Re: [Samba] Re: SAMBA / CUPS
Hi I think this is pretty well documented in Samba Official Howto §21 - Setting Device Modes on New Printers François Dear all, I am new to CUPS. I found an installation of CUPS with SAMBA that we will deploy soon but there are a couple of problems I need to solve beforehand and your help would be really appreciated. I have RedHat 5.1 installation with the following : CUPS 1.3.7 and SAMBA 3.0.25b My smb.conf relevant details looks like this : [global] ## GLOBAL SETTINGS netbios name = TASSIN server string = Samba Print Server workgroup = DOM NAME security = domain encrypt passwords = yes password server = P Z ## WINBIND SETTINGS idmap uid = 1-2 idmap gid = 1-2 winbind separator = / ## LOG SETTINGS log level = 2 log file = /var/log/samba/log.%m max log size = 1000 ## NETWORK SETTINGS wins server = X , Y name resolve order = hosts wins interfaces = Z smb ports = 139 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hosts allow = 10. 127. 172. 193. 192. include = /etc/samba/jessie.conf include = /etc/samba/janey.conf ## DOMAIN SETTINGS domain master = no local master = no preferred master = no os level = 0 ## PRINTER SETTINGS load printers = yes printing = cups printcap name = cups cups options = raw [printers] comment = All printers path = /var/spool/samba browseable = no public = yes guest ok = yes writable = yes printable = yes use client driver = no printer admin = filled in properly [print$] comment = Printer drivers path = /var/lib/samba/printers browseable = yes guest ok = no read only = yes write list = filled in properly create mask = 0664 directory mask = 0775 We use windows clients and I am trying to set all printers in duplex mode. My problem is that I do it with a correct domain user but the setting sometimes is kept and sometimes is lost after sometime. Can someone tell me where these settings are stored ? Many thanks Konrad -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- François Legal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Sharing Printer Stop Working: error writing spool : NT_STATUS_ACCESS_DENIED
Edit, Iam not sure what cause the print server to stop working as samba has NEVER been upgraded. Looks like other upgrade has caused this problem but still not sure what upgrade. DK On Wed, Jul 30, 2008 at 9:41 AM, David Kuntadi [EMAIL PROTECTED] wrote: Previously I have a working print server using samba with below setting: [global] printcap name = cups printing = cups security = share [printers] browseable = yes printable = yes public = yes create mode = 0700 guest only = yes use client driver = yes guest account = smbprint path = /home/smbprint I could print both from linux and windows XP. But recently (Samba 3.0.22), it stopped working, both linux and windows XP. The message in the linux client computer is: Ready: /usr/lib/cups/filter/foomatic-rip failed When I set the log to debug level, I could see the actual error is: error writing spool : NT_STATUS_ACCESS_DENIED I have checked that the smbprint system user still exist: /usr/sbin/adduser --system --disabled-password smbprint May I know how to solve this issue other than to downgrade samba? Regards David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
Hallo, Linda, Du (samba) meintest am 29.07.08: I'm trying to upgrade and old server from the 3.0.23 to the 3.0.26 version (suse93-suse103) (for brevity, abbreviating 3.0.23-.23, and 3.0.26-.26) The actual version is 3.0.31 - I had some trouble with versions below 3.0.29 (and much trouble with 3.0.23 ...) Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Must re-join to domain after server reboot
Hi We have Windows 2003 AD Domain Controller and a linux servers which join in NT4-style domain. idmap is configured to use LDAP (openldap on a linux server). After we run: smbpasswd -W net join rpc -S server -U administrator /usr/sbin/smbd -D /usr/sbin/nmbd -D /usr/sbin/winbindd -D wbinfo -u and wbinfo -g get a list users and groups from a domain. if we restart all Samba processes on a server it stay working also. But when we reboot a server it stop working and produce error in winbindd log: Could not receive trustdoms So we must re-join the domain manually and restart Samba processes. What can be a problem ? We tried 3.0.30 and 3.2.0 on Slackware-12.0 with the same result. With unknown reason 3.0.31 was not able to join our domain at all. We used the same config file for all versions and made clean up before checking every version: remove /etc/smaba/private/secrets.tdb remove all files from /var/cache/samba remove the server name from AD on the domain controller Vladimir Shiray -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] move_driver_to_download_area: Unable to rename samba3.2
Hi, I try to install a new driver on my print$ share using APW and I have this message : move_driver_to_download_area: Unable to rename [W32X86/HPDCMON.DLL] to [W32X86/3/HPDCMON.DLL] I have exacltly the same configuration (smb.conf, acl et right) than my older server. Could anyone answer to me and help me ? Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 02:21:20PM +0200, Stéphane PURNELLE wrote: Hi, I try to install a new driver on my print$ share using APW and I have this message : move_driver_to_download_area: Unable to rename [W32X86/HPDCMON.DLL] to [W32X86/3/HPDCMON.DLL] I have exacltly the same configuration (smb.conf, acl et right) than my older server. Could anyone answer to me and help me ? Please send your smb.conf and a full debug level 10 log of smbd leading to this failure. Volker pgpslUI4oQD7L.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sharing Printer Stop Working: error writing spool : NT_STATUS_ACCESS_DENIED
On Tue, Jul 29, 2008 at 10:41 PM, David Kuntadi [EMAIL PROTECTED] wrote: Previously I have a working print server using samba with below setting: [global] printcap name = cups printing = cups security = share [printers] browseable = yes printable = yes public = yes create mode = 0700 guest only = yes use client driver = yes guest account = smbprint path = /home/smbprint I could print both from linux and windows XP. But recently (Samba 3.0.22), it stopped working, both linux and windows XP. The message in the linux client computer is: Ready: /usr/lib/cups/filter/foomatic-rip failed This looks like a cups problem to me. Investigate this cups error. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 02:53:22PM +0200, Stéphane PURNELLE wrote: Here my sqm.conf and smbd logfile I'm afraid but I can not find the message move_driver_to_download_area: Unable to rename in the logfile. Mayb it has been rotated away due to your max log size = 1000 setting? You might also want to compress the logfile before sendig it. Thanks, Volker pgpxXc43G9FIf.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 03:42:01PM +0200, Stéphane PURNELLE wrote: excuse-me here a compresses file of the log I changed the extension of file to bypass the anti-virus and zip file filter. [2008/07/30 15:37:57, 10] smbd/open.c:fd_open(64) fd_open: name W32X86/HPDCMON.DLL, flags = 00 mode = 0760, fd = -1. Resource temporarily unavailable [2008/07/30 15:37:57, 3] smbd/open.c:open_file(318) Error opening file W32X86/HPDCMON.DLL (NT_STATUS_NETWORK_BUSY) (local_flags=0) (flags=0) That's really weird. Can you try kernel oplocks = no, just as an attempt? Volker pgpoIVFbcWzsH.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] weird Windows profile creation
On Mon, Jul 28, 2008 at 10:15 AM, Christopher Perry [EMAIL PROTECTED] wrote: It seems weird. On 75% of my machines, it creates accounts as: c:\documents and settings\username on 25% of the machines, it creates them as: c:\docments and settings\username.DOMAINNAME These are fresh machines, so it's unclear to me where this behavior stems from. We're not using roaming profiles. Does anyone have any idea as to why this happens? When I had a Samba PDC in use with roaming profiles we had the clients set to delete the roaming profiles at logoff. Naturally MS Windows didn't always delete the locally cached copy of the roaming profile in spite of being told to do so. On subsequent logins the roaming profile would be copied to c:\documents and settings\username.DOMAINNAME - which would break some applications (Thunderbird, Firefox) that expected their settings to be under c:\documents and settings\username. Wasn't a Samba issue in our case b/c it was the client machine's failure to delete the local coy of the roaming profile that was the source of the issue. -Bob -- *** Bob Martel,System Administrator I met someone who looks a lot like you Levin College of Urban Affairs She does the things you do Cleveland State University But she is an IBM (216) 687-2214 [EMAIL PROTECTED]-Jeff Lynne *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Building Samba 3.2.0 on Solaris with Sun compiler
On Wed, Jul 30, 2008 at 10:23 AM, Douglas E. Engert [EMAIL PROTECTED] wrote: Solaris 10 comes with gcc in /usr/sfw/bin I know. But I was only able to get certain needed packages (looking through notes ... ) -- I could only get heimdal to build with cc, but not gcc. In any case, it's nice that samba = 3.0.x was not GNU toolchain specific, and it appears that there's no reason 3.2.0 has to be, either. -David -- David Eisner http://cradle.brokenglass.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
All data share (inclusive print$ share) is on a nbd mount. $# mount /dev/md1 on /rsrv type xfs (rw) I use a software (lifekeeper) which use network block device for replicate all data to a othe server. Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Volker Lendecke [EMAIL PROTECTED] a écrit sur 30/07/2008 16:36:41 : On Wed, Jul 30, 2008 at 04:24:40PM +0200, Stéphane PURNELLE wrote: The strace file Hmmm. I need to check if we broke kernel oplocks = no. In the logfile there are still attempts to acquire Linux kernel oplocks. BTW, is the print$ share on a local file system, or possibly on an NFS imported file system? Volker [rattachement atthn9j4.dat supprimé par Stéphane PURNELLE/COR/SOPARIND] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 04:40:23PM +0200, Stéphane PURNELLE wrote: All data share (inclusive print$ share) is on a nbd mount. $# mount /dev/md1 on /rsrv type xfs (rw) I use a software (lifekeeper) which use network block device for replicate all data to a othe server. Ok, I'm lost now. For me using kernel oplocks = no stops smbd from requesting oplocks from the kernel. If this does not help for you, then there is something severely broken with your build. Are you sure you have plain Samba sources without patches? And, what is your exact platform? Sorry, Volker pgpBLzeGIkUgm.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
OS : redhat enterprise linux 5.1 Samba compiled from source Spécial software : Lifekeeper (steeleye) Configure parameter : ./configure --with-ldap --with-acl-support --prefix=/usr/local --exec-prefix=/usr/local --bindir=/usr/local/bin --sbindir=/usr/local/sbin --libexecdir=/usr/local/libexec --datadir=/usr/local/share --sharedstatedir=/usr/local/com --localstatedir=/usr/local/var --libdir=/usr/local/lib --includedir=/usr/local/include --infodir=/usr/share/info --with-configdir=/srv/etc/samba --sysconfdir=/srv/etc/samba --mandir=/usr/local/man --with-privatedir=/srv/private --enable-cups I just applied manually some patch from mail-list : From Jeremy - resolving the case : v3.2.0 and MS-DOS: Directories must be upper-case?? From Jeremy - resolving the case : Creating Zone Identifier files and not able to read/write/delete them. I don't use vfs objects = streams_xattr, but normally it must don't make problem. If could thelp Thanks, Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Volker Lendecke [EMAIL PROTECTED] a écrit sur 30/07/2008 17:06:28 : On Wed, Jul 30, 2008 at 04:40:23PM +0200, Stéphane PURNELLE wrote: All data share (inclusive print$ share) is on a nbd mount. $# mount /dev/md1 on /rsrv type xfs (rw) I use a software (lifekeeper) which use network block device for replicate all data to a othe server. Ok, I'm lost now. For me using kernel oplocks = no stops smbd from requesting oplocks from the kernel. If this does not help for you, then there is something severely broken with your build. Are you sure you have plain Samba sources without patches? And, what is your exact platform? Sorry, Volker [rattachement att7u729.dat supprimé par Stéphane PURNELLE/COR/SOPARIND] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 05:19:26PM +0200, Stéphane PURNELLE wrote: OS : redhat enterprise linux 5.1 Samba compiled from source Spécial software : Lifekeeper (steeleye) As a quick workaround, you might try to comment out lines 133-140 from source/smbd/oplock_linux.c until we find out why on RHEL 5.1 kernel oplocks = no does not work. You might want to file a bug for that. Volker pgpACDwKD6x6i.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] panic action on samba 3.2
Hi, during I make a some du command (du -sh), samba has been disturb and sent a panic action : Last line of smbd.log : [2008/07/30 15:36:09, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:04:43, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:13:56, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected [2008/07/30 16:34:59, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:34:59, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected Last line of smbd.log of smbd which start the panic action : [2008/07/30 16:30:13, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service fsi initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:39:08, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:39:30, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:46:58, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:22, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:47:25, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:36, 1] smbd/service.c:close_cnum(1401) ! crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:51:54, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:52:05, 0] smbd/nttrans.c:call_nt_transact_ioctl(2009) call_nt_transact_ioctl(0x9009c): Currently not implemented. [2008/07/30 16:52:17, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:28, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:29, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service profiles initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:57:36, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service fsi [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid failed with EAGAIN. uid(1179) might be ove! r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! rt_uid(1 00) Failed to set uid privileges to (-1,1179) now set to (0,0) [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): failed to set uid [2008/07/30 16:57:36, 0] lib/util.c:log_stack_trace(1770) BACKTRACE: 13 stack frames: #0 /usr/local/sbin/smbd(log_stack_trace+0x1a) [0x557d6b90] #1 /usr/local/sbin/smbd(smb_panic+0x5b) [0x557d6ca0] #2 /usr/local/sbin/smbd [0x557dc4d4] #3 /usr/local/sbin/smbd(set_effective_uid+0x74) [0x557dc817] #4 /usr/local/sbin/smbd [0x55646fd8] #5 /usr/local/sbin/smbd(set_sec_ctx+0xd8) [0x55647245] #6 /usr/local/sbin/smbd(change_to_user+0x5f0) [0x5563a3d2] #7 /usr/local/sbin/smbd [0x55656b81] #8 /usr/local/sbin/smbd [0x5565861a] #9 /usr/local/sbin/smbd(smbd_process+0xca7) [0x55659381] #10 /usr/local/sbin/smbd(main+0x1eb2) [0x559cfc77] #11 /lib64/libc.so.6(__libc_start_main+0xf4) [0x2df428a4] #12 /usr/local/sbin/smbd [0x555e57d9] [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1671) smb_pani! c(): calling panic action [/srv/bin/panic.sh fsi crdfsim] It's maybe normal. thanks Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
Is kernel oplock use locking for fcntl ? Because is kernel change log from RH, I have : [fs] fix locking for fcntl (Ed Pollard ) [430596] My samba is on production, I'am not sure than I will recompile my samba now. Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Volker Lendecke [EMAIL PROTECTED] a écrit sur 30/07/2008 17:26:43 : On Wed, Jul 30, 2008 at 05:19:26PM +0200, Stéphane PURNELLE wrote: OS : redhat enterprise linux 5.1 Samba compiled from source Spécial software : Lifekeeper (steeleye) As a quick workaround, you might try to comment out lines 133-140 from source/smbd/oplock_linux.c until we find out why on RHEL 5.1 kernel oplocks = no does not work. You might want to file a bug for that. Volker [rattachement attd3gco.dat supprimé par Stéphane PURNELLE/COR/SOPARIND] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
On Wed, Jul 30, 2008 at 05:45:46PM +0200, Stéphane PURNELLE wrote: Is kernel oplock use locking for fcntl ? Because is kernel change log from RH, I have : [fs] fix locking for fcntl (Ed Pollard ) [430596] My samba is on production, I'am not sure than I will recompile my samba now. No, it doesn't use fcntl locks. It's a different mechanism. It uses fcntl though : fcntl(fd, F_SETLEASE, leasetype); Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] panic action on samba 3.2
On Wed, Jul 30, 2008 at 05:29:05PM +0200, Stéphane PURNELLE wrote: Hi, during I make a some du command (du -sh), samba has been disturb and sent a panic action : Last line of smbd.log : [2008/07/30 15:36:09, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:04:43, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:13:56, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected [2008/07/30 16:34:59, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:34:59, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected Last line of smbd.log of smbd which start the panic action : [2008/07/30 16:30:13, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service fsi initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:39:08, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:39:30, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:46:58, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:22, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:47:25, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:36, 1] smbd/service.c:close_cnum(1401) ! crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:51:54, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:52:05, 0] smbd/nttrans.c:call_nt_transact_ioctl(2009) call_nt_transact_ioctl(0x9009c): Currently not implemented. [2008/07/30 16:52:17, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:28, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:29, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service profiles initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:57:36, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service fsi [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid failed with EAGAIN. uid(1179) might be ove! r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! rt_uid(1 00) Failed to set uid privileges to (-1,1179) now set to (0,0) [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): failed to set uid [2008/07/30 16:57:36, 0] lib/util.c:log_stack_trace(1770) BACKTRACE: 13 stack frames: #0 /usr/local/sbin/smbd(log_stack_trace+0x1a) [0x557d6b90] #1 /usr/local/sbin/smbd(smb_panic+0x5b) [0x557d6ca0] #2 /usr/local/sbin/smbd [0x557dc4d4] #3 /usr/local/sbin/smbd(set_effective_uid+0x74) [0x557dc817] #4 /usr/local/sbin/smbd [0x55646fd8] #5 /usr/local/sbin/smbd(set_sec_ctx+0xd8) [0x55647245] #6 /usr/local/sbin/smbd(change_to_user+0x5f0) [0x5563a3d2] #7 /usr/local/sbin/smbd [0x55656b81] #8 /usr/local/sbin/smbd [0x5565861a] #9 /usr/local/sbin/smbd(smbd_process+0xca7) [0x55659381] #10 /usr/local/sbin/smbd(main+0x1eb2) [0x559cfc77] #11 /lib64/libc.so.6(__libc_start_main+0xf4) [0x2df428a4] #12 /usr/local/sbin/smbd [0x555e57d9] [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1671) smb_pani! c(): calling panic action [/srv/bin/panic.sh fsi crdfsim] It's maybe normal. Panics are never normal. Can you add the line : panic action = /bin/sleep 9 and then catch the parent of the sleep process in gdb and get a backtrace please ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.2 breaks ppp winbind plugin
Andrew Bartlett wrote: On Tue, 2008-07-29 at 18:13 +0200, Pim Zandbergen wrote: We have a system running fedora 8 using pptpd from the poptop yum repository. See http://www.poptop.org/ pptpd/pppd use the winbind plugin from the ppp package to authenticate to Active Directory. This works just fine. Then I found the same setup would not work on a fedora 9 setup. So, this is winbind from Samba 3 (Fedora 8) failing to work with a Samba 3.2 PDC from Fedora 9? No, this is Samba 3.2 (Fedora 9) failing to work with a Windows 2003 Server PDC, where Samba 3.0 (Fedora 8) works fine. What's happening when things don't work is that the XP client comes with this error, after a successful authentication: Error 778: It was not possible to verify the identity of the server Wireshark shows that the XP client is terminating the connection immediately after a successful CHAP handshake. This almost certainly means the session key returned from the PDC to the member server (where winbind and radius are) and calculated into the MSCHAPv2 response is incorrect/missing/etc. Look for it being missing first - check with strace/gdb/etc in pppd to see what broke about the interaction with ntlm_auth. I ran ntlm_auth by hand on both systems in manual mode. Both work fine. But pppd calls ntlm_auth using a special protocol, made for pppd. I will probably have to capture this interaction and see the differences. It would help if I would understand what else is in the MSCHAPv2 response other than the authentication was successful, because it always is, and why the Windows client still is not satisfied. Pim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba disregarding lock of files
Hello all, I'm having a very strange problem with Samba. I have a PC running the samba server and a PC running the client. On both PC's I am running the same application where I want some file access to be blocked if any of the applications is using it. Good idea right? I'm using fcntl to set and get the lock status of the files as is well documented in a gazzilion pages about locking files. The files are locked for writing and reading. The strange part is that when I run two instances of the application on the same PC, the files get locked and the applications can get the lock status of the files, but when I run the applications through samba, the locks simply seem to be disregarded. The file is opened (as if it wasn't locked), and I can edit it, but when I try to close the file... only then I get a message telling me that the file is locked! I'm running both applications on Linux. The samba server is running with oplocks = no (so no file caching SHOULD be happening) and locking=yes. I actually have no idea of what is going on! Any insight? cheers André -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.2 breaks ppp winbind plugin
On Wed, Jul 30, 2008 at 06:55:15PM +0200, Pim Zandbergen wrote: I ran ntlm_auth by hand on both systems in manual mode. Both work fine. But pppd calls ntlm_auth using a special protocol, made for pppd. I will probably have to capture this interaction and see the differences. Can you do this and post the working and non-working responses, so we can track down what isn't working please ? Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move_driver_to_download_area: Unable to rename samba3.2
Just a information : The running kernel is (output of uname ) : 2.6.18-53.el5.xfs #2 SMP Wed Jan 16 16:07:41 CET 2008 x86_64 x86_64 x86_64 GNU/Linux Surprise : is a 64bits system ;-) Best regards , Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Jeremy Allison [EMAIL PROTECTED] a écrit sur 30/07/2008 17:50:40 : On Wed, Jul 30, 2008 at 05:45:46PM +0200, Stéphane PURNELLE wrote: Is kernel oplock use locking for fcntl ? Because is kernel change log from RH, I have : [fs] fix locking for fcntl (Ed Pollard ) [430596] My samba is on production, I'am not sure than I will recompile my samba now. No, it doesn't use fcntl locks. It's a different mechanism. It uses fcntl though : fcntl(fd, F_SETLEASE, leasetype); Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
John H Terpstra wrote: If I understand correctly, you have done an update installation of 10.3 over the top of the 9.3 server. Correct? --- Yup Even so, there are significant changes in going from Samba 3.0.23 to 3.0.26 and later. It is always best to use the latest version of Samba. If you would like Samba 3.2.0 RPMs for OpenSUSE 10.3 please let me know. That'd be fine with me as long as they are fairly stable. This is my most heavily used server. It was running 9.3 and has been in process of being upgraded to 10.3. Only a few packages from 9.3 remain -- samba being one of them. But upgrading to highest stable, would be fine -- will make it easier when this server gets upgraded to 11.X (whenever that comes about)... As most heavily used, its last to get upgraded and problems, hopefully, get vetted on the other couple of machines (which are mostly test, devel, and backup)... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] oplocks OS X
Hello I enable oplocks on samba server and testparm send me no error. But when 2 users open the same file there is nothing like File in Use (i have seen this on a forum). All client use OS X, normally samba works fine on it. If someone have an idea Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
John H Terpstra wrote: What are the ownership and permissions settings on the /home directory? drwxr-xr-x root/root OK, this means that noone (except root) can create or delete a directory in the /home directory. Right...only 'root' is expected to be able to add new directories under 'home' right now ... Are you seriously allowing users to write to each other's home directories? read only = No --- Intent was for it to remain under user control -- that's why I use the create mask of 0750 (next) But this way group members can access each others home directories. Hmmm. I'm sure I would not like that! Can't users use file permissions to deny read access to any/all if they want? It's just that home dirs aren't administratively protected... but users are free to lock them up further... It isn't designed for a hostile environment, but a 'sharing' 'cooperative' environment. It's not exposed to the outside world...:-) Why these two parameters? What are you trying to achieve with them? create mask = 0750 inherit acls = Yes ACLs are POSIX things. You can see them using the getfacl utility. They can be set using the setfacl utility. And, they can be set through Windows client applications. Okyikes -- I thought this was some type of Win-ACL emulation feature -- where one could create an ACL list at a top level and have it apply to created files/dirs underneath it. Since this is only affecting the POSIX ACL's, it seems that's not what I want...(so deleting the inherit acls) Keep your configuration as simple as possible. Follow the examples in Samba3-ByExample. Chapters 3 or 4 should be as much as you need at your site. --- Well, I do have that book -- but I sometimes experiment with trying out the more complex features Is the online version kept up-to-date with evolving samba? That's a fun feature of samba, is that it evolves faster than paper can usually keep up! :-) The homes share is really a service that makes a user's home directory available from the Windows environment. Under OpenSUSE/SUSE Linux you could set the path like this: [homes] ... path = /home/%U/Documents ... This way the use is kept away from the dit files (.*) and his Windows files are in a safe container - so to speak. -- I don't mind the mixing... I also use CYGWIN, on Windows. I set my home dir to \home\user (I renamed Documents and Settings to Home). Documents is still a subdir under the user's Home dir on the Windows machine: \home\user\Documents\. Why do you want POSIX ACLs in your Linux file system? How are you going to back them up? POSIX ACLs are not the same as UGO (user, group, other) permissions - they are a superset that sits over the top of UGO permissions. Avoid them if you can. I don't use them yet -- no progs create them -- but it is my intent to support/allow them. My backup does dump them -- I use xfsdump/xfsrestore, which saves extended file attributes. If everyone used XFS as their backing store for samba volumes, they'd get auto-save of ACL's for free. permissions on /Share= 755, u=law, g=wheel; below /Share any dir's I don't want guest to have access to, are mode 750, (or 700)... [backups] comment = Host backup-dirs path = /backups/%m Again, add the domain specifier (@BLISS\admin). What is the purpose of the %m parameter here? It makes no sense/ write list = @admin, @%m Oh poo...yeah... meant to (never got around to it) creating groups for each machine name that accessed the Share to include userid's that were not admin's (like 'backup'); but never got around to creating a user 'backup' to do backups with -- just use an admin signin For the remaining shares, the same questions as above apply. It is best to keep your configuration simple, then add complexity only as it is proven to be necessary. --- Wellthat's how it started out -- it's just grown warts over time...:-) the setup works under the old samba 3.0.23...just haven't kept up with the times so well on this server... Please show us the output of executing on both servers: net groupmap list Null (no output) So with Samba-3.0.26 you have Windows groups. This means that: valid users = @BLISS\law Actually law isn't a group...it's a uid that I added on top of the group specifications because the group specifications were not working when I switched to the newer samba. But similar point...all the groups -- and they are groups in the unix sense: trusted, trusted_local_net_users, admin, users They are all groups in /etc/group -- I also tried adding them to /etc/samba/smbgroup... but that didn't seem to work. will not allow anyone to access the share because there is no law group under Windows. Was
Re: [Samba] oplocks OS X
2008/7/30 Aquaserver [EMAIL PROTECTED]: Hello I enable oplocks on samba server and testparm send me no error. But when 2 users open the same file there is nothing like File in Use (i have seen this on a forum). All client use OS X, normally samba works fine on it. oplocks aren't locks in the sense of you have one and I don't get access. they are a permission to cache. If an application holds an oplock on a file, that will not prevent another application opening the same file. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
BTW -- This may be a basic question -- but While I wanted to have several netbios aliases for my main server (wpad, clock, web-proxy), is there any easy way not to have the file systems exported (duplicated) under the aliases? Somewhat annoying, visually, that is, and potentially needlessly confusing to someone wondering what all the 'servers' are... Wow, did you realize 'web-proxy' has the same files exported as 'ishtar'? Uh...yeah.. ;^} -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] panic action on samba 3.2
On Wed, Jul 30, 2008 at 05:29:05PM +0200, Stéphane PURNELLE wrote: 00) Failed to set uid privileges to (-1,1179) now set to (0,0) [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): failed to set uid [2008/07/30 16:57:36, 0] Wild guess -- do you have SELinux enabled? If yes, can you try to disable it for a test if your corporate security policy allows it? Volker pgpj2rg5keGxk.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.2 breaks ppp winbind plugin
On Wed, Jul 30, 2008 at 06:55:15PM +0200, Pim Zandbergen wrote: So, this is winbind from Samba 3 (Fedora 8) failing to work with a Samba 3.2 PDC from Fedora 9? No, this is Samba 3.2 (Fedora 9) failing to work with a Windows 2003 Server PDC, where Samba 3.0 (Fedora 8) works fine. Can't this be 5616? Volker pgpNzZqAYx0xf.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
Helmut Hullen wrote: Hallo, Linda, The actual version is 3.0.31 - I had some trouble with versions below 3.0.29 (and much trouble with 3.0.23 ...) Viele Gruesse! Helmut --- Hallo Helmut! Thanks for the info...maybe my sup^h^h^hrepository is not as up-to-date as it should be. I've no problem upgrading to new ver...I could try installing the samba from SuSE11, but SuSE is bad about adding excess package dependencies. They tend to make one package dependent on the world (hyperbole)so upgrading to samba from suse11...well lets see what it says... Yup (**I feel a rant coming on...warning...sanity in question**): share/suse11/i586# rpm -Uhv --test samba-3.2.0-22.1.i586.rpm samba-client-3.2.0-22.1.i586.rpm error: Failed dependencies: liblber-2.4.so.2 is needed by samba-3.2.0-22.1.i586 libldap-2.4.so.2 is needed by samba-3.2.0-22.1.i586 libtalloc.so.1 is needed by samba-3.2.0-22.1.i586 libtalloc.so.1(TALLOC_1.2) is needed by samba-3.2.0-22.1.i586 libtdb.so.1 is needed by samba-3.2.0-22.1.i586 libtdb.so.1(TDB_1.1) is needed by samba-3.2.0-22.1.i586 libwbclient.so.0 is needed by samba-3.2.0-22.1.i586 libwbclient.so.0(WBCLIENT_0.1) is needed by samba-3.2.0-22.1.i586 liblber-2.4.so.2 is needed by samba-client-3.2.0-22.1.i586 libldap-2.4.so.2 is needed by samba-client-3.2.0-22.1.i586 libtalloc.so.1 is needed by samba-client-3.2.0-22.1.i586 libtalloc.so.1(TALLOC_1.2) is needed by samba-client-3.2.0-22.1.i586 libtdb.so.1 is needed by samba-client-3.2.0-22.1.i586 libtdb.so.1(TDB_1.1) is needed by samba-client-3.2.0-22.1.i586 libwbclient.so.0 is needed by samba-client-3.2.0-22.1.i586 libwbclient.so.0(WBCLIENT_0.1) is needed by samba-client-3.2.0-22.1.i586 They are pretty bad about handling dependencies to allow packages to be portable between releases -- no belief in changing 1 thing at a time...(poor engineering in my personal opinion)... Example: I don't use ldap (yet), so why should I care about ldap updates -- they should be packaged separately so parts I don't use won't force other packages to be updated. Windows has linux beaten hands down in this area. Unneeded functions are in NON-loaded DLL's, and if you don't use that function, you don't need the DLL. Lack of a non-used DLL won't cause a fatal load error -- but in linux, run-time linking (vs. load-time) is rarely done. Most of those I can upgrade to suse11...but when I get to liblber and libldap (the ones I DONT USE!!!)...everything complains about an update attempt: share/suse11# grp liblber *.txt filelist-i586.txt:i586/openldap2-client-2.4.9-7.1.i586.rpm: /usr/lib/liblber-2.4.so.2 filelist-i586.txt:i586/openldap2-client-2.4.9-7.1.i586.rpm: /usr/lib/liblber-2.4.so.2.0.5 (files in openldap2-client, so try to upgrade that...and get:...) hare/suse11# rpm -Uhv i586/openldap2-client-2.4.9-7.1.i586.rpm error: Failed dependencies: liblber-2.3.so.0 is needed by (installed) autofs-5.0.2-30.i586 liblber-2.3.so.0 is needed by (installed) lighttpd-1.4.17-11.i586 liblber-2.3.so.0 is needed by (installed) dhcp-server-3.0.6-24.i586 liblber-2.3.so.0 is needed by (installed) ldapcpplib-0.0.4-96.i586 liblber-2.3.so.0 is needed by (installed) libsmbclient-3.0.26a-3.i586 liblber-2.3.so.0 is needed by (installed) pwdutils-3.1.4-27.i586 liblber-2.3.so.0 is needed by (installed) pwlib-1.10.7-61.i586 liblber-2.3.so.0 is needed by (installed) sendmail-8.14.1-53.i586 liblber-2.3.so.0 is needed by (installed) squid-beta-3.0-351.i586 liblber-2.3.so.0 is needed by (installed) rmail-8.14.1-53.i586 liblber-2.3.so.0 is needed by (installed) dirmngr-1.0.0-19.i586 liblber-2.3.so.0 is needed by (installed) samba-client-3.0.26a-3.i586 liblber-2.3.so.0 is needed by (installed) samba-3.0.26a-3.i586 libldap-2.3.so.0 is needed by (installed) nfsidmap-0.20-21.i586 libldap-2.3.so.0 is needed by (installed) lighttpd-1.4.17-11.i586 libldap-2.3.so.0 is needed by (installed) dhcp-server-3.0.6-24.i586 libldap-2.3.so.0 is needed by (installed) ldapcpplib-0.0.4-96.i586 libldap-2.3.so.0 is needed by (installed) libsmbclient-3.0.26a-3.i586 libldap-2.3.so.0 is needed by (installed) pwdutils-3.1.4-27.i586 libldap-2.3.so.0 is needed by (installed) pwlib-1.10.7-61.i586 libldap-2.3.so.0 is needed by (installed) sendmail-8.14.1-53.i586 libldap-2.3.so.0 is needed by (installed) squid-beta-3.0-351.i586 libldap-2.3.so.0 is needed by (installed) sudo-1.6.9p2-23.i586 libldap-2.3.so.0 is needed by (installed) gpg2-2.0.4-49.i586 libldap-2.3.so.0 is needed by (installed) rmail-8.14.1-53.i586 libldap-2.3.so.0 is needed by (installed) dirmngr-1.0.0-19.i586 libldap-2.3.so.0 is needed by (installed) samba-client-3.0.26a-3.i586
[Samba] unable to map windows to unix groups
Hello. After fresh install. Samba and ldap seems to run normally ( I can join win2k workstation to linux samba pdc ). Using yast I create a system group named domadmin But I am unable to map Domain Admins to domadmin I am unable to map Domain Admins to existing ntadmin group I am unable to mofify mapping Domain Admins to domadmin group Thank you for helping. LINUX-SRV: # net groupmap add ntgroup=Domain Admins unixgroup=domadmin rid=512 type=d adding entry for group Domain Admins failed! LINUX-SRV: # LINUX-SRV: # net groupmap add ntgroup=Domain Admins unixgroup=ntadmin rid=512 type=d adding entry for group Domain Admins failed! LINUX-SRV: # LINUX-SRV: # net groupmap modify ntgroup=Domain Admins unixgroup=domadmin Can't map to an unknown group type. LINUX-SRV: # LINUX-SRV:~ # net groupmap modify ntgroup=Domain Admins unixgroup=domadmin type=d Could not update group database LINUX-SRV: # LINUX-SRV:~ net groupmap list request done: ld 0x55c881e0 msgid 1 request done: ld 0x55c881e0 msgid 2 Domain Admins (S-1-5-21-3134345319-2430187646-2919245149-512) - Domain Admins request done: ld 0x55c881e0 msgid 3 Domain Users (S-1-5-21-3134345319-2430187646-2919245149-513) - Domain Users request done: ld 0x55c881e0 msgid 4 Domain Guests (S-1-5-21-3134345319-2430187646-2919245149-514) - Domain Guests request done: ld 0x55c881e0 msgid 5 Domain Computers (S-1-5-21-3134345319-2430187646-2919245149-515) - Domain Computers request done: ld 0x55c881e0 msgid 6 Administrators (S-1-5-32-544) - Administrators request done: ld 0x55c881e0 msgid 7 Account Operators (S-1-5-32-548) - Account Operators request done: ld 0x55c881e0 msgid 8 Print Operators (S-1-5-32-550) - Print Operators request done: ld 0x55c881e0 msgid 9 Backup Operators (S-1-5-32-551) - Backup Operators request done: ld 0x55c881e0 msgid 10 Replicators (S-1-5-32-552) - Replicators request done: ld 0x55c881e0 msgid 11 Users (S-1-5-32-545) - 15000 LINUX-SRV: # LINUX-SRV: # getent group at:!:25: .. .. domadmin:x:114: root:x:0: ... .. users:x:100: +::0: request done: ld 0x618d10 msgid 1 Domain Admins:*:512:root,user_admin Domain Users:*:513: Domain Guests:*:514: Domain Computers:*:515: Administrators:*:544: Account Operators:*:548: Print Operators:*:550: Backup Operators:*:551: Replicators:*:552: request done: ld 0x618d10 msgid 2 LINUX-SRV: # LINUX-SRV: # uname -r 2.6.22.18-0.2-default LINUX-SRV: # LINUX-SRV: # rpm -qa | grep samba samba-3.2.0-24.1.123 samba-client-3.2.0-24.1.123 samba-doc-3.2.0-24.1.123 samba-krb-printing-3.2.0-24.1.123 yast2-samba-client-2.15.11-33 samba-winbind-32bit-3.0.26a-3.7 yast2-samba-server-2.15.7-57 samba-python-3.0.26a-3.7 samba-devel-3.2.0-24.1.123 kdebase3-samba-3.5.7-87.5 samba-winbind-3.2.0-24.1.123 samba-client-32bit-3.0.26a-3.7 LINUX-SRV: # LINUX-SRV:~ # rpm -qa | grep ldap openldap2-2.3.41-1.1 openldap2-client-2.3.41-2.1 perl-ldap-0.33-81 nss_ldap-257-17 pam_ldap-184-48 perl-ldap-ssl-0.33-81 nss_ldap-32bit-257-17.1 yast2-ldap-2.15.1-83 openldap2-devel-2.3.41-2.1 python-ldap-2.3.1-18 ldapcpplib-0.0.4-95 yast2-ldap-client-2.15.12-37 php5-ldap-5.2.6-0.1 openldap2-client-32bit-2.3.37-20 ldap-account-manager-2.3.0-0.pm.0 yast2-ldap-server-2.15.5-76 pam_ldap-32bit-184-49.1 ldapsmb-1.34b-110.8.123 LINUX-SRV: # net groupmap list -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem upgrading 3.0.23-3.0.26
Hallo, Linda, Du (samba) meintest am 30.07.08: The actual version is 3.0.31 - I had some trouble with versions below 3.0.29 (and much trouble with 3.0.23 ...) Thanks for the info...maybe my sup^h^h^hrepository is not as up-to-date as it should be. I've no problem upgrading to new ver...I could try installing the samba from SuSE11, but SuSE is bad about adding excess package dependencies. They tend to make one package dependent on the world (hyperbole)so upgrading to samba from suse11...well lets see what it says... Yup (**I feel a rant coming on...warning...sanity in question**): share/suse11/i586# rpm -Uhv --test samba-3.2.0-22.1.i586.rpm samba-client-3.2.0-22.1.i586.rpm ftp://ftp.gwdg.de/pub/samba/Binary_Packages/SuSE/3.0/ with subdirectories also for SuSE 10.3 But I've seen there only Samba 3.2 - nothing like Samba 3.0.31. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.2 breaks ppp winbind plugin
On Wed, 2008-07-30 at 22:21 +0200, Volker Lendecke wrote: On Wed, Jul 30, 2008 at 06:55:15PM +0200, Pim Zandbergen wrote: So, this is winbind from Samba 3 (Fedora 8) failing to work with a Samba 3.2 PDC from Fedora 9? No, this is Samba 3.2 (Fedora 9) failing to work with a Windows 2003 Server PDC, where Samba 3.0 (Fedora 8) works fine. Can't this be 5616? That (failure to decrypt the session key for the client) matches the symptoms here exactly. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba / ACL / File System Permissions Active Directory winbind
Hi Guys, I have a windows 2003 SBS handling domain logins, I also have an Ubuntu machine being used as a file server this is using winbind and is on the domain I can chown dirs etc with Active Directory users. However I have the following problem, I need to allow certain users to access some dirs and not others... for example. folder1 would need to be accessed by user1 user2 and user3 Now my understanding of this would be to add users 1,2 3 to a group say for example group1 then chown folder1 with that group? chown -R :DOMAIN\Domain Users folder1 Thats fine but then when user 1,2 or 3 access folder1 and write to the folder and there primary group is Domain Users for example it will make it unreadable for other users? I could force it to take permissions from the parent directory using sticky bit? but what if the users creates a dir and then another dir would it still take its permissions from its parent directory then? It must be fairly common to want to set a bunch of users that are not in the same primary group access to one dir that no other users can access? If any one has any ideas / feedback at all on how they have done this it would be great as im melting my brain thinking a way around this if im honest... Many Thanks Keith -- Keith Sudbury Netzen Solution Ltd Suite 5, Piccadilly House, London Rd, Bath, BA1 6PL, UK Mobile: +44 (0)7921464106 Tel: +44 (0)1225 588 588 Fax: +44 (0)1225 580 061 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA + ADS + Kerberos Problem...
Hi, I am trying to join a samba to ADS with kerberos + Winbind Everything is right, i mean, when i do the following: kinit [EMAIL PROTECTED] (Ask for the password) and OK. Then: debian:/etc/samba# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 07/30/08 16:49:17 07/31/08 02:49:21 krbtgt/[EMAIL PROTECTED] renew until 07/31/08 02:49:17 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Then: net ads join -Uadministrator%pass Is correct, the machine is joined to the AD getent passwd Show the ADS users... getent group show the ADS groups... wbinfo -t checking the trust secret via RPC calls succeeded with: smbclient //adspc/c\$ -k Connect to the adspc without password and show the directories The Big BUT is: When I connect with a M$ user with smbclient to a local share on the samba server i got: smbclient //localhost/eee/ -Uadministrator session setup failed: NT_STATUS_ACCESS_DENIED The logs show: [2008/07/30 17:01:32, 5] rpc_parse/parse_prs.c:prs_ntstatus(767) 001c status : NT_STATUS_ACCESS_DENIED [2008/07/30 17:01:32, 10] libsmb/credentials.c:creds_client_check(325) creds_client_check: credentials check OK. [2008/07/30 17:01:32, 3] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1546) winbindd_pam_auth: sam_logon returned ACCESS_DENIED. Maybe the trust account password was changed and we didn't know it. Killing connections to domain DOMAIN When i do: wbinfo -u: Show the ADS user BUT not show the DOMAIN I mean: Does not show: DOMAIN + ADS_USER only show ADS_USER The same with wbinfo -g Other think, every time i reset the machine i lost the ticket for kerberos. This is not normal. The krb5.conf: [libdefaults] default_realm = DOMAIN.CL # The following krb5.conf variables are only for MIT Kerberos. krb4_config = /etc/krb.conf krb4_realms = /etc/krb.realms kdc_timesync = 1 ccache_type = 4 forwardable = true proxiable = true default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc [realms] DOMAIN = { kdc = 191.9.200.1 admin_server = adspc default_domain = DOMAIN.CL } [domain_realm] .domain.cl = DOMAIN.CL domain.cl = DOMAIN.CL [login] krb4_convert = true krb4_get_tickets = false - * smb.conf: [global] security = ADS netbios name = debian realm = DOMAIN.CL #username map = /etc/samba/smbusers encrypt passwords = yes password server = 191.9.200.1 workgroup = DOMAIN idmap uid = 1-2 idmap gid = 1-2 ldap ssl = no log level = 20 winbind separator = + winbind enum users = yes winbind enum groups = yes winbind use default domain = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes #domain master = no * nssswitch.conf passwd: files winbind group: files winbind shadow: files hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis The /pam.d/ Files.. * common-account auth sufficient pam_winbind.so account requiredpam_unix.so * common-auth auth sufficient pam_winbind.so auth required pam_unix.so nullok_secure use_first_pass * common-password password required pam_unix.so nullok obscure min=4 max=50 md5 * common-session session requiredpam_unix.so session requiredpam_mkhomedir.so skel=/etc/skel umask=0022 Well i hope somebody can help me with this! i tried to gave all the information. THANKS!! a LOT!! Michael.- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba / ACL / File System Permissions Active Directory winbind
On Wed, Jul 30, 2008 at 11:17:10PM +0100, Keith Sudbury wrote: Hi Guys, I have a windows 2003 SBS handling domain logins, I also have an Ubuntu machine being used as a file server this is using winbind and is on the domain I can chown dirs etc with Active Directory users. However I have the following problem, I need to allow certain users to access some dirs and not others... for example. folder1 would need to be accessed by user1 user2 and user3 Now my understanding of this would be to add users 1,2 3 to a group say for example group1 then chown folder1 with that group? chown -R :DOMAIN\Domain Users folder1 Thats fine but then when user 1,2 or 3 access folder1 and write to the folder and there primary group is Domain Users for example it will make it unreadable for other users? I could force it to take permissions from the parent directory using sticky bit? but what if the users creates a dir and then another dir would it still take its permissions from its parent directory then? Use the setgid bit on the directory. This causes the group ownership of the created directory to be inherited from the owning directory, not the creating process (and also inherit the setgid bit). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Building Samba 3.2.0 on Solaris with Sun compiler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Eisner wrote: On Wed, Jul 30, 2008 at 10:23 AM, Douglas E. Engert [EMAIL PROTECTED] wrote: Solaris 10 comes with gcc in /usr/sfw/bin I know. But I was only able to get certain needed packages (looking through notes ... ) -- I could only get heimdal to build with cc, but not gcc. In any case, it's nice that samba = 3.0.x was not GNU toolchain specific, and it appears that there's no reason 3.2.0 has to be, either. Another thing to consider is that Sun does a fair amount of trumpeting about its compiler performance. I don't know what difference that tends to make as far as Samba is concerned, but if it does make a difference, it'd be nice to use the best compiler for the job (regardless of whether GCC is available on that platform, which it tends to always be, and now especially that the Sun compiler is free). - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIkPHTmb+gadEcsb4RAnbUAKCYNMzCKy4jN4rNY8ZIM8mY+jlpSwCgxY5R S46chWL3nQEtF3a+h3bHR04= =Weh7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sharing Printer Stop Working: error writing spool : NT_STATUS_ACCESS_DENIED
On Wed, Jul 30, 2008 at 7:34 PM, John Drescher [EMAIL PROTECTED] wrote: This looks like a cups problem to me. Investigate this cups error. Thank you very much. It is confirmed when I downgrade cupsys it work again. As I do not know how to troubleshoot cupsys, I keep old version of cupsys. Thanks, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Scanning Trusted Hosts - Winbindd
Even with the definition 'allow trusted domains = no' Winbindd still regularly scans the trusted domains. Why it needs to, I have no idea. But the load on Winbindd is horrendous to the point where it nearly cripples it in a scenario where the domain in question is connected to many others around the word in a corporate intranet. And then, when you do wbinfo --domain MYDOMAIN -u it will, if it is busy scanning those domains, simply time out on that request. The international links are quickish, but they can get busy. And I only want the ones in my local domain. If you remove the '--domain', it is even worse as it trys to find the users in the trusted domains which is a population of over 30,000, as well as the ones locally which are only about 1000+. I only want to ask about ones in our local, country-wide, intranet. Because it takes nearly 4 minutes to go through all those domains, and failing to resolve their names, you only have a 1 minute window to do complex things before it starts scanning again. How do I tell Winbindd to only do things local to our OWN domain? I only want to do things local to ourselves. Or, is it against the underlying SMB concepts? Thanks - Damian Pacific Engineering Systems International, 277-279 Broadway, Broadway NSW 2007 Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted here ! Views and opinions here are mine and not those of any past or present employer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Rename to open file doesn't work, why?
Am Montag, 28. Juli 2008 schrieb Jeremy Allison: On Mon, Jul 28, 2008 at 07:02:52AM +0200, Wilhelm Meier wrote: Am Montag, 28. Juli 2008 schrieb Michael Heydon: Wilhelm Meier wrote: snip On a local linux filesystem like ext2/3 one can rename a file to an existing, already open file. But this doesn't work on a cifs-mounted samba-share snip The reason this works with ext2 is that as long as you hold an open file descriptor a deleted file is still accessible (rename is essentially a delete and then a move). While it might be theoretically possible for this to work unix to unix, Windows doesn't deal with deleted files the same way (it prevents you from deleting files as long as they are open), and so it's quite possible that SMB/CIFS doesn't understand the concept of having a deleted file open. Yes, with a windows file server this is impossible. But I thought the samba unix extensions should make that possible. Otherwise samba/cifs is unusable as e.g. user-homes, since KDE tends to use this pattern. Is there any workaround at the moment? Can you log a bug with bugzilla.samba.org so I can track this. Include everything I need to reproduce (test code preferably) so I can ensure the UNIX extensions allow this. I tried some other versions of samba (triggered to the fact, that debian lenny now has feature freeze ...). I found that the problem vanished from Samba 3.0.28 on for the testprogram I posted earlier. I had not enough time to test the newer samba versions as user-homes with KDE, but I'll do that soon. Thanks ! Jeremy. -- Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.2 breaks ppp winbind plugin
On Thu, Jul 31, 2008 at 08:14:05AM +1000, Andrew Bartlett wrote: On Wed, 2008-07-30 at 22:21 +0200, Volker Lendecke wrote: On Wed, Jul 30, 2008 at 06:55:15PM +0200, Pim Zandbergen wrote: So, this is winbind from Samba 3 (Fedora 8) failing to work with a Samba 3.2 PDC from Fedora 9? No, this is Samba 3.2 (Fedora 9) failing to work with a Windows 2003 Server PDC, where Samba 3.0 (Fedora 8) works fine. Can't this be 5616? That (failure to decrypt the session key for the client) matches the symptoms here exactly. As you can see in 5616, there is a patch provided: https://bugzilla.samba.org/attachment.cgi?id=3426action=view :-) Volker pgp0eQQbpnp7P.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3436-gd01da44
The branch, v3-3-test has been updated via d01da44de77abbf724389bce924771f2975867f4 (commit) from e04da654c0db6b0fb2e2ce9754e5eba80751c14c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit d01da44de77abbf724389bce924771f2975867f4 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Jul 30 16:24:20 2008 +0200 testparm: Display warning if invalid values are used. This one came up while using csc policy = disabled instead of disable... ;-) --- Summary of changes: source/param/loadparm.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/param/loadparm.c b/source/param/loadparm.c index 0935181..6902bb0 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -7047,9 +7047,11 @@ static void lp_set_enum_parm( struct parm_struct *parm, const char *pszParmValue for (i = 0; parm-enum_list[i].name; i++) { if ( strequal(pszParmValue, parm-enum_list[i].name)) { *ptr = parm-enum_list[i].value; - break; + return; } } + DEBUG(0, (WARNING: Ignoring invalid value '%s' for parameter '%s'\n, + pszParmValue, parm-label)); } /*** -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3437-gd4594a7
The branch, v3-3-test has been updated via d4594a7a03381fb251c9f8caf4c70e1ed97674b6 (commit) from d01da44de77abbf724389bce924771f2975867f4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit d4594a7a03381fb251c9f8caf4c70e1ed97674b6 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 20:10:37 2008 +0200 netapi: fix NetLocalGroupAdd. Guenther --- Summary of changes: source/lib/netapi/localgroup.c | 17 + 1 files changed, 17 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/netapi/localgroup.c b/source/lib/netapi/localgroup.c index fe36d86..5706762 100644 --- a/source/lib/netapi/localgroup.c +++ b/source/lib/netapi/localgroup.c @@ -209,6 +209,8 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } + init_lsa_String(lsa_account_name, alias_name); + status = rpccli_samr_CreateDomAlias(pipe_cli, ctx, domain_handle, lsa_account_name, @@ -786,6 +788,13 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, return WERR_UNKNOWN_LEVEL; } + if (r-out.total_entries) { + *r-out.total_entries = 0; + } + if (r-out.entries_read) { + *r-out.entries_read = 0; + } + ZERO_STRUCT(connect_handle); ZERO_STRUCT(builtin_handle); ZERO_STRUCT(domain_handle); @@ -836,6 +845,10 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } + if (r-out.total_entries) { + *r-out.total_entries += builtin_info-info2.num_aliases; + } + status = rpccli_samr_QueryDomainInfo(pipe_cli, ctx, domain_handle, 2, @@ -845,6 +858,10 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } + if (r-out.total_entries) { + *r-out.total_entries += domain_info-info2.num_aliases; + } + status = rpccli_samr_EnumDomainAliases(pipe_cli, ctx, builtin_handle, r-in.resume_handle, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3438-g8b3149b
The branch, v3-3-test has been updated via 8b3149b4a663f59b504c1458cd7ecafe0c0e0322 (commit) from d4594a7a03381fb251c9f8caf4c70e1ed97674b6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 8b3149b4a663f59b504c1458cd7ecafe0c0e0322 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 19:12:42 2008 +0200 netapi: add netapi testsuite. Guenther --- Summary of changes: source/lib/netapi/tests/Makefile.in | 57 ++ source/lib/netapi/tests/common.c| 86 + source/lib/netapi/tests/common.h| 55 ++ source/lib/netapi/tests/netapitest.c| 92 ++ source/lib/netapi/tests/netdisplay.c| 150 source/lib/netapi/tests/netgroup.c | 286 +++ source/lib/netapi/tests/netlocalgroup.c | 226 source/lib/netapi/tests/netuser.c | 259 8 files changed, 1211 insertions(+), 0 deletions(-) create mode 100644 source/lib/netapi/tests/Makefile.in create mode 100644 source/lib/netapi/tests/common.c create mode 100644 source/lib/netapi/tests/common.h create mode 100644 source/lib/netapi/tests/netapitest.c create mode 100644 source/lib/netapi/tests/netdisplay.c create mode 100644 source/lib/netapi/tests/netgroup.c create mode 100644 source/lib/netapi/tests/netlocalgroup.c create mode 100644 source/lib/netapi/tests/netuser.c Changeset truncated at 500 lines: diff --git a/source/lib/netapi/tests/Makefile.in b/source/lib/netapi/tests/Makefile.in new file mode 100644 index 000..f13281e --- /dev/null +++ b/source/lib/netapi/tests/Makefile.in @@ -0,0 +1,57 @@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ -lnetapi -ltdb -ltalloc [EMAIL PROTECTED]@ +FLAGS=-I../ -L../../../bin @CFLAGS@ $(GTK_FLAGS) [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ @LDFLAGS@ [EMAIL PROTECTED]@ +NETAPI_LIBS=$(LIBS) $(KRB5LIBS) $(LDAP_LIBS) +CMDLINE_LIBS=$(NETAPI_LIBS) @POPTLIBS@ + +# Compile a source file. +COMPILE_CC = $(CC) -I. $(FLAGS) $(PICFLAG) -c $ -o $@ +COMPILE = $(COMPILE_CC) + +PROGS = bin/[EMAIL PROTECTED]@ + +all: $(PROGS) + +MAKEDIR = || exec false; \ + if test -d $$dir; then :; else \ + echo mkdir $$dir; \ + mkdir -p $$dir /dev/null 21 || \ + test -d $$dir || \ + mkdir $$dir || \ + exec false; fi || exec false + +BINARY_PREREQS = bin/.dummy + +bin/.dummy: + @if (: $@ || : $@) /dev/null 21; then :; else \ + dir=bin $(MAKEDIR); fi + @: $@ || : $@ # what a fancy emoticon! + +.c.o: + @if (: $@ || : $@) /dev/null 21; then rm -f $@; else \ +dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi + @echo Compiling $*.c + @$(COMPILE) exit 0;\ + echo The following command failed: 12;\ + echo $(COMPILE_CC) 12;\ + $(COMPILE_CC) /dev/null 21 + +CMDLINE_OBJ = common.o +NETAPIBUFFER_OBJ = netapibuffer.o +NETAPITEST_OBJ = netapitest.o netlocalgroup.o netuser.o netgroup.o netdisplay.o $(CMDLINE_OBJ) + +bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(NETAPITEST_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(NETAPITEST_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + +clean: + -rm -f $(PROGS) + -rm -f core */*~ *~ \ + */*.o */*/*.o */*/*/*.o + diff --git a/source/lib/netapi/tests/common.c b/source/lib/netapi/tests/common.c new file mode 100644 index 000..22175af --- /dev/null +++ b/source/lib/netapi/tests/common.c @@ -0,0 +1,86 @@ +/* + * Unix SMB/CIFS implementation. + * NetApi testsuite + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see http://www.gnu.org/licenses/. + */ + +#include stdlib.h +#include string.h +#include sys/types.h +#include inttypes.h + +#include popt.h +#include netapi.h + +#include common.h + +void popt_common_callback(poptContext con, +enum poptCallbackReason reason, +const struct poptOption *opt, +const char *arg, const void *data) +{ + struct libnetapi_ctx *ctx = NULL; + + libnetapi_getctx(ctx); + + if (reason == POPT_CALLBACK_REASON_PRE) { + } +
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3442-gff9bcd5
The branch, v3-3-test has been updated via ff9bcd57738aa04c5e18e0e21dd0e788127317c4 (commit) via c3e4c7cb5f2728a8219789aeb2344bff368713d5 (commit) via 244ad49e6a993a0e3c56c5a19d38918be9deca3b (commit) via 6c8ee639ecc789ea9052e999b6e998ac53ac521a (commit) from 8b3149b4a663f59b504c1458cd7ecafe0c0e0322 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit ff9bcd57738aa04c5e18e0e21dd0e788127317c4 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 20:12:45 2008 +0200 netapi: implement NetUserSetInfo_r() for at least level 1007. Guenther commit c3e4c7cb5f2728a8219789aeb2344bff368713d5 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 20:12:13 2008 +0200 netapi: add convert_USER_INFO_X_to_samr_user_info21 fn and use it NetUserAdd. Guenther commit 244ad49e6a993a0e3c56c5a19d38918be9deca3b Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 19:40:26 2008 +0200 re-run make idl. Guenther commit 6c8ee639ecc789ea9052e999b6e998ac53ac521a Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 19:40:13 2008 +0200 netapi: add USER_INFO_X to IDL. Guenther --- Summary of changes: source/lib/netapi/user.c | 299 +++-- source/librpc/gen_ndr/libnetapi.h | 27 +++ source/librpc/gen_ndr/ndr_libnetapi.c | 120 + source/librpc/gen_ndr/ndr_libnetapi.h |3 + source/librpc/idl/libnetapi.idl | 27 +++ 5 files changed, 426 insertions(+), 50 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/netapi/user.c b/source/lib/netapi/user.c index f896dde..fe30b14 100644 --- a/source/lib/netapi/user.c +++ b/source/lib/netapi/user.c @@ -27,9 +27,8 @@ / / -static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, - DATA_BLOB *user_session_key, - struct samr_UserInfo25 *info25) +static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, + struct samr_UserInfo21 *info21) { uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; struct samr_LogonHours zero_logon_hours; @@ -37,41 +36,41 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, uint32_t acct_flags = 0; NTTIME password_age; - ZERO_STRUCTP(info25); + ZERO_STRUCTP(info21); ZERO_STRUCT(zero_logon_hours); ZERO_STRUCT(zero_parameters); - if (info1-usri1_name) { + if (infoX-usriX_name) { fields_present |= SAMR_FIELD_FULL_NAME; } - if (info1-usri1_password) { + if (infoX-usriX_password) { fields_present |= SAMR_FIELD_PASSWORD; } - if (info1-usri1_flags) { + if (infoX-usriX_flags) { fields_present |= SAMR_FIELD_ACCT_FLAGS; } - if (info1-usri1_name) { + if (infoX-usriX_name) { fields_present |= SAMR_FIELD_FULL_NAME; } - if (info1-usri1_home_dir) { + if (infoX-usriX_home_dir) { fields_present |= SAMR_FIELD_HOME_DIRECTORY; } - if (info1-usri1_script_path) { + if (infoX-usriX_script_path) { fields_present |= SAMR_FIELD_LOGON_SCRIPT; } - if (info1-usri1_comment) { + if (infoX-usriX_comment) { fields_present |= SAMR_FIELD_DESCRIPTION; } - if (info1-usri1_password_age) { + if (infoX-usriX_password_age) { fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; } - acct_flags |= info1-usri1_flags | ACB_NORMAL; + acct_flags |= infoX-usriX_flags | ACB_NORMAL; - unix_to_nt_time_abs(password_age, info1-usri1_password_age); + unix_to_nt_time_abs(password_age, infoX-usriX_password_age); - /* TODO: info1-usri1_priv */ - init_samr_user_info21(info25-info, + /* TODO: infoX-usriX_priv */ + init_samr_user_info21(info21, 0, 0, 0, @@ -79,12 +78,12 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, 0, password_age, NULL, - info1-usri1_name, - info1-usri1_home_dir, + infoX-usriX_name, + infoX-usriX_home_dir, NULL, -
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3444-g9710619
The branch, v3-3-test has been updated via 97106199f1a2add886a14523aa7b402667d2cd89 (commit) via 87b6aac13598a2ac28054de5ab90d63bef65f1fe (commit) from ff9bcd57738aa04c5e18e0e21dd0e788127317c4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 97106199f1a2add886a14523aa7b402667d2cd89 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 20:43:14 2008 +0200 netapi: use init_samr_CryptPasswordEx and init_samr_CryptPassword. Guenther commit 87b6aac13598a2ac28054de5ab90d63bef65f1fe Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 20:42:55 2008 +0200 rpc_client: add init_samr_CryptPasswordEx and init_samr_CryptPassword. Guenther --- Summary of changes: source/include/proto.h|6 + source/lib/netapi/user.c | 34 -- source/rpc_client/init_samr.c | 46 + 3 files changed, 61 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/proto.h b/source/include/proto.h index bf3adb5..7e70f3c 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -7574,6 +7574,12 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, void init_samr_user_info24(struct samr_UserInfo24 *r, uint8_t data[516], uint8_t pw_len); +void init_samr_CryptPasswordEx(const char *pwd, + DATA_BLOB *session_key, + struct samr_CryptPasswordEx *pwd_buf); +void init_samr_CryptPassword(const char *pwd, +DATA_BLOB *session_key, +struct samr_CryptPassword *pwd_buf); /* The following definitions come from rpc_client/init_srvsvc.c */ diff --git a/source/lib/netapi/user.c b/source/lib/netapi/user.c index fe30b14..e36274b 100644 --- a/source/lib/netapi/user.c +++ b/source/lib/netapi/user.c @@ -292,29 +292,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, if (uX.usriX_password) { - uchar pwbuf[532]; - struct MD5Context md5_ctx; - uint8_t confounder[16]; - DATA_BLOB confounded_session_key = data_blob(NULL, 16); - - encode_pw_buffer(pwbuf, uX.usriX_password, STR_UNICODE); - - generate_random_buffer((uint8_t *)confounder, 16); - - MD5Init(md5_ctx); - MD5Update(md5_ctx, confounder, 16); - MD5Update(md5_ctx, cli-user_session_key.data, - cli-user_session_key.length); - MD5Final(confounded_session_key.data, md5_ctx); - - SamOEMhashBlob(pwbuf, 516, confounded_session_key); - memcpy(pwbuf[516], confounder, 16); - - memcpy(user_info-info25.password.data, pwbuf, sizeof(pwbuf)); - data_blob_free(confounded_session_key); - user_info-info25.info = info21; + init_samr_CryptPasswordEx(uX.usriX_password, + cli-user_session_key, + user_info-info25.password); + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, user_handle, 25, @@ -324,10 +307,9 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, user_info-info23.info = info21; - encode_pw_buffer(user_info-info23.password.data, -uX.usriX_password, STR_UNICODE); - SamOEMhashBlob(user_info-info23.password.data, 516, - cli-user_session_key); + init_samr_CryptPassword(uX.usriX_password, + cli-user_session_key, + user_info-info23.password); status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, user_handle, @@ -335,7 +317,9 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, user_info); } } else { + user_info-info21 = info21; + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, user_handle, 21, diff --git a/source/rpc_client/init_samr.c b/source/rpc_client/init_samr.c index c5d7dcd..2e75753 100644 --- a/source/rpc_client/init_samr.c +++ b/source/rpc_client/init_samr.c @@ -460,3 +460,49 @@ void init_samr_user_info24(struct samr_UserInfo24 *r, memcpy(r-password.data, data,
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3450-gec2a56b
The branch, v3-3-test has been updated via ec2a56b5e726400f171d641587cbd0a4b99beec0 (commit) via 49ea8984e95618ff8dc8f1d5d757aec997899fd7 (commit) via 52218506d6ad51c4f340206d035f79272ba15e3b (commit) via 80957bc1bc1462a2478b3eea64f5cb7a84d08677 (commit) via c4131c995d8b36c01b68160e0277b7c3610e9619 (commit) via 25522f0de081e819d661728f7f6767037e514094 (commit) from 97106199f1a2add886a14523aa7b402667d2cd89 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit ec2a56b5e726400f171d641587cbd0a4b99beec0 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:36:50 2008 +0200 re-run make idl. Guenther commit 49ea8984e95618ff8dc8f1d5d757aec997899fd7 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:36:26 2008 +0200 netapi: add some more USER_INFO structs to IDL. Guenther commit 52218506d6ad51c4f340206d035f79272ba15e3b Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:35:33 2008 +0200 netapi: fix libnetapi_samr_lookup_user_map_USER_INFO. Guenther commit 80957bc1bc1462a2478b3eea64f5cb7a84d08677 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:33:08 2008 +0200 netapi: use buffer in libnetapi. Guenther commit c4131c995d8b36c01b68160e0277b7c3610e9619 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:31:17 2008 +0200 re-run make idl. Guenther commit 25522f0de081e819d661728f7f6767037e514094 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:30:36 2008 +0200 netapi: cosmetics, use buffer everywhere. Guenther --- Summary of changes: source/lib/netapi/group.c | 24 +- source/lib/netapi/libnetapi.c | 28 +- source/lib/netapi/libnetapi.h | 14 +- source/lib/netapi/localgroup.c| 10 +- source/lib/netapi/serverinfo.c|6 +- source/lib/netapi/user.c | 68 ++-- source/librpc/gen_ndr/libnetapi.h | 123 +- source/librpc/gen_ndr/ndr_libnetapi.c | 786 - source/librpc/gen_ndr/ndr_libnetapi.h | 63 +++ source/librpc/idl/libnetapi.idl | 124 +- 10 files changed, 1134 insertions(+), 112 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/netapi/group.c b/source/lib/netapi/group.c index 04ffb7c..c1c55c8 100644 --- a/source/lib/netapi/group.c +++ b/source/lib/netapi/group.c @@ -49,22 +49,22 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(domain_handle); ZERO_STRUCT(group_handle); - if (!r-in.buf) { + if (!r-in.buffer) { return WERR_INVALID_PARAM; } switch (r-in.level) { case 0: - info0 = (struct GROUP_INFO_0 *)r-in.buf; + info0 = (struct GROUP_INFO_0 *)r-in.buffer; break; case 1: - info1 = (struct GROUP_INFO_1 *)r-in.buf; + info1 = (struct GROUP_INFO_1 *)r-in.buffer; break; case 2: - info2 = (struct GROUP_INFO_2 *)r-in.buf; + info2 = (struct GROUP_INFO_2 *)r-in.buffer; break; case 3: - info3 = (struct GROUP_INFO_3 *)r-in.buf; + info3 = (struct GROUP_INFO_3 *)r-in.buffer; break; default: werr = WERR_UNKNOWN_LEVEL; @@ -478,7 +478,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, switch (r-in.level) { case 0: - g0 = (struct GROUP_INFO_0 *)r-in.buf; + g0 = (struct GROUP_INFO_0 *)r-in.buffer; init_lsa_String(info.name, g0-grpi0_name); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, group_handle, @@ -486,7 +486,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, info); break; case 1: - g1 = (struct GROUP_INFO_1 *)r-in.buf; + g1 = (struct GROUP_INFO_1 *)r-in.buffer; init_lsa_String(info.description, g1-grpi1_comment); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, group_handle, @@ -494,7 +494,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, info); break; case 2: - g2 = (struct GROUP_INFO_2 *)r-in.buf; +
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3455-g0298f7f
The branch, v3-3-test has been updated via 0298f7fe9e273a94d14b5b6ce3dbd5e6deee9ecb (commit) via d31f822b79ed5344ec3c6795d66ceefd024b7d30 (commit) via 0b4e2687ae8fb48faacceb4078d61f9fd2acea9d (commit) via 93ff6548977cb3e1c84fcb659475664de54e31b5 (commit) via 81be6207e51924a7632dfc0ec16ca3e570d417aa (commit) from ec2a56b5e726400f171d641587cbd0a4b99beec0 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 0298f7fe9e273a94d14b5b6ce3dbd5e6deee9ecb Author: Günther Deschner [EMAIL PROTECTED] Date: Sat Jul 19 00:10:58 2008 +0200 netapi: add NetGroupGetUsers example code. Guenther commit d31f822b79ed5344ec3c6795d66ceefd024b7d30 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:43:33 2008 +0200 netapi: add NetGroupGetUsers to public header. Guenther commit 0b4e2687ae8fb48faacceb4078d61f9fd2acea9d Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:40:33 2008 +0200 netapi: add NetGroupGetUsers skeleton. GUenther commit 93ff6548977cb3e1c84fcb659475664de54e31b5 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:38:17 2008 +0200 re-run make idl. Guenther commit 81be6207e51924a7632dfc0ec16ca3e570d417aa Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jul 18 23:37:31 2008 +0200 netapi: add NetGroupGetUsers to IDL. Guenther --- Summary of changes: source/lib/netapi/examples/Makefile.in |6 + .../localgroup_enum.c = group/group_getusers.c} | 48 + source/lib/netapi/group.c | 18 +++ source/lib/netapi/libnetapi.c | 55 ++ source/lib/netapi/libnetapi.h | 12 ++ source/lib/netapi/netapi.h | 38 +++ source/librpc/gen_ndr/libnetapi.h | 29 + source/librpc/gen_ndr/ndr_libnetapi.c | 113 source/librpc/gen_ndr/ndr_libnetapi.h | 25 +++-- source/librpc/idl/libnetapi.idl| 24 10 files changed, 340 insertions(+), 28 deletions(-) copy source/lib/netapi/examples/{localgroup/localgroup_enum.c = group/group_getusers.c} (70%) Changeset truncated at 500 lines: diff --git a/source/lib/netapi/examples/Makefile.in b/source/lib/netapi/examples/Makefile.in index ca387ee..e7b61a1 100644 --- a/source/lib/netapi/examples/Makefile.in +++ b/source/lib/netapi/examples/Makefile.in @@ -36,6 +36,7 @@ PROGS = bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ + bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ \ @@ -89,6 +90,7 @@ GROUPSETINFO_OBJ = group/group_setinfo.o $(CMDLINE_OBJ) GROUPGETINFO_OBJ = group/group_getinfo.o $(CMDLINE_OBJ) GROUPADDUSER_OBJ = group/group_adduser.o $(CMDLINE_OBJ) GROUPDELUSER_OBJ = group/group_deluser.o $(CMDLINE_OBJ) +GROUPGETUSERS_OBJ = group/group_getusers.o $(CMDLINE_OBJ) LOCALGROUPADD_OBJ = localgroup/localgroup_add.o $(CMDLINE_OBJ) LOCALGROUPDEL_OBJ = localgroup/localgroup_del.o $(CMDLINE_OBJ) LOCALGROUPGETINFO_OBJ = localgroup/localgroup_getinfo.o $(CMDLINE_OBJ) @@ -172,6 +174,10 @@ bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(GROUPDELUSER_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(GROUPDELUSER_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) +bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(GROUPGETUSERS_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(GROUPGETUSERS_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(LOCALGROUPADD_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LOCALGROUPADD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) diff --git a/source/lib/netapi/examples/localgroup/localgroup_enum.c b/source/lib/netapi/examples/group/group_getusers.c similarity index 70% copy from source/lib/netapi/examples/localgroup/localgroup_enum.c copy to source/lib/netapi/examples/group/group_getusers.c index 6fe0cf4..55d0717 100644 --- a/source/lib/netapi/examples/localgroup/localgroup_enum.c +++ b/source/lib/netapi/examples/group/group_getusers.c @@ -1,6 +1,6 @@ /* * Unix SMB/CIFS implementation. - * NetLocalGroupEnum query + * NetGroupGetUsers query * Copyright (C) Guenther Deschner 2008 * * This program is free software; you can redistribute it and/or modify @@ -32,6 +32,7 @@ int main(int argc, const char **argv) NET_API_STATUS status; struct libnetapi_ctx *ctx = NULL; const char *hostname = NULL; + const char *groupname = NULL; uint32_t level = 0; uint8_t *buffer = NULL; uint32_t entries_read = 0; @@ -39,8 +40,8 @@ int main(int argc, const
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3456-g09fed08
The branch, v3-3-test has been updated via 09fed085bea9dae5bb8aacd986deed3d458e3574 (commit) from 0298f7fe9e273a94d14b5b6ce3dbd5e6deee9ecb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 09fed085bea9dae5bb8aacd986deed3d458e3574 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jul 30 16:59:11 2008 +0200 libwbclient: let wbcStringToSid handle the global NULL sid. Guenther --- Summary of changes: source/nsswitch/libwbclient/wbc_sid.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/libwbclient/wbc_sid.c b/source/nsswitch/libwbclient/wbc_sid.c index 09bfc3e..324a19b 100644 --- a/source/nsswitch/libwbclient/wbc_sid.c +++ b/source/nsswitch/libwbclient/wbc_sid.c @@ -123,7 +123,7 @@ wbcErr wbcStringToSid(const char *str, p = q+1; x = (uint32_t)strtol(p, q, 10); - if (x==0 || !q || *q!='-') { + if (!q || *q!='-') { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2775-gfba8506
The branch, v3-2-test has been updated via fba8506112938bf714c06da08e0e0725a7eecf3a (commit) from 3a3640a85daa1a85415c949f9c2b804b4f067dd7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit fba8506112938bf714c06da08e0e0725a7eecf3a Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jul 30 16:59:11 2008 +0200 libwbclient: let wbcStringToSid handle the global NULL sid. Guenther (cherry picked from commit 09fed085bea9dae5bb8aacd986deed3d458e3574) --- Summary of changes: source/nsswitch/libwbclient/wbc_sid.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/libwbclient/wbc_sid.c b/source/nsswitch/libwbclient/wbc_sid.c index 4bfd62c..ca5eab4 100644 --- a/source/nsswitch/libwbclient/wbc_sid.c +++ b/source/nsswitch/libwbclient/wbc_sid.c @@ -124,7 +124,7 @@ wbcErr wbcStringToSid(const char *str, p = q+1; x = (uint32_t)strtol(p, q, 10); - if (x==0 || !q || *q!='-') { + if (!q || *q!='-') { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3457-g0c1efc6
The branch, v3-3-test has been updated via 0c1efc6c89b1a51a94d10971bf0fc515416709b3 (commit) from 09fed085bea9dae5bb8aacd986deed3d458e3574 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 0c1efc6c89b1a51a94d10971bf0fc515416709b3 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Jul 29 12:08:47 2008 +0200 winbindd: handle trusted domains without sid. Guenther --- Summary of changes: source/winbindd/winbindd_ads.c | 12 ++-- source/winbindd/winbindd_cache.c |9 +++-- 2 files changed, 17 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_ads.c b/source/winbindd/winbindd_ads.c index 5e3d5d2..097fa39 100644 --- a/source/winbindd/winbindd_ads.c +++ b/source/winbindd/winbindd_ads.c @@ -1241,13 +1241,21 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, (*names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].netbios_name); (*alt_names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].dns_name); - sid_copy((*dom_sids)[ret_count], trusts.array[i].sid); + if (trusts.array[i].sid) { + sid_copy((*dom_sids)[ret_count], trusts.array[i].sid); + } else { + sid_copy((*dom_sids)[ret_count], global_sid_NULL); + } /* add to the trusted domain cache */ fstrcpy( d.name, trusts.array[i].netbios_name); fstrcpy( d.alt_name, trusts.array[i].dns_name); - sid_copy( d.sid, trusts.array[i].sid); + if (trusts.array[i].sid) { + sid_copy( d.sid, trusts.array[i].sid); + } else { + sid_copy((*dom_sids)[ret_count], global_sid_NULL); + } if ( domain-primary ) { DEBUG(10,(trusted_domains(ads): Searching diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c index 6040371..c9d857c 100644 --- a/source/winbindd/winbindd_cache.c +++ b/source/winbindd/winbindd_cache.c @@ -2072,7 +2072,9 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, for (i=0; i(*num_domains); i++) { (*names)[i] = centry_string(centry, mem_ctx); (*alt_names)[i] = centry_string(centry, mem_ctx); - centry_sid(centry, mem_ctx, (*dom_sids)[i]); + if (!centry_sid(centry, mem_ctx, (*dom_sids)[i])) { + sid_copy((*dom_sids)[i], global_sid_NULL); + } } status = centry-status; @@ -3543,8 +3545,11 @@ static bool add_wbdomain_to_tdc_array( struct winbindd_domain *new_dom, list[idx].domain_name = talloc_strdup( list, new_dom-name ); list[idx].dns_name = talloc_strdup( list, new_dom-alt_name ); - if ( !is_null_sid( new_dom-sid ) ) + if ( !is_null_sid( new_dom-sid ) ) { sid_copy( list[idx].sid, new_dom-sid ); + } else { + sid_copy(list[idx].sid, global_sid_NULL); + } if ( new_dom-domain_flags != 0x0 ) list[idx].trust_flags = new_dom-domain_flags; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2776-g4f5255d
The branch, v3-2-test has been updated via 4f5255d1e5025c4c9ebb0b1f22d800e26bcdfb7f (commit) from fba8506112938bf714c06da08e0e0725a7eecf3a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 4f5255d1e5025c4c9ebb0b1f22d800e26bcdfb7f Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Jul 29 12:08:47 2008 +0200 winbindd: handle trusted domains without sid. Guenther (cherry picked from commit 0c1efc6c89b1a51a94d10971bf0fc515416709b3) --- Summary of changes: source/winbindd/winbindd_ads.c | 12 ++-- source/winbindd/winbindd_cache.c |9 +++-- 2 files changed, 17 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_ads.c b/source/winbindd/winbindd_ads.c index 35ffe70..64b5ce7 100644 --- a/source/winbindd/winbindd_ads.c +++ b/source/winbindd/winbindd_ads.c @@ -1241,13 +1241,21 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, (*names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].netbios_name); (*alt_names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].dns_name); - sid_copy((*dom_sids)[ret_count], trusts.array[i].sid); + if (trusts.array[i].sid) { + sid_copy((*dom_sids)[ret_count], trusts.array[i].sid); + } else { + sid_copy((*dom_sids)[ret_count], global_sid_NULL); + } /* add to the trusted domain cache */ fstrcpy( d.name, trusts.array[i].netbios_name); fstrcpy( d.alt_name, trusts.array[i].dns_name); - sid_copy( d.sid, trusts.array[i].sid); + if (trusts.array[i].sid) { + sid_copy( d.sid, trusts.array[i].sid); + } else { + sid_copy((*dom_sids)[ret_count], global_sid_NULL); + } if ( domain-primary ) { DEBUG(10,(trusted_domains(ads): Searching diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c index dda8b03..3b2b9aa 100644 --- a/source/winbindd/winbindd_cache.c +++ b/source/winbindd/winbindd_cache.c @@ -2078,7 +2078,9 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, for (i=0; i(*num_domains); i++) { (*names)[i] = centry_string(centry, mem_ctx); (*alt_names)[i] = centry_string(centry, mem_ctx); - centry_sid(centry, mem_ctx, (*dom_sids)[i]); + if (!centry_sid(centry, mem_ctx, (*dom_sids)[i])) { + sid_copy((*dom_sids)[i], global_sid_NULL); + } } status = centry-status; @@ -3549,8 +3551,11 @@ static bool add_wbdomain_to_tdc_array( struct winbindd_domain *new_dom, list[idx].domain_name = talloc_strdup( list, new_dom-name ); list[idx].dns_name = talloc_strdup( list, new_dom-alt_name ); - if ( !is_null_sid( new_dom-sid ) ) + if ( !is_null_sid( new_dom-sid ) ) { sid_copy( list[idx].sid, new_dom-sid ); + } else { + sid_copy(list[idx].sid, global_sid_NULL); + } if ( new_dom-domain_flags != 0x0 ) list[idx].trust_flags = new_dom-domain_flags; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3458-g5106253
The branch, v3-3-test has been updated via 51062534fd58d7a914a6bbac2e52bb44e71363b7 (commit) from 0c1efc6c89b1a51a94d10971bf0fc515416709b3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 51062534fd58d7a914a6bbac2e52bb44e71363b7 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jul 30 17:47:40 2008 +0200 build: fix some no previous prototype warnings. Guenther --- Summary of changes: source/libnet/libnet_samsync.c |2 +- source/nsswitch/winbind_krb5_locator.c | 20 ++-- 2 files changed, 11 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libnet/libnet_samsync.c b/source/libnet/libnet_samsync.c index 4f2a8f9..daf27ff 100644 --- a/source/libnet/libnet_samsync.c +++ b/source/libnet/libnet_samsync.c @@ -22,7 +22,7 @@ #include includes.h -#include libnet/libnet_samsync.h +#include libnet/libnet.h /** * Decrypt and extract the user's passwords. diff --git a/source/nsswitch/winbind_krb5_locator.c b/source/nsswitch/winbind_krb5_locator.c index 33a68f0..990c2ca 100644 --- a/source/nsswitch/winbind_krb5_locator.c +++ b/source/nsswitch/winbind_krb5_locator.c @@ -222,8 +222,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, * @return krb5_error_code. */ -krb5_error_code smb_krb5_locator_init(krb5_context context, - void **private_data) +static krb5_error_code smb_krb5_locator_init(krb5_context context, +void **private_data) { return 0; } @@ -236,7 +236,7 @@ krb5_error_code smb_krb5_locator_init(krb5_context context, * @return void. */ -void smb_krb5_locator_close(void *private_data) +static void smb_krb5_locator_close(void *private_data) { return; } @@ -292,13 +292,13 @@ static bool ask_winbind(const char *realm, char **dcname) * @return krb5_error_code. */ -krb5_error_code smb_krb5_locator_lookup(void *private_data, - enum locate_service_type svc, - const char *realm, - int socktype, - int family, - int (*cbfunc)(void *, int, struct sockaddr *), - void *cbdata) +static krb5_error_code smb_krb5_locator_lookup(void *private_data, + enum locate_service_type svc, + const char *realm, + int socktype, + int family, + int (*cbfunc)(void *, int, struct sockaddr *), + void *cbdata) { krb5_error_code ret; struct addrinfo aihints; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3459-gfef5809
The branch, v3-3-test has been updated via fef58091408cce0d7870c86f28f78cf9400cf2b6 (commit) from 51062534fd58d7a914a6bbac2e52bb44e71363b7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit fef58091408cce0d7870c86f28f78cf9400cf2b6 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jul 30 19:03:13 2008 +0200 rpc_client: Bug 5616 - fix session keys also in rpccli_netr_LogonSamLogonEx wrapper. Guenther --- Summary of changes: source/rpc_client/cli_netlogon.c | 15 ++- 1 files changed, 6 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index e96d724..df87ed1 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -453,8 +453,6 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, union netr_Validation validation; struct netr_ChallengeResponse lm; struct netr_ChallengeResponse nt; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lmsesskey; uint32_t flags = 0; *info3 = NULL; @@ -526,15 +524,14 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, return result; } - user_session_key = validation.sam3-base.key; - lmsesskey = validation.sam3-base.LMSessKey; - - if (memcmp(zeros, user_session_key.key, 16) != 0) { - SamOEMhash(user_session_key.key, cli-dc-sess_key, 16); + if (memcmp(zeros, validation.sam3-base.key.key, 16) != 0) { + SamOEMhash(validation.sam3-base.key.key, + cli-dc-sess_key, 16); } - if (memcmp(zeros, lmsesskey.key, 8) != 0) { - SamOEMhash(lmsesskey.key, cli-dc-sess_key, 8); + if (memcmp(zeros, validation.sam3-base.LMSessKey.key, 8) != 0) { + SamOEMhash(validation.sam3-base.LMSessKey.key, + cli-dc-sess_key, 8); } *info3 = validation.sam3; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2777-g4f62fa5
The branch, v3-2-test has been updated via 4f62fa50c7d542db4a2b8976d85da590194203f0 (commit) from 4f5255d1e5025c4c9ebb0b1f22d800e26bcdfb7f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 4f62fa50c7d542db4a2b8976d85da590194203f0 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jul 30 19:03:13 2008 +0200 rpc_client: Bug 5616 - fix session keys also in rpccli_netr_LogonSamLogonEx wrapper. Guenther (cherry picked from commit fef58091408cce0d7870c86f28f78cf9400cf2b6) --- Summary of changes: source/rpc_client/cli_netlogon.c | 15 ++- 1 files changed, 6 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index 38ff41c..de45e71 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -544,8 +544,6 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, union netr_Validation validation; struct netr_ChallengeResponse lm; struct netr_ChallengeResponse nt; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lmsesskey; uint32_t flags = 0; *info3 = NULL; @@ -617,15 +615,14 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, return result; } - user_session_key = validation.sam3-base.key; - lmsesskey = validation.sam3-base.LMSessKey; - - if (memcmp(zeros, user_session_key.key, 16) != 0) { - SamOEMhash(user_session_key.key, cli-dc-sess_key, 16); + if (memcmp(zeros, validation.sam3-base.key.key, 16) != 0) { + SamOEMhash(validation.sam3-base.key.key, + cli-dc-sess_key, 16); } - if (memcmp(zeros, lmsesskey.key, 8) != 0) { - SamOEMhash(lmsesskey.key, cli-dc-sess_key, 8); + if (memcmp(zeros, validation.sam3-base.LMSessKey.key, 8) != 0) { + SamOEMhash(validation.sam3-base.LMSessKey.key, + cli-dc-sess_key, 8); } *info3 = validation.sam3; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3463-ge92faf5
The branch, v3-3-test has been updated via e92faf5996cadac480deb60a4f6232eea90b00f6 (commit) via f6411ccb4a1530034e481e1c63b6114a93317b29 (commit) via 8d75d40b9f6d22bae7430211f8a1fe99051b756c (commit) via 668ef314559df40f1b8aa0991539adcd8d35ffe3 (commit) from fef58091408cce0d7870c86f28f78cf9400cf2b6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit e92faf5996cadac480deb60a4f6232eea90b00f6 Author: Tim Prouty [EMAIL PROTECTED] Date: Wed Jul 23 20:50:21 2008 -0700 Enabled domain groups to be added to builtin groups at domain join time Previously this was done at token creation time if the Administrators and Users builtins hadn't been created yet. A major drawback to this approach is that if a customer is joined to a domain and decides they want to join a different domain, the domain groups from this new domain will not be added to the builtins. It would be ideal if these groups could be added exclusively at domain join time, but we can't rely solely on that because there are cases where winbindd must be running to allocate new gids for the builtins. In the future if there is a way to allocate gids for builtins without running winbindd, this code can be removed from create_local_nt_token. - Made create_builtin_users and create_builtin_administrators non-static so they can be called from libnet - Added a new function to libnet_join that will make a best effort to add domain administrators and domain users to BUILTIN\Administrators and BUILTIN\Users, respectively. If the builtins don't exist yet, winbindd must be running to allocate new gids, but if the builtins already exist, the domain groups will be added even if winbindd is not running. In the case of a failure the error will be logged, but the join will not be failed. - Plumbed libnet_join_add_dom_rids_to_builtins into the join post processing. commit f6411ccb4a1530034e481e1c63b6114a93317b29 Author: Tim Prouty [EMAIL PROTECTED] Date: Wed Jul 23 20:42:32 2008 -0700 Refactored the code that adds Domain Admins to BUILTIN\Administrators to use the new helper functions. - Modified create_builtin_administrators and add_builtin_administrators to take in the domain sid to reduce the number of times it needs to be looked up. - Changed create_builtin_administrators to call the new helper functions. - Changed create_local_nt_token to call the new version of create_builtin_administrators and handle the new error that can be returned. - Made it more explicit that add_builtin_administrators is only called when winbindd can't be pinged. commit 8d75d40b9f6d22bae7430211f8a1fe99051b756c Author: Tim Prouty [EMAIL PROTECTED] Date: Wed Jul 23 20:33:15 2008 -0700 Refactored the code that adds Domain Users to BUILTIN\Users to use the new helper functions. - Modified create_builtin_users to take in the domain sid to reduce the number of times it needs to be looked up. - Changed create_builtin_users to call the new helper functions. - Changed create_local_nt_token to call the new version of create_builtin_users and handle the new error that can be returned. commit 668ef314559df40f1b8aa0991539adcd8d35ffe3 Author: Tim Prouty [EMAIL PROTECTED] Date: Wed Jul 23 20:24:39 2008 -0700 Helper functions to enable domain groups to be added to builtin groups at domain join time Added two new helper functions which wrap the raw pdb alias functions so they can be more conveniently called while adding domain groups to builtin groups. --- Summary of changes: source/auth/token_util.c| 154 +++ source/include/proto.h |2 + source/libnet/libnet_join.c | 33 + 3 files changed, 146 insertions(+), 43 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/token_util.c b/source/auth/token_util.c index cd67c2a..e5b9e1b 100644 --- a/source/auth/token_util.c +++ b/source/auth/token_util.c @@ -165,7 +165,8 @@ done: /*** ***/ -static NTSTATUS add_builtin_administrators( struct nt_user_token *token ) +static NTSTATUS add_builtin_administrators(struct nt_user_token *token, + const DOM_SID *dom_sid) { DOM_SID domadm; NTSTATUS status; @@ -181,8 +182,7 @@ static NTSTATUS add_builtin_administrators( struct nt_user_token *token ) if ( IS_DC ) { sid_copy( domadm, get_global_sam_sid() ); } else { - if ( !secrets_fetch_domain_sid( lp_workgroup(), domadm ) ) - return
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3464-gca15313
The branch, v3-3-test has been updated via ca153139b1dced07c196aac93dbc9d9428d98124 (commit) from e92faf5996cadac480deb60a4f6232eea90b00f6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit ca153139b1dced07c196aac93dbc9d9428d98124 Author: Tim Prouty [EMAIL PROTECTED] Date: Wed Jul 30 09:35:13 2008 -0700 Removed redundant logging from create_builtin_users and create_builtin_administrators The Debug messages in create_builtin_users and create_builtin_users have now been encapsulated in add_sid_to_builtin. --- Summary of changes: source/auth/token_util.c | 20 1 files changed, 4 insertions(+), 16 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/token_util.c b/source/auth/token_util.c index e5b9e1b..d6cd2ea 100644 --- a/source/auth/token_util.c +++ b/source/auth/token_util.c @@ -252,7 +252,7 @@ static NTSTATUS add_sid_to_builtin(const DOM_SID *builtin_sid, } if (!NT_STATUS_IS_OK(status)) { - DEBUG(3, (add_sid_to_builtin %s could not be added to %s: + DEBUG(4, (add_sid_to_builtin %s could not be added to %s: %s\n, sid_string_dbg(dom_sid), sid_string_dbg(builtin_sid), nt_errstr(status))); } @@ -279,14 +279,9 @@ NTSTATUS create_builtin_users(const DOM_SID *dom_sid) { status = add_sid_to_builtin(global_sid_Builtin_Users, dom_users); - if ( !NT_STATUS_IS_OK(status) ) { - DEBUG(4,(create_builtin_administrators: Failed to add Domain Users to -Users\n)); - return status; - } } - return NT_STATUS_OK; + return status; } /*** @@ -313,9 +308,7 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid) { status = add_sid_to_builtin(global_sid_Builtin_Administrators, dom_admins); - if ( !NT_STATUS_IS_OK(status) ) { - DEBUG(4,(create_builtin_administrators: Failed to add Domain Admins -Administrators\n)); + if (!NT_STATUS_IS_OK(status)) { return status; } } @@ -332,14 +325,9 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid) if ( ret ) { status = add_sid_to_builtin(global_sid_Builtin_Administrators, root_sid); - if ( !NT_STATUS_IS_OK(status) ) { - DEBUG(4,(create_builtin_administrators: Failed to add root -Administrators\n)); - return status; - } } - return NT_STATUS_OK; + return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3465-g6da3379
The branch, v3-3-test has been updated via 6da33797b0549a2da7dc0fa7ee21dc5e8a6b1459 (commit) from ca153139b1dced07c196aac93dbc9d9428d98124 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 6da33797b0549a2da7dc0fa7ee21dc5e8a6b1459 Author: Jeremy Allison [EMAIL PROTECTED] Date: Wed Jul 30 15:01:33 2008 -0700 Fix duplicate gloabl warning. Jeremy. --- Summary of changes: source/rpc_server/srv_pipe_hnd.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_server/srv_pipe_hnd.c b/source/rpc_server/srv_pipe_hnd.c index bc6d180..3968d41 100644 --- a/source/rpc_server/srv_pipe_hnd.c +++ b/source/rpc_server/srv_pipe_hnd.c @@ -61,7 +61,7 @@ static struct bitmap *bmap; * system _anyway_. so that's the next step... */ -static int close_internal_rpc_pipe_hnd(struct pipes_struct *pipe); +static int close_internal_rpc_pipe_hnd(struct pipes_struct *p); / Internal Pipe iterator functions. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3466-g1db7e00
The branch, v3-3-test has been updated via 1db7e00a5400863fd5dbb81c1a4c6ea6092d0495 (commit) from 6da33797b0549a2da7dc0fa7ee21dc5e8a6b1459 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 1db7e00a5400863fd5dbb81c1a4c6ea6092d0495 Author: Jeremy Allison [EMAIL PROTECTED] Date: Wed Jul 30 16:06:30 2008 -0700 Fix uninitialized variables. Jeremy. --- Summary of changes: source/lib/netapi/cm.c |2 +- source/libads/kerberos_keytab.c |1 + 2 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/netapi/cm.c b/source/lib/netapi/cm.c index 8eaabb3..8ea31e5 100644 --- a/source/lib/netapi/cm.c +++ b/source/lib/netapi/cm.c @@ -165,7 +165,7 @@ WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, const struct ndr_syntax_id *interface, struct rpc_pipe_client **presult) { - struct rpc_pipe_client *result; + struct rpc_pipe_client *result = NULL; NTSTATUS status; if (!cli || !presult) { diff --git a/source/libads/kerberos_keytab.c b/source/libads/kerberos_keytab.c index 87b8555..77a50e4 100644 --- a/source/libads/kerberos_keytab.c +++ b/source/libads/kerberos_keytab.c @@ -276,6 +276,7 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) ret = -1; goto out; } + ZERO_STRUCT(password); password.data = password_s; password.length = strlen(password_s); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2778-g5fb17b8
The branch, v3-2-test has been updated via 5fb17b866642a9f971cce6d9f228b4d52618e42b (commit) from 4f62fa50c7d542db4a2b8976d85da590194203f0 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 5fb17b866642a9f971cce6d9f228b4d52618e42b Author: Jeremy Allison [EMAIL PROTECTED] Date: Wed Jul 30 16:22:16 2008 -0700 Fix uninitialized variable. Jeremy. --- Summary of changes: source/libads/kerberos_keytab.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libads/kerberos_keytab.c b/source/libads/kerberos_keytab.c index d0161ad..ab6d1d3 100644 --- a/source/libads/kerberos_keytab.c +++ b/source/libads/kerberos_keytab.c @@ -256,6 +256,7 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) ret = -1; goto out; } + ZERO_STRUCT(password); password.data = password_s; password.length = strlen(password_s); -- Samba Shared Repository
Build status as of Thu Jul 31 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-07-30 00:00:16.0 + +++ /home/build/master/cache/broken_results.txt 2008-07-31 00:00:41.0 + @@ -1,4 +1,4 @@ -Build status as of Wed Jul 30 00:00:02 2008 +Build status as of Thu Jul 31 00:00:02 2008 Build counts: Tree Total Broken Panic @@ -8,13 +8,13 @@ distcc 1 0 0 ldb 35 34 0 libreplace 33 12 0 -lorikeet-heimdal 27 20 0 -pidl 19 19 0 -ppp 12 0 0 -rsync35 11 0 +lorikeet-heimdal 27 21 0 +pidl 18 18 0 +ppp 11 0 0 +rsync35 12 0 samba-docs 0 0 0 samba-gtk6 6 0 -samba_3_2_test 35 21 0 +samba_3_2_test 34 20 0 samba_4_0_test 33 29 0 smb-build32 5 0 talloc 35 7 0