Re: [Samba] samba 3.3 for opensuse 10.2
At Dienstag, 29. Dezember 2009 08:23, Karolin Seeger has wisely spoken thusly: Hi Karolin, Hi Peter, On Mon, Dec 28, 2009 at 07:09:40PM +0100, peter grotz wrote: JM On Mon, Dec 28, 2009 at 5:54 AM, peter grotz peter.gr...@grotz.org wrote: I need the rpm-files of samba 3.3 or later for opensuse 10.2. The repo isn´t available any more, so can anybody help me here? JM You need 3.3 or _later_ ? It shipped with 3.4.2, so that would be JM later. Or do you specifically need 3.3? no, you´re wrong! It´s shipped wigth 3.0.23! I hav here opensuse 10.2 and it´s really 3.0.23!! you can find a lot of Samba versions for opensuse 10.2 e.g. on http://ftp.sernet.de/pub/samba/. thanks for the link. In the meantime I found it by myself, but in past I was avoiding it because these builds work somehow differently from the normal suse-rpms. But I´ll give it a try again. Thanks again, Karolin! Cheers, Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.3 for opensuse 10.2
Am 29.12.2009 11:33, schrieb peter grotz: At Dienstag, 29. Dezember 2009 08:23, Karolin Seeger has wisely spoken thusly: Hi Karolin, Hi Peter, On Mon, Dec 28, 2009 at 07:09:40PM +0100, peter grotz wrote: JM On Mon, Dec 28, 2009 at 5:54 AM, peter grotz peter.gr...@grotz.org wrote: I need the rpm-files of samba 3.3 or later for opensuse 10.2. The repo isn´t available any more, so can anybody help me here? JM You need 3.3 or _later_ ? It shipped with 3.4.2, so that would be JM later. Or do you specifically need 3.3? no, you´re wrong! It´s shipped wigth 3.0.23! I hav here opensuse 10.2 and it´s really 3.0.23!! you can find a lot of Samba versions for opensuse 10.2 e.g. on http://ftp.sernet.de/pub/samba/. thanks for the link. In the meantime I found it by myself, but in past I was avoiding it because these builds work somehow differently from the normal suse-rpms. But I´ll give it a try again. Thanks again, Karolin! Cheers, Peter you may also try recompile from source rpm taken out of the enterprise suse 9 or 10 rep , i did this last time for having recent samba versions for an old 9.3 server , it worked without problems -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem using smbldap-groupadd / net group add
Hello, I've got a problem using ldap support on my Ubuntu jaunty. Here are the versions : samba/jaunty uptodate 2:3.3.2-1ubuntu3.2 smbldap-tools/jaunty uptodate 0.9.4-1 First of all, smbldap-groupadd don't use the sambaNextRid to create a group, it compute it. Is this a normal way ? I've patch smbldap-groupadd to do this : - #$group_rid = 2*$_groupGidNumber+1001; + $group_rid=get_next_id($config{groupsdn},sambaNextRID); But that doesn't work :(( Here is the long story I can add a group using the command : sudo /usr/sbin/smbldap-groupadd -a titii Everything is fine : sambaSID in group is Ok (RID=1022) and sambaNextRID is updated in the data base (RID=1023) Now trying creating a group using the net command sudo net rpc group add titii2 -Uroot% mailto:-uroot%2...@14yupm Failed to add group 'titii2' with: Access is denied. But the group is created, and with the right rid : 1023 and sambaNextRID is updated in the data base (RID=1025). Here are the logs : [2009/12/26 15:11:25, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [ou=Groups,dc=mrg], filter = [((objectClass=sambaGroupMapping)(|(displayName=titii2)(cn=titii2)))], scope = [2] [2009/12/26 15:11:25, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2463) ldapsam_getgroup: Did not find group, filter was ((objectClass=sambaGroupMapping)(|(displayName=titii2)(cn=titii2))) [2009/12/26 15:11:25, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/12/26 15:11:25, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/12/26 15:11:25, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/12/26 15:11:25, 3] smbd/uid.c:push_conn_ctx(388) push_conn_ctx(100) : conn_ctx_stack_ndx = 0 [2009/12/26 15:11:25, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/12/26 15:11:25, 5] auth/token_util.c:debug_nt_user_token(522) NT user token: (NULL) [2009/12/26 15:11:25, 5] auth/token_util.c:debug_unix_user_token(548) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/12/26 15:11:26, 3] groupdb/mapping.c:smb_create_group(215) smb_create_group: Running the command `/usr/sbin/smbldap-groupadd -a titii2' gave 0 [2009/12/26 15:11:26, 2] lib/smbldap_util.c:smbldap_search_domain_info(277) smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=MRG2))] [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [dc=mrg], filter = [((objectClass=sambaDomain)(sambaDomainName=MRG2))], scope = [2] [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_modify(1401) smbldap_modify: dn = [sambaDomainName=mrg2,dc=mrg] [2009/12/26 15:11:26, 5] passdb/pdb_interface.c:lookup_global_sam_rid(1513) lookup_global_sam_rid: looking up RID 1025. [2009/12/26 15:11:26, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/12/26 15:11:26, 3] smbd/uid.c:push_conn_ctx(388) push_conn_ctx(100) : conn_ctx_stack_ndx = 1 [2009/12/26 15:11:26, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/12/26 15:11:26, 5] auth/token_util.c:debug_nt_user_token(522) NT user token: (NULL) [2009/12/26 15:11:26, 5] auth/token_util.c:debug_unix_user_token(548) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [dc=mrg], filter = [((sambaSID=S-1-5-21-1705536441-4107131491-2133793258-1025)(objectclass=sambaSamAccount))], scope = [2] [2009/12/26 15:11:26, 4] passdb/pdb_ldap.c:ldapsam_getsampwsid(1613) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-1705536441-4107131491-2133793258-1025] count=0 [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [ou=Groups,dc=mrg], filter = [((objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-1705536441-4107131491-2133793258-1025))], scope = [2] [2009/12/26 15:11:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2463) ldapsam_getgroup: Did not find group, filter was ((objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-1705536441-4107131491-2133793258-1025)) [2009/12/26 15:11:26, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [dc=mrg], filter = [(sambaSid=S-1-5-21-1705536441-4107131491-2133793258-1025)], scope = [2] [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_search_ext(1205) smbldap_search_ext: base = [dc=mrg], filter = [((objectClass=posixGroup)(gidNumber=0))], scope = [2] [2009/12/26 15:11:26, 5] lib/smbldap.c:smbldap_modify(1401) smbldap_modify: dn = [cn=Domain Admins,ou=Groups,dc=mrg] [2009/12/26 15:11:26, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/12/26 15:11:26, 5] rpc_parse/parse_prs.c:prs_debug(88) 00 smb_io_rpc_hdr hdr The sambaNextRID is
Re: [Samba] samba 3.3 for opensuse 10.2
Hi Robert, I think this might be a good idea but for the 10.2 would it be better to take the SLES 10? -Peter At Dienstag, 29. Dezember 2009 13:35, Robert Schetterer has wisely spoken thusly: RS Am 29.12.2009 11:33, schrieb peter grotz: At Dienstag, 29. Dezember 2009 08:23, Karolin Seeger has wisely spoken thusly: Hi Karolin, Hi Peter, On Mon, Dec 28, 2009 at 07:09:40PM +0100, peter grotz wrote: JM On Mon, Dec 28, 2009 at 5:54 AM, peter grotz peter.gr...@grotz.org wrote: I need the rpm-files of samba 3.3 or later for opensuse 10.2. The repo isn´t available any more, so can anybody help me here? JM You need 3.3 or _later_ ? It shipped with 3.4.2, so that would be JM later. Or do you specifically need 3.3? no, you´re wrong! It´s shipped wigth 3.0.23! I hav here opensuse 10.2 and it´s really 3.0.23!! you can find a lot of Samba versions for opensuse 10.2 e.g. on http://ftp.sernet.de/pub/samba/. thanks for the link. In the meantime I found it by myself, but in past I was avoiding it because these builds work somehow differently from the normal suse-rpms. But I´ll give it a try again. Thanks again, Karolin! Cheers, Peter RS you may also try recompile from source rpm taken out of the enterprise RS suse 9 or 10 rep , i did this last time for having recent samba versions RS for an old 9.3 server , it worked without problems -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4: net ads join fails (samba4 DC)
Hi, I'm running Samba 4 (latest git) as DC in my test environment. Joining Windows clients works as expected, however if I try to join a Linux box by using Samba 3 net ads join, I get this error: client # net ads join -U Administrator%password Failed to join domain: failed to set machine spn: Critical extension is unavailable As far as I can remember this used to work somewhere around alpha6/7. Is there currently any way to add Samba 3 boxes to the Samba 4 domain? Some more details: Looking at the network traffic, there's a LDAP modify request requiring some special control: object: CN=client1,CN=Computers, ... operation: replace type: dNSHostName controlType: 1.2.840.113556.1.4.1413 (LDAP_SERVER_PERMISSIVE_MODIFY_OID) criticality: True However this control is not supported in Samba4 according to the built-in LDAP server: supportedControl: + 1.2.840.113556.1.4.417 Show deleted control + 1.2.840.113556.1.4.319 Simple Paged Results Manipulation Control Extension + 1.2.840.113556.1.4.473 LDAP Server Sort Result extension RFC 2891 + 1.2.840.113556.1.4.1504 Attribute scoped query control + 1.2.840.113556.1.4.801 Security descriptor flags control + 1.2.840.113556.1.4.801 Security descriptor flags control + 1.2.840.113556.1.4.529 Extended DN control + 1.2.840.113556.1.4.417 Show deleted control + 1.2.840.113556.1.4.1339 LDAP_SERVER_DOMAIN_SCOPE_OID + 1.2.840.113556.1.4.1340 Search options control (note: some of them are duplicates: s. .417 / .801) Cheers, Marcel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba and Rsync
Hi, are the unix and samba password data bases in sync on the two servers? I.e. do the same users (name:uid) exist in /etc/passwd and do the same users exist in Samba's password database (compare output of pdbedit -L). If the answer is no, you might run into problems with just syncing the data areas. Note that rsync (unless called with --numeric-ids) tries to copy ownership of files by the owner's name. Read the section on --numeric-ids in the rsync man page for mor information. Cheers - Michael Cameron Rangeley wrote: Hi Guys I am running two RHEL boxes, each day I am rsyncing some data from my primary server to my secondary server, the secondary server will be activated in a DR situation. I am rsyncing the entire /home partition. On my primary server there are about 8 samba shares for data that the clients can access all the samba shares point to various sub-directories within /home. My issue is that on my secondary server I cant connect to the shares from a windows workstation. My smb.conf file is the same as my primary server and to test I have created a test mount in /mnt/test and I can connect to that fine. It appears that the issue is all around the fact that these directories that have been created with rsync. My rsync command is: rsync -arzgopulv --delete /home r...@192.168.9.2:/ My smbd.log file says: '/home/folder/folder/folder does not exist or permission denied when connecting to [folder] Error was Permission denied. I can see the folder in samba I have forced the user as root and I have chmodded the folder to 777. Access from the console to these files and folders works fine. Has anyone got any other ideas that I can try? Thanks Cameron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba pgpuNlQaY4a7F.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] DNS update via trusted machine account
As is known, Samba creates or updates AD DNS record only when it has joining to domain. When OS gets a new IP address via DHCP, there is no method for automatically DNS upgate with Samba. It's possible to update DNS with nsupdate-gss script, but it requests Kerberos TKEY, derived through kinit utility or pam_winbind module. In both cases, a domain admin password requests. However, Windows updates DNS using machine account. I think, if Samba exports a machine key somehow, it may be used for automatically DNS update via nsupdate-gss. Is someone knows how to export a machine key from Samba? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.3 for opensuse 10.2
Am 29.12.2009 13:47, schrieb peter grotz: Hi Robert, I think this might be a good idea but for the 10.2 would it be better to take the SLES 10? -Peter yes try first sles 10 rpm src recompile download from http://download.opensuse.org/repositories/network:/samba:/STABLE/SLE_10/src/ http://download.opensuse.org/repositories/network:/samba:/STABLE/SLE_10/src/samba-3.4.3-10.1.src.rpm do rpmbuild --rebuild samba-3.4.3-10.1.src.rpm etc you might need to download more additional libs for recompile too but after all sernet rpms should work too At Dienstag, 29. Dezember 2009 13:35, Robert Schetterer has wisely spoken thusly: RS Am 29.12.2009 11:33, schrieb peter grotz: At Dienstag, 29. Dezember 2009 08:23, Karolin Seeger has wisely spoken thusly: Hi Karolin, Hi Peter, On Mon, Dec 28, 2009 at 07:09:40PM +0100, peter grotz wrote: JM On Mon, Dec 28, 2009 at 5:54 AM, peter grotz peter.gr...@grotz.org wrote: I need the rpm-files of samba 3.3 or later for opensuse 10.2. The repo isn´t available any more, so can anybody help me here? JM You need 3.3 or _later_ ? It shipped with 3.4.2, so that would be JM later. Or do you specifically need 3.3? no, you´re wrong! It´s shipped wigth 3.0.23! I hav here opensuse 10.2 and it´s really 3.0.23!! you can find a lot of Samba versions for opensuse 10.2 e.g. on http://ftp.sernet.de/pub/samba/. thanks for the link. In the meantime I found it by myself, but in past I was avoiding it because these builds work somehow differently from the normal suse-rpms. But I´ll give it a try again. Thanks again, Karolin! Cheers, Peter RS you may also try recompile from source rpm taken out of the enterprise RS suse 9 or 10 rep , i did this last time for having recent samba versions RS for an old 9.3 server , it worked without problems -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Possible alternate solution to Trust relationship between this workstation....
All: On various occasions, some users have posted questions regarding the situation in which their Vista clients are unable to log on to their Samba PDC from their workstations, receiving the The trust relationship between this workstation and the primary domain has failed message. Ordinarily, the solution I have seen for this issue is to remove the machine from the domain and rejoin it. I just went through an instance of this very issue, but was able to solve it *without* removing the machine from the domain. I cannot promise what I did will solve the problem in every case, but here's what I did: I resynced the PDC's and Vista client's time and the troublesome Vista client to a common network time source. Once this was done, the trust failed message disappeared and all clients were able to log in. I cannot point chapter-and-verse to why this resolved the issue, and I'm not nearly familiar enough with Samba internals to assert this as absolute, but I have a rough theory. I'm speculating that a time difference between the PDC and the Vista box ultimately led to the machine password's LCT being set to a value that, when the next authentication cycle hit, actually made the PDC believe the current time (time of next authentication) to be *before *the machine account's LCT date. This seemingly impossible situation caused Samba to fail the authentication attempt, and return the trust failed message. My theory may be way off base, but perhaps it might spur some thought on the issue, or at a minimum offer a hope for an alternative solution to this problem other than the hassle of removing/rejoining the domain. My environment: Samba 3.3.4 PDC on Slackware 13; troublesome workstation Vista Ultimate, which is a wirelessly connected laptop. Warm regards all, -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DNS update via trusted machine account
Not sure if you need to export the key. If you run 'net ads dns register -P' it will use the machine account. You can put that in the script that runs when there is a network change. I'm not near a machine right now, but Debian has it in /etc/network/. Robert LeBlanc On Dec 29, 2009 7:48 AM, Александр Р. Фахрутдинов alex_m...@mail.ru wrote: As is known, Samba creates or updates AD DNS record only when it has joining to domain. When OS gets a new IP address via DHCP, there is no method for automatically DNS upgate with Samba. It's possible to update DNS with nsupdate-gss script, but it requests Kerberos TKEY, derived through kinit utility or pam_winbind module. In both cases, a domain admin password requests. However, Windows updates DNS using machine account. I think, if Samba exports a machine key somehow, it may be used for automatically DNS update via nsupdate-gss. Is someone knows how to export a machine key from Samba? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.3 for opensuse 10.2
Thanks Robert, I´ll try it! At Dienstag, 29. Dezember 2009 16:52, Robert Schetterer has wisely spoken thusly: RS Am 29.12.2009 13:47, schrieb peter grotz: Hi Robert, I think this might be a good idea but for the 10.2 would it be better to take the SLES 10? -Peter RS yes try first sles 10 rpm src recompile RS download from RS http://download.opensuse.org/repositories/network:/samba:/STABLE/SLE_10/src/ RS http://download.opensuse.org/repositories/network:/samba:/STABLE/SLE_10/src/samba-3.4.3-10.1.src.rpm RS do rpmbuild --rebuild samba-3.4.3-10.1.src.rpm etc RS you might need to download more additional libs for recompile too RS but after all sernet rpms should work too At Dienstag, 29. Dezember 2009 13:35, Robert Schetterer has wisely spoken thusly: RS Am 29.12.2009 11:33, schrieb peter grotz: At Dienstag, 29. Dezember 2009 08:23, Karolin Seeger has wisely spoken thusly: Hi Karolin, Hi Peter, On Mon, Dec 28, 2009 at 07:09:40PM +0100, peter grotz wrote: JM On Mon, Dec 28, 2009 at 5:54 AM, peter grotz peter.gr...@grotz.org wrote: I need the rpm-files of samba 3.3 or later for opensuse 10.2. The repo isn´t available any more, so can anybody help me here? JM You need 3.3 or _later_ ? It shipped with 3.4.2, so that would be JM later. Or do you specifically need 3.3? no, you´re wrong! It´s shipped wigth 3.0.23! I hav here opensuse 10.2 and it´s really 3.0.23!! you can find a lot of Samba versions for opensuse 10.2 e.g. on http://ftp.sernet.de/pub/samba/. thanks for the link. In the meantime I found it by myself, but in past I was avoiding it because these builds work somehow differently from the normal suse-rpms. But I´ll give it a try again. Thanks again, Karolin! Cheers, Peter RS you may also try recompile from source rpm taken out of the enterprise RS suse 9 or 10 rep , i did this last time for having recent samba versions RS for an old 9.3 server , it worked without problems -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DNS update via trusted machine account
I have had success with the method described at the end of the following thread. It involves adding three lines to dhclient.conf. http://www.hardforum.com/showthread.php?p=1030669171 Note that only the Forward Lookup Zone is updated; PTR records are not. However, this simple solution has been sufficient for me. Dale On 12/29/2009 10:33 AM, Robert LeBlanc wrote: Not sure if you need to export the key. If you run 'net ads dns register -P' it will use the machine account. You can put that in the script that runs when there is a network change. I'm not near a machine right now, but Debian has it in /etc/network/. Robert LeBlanc On Dec 29, 2009 7:48 AM, Александр Р. Фахрутдиновalex_m...@mail.ru wrote: As is known, Samba creates or updates AD DNS record only when it has joining to domain. When OS gets a new IP address via DHCP, there is no method for automatically DNS upgate with Samba. It's possible to update DNS with nsupdate-gss script, but it requests Kerberos TKEY, derived through kinit utility or pam_winbind module. In both cases, a domain admin password requests. However, Windows updates DNS using machine account. I think, if Samba exports a machine key somehow, it may be used for automatically DNS update via nsupdate-gss. Is someone knows how to export a machine key from Samba? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] FW: tree connect failed: NT_STATUS_BAD_NETWORK_NAME
On Tue, Dec 29, 2009 at 08:10:27AM +0100, Michael Adam wrote: [2009/12/28 22:22:08, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(0,0) gid=(0,500) [2009/12/28 22:22:08, 0] smbd/service.c:make_connection_snum(1012) '/test' does not exist or permission denied when connecting to [test] Error was Permission denied This really means that you got a permission denied on the unix level. -- Despite the unix perms that you listed in your last mail. I don't know what made it accessible after a reboot, but I guess this is about all there is to see from the samba side. Probably selinux. The reboot might finally have deactivated it. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] FW: tree connect failed: NT_STATUS_BAD_NETWORK_NAME
Volker Lendecke wrote: On Tue, Dec 29, 2009 at 08:10:27AM +0100, Michael Adam wrote: [2009/12/28 22:22:08, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(0,0) gid=(0,500) [2009/12/28 22:22:08, 0] smbd/service.c:make_connection_snum(1012) '/test' does not exist or permission denied when connecting to [test] Error was Permission denied This really means that you got a permission denied on the unix level. -- Despite the unix perms that you listed in your last mail. I don't know what made it accessible after a reboot, but I guess this is about all there is to see from the samba side. Probably selinux. The reboot might finally have deactivated it. Ok, I suspected something along these lines, but my knowledge about selinux and friends is so embrassing that I did not even want to mention the word actively myself, hoping that someone would explain this... ;-) Cheers - Michael pgp6dxQCERCaL.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] LDAP and samba
Hi, I am not sure how to configure LDAP authentication with samba. I have a windows box, which is part of Active Directory domain and does user authentication against it. I would like to use same user credentials and map them to a appropriate network drive (linux home dirs). In short, Linux user's home dir should be available on Windows box also. I looked at the smb.conf man page, but I couldn't figure out how to configure LDAP. I have following doubts: 1. I see passdb option in Standalone Server and Domain Member options. Which one should be used / what is the significance of each option? 2. Some sample configurations have specified 'ldap admin dn' and smbpasswd while configuring LDAP for samba. I am assuming it is not required for LDAP anonymous bind. Please correct me if I am wrong. Thanks, CS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP and samba
On Tue, Dec 29, 2009 at 4:47 PM, Carlos Santana neu...@gmail.com wrote: Hi, I am not sure how to configure LDAP authentication with samba. I have a windows box, which is part of Active Directory domain and does user authentication against it. I would like to use same user credentials and map them to a appropriate network drive (linux home dirs). In short, Linux user's home dir should be available on Windows box also. I looked at the smb.conf man page, but I couldn't figure out how to configure LDAP. I have following doubts: I would start at reading the following information: http://wiki.samba.org/index.php/Samba__LDAP http://samba.org/samba/docs/man/Samba-Guide/happy.html John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP and samba
Carlos Santana wrote: Hi, I am not sure how to configure LDAP authentication with samba. I have a windows box, which is part of Active Directory domain and does user authentication against it. I would like to use same user credentials and map them to a appropriate network drive (linux home dirs). In short, Linux user's home dir should be available on Windows box also. I looked at the smb.conf man page, but I couldn't figure out how to configure LDAP. I have following doubts: 1. I see passdb option in Standalone Server and Domain Member options. Which one should be used / what is the significance of each option? 2. Some sample configurations have specified 'ldap admin dn' and smbpasswd while configuring LDAP for samba. I am assuming it is not required for LDAP anonymous bind. Please correct me if I am wrong. Thanks, CS. Ideally, you'd also want your linux machine as a member of your AD domain and use Winbind for user credentials. http://samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP and samba
Ideally, you'd also want your linux machine as a member of your AD domain and use Winbind for user credentials. http://samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html Agreed. I migrated from active directory to samba only years ago for my work domain but that probably is not what the user wants. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] FW: tree connect failed: NT_STATUS_BAD_NETWORK_NAME
I did change selinux from restrictive to permissive at some point during the process, by editing the file /etc/selinux/config. I didn't know a reboot was required for this to take effect, but that could be it. Best regards, Dominic -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Michael Adam Sent: Wednesday, 30 December 2009 8:30 AM To: Volker Lendecke Cc: samba@lists.samba.org Subject: Re: [Samba] FW: tree connect failed: NT_STATUS_BAD_NETWORK_NAME Volker Lendecke wrote: On Tue, Dec 29, 2009 at 08:10:27AM +0100, Michael Adam wrote: [2009/12/28 22:22:08, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(0,0) gid=(0,500) [2009/12/28 22:22:08, 0] smbd/service.c:make_connection_snum(1012) '/test' does not exist or permission denied when connecting to [test] Error was Permission denied This really means that you got a permission denied on the unix level. -- Despite the unix perms that you listed in your last mail. I don't know what made it accessible after a reboot, but I guess this is about all there is to see from the samba side. Probably selinux. The reboot might finally have deactivated it. Ok, I suspected something along these lines, but my knowledge about selinux and friends is so embrassing that I did not even want to mention the word actively myself, hoping that someone would explain this... ;-) Cheers - Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Aks : 2 setup , 1 work ... 1 fail
Dear All I just try learn installing samba + webmin Now I have 2 box wih them. The first box is work well (workgroup mode) But he 2nd one is failed, although I copy the configuration from box#1 Here is the config [global] passwd chat debug = yes name resolve order = wins bcast hosts passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n idmap gid = 15000-2 add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u username map = /etc/samba/smbusers domain master = yes encrypt passwords = yes passwd program = /usr/bin/passwd %u passdb backend = tdbsam wins support = true netbios name = erp writeable = yes server string = %h server (Samba, Ubuntu) idmap uid = 15000-2 default = global unix password sync = yes remote announce = 192.168.0.0 workgroup = gendhis os level = 64 add user script = /usr/sbin/useradd -m %u security = user add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u delete user script = /usr/sbin/userdel -r %u log level = 3 domain logons = yes [homes] comment = Home valid users = %S read only = no browsable = no [netlogon] comment = Network Logon Service path = /hdd2/samba/netlogon admin users = Administrator valid users = %U read only = no [profile] comment = User profiles path = /hdd2/samba/profiles valid users = %U create mode = 0600 directory mode = 0700 writable = yes browsable = no [bag_umum] path = /hdd2/samba/groupfiles/bag_umum Here is the involved directory b...@erp:/hdd2$ ls -lR samba samba: total 32 drwxr-xr-x 3 root root 4096 2009-12-30 09:34 groupfiles drwxrwx--x 2 root users 16384 2009-12-29 14:36 lost+found drwxrwxr-x 2 root users 4096 2009-12-29 14:48 netlogon drwxrwxr-x 2 root users 4096 2009-12-29 14:48 profiles drwxr-xr-x 2 root root 4096 2009-12-29 14:50 users samba/groupfiles: total 4 drwxr-xr-x 2 root umum 4096 2009-12-30 09:34 bag_umum And here is taken from /etc/group umum:x:1001:umum01 And here is taken from /etc/passwd umum01:x:1001:100:Oemoem 01:/home/umum01:/bin/false And here is taken from /etc/samba/smbusers root=administrator nobody=guest nobody=smbguest nobody=pcguest And here is taken from /etc/hosts 127.0.0.1localhost 192.168.10.234erp.gendhiserp 192.168.10.234samba.gendhissamba 192.168.10.17inaxnotebook Note : inaxnotebook is test client station, XP-Pro Symptom (From the test client station): 1. Connecting to the Inaxsmb workgroup (serve by box#1): a. From mycomputer , right click and properties b. From computername tab , I change the workgroup to INAXSMB and click OK ... it poped up a welcome msg and ask me to reboot c. After reboot , Right click start button and explore d. Click on My network places -- entire Network , it shows both workgroup : +++ Inaxsmb -- served by box#1 +++ Gendhis --- served by box#2 e. Click on Inaxsmb , it shows the description of box#1 and also it's own name f. Click on box#1 description , it poped up a login window asking for username and passwd g. and after authentication , it shows all shares normaly After this test , I reboot the test client station , just to make sure clean up all connection After reboot , here is the step i made and what I got 2. Connecting to gendhis workgroup (serve by box#2) : a. From mycomputer , right click and properties b. From computername tab , I change the workgroup to GENDHIS and click OK ... it poped up a welcome msg and ask me to reboot c. After reboot , Right click start button and explore d. Click on My network places -- entire Network , it ONLY shows workgroup : +++ Gendhis --- served by box#2 Note(A) : this is diferent response I got from step 1.d e. Click on Gendhis , It poped up an error msg window that say : Gendhis is not accesible. You might not have permission to use this network resource. Contact the administrator of this server to findout if you have access permissions The network path was not found. Note(B) : this is diferent response I got from step 1.e So , Kindly please give me your enlightment ... whats wrong with my configuration. Just for reference, here is copy of box#1's smb.conf #START# [global] name resolve order = wins bcast hosts passwd chat debug = yes add group script = /usr/sbin/groupadd %g idmap gid = 15000-2 passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u domain master = yes username map = /etc/samba/smbusers passdb backend = tdbsam passwd program = /usr/bin/passwd %u wins support = true netbios name = erp_int writeable = yes server string = %h server (Samba, erp_int) idmap uid =
[Samba] Fedora 11 can't browse local LAN for file shares
I spent some time looking through some of the recent archives and didn't find exactly what I was looking for. There is a lot to look through so I quit after while. My answer maybe there but I didn't see anything that looked like it was relevant to the problem I'm having. I have samba 3.4.2 installed on a Fedora 11 system. The problem I have is the in ability to browse the local network for file shares. This is a very simple network setup, a workgroup, no PDC, AD, LDAP etc. I don't want to set one up either so I'm not open to that suggestion. All the other samba configurations work as is so should this one. The strange thing about the setup is I can go to the shares on the F11 box just fine from several other computes on my local LAN at home, but I just can't browse for local shares on other computers from just this one computer. I have iptables, ip6tables and SELinux all disabled and turned off with no luck. I used the same schema to setup the Fedora 11 box as on the others noted below. The computers on the LAN I have are one Win XP Pro SP3 laptop, Fedora 3, Fedora 8, Fedora 12 and a Buffalo Linkstation Pro NAS box, not including the problematic Fedora 11 box. The Fedora 8 box is showing as the browse master. Before that I it was the Fedora 3 box. I had problems with the Fedora 11 box not browsing the local machine shares regardless of which machine was the browse master. The error I see, when trying to browse the local network, using Nautilus, is some message about being unable to retrieve the browse list from the server if I remember right. Also not all of the machines on the LAN show up in the network listing either like they do when using any of the other boxes the same way. Anybody run across this and how do I fix it? Regards; Leland C. Scott KC8LDO -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init() via 9d5f41c... s3:ntlmssp: move some indentation in ntlmssp_sign.c via 05f7a86... s3:ntlmssp: remove unused ntlmssp_stored_response() via 7cff7d9... s3:ntlmssp: remove unused ref_count from ntlmssp_state via e78558a... s3:ntlmssp: fix whitespace in ntlmssp.h via 5541a91... s3:ntlmssp: fix spelling via 5ff127b... s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type via 8ab6279... s4:ntlmssp: fix whitespaces in ntlmssp.h from e5fbff0... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4afb211f4ff8e74965451dd89d6d85b41f5aec52 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 22:42:03 2009 +0100 s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init() metze commit 9d5f41ca010650875de8c992a55939bf530144ab Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 22:30:42 2009 +0100 s3:ntlmssp: move some indentation in ntlmssp_sign.c metze commit 05f7a86a997be45eb23ffc349f79572d570f10ab Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 22:07:19 2009 +0100 s3:ntlmssp: remove unused ntlmssp_stored_response() metze commit 7cff7d937e067642f76a1785696653ec07a5495c Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 22:00:08 2009 +0100 s3:ntlmssp: remove unused ref_count from ntlmssp_state metze commit e78558a45b5f149603ac97139f1a1e421833969f Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 21:55:50 2009 +0100 s3:ntlmssp: fix whitespace in ntlmssp.h metze commit 5541a91dfffa9b615e22bd06b2e0848e484a0fa2 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 21:52:42 2009 +0100 s3:ntlmssp: fix spelling metze commit 5ff127b64102d4d240fafcb92de44e1aaf994a82 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 21:51:11 2009 +0100 s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type metze commit 8ab62799edc0f445350de73f0e8c9e2ee9ebe168 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 24 21:47:53 2009 +0100 s4:ntlmssp: fix whitespaces in ntlmssp.h metze --- Summary of changes: source3/include/ntlmssp.h | 12 ++ source3/include/proto.h|2 - source3/libsmb/ntlmssp.c | 44 +-- source3/libsmb/ntlmssp_sign.c | 44 +++ source4/auth/ntlmssp/ntlmssp.h | 32 ++-- 5 files changed, 46 insertions(+), 88 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h index 6c91250..f30b53f 100644 --- a/source3/include/ntlmssp.h +++ b/source3/include/ntlmssp.h @@ -27,7 +27,7 @@ enum ntlmssp_role }; /* NTLMSSP message types */ -enum NTLM_MESSAGE_TYPE +enum ntlmssp_message_type { NTLMSSP_INITIAL = 0 /* samba internal state */, NTLMSSP_NEGOTIATE = 1, @@ -43,7 +43,6 @@ enum NTLM_MESSAGE_TYPE struct ntlmssp_state { - unsigned int ref_count; enum ntlmssp_role role; enum server_types server_role; uint32_t expected_state; @@ -60,7 +59,7 @@ struct ntlmssp_state DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */ DATA_BLOB chal; /* Random challenge as input into the actual NTLM (or NTLM2) authentication */ - DATA_BLOB lm_resp; + DATA_BLOB lm_resp; DATA_BLOB nt_resp; DATA_BLOB session_key; @@ -72,7 +71,7 @@ struct ntlmssp_state * Callback to get the 'challenge' used for NTLM authentication. * * @param ntlmssp_state This structure -* @return 8 bytes of challnege data, determined by the server to be the challenge for NTLM authentication +* @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication * */ void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state, @@ -132,9 +131,4 @@ struct ntlmssp_state /* ntlmv1 */ struct arcfour_state ntlmv1_arc4_state; uint32_t ntlmv1_seq_num; - - /* it turns out that we don't always get the - response in at the time we want to process it. - Store it here, until we need it */ - DATA_BLOB stored_response; }; diff --git a/source3/include/proto.h b/source3/include/proto.h index f81ab91..87701bf 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3218,8 +3218,6 @@ NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state, NTSTATUS ntlmssp_set_password(struct ntlmssp_state
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 86def5d... WHATSNEW: Update changes. from 10ae5a1... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 86def5d9f2618cff4d22122e651988c9a608ba96 Author: Karolin Seeger ksee...@samba.org Date: Tue Dec 29 11:19:36 2009 +0100 WHATSNEW: Update changes. Karolin --- Summary of changes: WHATSNEW.txt |8 1 files changed, 8 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f2e9964..a7906c8 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -107,6 +107,7 @@ o Jeremy Allison j...@samba.org * Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level. * Vector correctly through reply_openerror() (which uses the same logic). +* Fix bugs with the full Windows ACL support. o Günther Deschner g...@samba.org @@ -119,11 +120,18 @@ o Jonas Gorski jonas.gorski+sa...@gmail.com * BUG 6992: make test for getgrouplist cacheable. +o Suresh Jayaraman sjayara...@suse.de +* Update mount.cifs man page with nounix option. + + o Volker Lendecke v...@samba.org * Fix _samr_GetAliasMembership for results with 0 rids. * Fix an error case in cli_negprot. * Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc. * Restore correct timeouts for SMB requests. +* Fix a 64-bit error in libsmb. +* Replace IS_DOMAIN_OFFLINE by a function in Winbind. +* Simplify/cleanup Winbind code. o Kamen Mazdrashki kamen.mazdras...@postpath.com -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-stable updated
The branch, v3-5-stable has been updated via ea7c356... WHATSNEW: Update changes. via 3b0deeb... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken() via 208a83b... s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid() via e0d2d1c... s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains) (cherry picked from commit a4def0bfd88fb9c951f87834e07791e07a966727) via c0625dc... s3: Simplify winbindd_ads.c:trusted_domains() via 633a95b... s3: Remove some unused code via 411c265... s3: Simplify winbindd_list_trusted_domains() slightly (cherry picked from commit a85067e00013254caf358e05ccba5fae7e875c49) via 9b37950... s3: Simplify setup_domain_child slightly (cherry picked from commit f85a5f0508999b5c3c586353e0decd95178a5957) via d53ad85... s3:winbind Make the normal client exit message a bit more understandable (cherry picked from commit 00b62c64f33a5fc2cd5170b31324fb0d2e1cdf7b) via f10fe61... s3: Fix a typo found by Matthias Dieter Wallnöfer m...@samba.org -- thanks :-) (cherry picked from commit f8e3fee3fe42e15fbfdbeeadd17f6ee1392687a5) via 1431e82... s3: Fix a bogus uninitialized variable warning (cherry picked from commit 2b0ffa2b9a5b95608102437d9be7ba2c4a18515d) via 7d66137... s3: Replace IS_DOMAIN_OFFLINE by a function (cherry picked from commit 826aaecc6bca06a8d978530859e2e985197811a5) via 6363ce7... s3: Fix some nonempty blank lines (cherry picked from commit b4dd801f457e142f5a412bf8af9edcfb3c0f86d4) via 615b72f... s3: winbindd_cli_state-getgrent_state is no longer used (cherry picked from commit 6b6b47c0baf014e8e97e49fd81668297682e3ac7) via 321f988... s3: getgrent_state has been replaced by grent_state (cherry picked from commit 48945cd1ebfa657ae96217200dd5a06dbe90729b) via f7b5876... s3: Remove unused delete_negative_conn_cache() (cherry picked from commit 413f458984241b28e79e7ad127f6104c76374e71) via 71e19ec... s3: Remove unused flush_negative_conn_cache() (cherry picked from commit d40510055c835d13d6e6b5f6a6e76046d67d7692) via 1274009... s3: Remove some unnecessary variables from libsmb/conn_cache.c (cherry picked from commit e599a467b1bcb1f17e9e14bb04460031973d1d4e) via d3015de... s3: Fix a comment in conn_cache.c (cherry picked from commit 1090d6745678cb21b234aa61ba7c373a786a217e) via b1f00db... s3: Fix a 64-bit error (cherry picked from commit b1effa274513b2b22313e80140601fa59e79) via 4f92f83... s3: Remove some pointless SMB_ASSERTs (cherry picked from commit 1eb6d313d358774d637471481cf4292554ec9453) via 0041781... s3: Remove some pointless casts (cherry picked from commit d3855f78be27b21d1d56bf9ceda3f2b7bbb52d73) via b882490... Attempt to fix one of the last two bugs with the full Windows ACL support. via 88a4a62... The posix acl version of set_nt_acl() could set the stat_ex struct in the fsp-fsp_name pointer incorrectly for a directory. via 806ac45... doc: update mount.cifs man page with nounix option via 81557a4... s3: wbinfo --ping-dc is not cacheable (cherry picked from commit c8733d989981315b422857e7b4be9a2035914606) via ab35ec5... s3: Remove some unused code (cherry picked from commit 1eb03d6090a80316925de996b0af72eb70f7dc44) via a680b87... s3: Remove unused sendto_child() (cherry picked from commit 791b6d37a9e07d6f009a6fa9d575c4471ecb84a3) from 621ad11... WHATSNEW: Update changes. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-stable - Log - commit ea7c3567aa3963c7c35a7de0fd4b5c08c1d8cfec Author: Karolin Seeger ksee...@samba.org Date: Tue Dec 29 11:19:36 2009 +0100 WHATSNEW: Update changes. Karolin (cherry picked from commit 86def5d9f2618cff4d22122e651988c9a608ba96) commit 3b0deeb861a6025917e6b18badff619fa9361825 Author: Volker Lendecke v...@samba.org Date: Mon Dec 28 23:35:25 2009 +0100 s3: Check for lp_winbind_trusted_domains_only in wb_gettoken() This avoids one walk of the domain list (cherry picked from commit 10ae5a1a20852a3ebd582eb051f92ee08f61c50f) commit 208a83b859f7d08174a20a810e79ed2718d00797 Author: Volker Lendecke v...@samba.org Date: Mon Dec 28 23:14:43 2009 +0100 s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid() winbindd_getgrgid was not protected by this. (cherry picked from commit 7929e7854eaf69a5893fd5f63d97ff5dff864f31) commit e0d2d1c58de4e7cde1b1d5725b7a65c675f816de Author: Volker Lendecke v...@samba.org Date: Mon Dec 28 15:51:36 2009 +0100 s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains) (cherry picked from commit a4def0bfd88fb9c951f87834e07791e07a966727) commit c0625dcc189957083c5bfc93b7848ec5db942998 Author: Volker Lendecke v...@samba.org Date: Mon Dec 28
[SCM] Samba Shared Repository - branch v3-4-test updated
The branch, v3-4-test has been updated via 29b9236... WHATSNEW: Update changes. from a5bfbad... Fix bug 7005 - mangle method = hash truncates files with dot '.' character http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 29b923666294cb615059a20ec761ae309238e789 Author: Karolin Seeger ksee...@samba.org Date: Tue Dec 29 11:53:15 2009 +0100 WHATSNEW: Update changes. Karolin --- Summary of changes: WHATSNEW.txt |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index da4f9fe..195c5e2 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -37,6 +37,8 @@ o Jeremy Allison j...@samba.org * BUG 6880: Fix listing of workgroup servers in libsmbclient. * BUG 6898: Samba duplicates file content on appending. * BUG 6939: Fix long filenames with mangling method = hash. +* BUG 7005: Fix mangle method = hash truncates files with dot . + character. o Kai Blin k...@samba.org -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8b68349... s4:auth: add auth_get_server_info_principal() prototype to auth.h via 27349a6... s4:auth: make auth_challenge_may_be_modified() public via af25fb5... s4:auth: remove autogenerated auth/ntlm/auth_proto.h from 4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8b68349442a37d987b496344133d309f8af853cb Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 11:50:46 2009 +0100 s4:auth: add auth_get_server_info_principal() prototype to auth.h metze commit 27349a68ea11493029bf0dbdf7399b70d7fe6ea4 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 11:40:09 2009 +0100 s4:auth: make auth_challenge_may_be_modified() public metze commit af25fb55c0adb8ca0b552ace607ee285023c2652 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 11:51:37 2009 +0100 s4:auth: remove autogenerated auth/ntlm/auth_proto.h metze --- Summary of changes: .gitignore |2 +- source4/auth/auth.h|7 - source4/auth/ntlm/auth.c |2 +- source4/auth/ntlm/auth_proto.h | 50 4 files changed, 8 insertions(+), 53 deletions(-) delete mode 100644 source4/auth/ntlm/auth_proto.h Changeset truncated at 500 lines: diff --git a/.gitignore b/.gitignore index e88fad0..4f93726 100644 --- a/.gitignore +++ b/.gitignore @@ -119,7 +119,7 @@ source3/samba4-data.mk source3/samba4-config.mk source3/torture.tdb source4/apidocs -source4/auth/auth_proto.h +source4/auth/ntlm/auth_proto.h source4/auth/auth_sam.h source4/auth/auth_sam_reply.h source4/auth/credentials/credentials_krb5_proto.h diff --git a/source4/auth/auth.h b/source4/auth/auth.h index 28b955a..fa2329d 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -284,9 +284,14 @@ NTSTATUS auth_check_password_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **server_info); - +bool auth_challenge_may_be_modified(struct auth_context *auth_ctx); NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by); +NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx, + struct auth_context *auth_ctx, + const char *principal, + struct auth_serversupplied_info **server_info); + NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx, struct tevent_context *event_ctx, struct messaging_context *msg_ctx, diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c index fafaf9c..d5df387 100644 --- a/source4/auth/ntlm/auth.c +++ b/source4/auth/ntlm/auth.c @@ -43,7 +43,7 @@ _PUBLIC_ NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, cons /*** Set a fixed challenge ***/ -bool auth_challenge_may_be_modified(struct auth_context *auth_ctx) +_PUBLIC_ bool auth_challenge_may_be_modified(struct auth_context *auth_ctx) { return auth_ctx-challenge.may_be_modified; } diff --git a/source4/auth/ntlm/auth_proto.h b/source4/auth/ntlm/auth_proto.h deleted file mode 100644 index 5e8c725..000 --- a/source4/auth/ntlm/auth_proto.h +++ /dev/null @@ -1,50 +0,0 @@ -#ifndef __AUTH_NTLM_AUTH_PROTO_H__ -#define __AUTH_NTLM_AUTH_PROTO_H__ - -#undef _PRINTF_ATTRIBUTE -#define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2) -/* This file was automatically generated by mkproto.pl. DO NOT EDIT */ - -/* this file contains prototypes for functions that are private - * to this subsystem or library. These functions should not be - * used outside this particular subsystem! */ - - -/* The following definitions come from auth/ntlm/auth.c */ - - -/*** - Set a fixed challenge -***/ -bool auth_challenge_may_be_modified(struct auth_context *auth_ctx) ; -const struct auth_operations *auth_backend_byname(const char *name); -const struct auth_critical_sizes *auth_interface_version(void); -NTSTATUS server_service_auth_init(void); - -/* The following definitions come from auth/ntlm/auth_util.c */ - -NTSTATUS auth_get_challenge_not_implemented(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, uint8_t chal[8]); - -/ - Create an
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fbb59b2... dsdb: Fix dependencies when building against system ldb. via 94454ad... net: Make arguments available to python commands as sys.argv. via 588b3e6... python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py. via e2c4d82... s4/net: Allow options before arguments for Python commands. via 433f58f... s4/net: Pass all arguments through to the Python commands. via e60a40e... s4/net: Add domainlevel subcommand. via 027f6ad... s4/net: Use d_printf consistently when reporting errors. via 732a763... Use CommandError exception to deal with problems during net commands. via eaf4a9a... s4/net: Make pwsettings a net subcommand. via 8c19cd2... netcmd: Add some basic tests. via 9e603dfb.. s4/net: Support parsing arguments in Python commands. via 9b1a210... net: Support usage/help of subcommands implemented in Python. via c064549... net: Support implementing subcommands in python. from 8b68349... s4:auth: add auth_get_server_info_principal() prototype to auth.h http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fbb59b2dcac1ce4d952c17d010ebf3bcfca863cd Author: Jelmer Vernooij jel...@samba.org Date: Tue Dec 29 16:08:44 2009 +0100 dsdb: Fix dependencies when building against system ldb. commit 94454ad07393e1fea0b04ede96fe95893ed2d00e Author: Jelmer Vernooij jel...@samba.org Date: Tue Dec 29 16:08:17 2009 +0100 net: Make arguments available to python commands as sys.argv. commit 588b3e61812978f73d2708ec37da30726ac8026e Author: Jelmer Vernooij jel...@samba.org Date: Tue Dec 29 16:07:54 2009 +0100 python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py. commit e2c4d8281d726716a00cfe2e3e0352777fc8b66f Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 21:07:25 2009 +0100 s4/net: Allow options before arguments for Python commands. commit 433f58f5a7490ba470dddc55e37325bb73cdba5c Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 20:37:48 2009 +0100 s4/net: Pass all arguments through to the Python commands. commit e60a40e287a1febdab98cc6cf81a80a8cb6bcfb2 Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 16:48:07 2009 +0100 s4/net: Add domainlevel subcommand. commit 027f6ada63b34b5277fa73e5ffa6e436041d9ffb Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 16:06:04 2009 +0100 s4/net: Use d_printf consistently when reporting errors. commit 732a7630e9db2578c3a46d0836aaf602e1d5c604 Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 16:05:04 2009 +0100 Use CommandError exception to deal with problems during net commands. commit eaf4a9afb24f2cc3cd1a268dda4ad37637821f9d Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 16:04:19 2009 +0100 s4/net: Make pwsettings a net subcommand. commit 8c19cd2dea470b5f4a981bfbd4b9e33c11bfde39 Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 14:17:25 2009 +0100 netcmd: Add some basic tests. commit 9e603dfb95f61a7daf2acc80c9c3120ae9ecf98e Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 13:53:18 2009 +0100 s4/net: Support parsing arguments in Python commands. commit 9b1a21031187e83de61d999b70a6d1cda7b68444 Author: Jelmer Vernooij jel...@samba.org Date: Mon Dec 28 01:21:27 2009 +0100 net: Support usage/help of subcommands implemented in Python. commit c064549e2e29b1a7e100300fa7d851451a90a6a7 Author: Jelmer Vernooij jel...@ganieda.vernstok.nl Date: Mon Dec 28 01:04:33 2009 +0100 net: Support implementing subcommands in python. --- Summary of changes: source4/auth/credentials/config.mk |2 +- source4/dsdb/config.mk |4 +- source4/dsdb/samdb/ldb_modules/config.mk | 17 +- source4/script/installmisc.sh |2 +- source4/scripting/python/modules.c | 43 +++- source4/scripting/python/modules.h |2 +- source4/scripting/python/samba/getopt.py | 14 +- source4/scripting/python/samba/netcmd/__init__.py | 128 ++ .../scripting/python/samba/netcmd/domainlevel.py | 229 ++ .../scripting/python/samba/netcmd/pwsettings.py| 190 +++ source4/scripting/python/samba/tests/netcmd.py | 34 +++ source4/selftest/tests.sh |1 + source4/setup/domainlevel | 250 source4/setup/pwsettings | 198 source4/utils/net/net.c| 154 - 15 files changed, 794 insertions(+), 474 deletions(-) create mode
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d5cbfbb... s4:ntlmssp: remove mem_ctx from check_password() callback to match s3 via f31d144... s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop via 994d34b... s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth() via 3f04b60... s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password() via 7d4692f... s4:ntlmssp_server: clear session key in ntlmssp_server_preauth() via dea4560... s4:ntlmssp: use data_blob_null in ntlmssp_server_auth() via 60b9434... s4:ntlmssp_server: remove unused variable via a8e61ac... s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer via c9b6ad2... s3:ntlmssp: change get_challange() to return NTSTATUS from fbb59b2... dsdb: Fix dependencies when building against system ldb. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d5cbfbb93a1718b3031f37a62e350a2cd7ab0bdc Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 16:14:05 2009 +0100 s4:ntlmssp: remove mem_ctx from check_password() callback to match s3 metze commit f31d144e70c632892ffc7d5177789947e821ad7e Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 16:10:57 2009 +0100 s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop metze commit 994d34b949cd68b692ca688f162652c924732e84 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 16:07:16 2009 +0100 s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth() metze commit 3f04b60fb9051f65074316b7704793759f4cbdf7 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 16:02:00 2009 +0100 s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password() metze commit 7d4692fa43fd84a8251231781fba7f3f9e46c30b Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 15:54:59 2009 +0100 s4:ntlmssp_server: clear session key in ntlmssp_server_preauth() metze commit dea456089a7838219e7819bfb04a98e03f3d0002 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 12:58:44 2009 +0100 s4:ntlmssp: use data_blob_null in ntlmssp_server_auth() metze commit 60b9434492423d463bd1a43d84b5084dce980ecb Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 13:53:44 2009 +0100 s4:ntlmssp_server: remove unused variable metze commit a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 10:44:19 2009 +0100 s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer metze commit c9b6ad25004caab854cf6301faa472bb5c890a71 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 29 11:57:28 2009 +0100 s3:ntlmssp: change get_challange() to return NTSTATUS metze --- Summary of changes: source3/auth/auth_ntlmssp.c |5 +- source3/include/ntlmssp.h |4 +- source3/libsmb/ntlmssp.c | 11 +++- source4/auth/ntlmssp/ntlmssp.h|4 +- source4/auth/ntlmssp/ntlmssp_server.c | 104 ++--- 5 files changed, 58 insertions(+), 70 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index f95a235..4243a24 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -28,13 +28,14 @@ * @return an 8 byte random challenge */ -static void auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state, - uint8_t chal[8]) +static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state, + uint8_t chal[8]) { AUTH_NTLMSSP_STATE *auth_ntlmssp_state = (AUTH_NTLMSSP_STATE *)ntlmssp_state-auth_context; auth_ntlmssp_state-auth_context-get_ntlm_challenge( auth_ntlmssp_state-auth_context, chal); + return NT_STATUS_OK; } /** diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h index f30b53f..d3de598 100644 --- a/source3/include/ntlmssp.h +++ b/source3/include/ntlmssp.h @@ -74,8 +74,8 @@ struct ntlmssp_state * @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication * */ - void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state, - uint8_t challenge[8]); + NTSTATUS (*get_challenge)(const struct ntlmssp_state *ntlmssp_state, + uint8_t challenge[8]); /** * Callback to find if the challenge used by NTLM authentication may be modified diff --git a/source3/libsmb/ntlmssp.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b0dd364... net: Add some German translation from d5cbfbb... s4:ntlmssp: remove mem_ctx from check_password() callback to match s3 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b0dd364cdde107577c74a91f3a65989e97a2c073 Author: André Hentschel n...@dawncrow.de Date: Mon Dec 28 02:58:40 2009 +0100 net: Add some German translation Signed-off-by: Kai Blin k...@samba.org --- Summary of changes: source3/locale/net/de.po | 720 +- 1 files changed, 522 insertions(+), 198 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/locale/net/de.po b/source3/locale/net/de.po index a336936..0e18172 100644 --- a/source3/locale/net/de.po +++ b/source3/locale/net/de.po @@ -1,5 +1,6 @@ # net message translation (german). # Copyright (C) 2009 Kai Blin k...@samba.org +# Copyright (C) 2009 André Hentschel n...@dawncrow.de # This file is distributed under the same license as the samba package. # #, fuzzy @@ -8,11 +9,12 @@ msgstr Project-Id-Version: @pack...@\n Report-Msgid-Bugs-To: \n POT-Creation-Date: 2009-08-11 09:01+0200\n -PO-Revision-Date: 2009-08-06 20:45+0200\n -Last-Translator: Kai Blin k...@samba.org\n +PO-Revision-Date: 2009-12-26 19:20+0100\n +Last-Translator: André Hentschel n...@dawncrow.de\n MIME-Version: 1.0\n Content-Type: text/plain; charset=UTF-8\n Content-Transfer-Encoding: 8bit\n +Language-Team: \n #: ../../utils/net.c:103 msgid Enter machine password: @@ -33,12 +35,14 @@ msgid This function will change the ADS Domain member machine account password in the secrets.tdb file!\n msgstr -#: ../../utils/net.c:150 ../../utils/net.c:228 +#: ../../utils/net.c:150 +#: ../../utils/net.c:228 #, c-format msgid Unable to open secrets.tdb. Can't fetch domain SID for name: %s\n msgstr -#: ../../utils/net.c:163 ../../utils/net.c:251 +#: ../../utils/net.c:163 +#: ../../utils/net.c:251 #, c-format msgid SID for domain %s is: %s\n msgstr @@ -88,7 +92,7 @@ msgstr #: ../../utils/net.c:317 msgid Run functions using RPC transport -msgstr +msgstr RPC Protokoll nutzen #: ../../utils/net.c:318 msgid Use 'net help rpc' to get more extensive information about 'net rpc' commands. @@ -96,7 +100,7 @@ msgstr #: ../../utils/net.c:325 msgid Run functions using RAP transport -msgstr +msgstr RAP Protokoll nutzen #: ../../utils/net.c:326 msgid Use 'net help rap' to get more extensive information about 'net rap' commands. @@ -104,7 +108,7 @@ msgstr #: ../../utils/net.c:333 msgid Run functions using ADS transport -msgstr +msgstr ADS Protokoll nutzen #: ../../utils/net.c:334 msgid Use 'net help ads' to get more extensive information about 'net ads' commands. @@ -112,7 +116,7 @@ msgstr #: ../../utils/net.c:343 msgid Functions on remote opened files -msgstr +msgstr Freigegebene Dateien verwalten #: ../../utils/net.c:344 msgid Use 'net help file' to get more information about 'net file' commands. @@ -120,7 +124,7 @@ msgstr #: ../../utils/net.c:351 msgid Functions on shares -msgstr +msgstr Freigaben verwalten #: ../../utils/net.c:352 msgid Use 'net help share' to get more information about 'net share' commands. @@ -128,15 +132,16 @@ msgstr #: ../../utils/net.c:359 msgid Manage sessions -msgstr +msgstr Sitzungen verwalten #: ../../utils/net.c:360 msgid Use 'net help session' to get more information about 'net session' commands. msgstr -#: ../../utils/net.c:367 ../../utils/net_rap.c:1291 +#: ../../utils/net.c:367 +#: ../../utils/net_rap.c:1291 msgid List servers in workgroup -msgstr +msgstr Server der Arbeitsgruppe auflisten #: ../../utils/net.c:368 msgid Use 'net help server' to get more information about 'net server' commands. @@ -144,7 +149,7 @@ msgstr #: ../../utils/net.c:375 msgid List domains/workgroups on network -msgstr +msgstr Domänen/Arbeitsgruppen im Netzwerk auflisten #: ../../utils/net.c:376 msgid Use 'net help domain' to get more information about 'net domain' commands. @@ -160,7 +165,7 @@ msgstr #: ../../utils/net.c:391 msgid Manage users -msgstr +msgstr Benutzer verwalten #: ../../utils/net.c:392 msgid Use 'net help user' to get more information about 'net user' commands. @@ -168,7 +173,7 @@ msgstr #: ../../utils/net.c:399 msgid Manage groups -msgstr +msgstr Gruppen verwalten #: ../../utils/net.c:400 msgid Use 'net help group' to get more information about 'net group' commands. @@ -176,7 +181,7 @@ msgstr #: ../../utils/net.c:407 msgid Manage group mappings -msgstr +msgstr Gruppenzuweisungen verwalten #: ../../utils/net.c:408 msgid Use 'net help groupmap' to get more information about 'net groupmap' commands. @@ -200,7 +205,7 @@ msgstr #: ../../utils/net.c:431
Build status as of Wed Dec 30 07:00:03 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-12-29 00:00:03.0 -0700 +++ /home/build/master/cache/broken_results.txt 2009-12-30 00:00:03.0 -0700 @@ -0,0 +1,22 @@ +Build status as of Wed Dec 30 07:00:03 2009 + +Build counts: +Tree Total Broken Panic +build_farm 0 0 0 +ccache 1 1 0 +distcc 0 0 0 +ldb 2 2 0 +libreplace 1 1 0 +lorikeet 0 0 0 +pidl 1 1 0 +ppp 0 0 0 +rsync16 8 0 +samba-docs 0 0 0 +samba-web0 0 0 +samba_3_current 14 14 0 +samba_3_master 24 24 4 +samba_3_next 15 15 1 +samba_4_0_test 26 26 1 +talloc 1 1 0 +tdb 1 1 0 +