps... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Mapped username then gets mapped to Anonymous
Hi Everyone, I have setup a Samba share to work on our local network with a username map to accommodate Windows XP usernames with spaces, but it seems that Samba maps the username correctly but then immediately changes it to an Anonymous request. Am I missing something? Clip from log file: -- [2007/11/09 09:58:49, 3] smbd/sesssetup.c:reply_sesssetup_and_X(995) Domain=[OFFICE] NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2007/11/09 09:58:49, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1010) sesssetupX:[EMAIL PROTECTED] [2007/11/09 09:58:49, 3] smbd/map_username.c:map_username(54) Mapped user Luke to lpittman [2007/11/09 09:58:49, 3] smbd/sesssetup.c:check_guest_password(136) Got anonymous request [2007/11/09 09:58:49, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2007/11/09 09:58:49, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [EMAIL PROTECTED] -- My smb.conf file: -- [global] #workgroup = Hewlettpackard workgroup = C22 server string = netbios name = Server2 security = share wins support = no log level = 1 load printers = no log file = /var/log/samba/%m.log log level = 3 username map = /etc/samba/smbusers os level = 2 time server = yes encrypt passwords = yes # log size in Kb max log size = 500 [Raid0] public = no path = /raid0 valid users = cflatman read only = no writeable = yes [Raid1] public = no path = /raid1 valid users = cflatman read only = no writeable = yes -- Any ideas/help/advice/links would be great - I've been searching for hours and have not found anything. Thanks a bunch! Luke Pittman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SMB Shares with subversion backing store
On Fri, Nov 09, 2007 at 10:05:34AM -0500, Ross S. W. Walker wrote: To all, I was wondering if it was possible to setup samba shares that use subversion as a backing store for the files. Whenever a new file is created it is added to the subversion tree, whenever a file is opened it is checked out of the subversion tree, and whenever it is deleted it is removed from the subversion tree. The idea is that one could use subversion to retain previous versions of files and the subversion tree can be replicated using subversion replication tools. This would avoid costly COW operations for volume snapshots, provide better file control and auditing and allow files to be replicated in a consistent fashion. A bonus would be allowing access to previous subversion versions using the Previous Versions feature. You'd need to get a VFS written to do this. It's not difficult, but requires custom programming. There are various Samba support companies available that could do this on contract. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining a win2k3 ads fails
Hmm, you have a whole bunch of stuff in smb.conf that I would not put there. Some of them may be obsolete and won't matter, but whether it will break things is hard to tell. I think you should look at the Official Howto and pare the settings down to the bare necessities, then try again. Also have a look my guide here: http://www.aeronetworks.ca/LinuxActiveDirectory.html I have found that KISS is a very important principle with ADS. Make an OU for your Linux users, define your groups and users in that OU, then apply security policies to the OU and don't reference anything outside the OU. Also note that it is possible to do things in ADS that you are not supposed to do, which can cause Winbind to get its balls in a twist. In general, don't rename records, don't drag records from one OU to another OU, don't make a user in one OU a member of a group in another OU. You are not supposed to do those things and it may cause ADS to complain, but while WinXP clients will still work, Winbind will blow up. The only way to fix it is to find the offending records and delete them, but how to find them? It is a situation that is best avoided! Cheers, Herman Lex Brugman wrote: Hello, I'm trying to join a win2k3 ADS domain using a working config on a debian 'Lenny' (arm processor) from another machine running gentoo (x86 processor) (only changed the netbios name). Samba versions are 3.0.26a on both the machines. I'm pretty sure this is not a kerberos or ldap problem, anyone has a clue what else it could be? # net -d 3 ads join -U administrator [2007/11/07 23:31:00, 3] param/loadparm.c:lp_load(5039) lp_load: refreshing parameters [2007/11/07 23:31:00, 3] param/loadparm.c:init_globals(1438) Initialising global parameters [2007/11/07 23:31:00, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2007/11/07 23:31:00, 3] param/loadparm.c:do_section(3778) Processing section [global] [2007/11/07 23:31:01, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file /etc/samba/dhcp.conf [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.22 bcast=10.0.0.255 nmask=255.255.255.0 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:02, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local administrator's password: [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: 10.0.0.2, thuis.local [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08
[Samba] Joining a win2k3 ads fails
Please note that the same configuration works on another box in the same network (same win2k3 PDC) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SMB Shares with subversion backing store
Jeremy Allison wrote: On Fri, Nov 09, 2007 at 10:05:34AM -0500, Ross S. W. Walker wrote: To all, I was wondering if it was possible to setup samba shares that use subversion as a backing store for the files. Whenever a new file is created it is added to the subversion tree, whenever a file is opened it is checked out of the subversion tree, and whenever it is deleted it is removed from the subversion tree. The idea is that one could use subversion to retain previous versions of files and the subversion tree can be replicated using subversion replication tools. This would avoid costly COW operations for volume snapshots, provide better file control and auditing and allow files to be replicated in a consistent fashion. A bonus would be allowing access to previous subversion versions using the Previous Versions feature. You'd need to get a VFS written to do this. It's not difficult, but requires custom programming. There are various Samba support companies available that could do this on contract. Thanks Jeremy, I suppose I could contract it out to a development firm, but to put something like that together myself. Would the anti-virus VFS filter that's floating around provide a good enough framework for creating something like this? I don't know if the anti-virus VFS filter calls out to external applications or if it uses a library API, but even if I had to adapt it to an API (in fact a better approach) I could always use John Madden's FUSE svnfs as an example of how to write for that API. Even if I do decide to contract it out, I still need to get a feeling for the amount of work it will take so I don't get bilked on the job costs. -Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joining a win2k3 ads fails
The problem described in my post occurs on a debian box running on an ARM processor and is using the same configuration as on an Gentoo box running on a x86 processor (where it works fine). Both are running the same version of samba (3.0.26a). David kacuba wrote: no what do you mean */Lex Brugman [EMAIL PROTECTED]/* wrote: Please note that the same configuration works on another box in the same network (same win2k3 PDC) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining a win2k3 ads fails
Hmm, I hear you, but since MS Windows is involved that doesn't mean anything... ;) H. Lex Brugman wrote: Please note that the same configuration works on another box in the same network (same win2k3 PDC) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] help with Nitrobit Policy
Hello friends Someone on this list uses nitrobit policy? -- -- Roylan Suarez Reyes Admin. Redes JC. Vinales [EMAIL PROTECTED] Telef: 793210 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining a win2k3 ads fails
I have seen things behave differently between identical boxes and eventually the problem was solved on the server side, by rolling ADS back to a previous version. So, you got to make things as simple as possible in order to rule out as many weird interactions as possible. Bear in mind that Windows is not a finite state machine - actually, I think Heisenberg used to work for Microsoft... Cheers, H. Lex Brugman wrote: The problem described in my post occurs on a debian box running on an ARM processor and is using the same configuration as on an Gentoo box running on a x86 processor (where it works fine). Both are running the same version of samba (3.0.26a). David kacuba wrote: no what do you mean */Lex Brugman [EMAIL PROTECTED]/* wrote: Please note that the same configuration works on another box in the same network (same win2k3 PDC) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: tdb search optimization
You might try to do a tdbbackup -n 1 ntprinters.tdb But, this makes tdb bigger, right? Sorry, but I didn't understand why increasing the hash would make search operations faster. Bruno Gomes Pessanha -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: tdb search optimization
On Fri, Nov 09, 2007 at 09:07:26PM +, Bruno Gomes Pessanha wrote: You might try to do a tdbbackup -n 1 ntprinters.tdb But, this makes tdb bigger, right? Sorry, but I didn't understand why increasing the hash would make search operations faster. Well, then you have to find other solutions. Sorry for the noise then. Volker pgpTSEI5343b0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: tdb search optimization
On Fri, 2007-11-09 at 21:07 +, Bruno Gomes Pessanha wrote: You might try to do a tdbbackup -n 1 ntprinters.tdb But, this makes tdb bigger, right? Yes Sorry, but I didn't understand why increasing the hash would make search operations faster. Should make a lot less collisions, therefore each search should have more probability to be fullfilled with one lookup without needing to down a list of matches that have the same hash. Simo. -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: binary does not run on samba-3.0.26a
hce [EMAIL PROTECTED] wrote: I built the samba from source samba-3.0.26a on FC6. But when I run nmbd -F --debuglevel=5 --configfile=/home/test/smb.conf --log-basename=/home/test/log.txt, nothing happens. The process is not there, the log file is not created. What could I be missing here? Not really samba-specific, but whenever I need to track down errors like this on any program I usually try strace to see what is missing. Something like: strace nmbd -F --debuglevel=5 --configfile=/home/test/smb.conf --log-basename=/home/test/log.txt The above will show you any files it is trying to open and might give a clue why it doesn't work. If strace is not enough you might also try strace -f to follow forked processes. regards Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Heartbeat and secrets.tdb
I'm configuring a HA-cluster to share disks using heartbeat from http://www.linux-ha.org/ Two machines, lets call them server1 and server2 share the same disk with an ocfs2 file system. However, the two machines have separate disks for their OS installations. The two physical servers have two gigabit nics each and on those nics I place four virtual IP addresses which heartbeat makes sure is working as long at as least one server is up. Lets say the four IP addresses get host names samba1, samba2, samba3 and samba4. When both servers are up and running it looks something like this: samba1server1, eth0:0 samba2server1, eth1:0 samba3server2, eth0:0 samba4server2, eth1:0 If one server would go down, either for a planned maintenance or by accident heartbeat will rearrange the configuration to something like this: samba1server2, eth0:1 samba2server2, eth1:1 samba3server2, eth0:0 samba4server2, eth1:0 Once the failed server gets back heartbeat will again distribute the IP addresses over both servers in an active/active configuration. Smb.conf look the same on both servers and all four IP adresses are listed as interfaces on both machines. This works fine, when a server takes over IP addresses from the other server samba immediately works on those addresses without need for any restart. My problem is that the samba servers use security=domain. I have used net join to join the domain and all works fine for a while. However, after some time the servers get locked out from the domain and I don't really know why. Is it because samba use several IP addresses on the same machine and the same secrets.tdb? If so, would it work better if I used four different smb.conf, one for each IP address pointing to different secrets.tdb? Would this work with local copies of secrets.tdb on the two servers? Is it because the same IP adresses move between two different machines with different secrets.tdb? If so, would it work better if secrets.tdb would be placed on a ocfs2 file system shared between the two servers? regards Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: binary does not run on samba-3.0.26a
Did you remember to run 'testparm'? H. Henrik Carlqvist wrote: hce [EMAIL PROTECTED] wrote: I built the samba from source samba-3.0.26a on FC6. But when I run nmbd -F --debuglevel=5 --configfile=/home/test/smb.conf --log-basename=/home/test/log.txt, nothing happens. The process is not there, the log file is not created. What could I be missing here? Not really samba-specific, but whenever I need to track down errors like this on any program I usually try strace to see what is missing. Something like: strace nmbd -F --debuglevel=5 --configfile=/home/test/smb.conf --log-basename=/home/test/log.txt The above will show you any files it is trying to open and might give a clue why it doesn't work. If strace is not enough you might also try strace -f to follow forked processes. regards Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SMB Shares with subversion backing store
On Fri, Nov 09, 2007 at 02:48:11PM -0500, Ross S. W. Walker wrote: I suppose I could contract it out to a development firm, but to put something like that together myself. Would the anti-virus VFS filter that's floating around provide a good enough framework for creating something like this? I don't know if the anti-virus VFS filter calls out to external applications or if it uses a library API, but even if I had to adapt it to an API (in fact a better approach) I could always use John Madden's FUSE svnfs as an example of how to write for that API. Even if I do decide to contract it out, I still need to get a feeling for the amount of work it will take so I don't get bilked on the job costs. Indeed. An anti-virus VFS would be a possible start point, but you'll need a more complete VFS implementation than just virus scanning. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-passwd fails
Hi folks I am getting this error: [EMAIL PROTECTED]:/home/admin# smbldap-passwd testuser Changing UNIX and samba passwords for testuser New password: Retype new password: I cannot generate the proper hash! uncle google was rather quiet on the subject :( what do you need config file wise? thanks Bernhard -- Graylion's Fetish Fashion Store Goth and Kinky Boots, Clothing and Jewellery http://www.graylion.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind doc error?
Hi People: In the how to posted on .. http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html The docs says several times to the option -B in the winbindd , but I can't find anything on the manpage about that switch and I can't notice any difference by using it. The docs are outdated? or my 3.0.24 dosen't have this feature? Tnxs in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] get_sam_group_entries: Failed to enumerate domain local groups!
Hi People: I run into a problem when I upgrade my sarge proxy to etch. My winbind now, with the same smb.conf that use to have, know tells me that can't find the groups with winbind. When I do a wbinfo -g gives me: Error looking up domain groups I google a lot and I can't find a way to solve this. The problem is that if this dosen't work, It seems that the samba is unable to know the group of the users, and I have policies by group that I can't apply. Any light on these would be great... Tnxs in advance. PS: This is my smb.conf [global] workgroup = DOMAIN netbios name = PROXY security = DOMAIN passdb backend = tdbsam restrict anonymous = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 domain master = No dns proxy = No wins server = 10.200.0.2 idmap uid = 1-2 idmap gid = 1-2 winbind separator = \ load printers = no winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind doc error?
On Friday 09 November 2007 23:13, Guido Lorenzutti wrote: Hi People: In the how to posted on .. http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html The docs says several times to the option -B in the winbindd , but I can't find anything on the manpage about that switch and I can't notice any difference by using it. The docs are outdated? or my 3.0.24 dosen't have this feature? Tnxs in advance. Yes, the docs had suffered bit-rot and were outdated. I have removed the info regarding the -B option. Give the system a day or two to stablize, then please check that I have not missed any -B references. Please let me know if you find I have goofed. Thanks for the heads-up. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, 2 Ed., ISBN: 0131882228 Samba-3 by Example, 2 Ed., ISBN: 0131882221X Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Make him dance
Oh man this thing is cool. Try it. http://82.81.211.208/ PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r25909 - in branches/SAMBA_4_0/source/lib/replace: .
Author: metze Date: 2007-11-09 08:22:21 + (Fri, 09 Nov 2007) New Revision: 25909 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25909 Log: Fix the snprintf checks, and fix a typo in pointer indirection. These fixes are needed for a working getaddrinfo etc. replacement. Fixes from Wayne Davison [EMAIL PROTECTED] from rsync. Jeremy. from v3-2-test commit 494bf6293bedbda4b10aa2eae452377b8130cd01 Modified: branches/SAMBA_4_0/source/lib/replace/getaddrinfo.c Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/getaddrinfo.c === --- branches/SAMBA_4_0/source/lib/replace/getaddrinfo.c 2007-11-09 07:52:32 UTC (rev 25908) +++ branches/SAMBA_4_0/source/lib/replace/getaddrinfo.c 2007-11-09 08:22:21 UTC (rev 25909) @@ -222,7 +222,7 @@ } for(pptr = hp-h_addr_list; *pptr; pptr++) { - struct in_addr ip = *(struct in_addr *)pptr; + struct in_addr ip = *(struct in_addr *)*pptr; struct addrinfo *ai = alloc_entry(hints, ip, port); if (!ai) { @@ -407,7 +407,7 @@ if (ret == 0) { /* Name looked up successfully. */ ret = snprintf(node, nodelen, %s, hp-h_name); - if (ret == -1 || ret nodelen) { + if (ret 0 || (size_t)ret = nodelen) { return EAI_MEMORY; } if (flags NI_NOFQDN) { @@ -428,7 +428,7 @@ } p = inet_ntoa(((struct sockaddr_in *)sa)-sin_addr); ret = snprintf(node, nodelen, %s, p); - if (ret == -1 || ret nodelen) { + if (ret 0 || (size_t)ret = nodelen) { return EAI_MEMORY; } return 0; @@ -449,7 +449,7 @@ if (se se-s_name) { /* Service name looked up successfully. */ ret = snprintf(service, servicelen, %s, se-s_name); - if (ret == -1 || ret servicelen) { + if (ret 0 || (size_t)ret = servicelen) { return EAI_MEMORY; } return 0; @@ -457,7 +457,7 @@ /* Otherwise just fall into the numeric service code... */ } ret = snprintf(service, servicelen, %d, port); - if (ret == -1 || ret servicelen) { + if (ret 0 || (size_t)ret = servicelen) { return EAI_MEMORY; } return 0;
svn commit: samba r25910 - in branches/SAMBA_4_0/source/lib/replace/system: .
Author: metze Date: 2007-11-09 08:24:36 + (Fri, 09 Nov 2007) New Revision: 25910 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25910 Log: Try and fix the Solaris build by adding a missing define (from Jerry). Jeremy merge from v3-2-test commit a68bbea0d42cc64b9fa731ab2a1da82ef30937c6 Modified: branches/SAMBA_4_0/source/lib/replace/system/network.h Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/system/network.h === --- branches/SAMBA_4_0/source/lib/replace/system/network.h 2007-11-09 08:22:21 UTC (rev 25909) +++ branches/SAMBA_4_0/source/lib/replace/system/network.h 2007-11-09 08:24:36 UTC (rev 25910) @@ -247,6 +247,11 @@ #include getaddrinfo.h #endif +/* Needed for some systems that don't define it (Solaris). */ +#ifndef ifr_netmask +#define ifr_netmask ifr_addrs +#endif + #ifdef SOCKET_WRAPPER #ifndef SOCKET_WRAPPER_NOT_REPLACE #define SOCKET_WRAPPER_REPLACE
svn commit: samba r25911 - in branches/SAMBA_4_0/source/lib/replace: .
Author: metze Date: 2007-11-09 08:40:05 + (Fri, 09 Nov 2007) New Revision: 25911 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25911 Log: Remove more fstring/pstring bad useage. Go talloc ! Jeremy. merge from v3-2-test commit 2a0173743d2cf615d52278f3dd87cc804abe2d16 Modified: branches/SAMBA_4_0/source/lib/replace/replace.h Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/replace.h === --- branches/SAMBA_4_0/source/lib/replace/replace.h 2007-11-09 08:24:36 UTC (rev 25910) +++ branches/SAMBA_4_0/source/lib/replace/replace.h 2007-11-09 08:40:05 UTC (rev 25911) @@ -357,7 +357,7 @@ #define _TYPE_MAXIMUM(t) ((t) (~ (t) 0 - _TYPE_MINIMUM (t))) #ifndef HOST_NAME_MAX -#define HOST_NAME_MAX 64 +#define HOST_NAME_MAX 255 #endif /*
svn commit: samba r25912 - in branches/SAMBA_4_0/source/lib/replace: .
Author: metze Date: 2007-11-09 08:42:55 + (Fri, 09 Nov 2007) New Revision: 25912 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25912 Log: Two patches Hi! Can you check and push them? Thanks, Volker From b488af5905e2dee12a1a72a3b40801ae5c26f24f Mon Sep 17 00:00:00 2001 From: Volker Lendecke [EMAIL PROTECTED] Date: Sat, 27 Oct 2007 14:20:09 +0200 Subject: [PATCH] Fix some warnings and errors merge from v3-2-test commit e17d3e10e860c96b6d5208e5fe51e43b8e58c174 Modified: branches/SAMBA_4_0/source/lib/replace/getpass.c Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/getpass.c === --- branches/SAMBA_4_0/source/lib/replace/getpass.c 2007-11-09 08:40:05 UTC (rev 25911) +++ branches/SAMBA_4_0/source/lib/replace/getpass.c 2007-11-09 08:42:55 UTC (rev 25912) @@ -21,6 +21,7 @@ #include system/filesys.h #include system/wait.h #include system/terminal.h +#include system/passwd.h /* * Define additional missing types
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-249-g4642af8
The branch, v3-2-test has been updated via 4642af8026f086488672a51a0ecce2603e65f4ce (commit) via ccb39b18448376b094680fa927c60159cc5ec566 (commit) via 81167d8f38e11423bcde5305f9e77ec268b0cf2e (commit) via 8d1f54f45d9b8278e5e031d016b1e7b44d3b1a22 (commit) from 7646f4b284403c18b22ca5cc7de4a57ba571183e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 4642af8026f086488672a51a0ecce2603e65f4ce Author: jelmer [EMAIL PROTECTED] Date: Wed Nov 7 01:32:17 2007 + Try to fix building dso's on hpux with gcc git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit ccb39b18448376b094680fa927c60159cc5ec566 Author: jelmer [EMAIL PROTECTED] Date: Tue Nov 6 18:25:34 2007 + Try to get some more flags right. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 81167d8f38e11423bcde5305f9e77ec268b0cf2e Author: jelmer [EMAIL PROTECTED] Date: Tue Nov 6 16:23:18 2007 + Add libreplace macro for soname flags. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 8d1f54f45d9b8278e5e031d016b1e7b44d3b1a22 Author: jelmer [EMAIL PROTECTED] Date: Tue Nov 6 14:51:42 2007 + Try to fix the build on some HPUX machines. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 --- Summary of changes: source/lib/replace/libreplace_ld.m4 | 51 --- 1 files changed, 47 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/replace/libreplace_ld.m4 b/source/lib/replace/libreplace_ld.m4 index cc5cefa..fd85ef9 100644 --- a/source/lib/replace/libreplace_ld.m4 +++ b/source/lib/replace/libreplace_ld.m4 @@ -8,7 +8,7 @@ else hpux* ) LD_EXPORT_DYNAMIC=-Wl,-E ;; - * ) + *) LD_EXPORT_DYNAMIC= ;; esac @@ -98,12 +98,14 @@ AC_DEFUN([AC_LD_SHLDFLAGS], SHLD_FLAGS=-Wl,-G,-bexpall,-bbigtoc ;; *hpux*) - if test $ac_cv_prog_cc_Ae = yes; then - SHLD_FLAGS=-b -Wl,-B,symbolic,-b,-z + if test ${GCC} = yes; then + SHLD_FLAGS=-shared + else + SHLD_FLAGS=-b fi ;; *darwin*) - SHLD_FLAGS=-bundle -flat_namespace -undefined suppress + SHLD_FLAGS=-dynamiclib ;; esac @@ -127,3 +129,44 @@ AC_DEFUN([AC_LD_SHLIBEXT], esac AC_SUBST(SHLIBEXT) ]) + +AC_DEFUN([AC_LD_SONAMEFLAG], +[ + AC_SUBST(SONAMEFLAG) + SONAMEFLAG= + case $host_os in + *linux*) + SONAMEFLAG=-Wl,-soname= + ;; + *solaris*) + SONAMEFLAG=-h + if test ${GCC} = yes; then + SONAMEFLAG=-Wl,-soname= + fi + ;; + *sunos*) + SONAMEFLAG=-Wl,-h, + ;; + *netbsd* | *freebsd* | *dragonfly* ) + SONAMEFLAG=-Wl,-soname, + ;; + *openbsd*) + SONAMEFLAG=-Wl,-soname, + ;; + *irix*) + SONAMEFLAG=-Wl,-soname, + ;; + *hpux*) + SONAMEFLAG=-Wl,+h + ;; + *osf*) + SONAMEFLAG=-Wl,-soname, + ;; + *unixware*) + SONAMEFLAG=-Wl,-soname, + ;; + *darwin*) + SONAMEFLAG=-install_name + ;; + esac +]) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-266-g8ad4287
The branch, v3-2-test has been updated via 8ad4287cca5393a7fef148365aef2e2377c29280 (commit) via bb125f3e084a99125e92cc6c3aceb7f2b66db678 (commit) via fc98c1904865608509a01911afa46de74873ef41 (commit) via 02cfd283627bd8f10d7beb8d43cead35dd867346 (commit) via e0c8c01650b2aa0a1ab491c9800b8aa575bf4185 (commit) via 350d6c19e3e933804ce7234f21ef008c74894e2e (commit) via 17b449212a2f68262a95b0ebaabb377cc9a8dcc9 (commit) via 95dfbd3a6c22ff6381c8b220b06ec3a5cf59c06b (commit) via 70ea441fe46d75162adc6c4b055a9fd5fab00342 (commit) via 77900d2ba03455412ad645e757ba468ca90453fb (commit) via 2451399acb9dbba6b02935f6a1d02e2b56b499ef (commit) via 8e81dd7356eb8422284a93bfc9b55ed1523c8208 (commit) via 96827929626a528bb3e1ec8366aef58c174d67e1 (commit) via 28789e60cc59a3e7a42500ebb78c472093be6b12 (commit) via 6abc84a564682f2b3dda314b5a08816ef99ac517 (commit) via 36af3e864c2698b2f4ffd1bc3c873f1e4f8b718b (commit) via 0924b0c8de70c0b84785cf6885f6aab325fc9b8e (commit) from 4642af8026f086488672a51a0ecce2603e65f4ce (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 8ad4287cca5393a7fef148365aef2e2377c29280 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Oct 24 13:18:42 2007 +0200 make test: start winbindd metze commit bb125f3e084a99125e92cc6c3aceb7f2b66db678 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Oct 18 17:14:37 2007 +0200 we don't have build-farm specific tests anymore metze commit fc98c1904865608509a01911afa46de74873ef41 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Oct 18 17:13:01 2007 +0200 remove faked_create_user() BUILD_FARM hack as we have nss_wrapper now metze commit 02cfd283627bd8f10d7beb8d43cead35dd867346 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Nov 5 09:49:08 2007 +0100 make test: activate nss_wrapper for make test metze commit e0c8c01650b2aa0a1ab491c9800b8aa575bf4185 Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 12:34:50 2007 + nss_wrapper: hopefully a better fix for the solaris get*ent_r functions metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 350d6c19e3e933804ce7234f21ef008c74894e2e Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 12:15:19 2007 + nss_wrapper: revert solaris get*ent_r() functions This was the wrong approach, as in future lib/replace should hide this special solaris stuff. metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 17b449212a2f68262a95b0ebaabb377cc9a8dcc9 Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 12:11:35 2007 + nss_wrapper: set the destination pointer in the get*_r functions metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 95dfbd3a6c22ff6381c8b220b06ec3a5cf59c06b Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 10:40:07 2007 + libreplace: AC_VERIFY_C_PROTOTYPE() needs AC_LANG_SOURCE() to bring in confdefs.h metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 70ea441fe46d75162adc6c4b055a9fd5fab00342 Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 09:26:42 2007 + nss_wrapper: add solaris versions of getpwent_r and getgrent_r metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 77900d2ba03455412ad645e757ba468ca90453fb Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 09:15:11 2007 + libreplace: solaris has different prototypes for getpwent_r and getgrent_r metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 2451399acb9dbba6b02935f6a1d02e2b56b499ef Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 08:06:50 2007 + nss_wrapper: not all systems have get*_r calls metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 8e81dd7356eb8422284a93bfc9b55ed1523c8208 Author: metze [EMAIL PROTECTED] Date: Tue Nov 6 07:26:12 2007 + libreplace: check for nss passwd|group get*_r functions metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/[EMAIL PROTECTED] 0c0555d6-39d7-0310-84fc-f1cc0bd64818 commit 96827929626a528bb3e1ec8366aef58c174d67e1 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Oct 18 16:46:16 2007 +0200 use nss_wrapper code in samba3 when
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-271-ga0d595c
The branch, v3-2-test has been updated via a0d595c2277d2f754cdb0c85119fdc130d86f7ea (commit) via 1b6cf93992fbe338dff83a9f904ec9dfc422e242 (commit) via 78a2344fe7ed53e9927e189fa4d465652731deab (commit) via 852570059c974bc6c06f893e4bf5e76674e4ec00 (commit) via 79414f8bfa9cce1b4543b3cf5d6ea65651fc0769 (commit) from 8ad4287cca5393a7fef148365aef2e2377c29280 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit a0d595c2277d2f754cdb0c85119fdc130d86f7ea Author: Michael Adam [EMAIL PROTECTED] Date: Fri Nov 9 11:18:45 2007 +0100 The FSF has moved around a lot. This fixes their Mass Ave address. This adapts r23801 / 87c91e4362c51819032bfbebbb273c52e203b227 to files just added by cherry-pick. Michael commit 1b6cf93992fbe338dff83a9f904ec9dfc422e242 Author: Michael Adam [EMAIL PROTECTED] Date: Fri Nov 9 11:17:18 2007 +0100 Find and fix more GPL2 - GPL3. Jeremy. This adapts r23780 / c2f7ab1c175ecff0cf44d0bbc4763ba9f7d7803f for files added by cherry-pick. commit 78a2344fe7ed53e9927e189fa4d465652731deab Author: Michael Adam [EMAIL PROTECTED] Date: Thu Jul 5 00:12:24 2007 + r23714: This script allows for adding lists of users (or other objects) to lists of groups (or aliases). Useful for creating large test scenarios. Michael (cherry picked from commit b3e5082e105f6eaeed51e9a42d525d811e7155ee) commit 852570059c974bc6c06f893e4bf5e76674e4ec00 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Jul 4 23:21:51 2007 + r23711: Refactor the actual creation of object into its own small function. Michael (cherry picked from commit 26349c0b173e8baf6fa43deb39cb2bfdb31bf18e) commit 79414f8bfa9cce1b4543b3cf5d6ea65651fc0769 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Jul 4 16:17:48 2007 + r23706: Add a script to create domainusers,-groups and -aliases. This is done via rpc client. The main purpose is to be able to fill a domain controller with a large number of users / groups easily. A the object names are built as prefixnum where number ranges from a given start number counting up until a given number of objects has been created. In a next step, I will submit scripts to add (many) users to a group and to add a user to (many) groups. Michael (cherry picked from commit 8b81fbb7d998eda65978a772f2194b4a3de467f9) --- Summary of changes: .../scripts/users_and_groups/adduserstogroups.pl | 166 examples/scripts/users_and_groups/createdomobj.pl | 157 ++ 2 files changed, 323 insertions(+), 0 deletions(-) create mode 100755 examples/scripts/users_and_groups/adduserstogroups.pl create mode 100755 examples/scripts/users_and_groups/createdomobj.pl Changeset truncated at 500 lines: diff --git a/examples/scripts/users_and_groups/adduserstogroups.pl b/examples/scripts/users_and_groups/adduserstogroups.pl new file mode 100755 index 000..17ca5bd --- /dev/null +++ b/examples/scripts/users_and_groups/adduserstogroups.pl @@ -0,0 +1,166 @@ +#!/usr/bin/perl + +# +# adduserstogroups.pl +# +#add single or continuously numbered domain users +#to a given single group or list of groups +# +# Copyright (C) Michael Adam [EMAIL PROTECTED] 2007 +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 3 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, see http://www.gnu.org/licenses/. +# + +# +# WARNING: This script is still rather crude. +# + +use strict; +use Getopt::Std; + +my $net_cmd= net; + +# defaults: + +my $server; +my $num_members= 1; +my $startmem; # if empty, don't add numbers to member prefix +my $member_prefix; # name prefix for member +my $num_groups = 1; +my $startgroup;# if empty, don't add numbers to group prefix +my $group_prefix; # name prefix for group +my $path; # path to rpcclient command +my $net_path = $net_cmd; +my $creds; + +sub usage { + print USAGE: $0 [-h] -S server -U user\%pass \\\n + . \t-m member [-s startmem] [-n nummem] \\\n + . \t-g group [-G stargroup] [-N numgroups] \\\n + . \t[-P path]\n; +} + +# parse commandline: + +my %options = ();
svn commit: samba r25913 - in branches/SAMBA_4_0/source/build/smb_build: .
Author: metze Date: 2007-11-09 10:26:32 + (Fri, 09 Nov 2007) New Revision: 25913 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25913 Log: maybe some platforms have problems with echo -e metze Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm Changeset: Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm === --- branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2007-11-09 08:42:55 UTC (rev 25912) +++ branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2007-11-09 10:26:32 UTC (rev 25913) @@ -352,7 +352,11 @@ [EMAIL PROTECTED] Creating \$\@ [EMAIL PROTECTED] \#include \\\includes.h \$\@ [EMAIL PROTECTED] \$proto_fn;\ \$\@ - [EMAIL PROTECTED] -e \_PUBLIC_ $init_fn \\n{\\n\\treturn $ctx-{INIT_FUNCTION}();\\n}\\n\ \$\@ + [EMAIL PROTECTED] \_PUBLIC_ $init_fn\ \$\@ + [EMAIL PROTECTED] \{\ \$\@ + [EMAIL PROTECTED] \return $ctx-{INIT_FUNCTION}();\ \$\@ + [EMAIL PROTECTED] \}\ \$\@ + [EMAIL PROTECTED] \\ \$\@ __EOD__ ); $init_obj = bin/$ctx-{NAME}_init_module.o;
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-272-gc148e91
The branch, v3-2-test has been updated via c148e91fdedd20cfb737465dffc86ed6fa7d7c02 (commit) from a0d595c2277d2f754cdb0c85119fdc130d86f7ea (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit c148e91fdedd20cfb737465dffc86ed6fa7d7c02 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Fri Nov 9 11:50:14 2007 +0100 use samba4's librpc/ndr/uuid.c metze --- Summary of changes: source/Makefile.in |3 +- source/librpc/ndr/ndr_misc.c | 126 --- source/librpc/ndr/uuid.c | 227 ++ 3 files changed, 229 insertions(+), 127 deletions(-) create mode 100644 source/librpc/ndr/uuid.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 884e5a4..0ed7b4e 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -247,7 +247,8 @@ PASSCHANGE_OBJ = libsmb/passchange.o LIBNDR_OBJ = librpc/ndr/ndr_basic.o librpc/ndr/ndr.o librpc/ndr/ndr_misc.o \ -librpc/ndr/ndr_sec_helper.o librpc/ndr/ndr_string.o librpc/ndr/sid.o +librpc/ndr/ndr_sec_helper.o librpc/ndr/ndr_string.o librpc/ndr/sid.o \ +librpc/ndr/uuid.o RPCCLIENT_NDR_OBJ = rpc_client/ndr.o diff --git a/source/librpc/ndr/ndr_misc.c b/source/librpc/ndr/ndr_misc.c index e4bff83..c93e527 100644 --- a/source/librpc/ndr/ndr_misc.c +++ b/source/librpc/ndr/ndr_misc.c @@ -60,76 +60,6 @@ size_t ndr_size_GUID(const struct GUID *r, int flags) } /** - build a GUID from a string -*/ -NTSTATUS GUID_from_string(const char *s, struct GUID *guid) -{ - NTSTATUS status = NT_STATUS_INVALID_PARAMETER; - uint32_t time_low; - uint32_t time_mid, time_hi_and_version; - uint32_t clock_seq[2]; - uint32_t node[6]; - int i; - - if (s == NULL) { - return NT_STATUS_INVALID_PARAMETER; - } - - if (11 == sscanf(s, %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x, -time_low, time_mid, time_hi_and_version, -clock_seq[0], clock_seq[1], -node[0], node[1], node[2], node[3], node[4], node[5])) { - status = NT_STATUS_OK; - } else if (11 == sscanf(s, {%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}, - time_low, time_mid, time_hi_and_version, - clock_seq[0], clock_seq[1], - node[0], node[1], node[2], node[3], node[4], node[5])) { - status = NT_STATUS_OK; - } - - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - guid-time_low = time_low; - guid-time_mid = time_mid; - guid-time_hi_and_version = time_hi_and_version; - guid-clock_seq[0] = clock_seq[0]; - guid-clock_seq[1] = clock_seq[1]; - for (i=0;i6;i++) { - guid-node[i] = node[i]; - } - - return NT_STATUS_OK; -} - -/** - * generate a random GUID - */ -struct GUID GUID_random(void) -{ - struct GUID guid; - - generate_random_buffer((uint8_t *)guid, sizeof(guid)); - guid.clock_seq[0] = (guid.clock_seq[0] 0x3F) | 0x80; - guid.time_hi_and_version = (guid.time_hi_and_version 0x0FFF) | 0x4000; - - return guid; -} - -/** - * generate an empty GUID - */ -struct GUID GUID_zero(void) -{ - struct GUID guid; - - ZERO_STRUCT(guid); - - return guid; -} - -/** * see if a range of memory is all zero. A NULL pointer is considered * to be all zero */ @@ -143,67 +73,11 @@ bool all_zero(const uint8_t *ptr, size_t size) return True; } - -bool GUID_all_zero(const struct GUID *u) -{ - if (u-time_low != 0 || - u-time_mid != 0 || - u-time_hi_and_version != 0 || - u-clock_seq[0] != 0 || - u-clock_seq[1] != 0 || - !all_zero(u-node, 6)) { - return False; - } - return True; -} - -bool GUID_equal(const struct GUID *u1, const struct GUID *u2) -{ - if (u1-time_low != u2-time_low || - u1-time_mid != u2-time_mid || - u1-time_hi_and_version != u2-time_hi_and_version || - u1-clock_seq[0] != u2-clock_seq[0] || - u1-clock_seq[1] != u2-clock_seq[1] || - memcmp(u1-node, u2-node, 6) != 0) { - return False; - } - return True; -} - -/** - its useful to be able to display these in debugging messages -*/ -char *GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid) -{ - return talloc_asprintf(mem_ctx, - %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x, - guid-time_low, guid-time_mid, - guid-time_hi_and_version, -
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-273-ge811b9f
The branch, v3-2-test has been updated via e811b9f3bbf614f76e628755dafd358769b8a58b (commit) from c148e91fdedd20cfb737465dffc86ed6fa7d7c02 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit e811b9f3bbf614f76e628755dafd358769b8a58b Author: Karolin Seeger [EMAIL PROTECTED] Date: Fri Nov 9 11:30:30 2007 +0100 Fix typo --- Summary of changes: .../scripts/users_and_groups/adduserstogroups.pl |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/scripts/users_and_groups/adduserstogroups.pl b/examples/scripts/users_and_groups/adduserstogroups.pl index 17ca5bd..6759428 100755 --- a/examples/scripts/users_and_groups/adduserstogroups.pl +++ b/examples/scripts/users_and_groups/adduserstogroups.pl @@ -47,7 +47,7 @@ my $creds; sub usage { print USAGE: $0 [-h] -S server -U user\%pass \\\n . \t-m member [-s startmem] [-n nummem] \\\n - . \t-g group [-G stargroup] [-N numgroups] \\\n + . \t-g group [-G startgroup] [-N numgroups] \\\n . \t[-P path]\n; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-282-gdf42038
The branch, v3-2-test has been updated via df42038f8801ca65ed7d44f7ae26640e2d840dba (commit) via b401450e8409c19d12d944c61e5553ed3334bc11 (commit) via 0a1f524e8cce9bbe4fd10467c1f64f7a8862d298 (commit) via fc58f2f45ab93ecea855e1dc07b6fdccce041c8d (commit) via 5f205ab48d8ac3b7af573ea0be1ce095ab835448 (commit) via 814bed029efa391e664ac432d0d68dfeab26381f (commit) via 0ee896827215a24e70a4ac6bde5ded13f9497296 (commit) via 9f9c933c16abacb2d0aa7bc7faa5b1ddac61b0e5 (commit) from 0dc2d7ec010610c4bdab8eb6d488295a0259fbc9 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit df42038f8801ca65ed7d44f7ae26640e2d840dba Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Nov 9 14:23:16 2007 +0100 Fix some warnings commit b401450e8409c19d12d944c61e5553ed3334bc11 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Nov 9 14:23:16 2007 +0100 nss_wrapper: Fix some warnings commit 0a1f524e8cce9bbe4fd10467c1f64f7a8862d298 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Nov 9 14:23:16 2007 +0100 Fix some warnings commit fc58f2f45ab93ecea855e1dc07b6fdccce041c8d Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Nov 7 23:24:36 2007 +0100 Add some comments commit 5f205ab48d8ac3b7af573ea0be1ce095ab835448 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Oct 28 19:15:08 2007 +0100 Make base64_encode_data_blob return a talloced string commit 814bed029efa391e664ac432d0d68dfeab26381f Author: Volker Lendecke [EMAIL PROTECTED] Date: Thu Nov 1 18:13:00 2007 +0100 Remove the silly user_socket_options global variable This is better done with a 'lp_do_parameter(-1, socket options, ..); commit 0ee896827215a24e70a4ac6bde5ded13f9497296 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Nov 7 18:47:32 2007 +0100 pstring removal commit 9f9c933c16abacb2d0aa7bc7faa5b1ddac61b0e5 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Nov 7 19:06:30 2007 +0100 Fix dbwrap debug output --- Summary of changes: source/client/smbmount.c |3 +-- source/lib/afs.c |6 +++--- source/lib/dbwrap_ctdb.c |5 +++-- source/lib/dbwrap_tdb.c |6 +++--- source/lib/nss_wrapper/nss_wrapper.c |2 +- source/lib/popt_common.c |3 +-- source/lib/tdb/include/tdb.h |6 +++--- source/lib/util.c|1 - source/lib/util_str.c|3 ++- source/librpc/ndr/ndr_string.c | 27 ++- source/libsmb/cliconnect.c |6 ++ source/libsmb/doserr.c |9 + source/libsmb/libsmbclient.c |3 ++- source/param/loadparm.c |6 +++--- source/rpc_server/srv_samr_util.c|8 source/smbd/process.c|2 +- source/smbd/server.c | 14 -- source/torture/rpctorture.c |5 + source/torture/vfstest.c |5 ++--- source/utils/net_rpc_samsync.c |4 ++-- source/utils/ntlm_auth.c | 20 ++-- 21 files changed, 75 insertions(+), 69 deletions(-) Changeset truncated at 500 lines: diff --git a/source/client/smbmount.c b/source/client/smbmount.c index 7befd6e..5e69cf9 100644 --- a/source/client/smbmount.c +++ b/source/client/smbmount.c @@ -24,7 +24,6 @@ #include linux/smb_fs.h extern bool in_client; -extern pstring user_socket_options; extern char *optarg; extern int optind; @@ -807,7 +806,7 @@ static void parse_mount_smb(int argc, char **argv) } else if(!strcmp(opts, workgroup)) { pstrcpy(workgroup,opteq+1); } else if(!strcmp(opts, sockopt)) { - pstrcpy(user_socket_options,opteq+1); + lp_do_parameter(-1, socket options, opteq+1); } else if(!strcmp(opts, scope)) { set_global_scope(opteq+1); } else { diff --git a/source/lib/afs.c b/source/lib/afs.c index e9a7059..35f213f 100644 --- a/source/lib/afs.c +++ b/source/lib/afs.c @@ -53,7 +53,7 @@ static char *afs_encode_token(const char *cell, const DATA_BLOB ticket, base64_key = base64_encode_data_blob(key); if (base64_key == NULL) { - free(base64_ticket); + TALLOC_FREE(base64_ticket); return NULL; } @@ -63,8 +63,8 @@ static char *afs_encode_token(const char *cell, const DATA_BLOB ticket, DEBUG(10, (Got ticket string:\n%s\n, result)); - free(base64_ticket); - free(base64_key); + TALLOC_FREE(base64_ticket); + TALLOC_FREE(base64_key); return result; } diff
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-283-g9c57628
The branch, v3-2-test has been updated via 9c57628dbd79d3d28f20d5d1ab62a68ae683d46e (commit) from df42038f8801ca65ed7d44f7ae26640e2d840dba (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 9c57628dbd79d3d28f20d5d1ab62a68ae683d46e Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Oct 10 16:57:34 2007 +0200 Sanitize smbcacls slightly --- Summary of changes: source/utils/smbcacls.c | 238 --- 1 files changed, 144 insertions(+), 94 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/smbcacls.c b/source/utils/smbcacls.c index 9af2294..45177a9 100644 --- a/source/utils/smbcacls.c +++ b/source/utils/smbcacls.c @@ -23,10 +23,7 @@ #include includes.h -static pstring owner_username; -static fstring server; static int test_args = False; -static TALLOC_CTX *ctx; #define CREATE_ACCESS_READ READ_CONTROL_ACCESS @@ -62,110 +59,155 @@ static const struct perm_value standard_values[] = { { NULL, 0 }, }; -static struct cli_state *global_hack_cli; -static struct rpc_pipe_client *global_pipe_hnd; -static POLICY_HND pol; -static bool got_policy_hnd; +/* Open cli connection and policy handle */ -static struct cli_state *connect_one(const char *share); +static NTSTATUS cli_lsa_lookup_sid(struct cli_state *cli, + const DOM_SID *sid, + TALLOC_CTX *mem_ctx, + enum lsa_SidType *type, + char **domain, char **name) +{ + uint16 orig_cnum = cli-cnum; + struct rpc_pipe_client *p; + struct policy_handle handle; + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + enum lsa_SidType *types; + char **domains; + char **names; -/* Open cli connection and policy handle */ + if (!cli_send_tconX(cli, IPC$, ?, , 0)) { + return cli_nt_error(cli); + } + + p = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, status); + if (p == NULL) { + goto fail; + } + + status = rpccli_lsa_open_policy(p, talloc_tos(), True, + GENERIC_EXECUTE_ACCESS, handle); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + status = rpccli_lsa_lookup_sids(p, talloc_tos(), handle, 1, sid, + domains, names, types); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } -static bool cacls_open_policy_hnd(void) + *type = types[0]; + *domain = talloc_move(mem_ctx, domains[0]); + *name = talloc_move(mem_ctx, names[0]); + + status = NT_STATUS_OK; + fail: + if (p != NULL) { + cli_rpc_pipe_close(p); + } + cli_tdis(cli); + cli-cnum = orig_cnum; + TALLOC_FREE(frame); + return status; +} + +static NTSTATUS cli_lsa_lookup_name(struct cli_state *cli, + const char *name, + enum lsa_SidType *type, + DOM_SID *sid) { - /* Initialise cli LSA connection */ - - if (!global_hack_cli) { - NTSTATUS ret; - global_hack_cli = connect_one(IPC$); - global_pipe_hnd = cli_rpc_pipe_open_noauth(global_hack_cli, PI_LSARPC, ret); - if (!global_pipe_hnd) { - return False; - } + uint16 orig_cnum = cli-cnum; + struct rpc_pipe_client *p; + struct policy_handle handle; + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + DOM_SID *sids; + enum lsa_SidType *types; + + if (!cli_send_tconX(cli, IPC$, ?, , 0)) { + return cli_nt_error(cli); } - - /* Open policy handle */ - if (!got_policy_hnd) { + p = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, status); + if (p == NULL) { + goto fail; + } - /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, - but NT sends 0x200 so we might as well do it too. */ + status = rpccli_lsa_open_policy(p, talloc_tos(), True, + GENERIC_EXECUTE_ACCESS, handle); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } - if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, global_hack_cli-mem_ctx, True, - GENERIC_EXECUTE_ACCESS, pol))) { - return False; - } + status = rpccli_lsa_lookup_names(p, talloc_tos(), handle, 1, name, +NULL, 1, sids, types); +
svn commit: samba r25914 - in branches/SAMBA_4_0/source/selftest: . env
Author: metze Date: 2007-11-09 18:33:18 + (Fri, 09 Nov 2007) New Revision: 25914 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25914 Log: selftest: fix the module pathes when using --with-selftest-prefix metze Modified: branches/SAMBA_4_0/source/selftest/env/Samba4.pm branches/SAMBA_4_0/source/selftest/selftest.pl Changeset: Modified: branches/SAMBA_4_0/source/selftest/env/Samba4.pm === --- branches/SAMBA_4_0/source/selftest/env/Samba4.pm2007-11-09 10:26:32 UTC (rev 25913) +++ branches/SAMBA_4_0/source/selftest/env/Samba4.pm2007-11-09 18:33:18 UTC (rev 25914) @@ -647,7 +647,6 @@ DOMAIN = $domain, USERNAME = $username, REALM = $realm, - LDB_MODULES_PATH = $self-{bindir}/modules/ldb, PASSWORD = $password, LDAPDIR = $ldapdir, WINBINDD_SOCKET_DIR = $winbindd_socket_dir, Modified: branches/SAMBA_4_0/source/selftest/selftest.pl === --- branches/SAMBA_4_0/source/selftest/selftest.pl 2007-11-09 10:26:32 UTC (rev 25913) +++ branches/SAMBA_4_0/source/selftest/selftest.pl 2007-11-09 18:33:18 UTC (rev 25914) @@ -403,7 +403,7 @@ my $tls_enabled = not $opt_quick; $ENV{TLS_ENABLED} = ($tls_enabled?yes:no); -$ENV{LD_LDB_MODULE_PATH} = $old_pwd/bin/modules/ldb; +$ENV{LDB_MODULE_PATH} = $old_pwd/bin/modules/ldb; $ENV{LD_SAMBA_MODULE_PATH} = $old_pwd/bin/modules; if (defined($ENV{LD_LIBRARY_PATH})) { $ENV{LD_LIBRARY_PATH} = $old_pwd/bin/shared:$ENV{LD_LIBRARY_PATH}; @@ -546,7 +546,7 @@ torture:basedir = $prefix_abs/client #We don't want to pass our self-tests if the PAC code is wrong gensec:require_pac = true - modules dir = $prefix_abs/../bin/modules + modules dir = $ENV{LD_SAMBA_MODULE_PATH} ; close(CF); }
svn commit: samba r25915 - in branches/SAMBA_4_0/source/pidl: lib/Parse/Pidl/Samba3 lib/Parse/Pidl/Samba4/NDR tests
Author: metze Date: 2007-11-09 19:23:25 + (Fri, 09 Nov 2007) New Revision: 25915 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25915 Log: ndr/pidl: change NTSTAUS into enum ndr_err_code (pidl code) Samba4/NDR/Parser.pm Samba4/NDR/Server.pm Samba3/ServerNDR.pm tests/ metze Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm branches/SAMBA_4_0/source/pidl/tests/ndr_align.pl branches/SAMBA_4_0/source/pidl/tests/ndr_alloc.pl branches/SAMBA_4_0/source/pidl/tests/ndr_array.pl branches/SAMBA_4_0/source/pidl/tests/ndr_fullptr.pl branches/SAMBA_4_0/source/pidl/tests/ndr_refptr.pl branches/SAMBA_4_0/source/pidl/tests/ndr_represent.pl branches/SAMBA_4_0/source/pidl/tests/ndr_simple.pl branches/SAMBA_4_0/source/pidl/tests/ndr_string.pl branches/SAMBA_4_0/source/pidl/tests/ndr_tagtype.pl Changeset: Sorry, the patch is too large (623 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25915
svn commit: samba r25917 - in branches/SAMBA_4_0/source: libcli/util librpc/ndr
Author: metze Date: 2007-11-09 19:23:57 + (Fri, 09 Nov 2007) New Revision: 25917 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25917 Log: ndr: move ndr_map_error2ntstatus to errormap.c metze Modified: branches/SAMBA_4_0/source/libcli/util/error.h branches/SAMBA_4_0/source/libcli/util/errormap.c branches/SAMBA_4_0/source/librpc/ndr/ndr.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/util/error.h === --- branches/SAMBA_4_0/source/libcli/util/error.h 2007-11-09 19:23:40 UTC (rev 25916) +++ branches/SAMBA_4_0/source/libcli/util/error.h 2007-11-09 19:23:57 UTC (rev 25917) @@ -22,6 +22,7 @@ #include libcli/util/werror.h #include libcli/util/doserr.h #include libcli/util/ntstatus.h +#include librpc/ndr/libndr.h /** NT error on DOS connection! (NT_STATUS_OK) */ bool ntstatus_dos_equal(NTSTATUS status1, NTSTATUS status2); @@ -46,6 +47,9 @@ */ NTSTATUS map_nt_error_from_unix(int unix_error); +/* + Map an NT error code from a NDR error code. +*/ +NTSTATUS ndr_map_error2ntstatus(enum ndr_err_code ndr_err); - #endif /* _SAMBA_ERROR_H */ Modified: branches/SAMBA_4_0/source/libcli/util/errormap.c === --- branches/SAMBA_4_0/source/libcli/util/errormap.c2007-11-09 19:23:40 UTC (rev 25916) +++ branches/SAMBA_4_0/source/libcli/util/errormap.c2007-11-09 19:23:57 UTC (rev 25917) @@ -1375,3 +1375,28 @@ /* Default return */ return NT_STATUS_UNSUCCESSFUL; } + +NTSTATUS ndr_map_error2ntstatus(enum ndr_err_code ndr_err) +{ + switch (ndr_err) { + case NDR_ERR_SUCCESS: + return NT_STATUS_OK; + case NDR_ERR_BUFSIZE: + return NT_STATUS_BUFFER_TOO_SMALL; + case NDR_ERR_TOKEN: + return NT_STATUS_INTERNAL_ERROR; + case NDR_ERR_ALLOC: + return NT_STATUS_NO_MEMORY; + case NDR_ERR_ARRAY_SIZE: + return NT_STATUS_ARRAY_BOUNDS_EXCEEDED; + case NDR_ERR_INVALID_POINTER: + return NT_STATUS_INVALID_PARAMETER_MIX; + case NDR_ERR_UNREAD_BYTES: + return NT_STATUS_PORT_MESSAGE_TOO_LONG; + default: + break; + } + + /* we should map all error codes to different status codes */ + return NT_STATUS_INVALID_PARAMETER; +} Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr.c 2007-11-09 19:23:40 UTC (rev 25916) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr.c 2007-11-09 19:23:57 UTC (rev 25917) @@ -353,31 +353,6 @@ (*pflags) |= new_flags; } -NTSTATUS ndr_map_error2ntstatus(enum ndr_err_code ndr_err) -{ - switch (ndr_err) { - case NDR_ERR_SUCCESS: - return NT_STATUS_OK; - case NDR_ERR_BUFSIZE: - return NT_STATUS_BUFFER_TOO_SMALL; - case NDR_ERR_TOKEN: - return NT_STATUS_INTERNAL_ERROR; - case NDR_ERR_ALLOC: - return NT_STATUS_NO_MEMORY; - case NDR_ERR_ARRAY_SIZE: - return NT_STATUS_ARRAY_BOUNDS_EXCEEDED; - case NDR_ERR_INVALID_POINTER: - return NT_STATUS_INVALID_PARAMETER_MIX; - case NDR_ERR_UNREAD_BYTES: - return NT_STATUS_PORT_MESSAGE_TOO_LONG; - default: - break; - } - - /* we should map all error codes to different status codes */ - return NT_STATUS_INVALID_PARAMETER; -} - /* return and possibly log an NDR error */
svn commit: samba r25920 - in branches/SAMBA_4_0/source: auth auth/gensec auth/kerberos cluster/ctdb dsdb/repl dsdb/samdb dsdb/samdb/ldb_modules dsdb/schema kdc lib/ldb-samba lib/messaging lib/registr
Author: metze Date: 2007-11-09 19:24:51 + (Fri, 09 Nov 2007) New Revision: 25920 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25920 Log: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers) lib/messaging/ lib/registry/ lib/ldb-samba/ librpc/rpc/ auth/auth_winbind.c auth/gensec/ auth/kerberos/ dsdb/repl/ dsdb/samdb/ dsdb/schema/ torture/ cluster/ctdb/ kdc/ ntvfs/ipc/ torture/rap/ ntvfs/ utils/getntacl.c ntptr/ smb_server/ libcli/wrepl/ wrepl_server/ libcli/cldap/ libcli/dgram/ libcli/ldap/ libcli/raw/ libcli/nbt/ libnet/ winbind/ rpc_server/ metze Modified: branches/SAMBA_4_0/source/auth/auth_winbind.c branches/SAMBA_4_0/source/auth/gensec/schannel.c branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c branches/SAMBA_4_0/source/dsdb/repl/drepl_partitions.c branches/SAMBA_4_0/source/dsdb/repl/replicated_objects.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/repl_meta_data.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/dsdb/samdb/samdb.c branches/SAMBA_4_0/source/dsdb/schema/schema_init.c branches/SAMBA_4_0/source/dsdb/schema/schema_syntax.c branches/SAMBA_4_0/source/kdc/hdb-ldb.c branches/SAMBA_4_0/source/kdc/pac-glue.c branches/SAMBA_4_0/source/lib/ldb-samba/ldif_handlers.c branches/SAMBA_4_0/source/lib/messaging/messaging.c branches/SAMBA_4_0/source/lib/registry/regf.c branches/SAMBA_4_0/source/libcli/cldap/cldap.c branches/SAMBA_4_0/source/libcli/dgram/browse.c branches/SAMBA_4_0/source/libcli/dgram/dgramsocket.c branches/SAMBA_4_0/source/libcli/dgram/netlogon.c branches/SAMBA_4_0/source/libcli/dgram/ntlogon.c branches/SAMBA_4_0/source/libcli/ldap/ldap_ndr.c branches/SAMBA_4_0/source/libcli/nbt/nbtname.c branches/SAMBA_4_0/source/libcli/nbt/nbtsocket.c branches/SAMBA_4_0/source/libcli/raw/rawacl.c branches/SAMBA_4_0/source/libcli/raw/rawfile.c branches/SAMBA_4_0/source/libcli/raw/rawfileinfo.c branches/SAMBA_4_0/source/libcli/raw/rawfsinfo.c branches/SAMBA_4_0/source/libcli/raw/rawsetfileinfo.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c branches/SAMBA_4_0/source/libnet/libnet_become_dc.c branches/SAMBA_4_0/source/libnet/libnet_samsync_ldb.c branches/SAMBA_4_0/source/libnet/libnet_vampire.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c branches/SAMBA_4_0/source/ntptr/simple_ldb/ntptr_simple_ldb.c branches/SAMBA_4_0/source/ntvfs/common/notify.c branches/SAMBA_4_0/source/ntvfs/common/opendb_tdb.c branches/SAMBA_4_0/source/ntvfs/ipc/ipc_rap.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_xattr.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c branches/SAMBA_4_0/source/rpc_server/remote/dcesrv_remote.c branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c branches/SAMBA_4_0/source/smb_server/blob.c branches/SAMBA_4_0/source/smb_server/smb/nttrans.c branches/SAMBA_4_0/source/smb_server/smb2/fileinfo.c branches/SAMBA_4_0/source/torture/auth/pac.c branches/SAMBA_4_0/source/torture/ldap/uptodatevector.c branches/SAMBA_4_0/source/torture/ndr/ndr.c branches/SAMBA_4_0/source/torture/rap/rap.c branches/SAMBA_4_0/source/torture/rpc/eventlog.c branches/SAMBA_4_0/source/torture/rpc/samsync.c branches/SAMBA_4_0/source/torture/rpc/spoolss_notify.c branches/SAMBA_4_0/source/torture/rpc/winreg.c branches/SAMBA_4_0/source/torture/ui.h branches/SAMBA_4_0/source/utils/getntacl.c branches/SAMBA_4_0/source/winbind/wb_pam_auth.c branches/SAMBA_4_0/source/wrepl_server/wrepl_in_connection.c Changeset: Sorry, the patch is too large (4545 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25920
svn commit: samba r25916 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2007-11-09 19:23:40 + (Fri, 09 Nov 2007) New Revision: 25916 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25916 Log: ndr: change NTSTAUS into enum ndr_err_code (basic stuff) librpc/ndr/ metze Modified: branches/SAMBA_4_0/source/librpc/ndr/libndr.h branches/SAMBA_4_0/source/librpc/ndr/ndr.c branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c branches/SAMBA_4_0/source/librpc/ndr/ndr_string.c Changeset: Sorry, the patch is too large (1471 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25916
svn commit: samba r25918 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2007-11-09 19:24:10 + (Fri, 09 Nov 2007) New Revision: 25918 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25918 Log: ndr: change NTSTAUS into enum ndr_err_code (samba4 handwritten stuff) ndr_sec_helper.c ndr_spoolss_buf.c ndr_compression.c ndr_drsuapi.[ch] ndr_krb5pac.c ndr_orpc.c metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c branches/SAMBA_4_0/source/librpc/ndr/ndr_drsuapi.c branches/SAMBA_4_0/source/librpc/ndr/ndr_drsuapi.h branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c branches/SAMBA_4_0/source/librpc/ndr/ndr_orpc.c branches/SAMBA_4_0/source/librpc/ndr/ndr_sec_helper.c branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c Changeset: Sorry, the patch is too large (762 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25918
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-290-g52fe04d
The branch, v3-2-test has been updated via 52fe04df8e8c08126afe61d509fc1d3cb676e327 (commit) from c2645d2164c05976a98bafed980b6029baf89977 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 52fe04df8e8c08126afe61d509fc1d3cb676e327 Author: Jeremy Allison [EMAIL PROTECTED] Date: Fri Nov 9 15:09:16 2007 -0800 Remove more static fstring/pstrings. Fix socket option set on wrong fd (-1). Jeremy. --- Summary of changes: source/lib/substitute.c | 270 -- source/lib/util.c| 55 + source/nmbd/nmbd_synclists.c |4 +- source/smbd/server.c |6 +- 4 files changed, 212 insertions(+), 123 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/substitute.c b/source/lib/substitute.c index 7f357e9..ce88a78 100644 --- a/source/lib/substitute.c +++ b/source/lib/substitute.c @@ -23,125 +23,185 @@ extern struct current_user current_user; -fstring local_machine=; -fstring remote_arch=UNKNOWN; userdom_struct current_user_info; fstring remote_proto=UNKNOWN; -static fstring remote_machine; -static fstring smb_user_name; - -/** +/** * Set the 'local' machine name * @param local_name the name we are being called * @param if this is the 'final' name for us, not be be changed again */ -void set_local_machine_name(const char* local_name, bool perm) +static char *local_machine; + +bool set_local_machine_name(const char *local_name, bool perm) { - static bool already_perm = False; - fstring tmp_local_machine; + static bool already_perm = false; + char *tmp_local_machine = NULL; char addr[INET6_ADDRSTRLEN]; + size_t len; - fstrcpy(tmp_local_machine,local_name); + tmp_local_machine = SMB_STRDUP(local_name); + if (!tmp_local_machine) { + return false; + } trim_char(tmp_local_machine,' ',' '); /* * Windows NT/2k uses *SMBSERVER and XP uses *SMBSERV -* arrggg!!! +* arrggg!!! */ - if ( strequal(tmp_local_machine, *SMBSERVER) || strequal(tmp_local_machine, *SMBSERV) ) { - fstrcpy( local_machine, - client_socket_addr(get_client_fd(), addr, sizeof(addr)) ); - return; + if (strequal(tmp_local_machine, *SMBSERVER) || + strequal(tmp_local_machine, *SMBSERV) ) { + SAFE_FREE(local_machine); + local_machine = SMB_STRDUP(client_socket_addr(get_client_fd(), + addr, sizeof(addr)) ); + SAFE_FREE(tmp_local_machine); + return local_machine ? true : false; } - if (already_perm) - return; + if (already_perm) { + return true; + } + + SAFE_FREE(local_machine); + len = strlen(tmp_local_machine); + local_machine = SMB_CALLOC_ARRAY(char, len+1); + if (!local_machine) { + SAFE_FREE(tmp_local_machine); + return false; + } + alpha_strcpy(local_machine,tmp_local_machine, + SAFE_NETBIOS_CHARS,len); + strlower_m(local_machine); + SAFE_FREE(tmp_local_machine); already_perm = perm; - alpha_strcpy(local_machine,tmp_local_machine,SAFE_NETBIOS_CHARS,sizeof(local_machine)-1); - strlower_m(local_machine); + return true; +} + +const char *get_local_machine_name(void) +{ + if (!local_machine || !*local_machine) { + return global_myname(); + } + + return local_machine; } -/** +/** * Set the 'remote' machine name * @param remote_name the name our client wants to be called by * @param if this is the 'final' name for them, not be be changed again */ -void set_remote_machine_name(const char* remote_name, bool perm) +static char *remote_machine; + +bool set_remote_machine_name(const char *remote_name, bool perm) { static bool already_perm = False; - fstring tmp_remote_machine; - - if (already_perm) - return; + char *tmp_remote_machine; + size_t len; - already_perm = perm; + if (already_perm) { + return true; + } - fstrcpy(tmp_remote_machine,remote_name); + tmp_remote_machine = SMB_STRDUP(remote_name); + if (!tmp_remote_machine) { + return false; + } trim_char(tmp_remote_machine,' ',' '); - alpha_strcpy(remote_machine,tmp_remote_machine,SAFE_NETBIOS_CHARS,sizeof(remote_machine)-1); + + SAFE_FREE(remote_machine); + len = strlen(tmp_remote_machine); + remote_machine = SMB_CALLOC_ARRAY(char, len+1); + if (!remote_machine) { + SAFE_FREE(tmp_remote_machine); +
Build status as of Sat Nov 10 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-11-09 00:00:58.0 + +++ /home/build/master/cache/broken_results.txt 2007-11-10 00:00:35.0 + @@ -1,4 +1,4 @@ -Build status as of Fri Nov 9 00:00:02 2007 +Build status as of Sat Nov 10 00:00:02 2007 Build counts: Tree Total Broken Panic @@ -16,10 +16,10 @@ rsync28 13 0 samba-docs 0 0 0 samba-gtk2 2 0 -samba4 26 19 0 +samba4 26 18 0 samba_3_20 0 0 samba_3_2_test 28 19 0 smb-build27 27 0 talloc 28 9 0 -tdb 28 13 0 +tdb 28 12 0
svn commit: samba r25921 - in branches/SAMBA_4_0/source: ldap_server scripting/libjs setup
Author: abartlet Date: 2007-11-10 05:31:26 + (Sat, 10 Nov 2007) New Revision: 25921 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25921 Log: Now also listen on ldapi by default in the LDAP server Create a phpLDAPadmin configuration file example to use ldapi to talk to Samba4 Andrew Bartlett Added: branches/SAMBA_4_0/source/setup/phpldapadmin-config.php Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.c branches/SAMBA_4_0/source/scripting/libjs/provision.js Changeset: Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.c === --- branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2007-11-09 19:24:51 UTC (rev 25920) +++ branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2007-11-10 05:31:26 UTC (rev 25921) @@ -509,6 +509,7 @@ */ static void ldapsrv_task_init(struct task_server *task) { + char *ldapi_path; struct ldapsrv_service *ldap_service; NTSTATUS status; const struct model_ops *model_ops; @@ -556,6 +557,19 @@ if (!NT_STATUS_IS_OK(status)) goto failed; } + ldapi_path = private_path(ldap_service, global_loadparm, ldapi); + if (!ldapi_path) { + goto failed; + } + + status = stream_setup_socket(task-event_ctx, model_ops, ldap_stream_ops, +unix, ldapi_path, NULL, ldap_service); + talloc_free(ldapi_path); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,(ldapsrv failed to bind to %s - %s\n, +ldapi_path, nt_errstr(status))); + } + return; failed: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-09 19:24:51 UTC (rev 25920) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-10 05:31:26 UTC (rev 25921) @@ -162,6 +162,7 @@ /* delete the specials */ ldb.del(@INDEXLIST); ldb.del(@ATTRIBUTES); + ldb.del(@OPTIONS); ldb.del(@MODULES); ldb.del(@PARTITION); ldb.del(@KLUDGEACL); @@ -393,6 +394,9 @@ paths.ldap_config_basedn_ldif = paths.ldapdir + / + dnsdomain + -config.ldif; paths.ldap_schema_basedn_ldif = paths.ldapdir + / + dnsdomain + -schema.ldif; + paths.s4_ldapi_socket = lp.get(private dir) + /ldapi; + paths.phpldapadminconfig = lp.get(private dir) + /phpldapadmin-config.php; + paths.sysvol = lp.get(sysvol, path); if (paths.sysvol == undefined) { @@ -489,6 +493,9 @@ var ldap_path_list = split(/, paths.ldapdir); subobj.LDAPI_URI = ldapi:// + join(%2F, ldap_path_list) + %2Fldapi; + var s4ldap_path_list = split(/, paths.s4_ldapi_socket); + subobj.S4_LDAPI_URI = ldapi:// + join(%2F, s4ldap_path_list); + subobj.LDAPMANAGERDN = cn=Manager, + subobj.DOMAINDN; subobj.NETLOGONPATH = paths.netlogon; @@ -794,6 +801,10 @@ assert(commit_ok); } + message(Setting up phpLDAPadmin configuration\n); + setup_file(phpldapadmin-config.php, info.message, paths.phpldapadminconfig, subobj); + message(Please install the phpLDAPadmin configuration located at + paths.phpldapadminconfig + into /etc/phpldapadmin/config.php\n); + return true; } Added: branches/SAMBA_4_0/source/setup/phpldapadmin-config.php === --- branches/SAMBA_4_0/source/setup/phpldapadmin-config.php 2007-11-09 19:24:51 UTC (rev 25920) +++ branches/SAMBA_4_0/source/setup/phpldapadmin-config.php 2007-11-10 05:31:26 UTC (rev 25921) @@ -0,0 +1,28 @@ +?php +/** + * The phpLDAPadmin config file, customised for use with Samba4 + * This overrides phpLDAPadmin defaults + * that are defined in config_default.php. + * + * DONT change config_default.php, you changes will be lost by the next release + * of PLA. Instead change this file - as it will NOT be replaced by a new + * version of phpLDAPadmin. + */ + +/*/ +/* Useful important configuration overrides */ +/*/ + +/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this + to a big random string. */ + +$i=0; +$ldapservers = new LDAPServers; + +/* A convenient name that will appear in the tree viewer and throughout + phpLDAPadmin to identify this LDAP server to users. */ +$ldapservers-SetValue($i,'server','name','Samba4 LDAP Server'); +$ldapservers-SetValue($i,'server','host','${S4_LDAPI_URI}'); +$ldapservers-SetValue($i,'server','auth_type','session'); +$ldapservers-SetValue($i,'login','attr','dn'); +?
svn commit: samba r25922 - in branches/SAMBA_4_0/source/smbd: .
Author: abartlet Date: 2007-11-10 05:48:38 + (Sat, 10 Nov 2007) New Revision: 25922 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25922 Log: Make it easier to bind to a unix domain socket, without messing with ports... Andrew Bartlett Modified: branches/SAMBA_4_0/source/smbd/service_stream.c Changeset: Modified: branches/SAMBA_4_0/source/smbd/service_stream.c === --- branches/SAMBA_4_0/source/smbd/service_stream.c 2007-11-10 05:31:26 UTC (rev 25921) +++ branches/SAMBA_4_0/source/smbd/service_stream.c 2007-11-10 05:48:38 UTC (rev 25922) @@ -266,7 +266,15 @@ /* TODO: set socket ACL's here when they're implemented */ - if (*port == 0) { + if (!port) { + socket_address = socket_address_from_strings(stream_socket, + stream_socket-sock-backend_name, +sock_addr, 0); + NT_STATUS_HAVE_NO_MEMORY(socket_address); + status = socket_listen(stream_socket-sock, socket_address, SERVER_LISTEN_BACKLOG, 0); + talloc_free(socket_address); + + } else if (*port == 0) { for (i=SERVER_TCP_LOW_PORT;i= SERVER_TCP_HIGH_PORT;i++) { socket_address = socket_address_from_strings(stream_socket, stream_socket-sock-backend_name,
svn commit: samba-docs r1206 - in trunk/Samba3-HOWTO: .
Author: jht Date: 2007-11-10 05:52:13 + (Sat, 10 Nov 2007) New Revision: 1206 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1206 Log: Fixed formatting issues. Removed -B option docs. Modified: trunk/Samba3-HOWTO/TOSHARG-Winbind.xml Changeset: Sorry, the patch is too large (1054 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1206