Re: [Samba] windows 7 unable to join domain
On Mon, Jun 14, 2010 at 6:11 PM, t...@tms3.com wrote: SNIP I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. http://wiki.samba.org/index.php/Windows7 There's a reg file that comes with the source code. Not sure about binary packages. Cheers, SNIP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Like tms3 told u, we have to make some changes to the register before we join ms 7 to the domain, I already did and works, no issue. Another thing I see in your smb.conf: security = DOMAIN. In my little knowledge about samba, if u have a PDC it must say: security = user. Went u add a BDC it must say: security = DOMAIN. In domain security mode, the Samba server has a machine account (domain security trust account) and causes all authentication requests to be passed through to the domain controllers. The Samba server is made into a domain member server by using the following directives in smb.conf. security = domain Last thing, smbldap-tools using the base repo from Centos 5.5 depend on Samba-3.0.x, u must build your own rpm to work with samba3x. My two cents. -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
--- Original message --- Subject: Re: [Samba] windows 7 unable to join domain From: Alberto Moreno ports...@gmail.com To: samba@lists.samba.org Date: Monday, 14/06/2010 11:03 PM On Mon, Jun 14, 2010 at 6:11 PM, t...@tms3.com wrote: SNIP I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. http://wiki.samba.org/index.php/Windows7 There's a reg file that comes with the source code. Not sure about binary packages. Cheers, SNIP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Like tms3 told u, we have to make some changes to the register before we join ms 7 to the domain, I already did and works, no issue. Another thing I see in your smb.conf: security = DOMAIN. In my little knowledge about samba, if u have a PDC it must say: security = user. Went u add a BDC it must say: security = DOMAIN. I disagree on the last point. Security = user is default, so no entry necessary. For PDC I use: os level = 64 preferred master = Yes domain logons =Yes domain master = Yes For BDC I use (if on separate nodes) os level = 64 preferred master = Yes domain logons =Yes domain master = no If on same node os level = 60 preferred master = Auto domain logons =Yes domain master = no In domain security mode, the Samba server has a machine account (domain security trust account) and causes all authentication requests to be passed through to the domain controllers. The Samba server is made into a domain member server by using the following directives in smb.conf. security = domain Last thing, smbldap-tools using the base repo from Centos 5.5 depend on Samba-3.0.x, u must build your own rpm to work with samba3x. My two cents. -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] gecos?
This has always bothered me.. wtf does gecos mean (in the samba ldap)? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] gecos?
Hallo, Neil, Du meintest am 15.06.10: This has always bothered me.. wtf does gecos mean (in the samba ldap)? General Electric Computer Operating System. They invented the GECOS field in the /etc/passwd file. Long time ago. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba to update DDNS
Hello, is it possible to let samba update the DNS entries in our bind DNS server whenever a windows PC connects to the network ? Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration. From: justin joseph jus...@elinanetworks.com To: t...@tms3.com Date: Monday, 14/06/2010 6:21 AM t...@tms3.com wrote: SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? I get the below pasted response: r...@enpaqadserver.com:/etc/samba# net ads testjoin Enter enp...@enpaqadserver.com's password: [2010/06/14 18:47:09, 0] libads/kerberos.c:333(ads_kinit_password) kerberos_kinit_password enp...@enpaqadserver.com failed: Clients credentials have been revoked Join to domain is not valid: Access denied r...@enpaqadserver.com:/etc/samba# Rejoin the domain. I am unable to join the domain. I thought the service winbind had to start before one can join, is it not right? r...@enpaqadserver.com:/etc/samba# net ads join -S enpaqadserver.com -U Administrator Enter Administrator's password: [2010/06/15 13:17:14, 0] libnet/libnet_join.c:1062(libnet_join_ok) libnet_join_ok: failed to get schannel session key from server enpaqadserver.com for domain ENPAQADSERVER. Error was NT_STATUS_INVALID_COMPUTER_NAME Failed to join domain: failed to verify domain membership after joining: Invalid computer name r...@enpaqadserver.com:/etc/samba# Cheers, Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
Hi, Dňa 15. 6. 2010 3:05, delpheye wrote / napísal(a): Hi, I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I use Samba 3.4.5 on FreeBSD 7.2. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. Per some googling, I've turned off both: *- Network security:Minimum session security for NTLM SSP (including RPC based) Clients* - *Network security:Minimum session security for NTLM SSP (including RPC based) Servers* and changed *Network Security LAN Manager authentication level* to *Send LM NTLM – use NTLMv2 session security if negotiated* in the Local Security Policies. It is not needed to make these changes (I think you should change them back to origininal settings), I just added in registry: Computer\HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters\DomainCompatibilityMode = dword 1 Computer\HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters\DNSNameResolutionRequired = dword 0 and after joining domain changed Computer\HKLM\System\CurrentControlSet\services\Tcpip\Parameters\NV Domain from DOMAIN to domain.local Any ideas? My google-fu has become ineffective on this problem. I am sorry, but I really don't know where I found this :( Tomas. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [OT] Adding InetOrgPerson schema when using ldapsam:editposix module
Hi, I admit that this is OT, at least slightly. While I've successfully used the ldapsam:editposix module in conjunction with the net sam and net rpc toolchain, which provides me with both the POSIX and the Samba account info for each account stored centrally in an LDAP DIT, I would like to have the info related to an InetOrgPerson as well. What's the easiest (preferred) way of adding that schema to a number of existing LDAP accounts (there are around 25 of these accounts in my DIT)? Thanks in advance kind regards, Holger signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba to update DDNS
is it possible to let samba update the DNS entries in our bind DNS server whenever a windows PC connects to the network ? Hi, why don't you use dhcpd and bind. That would be the right way to implement dynamic DNS updates (DDNS) within you network. Christian === Dipl.-Ing. Christian Rost roCon - Informationstechnologie Glatzer Weg 4 44534 Lünen fon: +49 (0) 2306 910 658 fax: +49 (0) 2306 910 664 url: http://www.rocon-it.de Andreas Moroder andreas.moro...@sb-brixen.it wrote Subject: [Samba] samba to update DDNS Date: 15.06.2010 09:59 Hello, is it possible to let samba update the DNS entries in our bind DNS server whenever a windows PC connects to the network ? Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.6 - problems with vfs objects = recycle
Hi all, I just upgraded samba from 3.0.37 to 3.4.6 on a gentoo machine. After converting the passwd file (pdbedit -i smbpasswd -e tdbsam) I tried to login from a windows client but it didn''t work. After commenting the vfs-recycle entries in the shares definition I could successfully login. I cannot find any hint that the vfs objects in samba 3.4 has changed. Can somebody help? Thanks in advance, grassu this is the error I see in samba log: # tail -f /var/log/samba/log.ws-mo Can't find a vfs module [recycle] [2010/06/13 10:58:02, 0] smbd/vfs.c:322(smbd_vfs_init) smbd_vfs_init: vfs_init_custom failed for recycle [2010/06/13 10:58:02, 0] smbd/service.c:846(make_connection_snum) vfs_init failed for service Projekte [2010/06/13 10:58:02, 0] lib/module.c:59(do_smb_load_module) Error trying to resolve symbol 'init_samba_module' in /usr/lib/samba/vfs/recycle.so: /usr/lib/samba/vfs/recycle.so: undefined symbol: init_samba_module but recycle.so is there: # locate recycle.so /usr/lib/samba/vfs/recycle.so my smb.conf # less /etc/samba/smb.conf [global] workgroup = Server server string = PDC [Server :: Samba Server %v] printcap name = cups printing = cups cups options =raw load printers = yes log level = 1 log file = /var/log/samba/log.%m max log size = 1 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces= lo eth0 eth1 bind interfaces only = yes hosts allow = 127.0.0.1 192.168.2.0/24 hosts deny= 0.0.0.0/0 security = user encrypt passwords = yes # PDC-Eintraege ### local master = yes os level = 65 domain master = yes preferred master = yes null passwords = no hide unreadable = yes domain logons = yes logon script = %G.bat logon path = \\%L\profiles\%U logon drive = z: logon home = \\%L\%U\.9xprofile wins support = yes name resolve order = wins lmhosts hosts bcast dns proxy = no time server = yes # smb passwd file = /home/samba/smbpasswd add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u passwd program = /usr/bin/passwd %u passwd chat = *New password:* %n\r *New password (again):* %n\r \ *Password changed* dos charset = 850 unix charset = ISO8859-1 [netlogon] path = /home/samba/netlogon public = no writeable = no browseable = no [profiles] path = /home/samba/profiles browseable = yes writeable = yes default case = lower preserve case = no short preserve case = no case sensitive = no hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @staff root create mode = 0600 directory mode = 0700 guest ok = no csc policy = disable [Intern] comment = [I:] Bueroadministration path = /home/shares/Intern public = no writeable = yes browseable = yes valid users = @admin-staff write list = @admin-staff read list = @admin-staff create mask = 0660 directory mask = 0770 force group = admin-staff # vfs objects = recycle # recycle:repository=.recycle.%u # recycle:keeptree=1 # recycle:noversions=1 SNIP and the build settings: net-fs/samba-3.4.6 was built with the following: USE=acl client cups ldap netapi pam readline server smbclient syslog -addns -ads -aio -avahi -caps -cluster -debug -doc -examples -fam -ldb -quota -smbsharemodes -swat -winbind -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.6 - problems with vfs object recycle
Hi, I just upgraded samba from 3.0.37 to 3.4.6 on a gentoo machine. After converting the passwd file (pdbedit -i smbpasswd -e tdbsam) I tried to login from a windows client but it didn''t work. After commenting the vfs-recycle entries in the shares definition I can successfully login. I cannot find any hint that the vfs objects in samba 3.4 has changed compared to 3.0.x. Can somebody help? Thanks in advance, grassu this is the error I see in samba log: # tail -f /var/log/samba/log.ws-mo Can't find a vfs module [recycle] [2010/06/13 10:58:02, 0] smbd/vfs.c:322(smbd_vfs_init) smbd_vfs_init: vfs_init_custom failed for recycle [2010/06/13 10:58:02, 0] smbd/service.c:846(make_connection_snum) vfs_init failed for service Projekte [2010/06/13 10:58:02, 0] lib/module.c:59(do_smb_load_module) Error trying to resolve symbol 'init_samba_module' in /usr/lib/samba/vfs/recycle.so: /usr/lib/samba/vfs/recycle.so: undefined symbol: init_samba_module but recycle.so is there: # locate recycle.so /usr/lib/samba/vfs/recycle.so my smb.conf: # less /etc/samba/smb.conf [global] workgroup = Server server string = PDC [Server :: Samba Server %v] printcap name = cups printing = cups cups options =raw load printers = yes log level = 1 log file = /var/log/samba/log.%m max log size = 1 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces= lo eth0 eth1 bind interfaces only = yes hosts allow = 127.0.0.1 192.168... hosts deny= 0.0.0.0/0 security = user encrypt passwords = yes # PDC-Eintraege ### local master = yes os level = 65 domain master = yes preferred master = yes null passwords = no hide unreadable = yes domain logons = yes logon script = %G.bat logon path = \\%L\profiles\%U logon drive = z: logon home = \\%L\%U\.9xprofile wins support = yes name resolve order = wins lmhosts hosts bcast dns proxy = no time server = yes # smb passwd file = /home/samba/smbpasswd add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u passwd program = /usr/bin/passwd %u passwd chat = *New password:* %n\r *New password (again):* %n\r\ *Password changed* dos charset = 850 unix charset = ISO8859-1 .. [Intern] comment = [I:] Bueroadministration path = /home/shares/Intern public = no writeable = yes browseable = yes valid users = @admin-staff write list = @admin-staff read list = @admin-staff create mask = 0660 directory mask = 0770 force group = admin-staff # vfs objects = recycle # recycle:repository=.recycle.%u # recycle:keeptree=1 # recycle:noversions=1 and the build settings: net-fs/samba-3.4.6 was built with the following: USE=acl client cups ldap netapi pam readline server smbclient syslog -addns -ads -aio -avahi -caps -cluster -debug -doc -examples -fam -ldb -quota -smbsharemodes -swat -winbind -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba migration to another llinux distro
Hello I need a description how to move painlessly samba from one system to another without re-adding to the domain windows clients. Currently, I have samba Version 3.0.28a-1.fc7 on Fedora 7 and I want to move it on CentOS 5.5 As far as the server hardware remains the same. In addition to changing the system i would like to change new disks and add a new 3ware 9650SE Raid controller (samba will operate in RAID 5 ) My questions: - How to move a painless system that do not add clients to the domain again - Domain must have the same SID - Which file system will be more efficient for the samba (3TB partition), ext3, ext4, xfs? - Whether the version of samba in Centos 5.5 is compatible with windows 7 (standard centos 5.5 repos) - If I make raid volumes(3ware controller) with installed centos 5.5 on the another motherboard (gigabyte EG41MF-US2h) and configure samba and bring it along with the disks to intel server motherboard linux will start ?? Installation and configuration on the test machine will shorten the time necessary to migrate. Please help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba to update DDNS
On 15/06/2010 3:57 PM, Andreas Moroder wrote: is it possible to let samba update the DNS entries in our bind DNS server whenever a windows PC connects to the network ? Why not do it from the DHCP server? That is the normal approach. You could probably make something using the preexec settings if you really wanted to. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SID to GID group mapping
Hi All! I setup samba on SuSe Linux 9.0. The version of the samba is 3.4.1. I assign permissions to shared resource with POSIX ACLs (setfacl and getfacl commands). For, example, setfacl -m g:acl_res_rw:rw * , where acl_res_rw - domain group. I used this shared resource some days. Yesterday I received error message - Persmission Denied. I tried getfacl. On the shared resource instead of group acl_res_rw absolutely other group is specified. = someday ago getfacl test_res user::rw- group::r-- group:acl_q_all_rw:rwx mask::rwx other::r-- = today user::rw- group::r-- group:Domain Users:rwx mask::rwx other::r-- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba packages for debian squeeze
Hey all, I'm trying to hook a debian squeeze server up to a windows active directory domain, though the packages provided with Debian Squeeze don't have the net command. Is there a package available that I can use to install the net command from? Thanks, Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can only see files one level deep
It's difficult to parse, but it _seems_ like the 10.6.4 update to OSX will incorporate some SMB changes (fixes?), so maybe it's an OSX problem, and might be Fixed In The Next Release. I don't really care for beta software, but I kinda wish I could get this one! On 6/15/10 12:18 AM, Dnk wrote: That is also essentially what I am experiencing. Regards, D On 2010-06-14, at 6:10 PM, William P.N. Smith w_sm...@compusmiths.com wrote: I'm having a problem that I'm not sure is related. OSX 10.6.3, Centos 5.5, Samba Version 3.0.33-3.28.el5 Sometimes when I try to browse to a directory it just stalls out with the spinning gear. Not always the top level or a consistent depth, and it doesn't seem to matter if there are a dozen files or thousands in the directory. Sometimes if I walk away for an hour or so it'll still be spinning when I get back, sometimes it'll finally be showing my directory listing. I've just discovered(?) that quitting the Finder and restarting it solved the problem in at least one instance, so try that and report back... [I'm running iptables, and can't disable it, FWIW.] On 6/13/10 3:36 AM, zoolook wrote: 2010/6/4 DNKd.k.emailli...@gmail.com: Just bumping this one back onto the radar. I still have not been able to fix the issue. Hello, I got a Macbook Pro last week so I was able to test your smb.conf in a VM running centos 5.5. It turned out that I have to disable iptables and selinux (system-config-securitylevel-tui) to make samba run on centos. I'm a debian/ubuntu guy and sure there's a better way; anyway, for testing, disabling is ok. After that, your smb.conf run flawless here; except for this line in [myshare]: users = @ myshare I really hope that space between @ and myshare is a typo in your email and not in your actual smb.conf. I'll keep the VM for a few days, just in case you want me to run some more tests. Best regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba to update DDNS
SNIP Hello, is it possible to let samba update the DNS entries in our bind DNS server whenever a windows PC connects to the network ? If you have a Samba domain, you should use DHCP to do so. Samba (as far as I know) knows nothing about FQDN's. isc dhcpd.conf: Global # ad-hoc DNS update scheme - set to none to disable dynamic DNS updates. ddns-update-style interim; deny-client-updates; ddns-ttl 1; one-lease-per-client on; Zone include ddns-updates on; option domain-name mydomain.xxx; ddns-domainname mydomain.xxx; ddns-rev-domainname IN-ADDR.ARPA; Cheers, Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba migration to another llinux distro
You may have two general options - Have the new machine appear to be the old machine.Run testparm -v to verify the location of the private directory, locks directory etc and other files that you need to move over. - Setup the new machine as a BDC in the domain, migrate your data over, then promote the new machine to a PDC and demote and remove the old machine. This is probably easier if you have an LDAP backend. Otherwise you can probably copy the samba private directory over from one machine to another. About the other questions - If you want Windows 7 support you need Samba 3.4 or Samba 3.5. I would go with Fedora Core 12 since it already has Samba 3.4.Of course you can always compile from source. You may therefore want to consider having the server move as one project, and then a samba upgrade as another project. You could also setup a new machine as a BDC (as described above) with Samba 3.4.x. As you may have seen from other posts, there are changes to may need to make when you move from Samba 3.0.x to 3.4.x. -FC11 doesn't seem to like ext4 for the /boot file system. I would google ext4. Some people have an issue with the changes in journaling from ext3. I personally would stick with ext3. And about raid- - The 3ware 9650SE raid controller is a true hardware raid (I am using a few.) This means that you should be able to configure disks in a hardware raid set and move it to another server that also has a 3ware raid card. - The intel ICH7 and ICH9 raid controller built into some mother boards is firmware raid (aka fake raid.) This means that the OS has to have drivers for the controller and that the PC OS and CPU is doing the RAID processing. I found out the hardway that Fedora Core 11 did not include the appropriate drivers for it, even tho RedHat Enterprise Linux 5.x did. With Linux, you should either use true hardware raid or true software raid. The upside of software raid is that you can then move the disks from one machine to another. - Don't use RAID5 for your /boot or OS slices. If your raid configuration gets messed up the system can't boot. A messed up mirror is easier to recover from. RAID5 for your data is OK- since at that point the OS is up and running. Some of my colleagues argue you shouldn't even use a mirror for your /boot partition, but instead should just back it up to another disk. On 06/15/2010 05:56 AM, Hubert Choma wrote: Hello I need a description how to move painlessly samba from one system to another without re-adding to the domain windows clients. Currently, I have samba Version 3.0.28a-1.fc7 on Fedora 7 and I want to move it on CentOS 5.5 As far as the server hardware remains the same. In addition to changing the system i would like to change new disks and add a new 3ware 9650SE Raid controller (samba will operate in RAID 5 ) My questions: - How to move a painless system that do not add clients to the domain again - Domain must have the same SID - Which file system will be more efficient for the samba (3TB partition), ext3, ext4, xfs? - Whether the version of samba in Centos 5.5 is compatible with windows 7 (standard centos 5.5 repos) - If I make raid volumes(3ware controller) with installed centos 5.5 on the another motherboard (gigabyte EG41MF-US2h) and configure samba and bring it along with the disks to intel server motherboard linux will start ?? Installation and configuration on the test machine will shorten the time necessary to migrate. Please help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
Thanks for the lead. I did a ls -Z on the relevant directories and found that SELinux is disabled. I checked to make sure the client and server had the same time settings, and they're both exact. Is there anything else this could possibly be? [2010/06/07 09:41:37, 2] auth/auth.c:310(check_ntlm_ password) check_ntlm_password: authentication for user [me] - [me] - [OURDOMAIN+me] succeeded [2010/06/07 09:41:37, 0] smbd/service.c:1009(make_ connection_snum) '/share/samba/domain/home' does not exist or permission denied when connecting to [xdrives] Error was Permission denied Ben On Thu, Jun 10, 2010 at 8:39 AM, Benjamin Allen bal...@jeffcolib.orgwrote: Hello, I've been trying to figure this out for some time and can't quite nail it down, despite searching the internet, and a couple of samba books. Here goes: I'm running Version 3.4.3-3.3.1-2341-SUSE-SL11.2 of Samba on OpenSUSE 11.2. Here are some relevant excerpts from my smb.conf file: [global] ... security = ADS ... winbind separator = + ... log level = 2 ... [xdrives] comment = X Drive Repository path = /share/samba/domain/home browseable = yes create mask = 0700 directory mask = 0700 valid users = @OURDOMAIN+smb (this is a group) inherit acls = no hide unreadable = no read only = no I have AD authentication running via winbind, and the Kerberos element is working also. So, wbinfo -g produces all groups in the same format as entered in this share: OURDOMAIN+Administrators ... OURDOMAIN+smb The filesystem path = directory has been chown'd to my name+that domain group(of which I am a member). chown OURDOMAIN+me:OURDOMAIN+smb Also, I chmodded it to 0777 for testing. Yet... *ARGH!* When I try accessing this share from windows Run or Konqueror on another linux, I get this on the server: tail /var/log/samba/log.smbd ... [2010/06/07 09:41:37, 2] auth/auth.c:310(check_ntlm_ password) check_ntlm_password: authentication for user [me] - [me] - [OURDOMAIN+me] succeeded [2010/06/07 09:41:37, 0] smbd/service.c:1009(make_connection_snum) '/share/samba/domain/home' does not exist or permission denied when connecting to [xdrives] Error was Permission denied ... Copy pasting the entry “'/share/samba/domain/home'” right out of the above: ServerName:~ # ls -lah /share/samba/domain/home total 512 drwxrwxrwx 23 OURDOMAIN+me OURDOMAIN+smb 584 Jun 3 10:06 . I earlier changed the mountpoint of this partition to /share as /srv wasn't working. Just now, I put in path = /home as a reality check, and remotely accessed \\server.ip\folder, and it succeeded. I only received an error message when trying to create a new folder. What am I missing? Sincere thanks, Ben -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SAMBA PDC LOGIN - UPN (u...@realm) to DOM\USER
I have looked and looked but have not been able to find out how to allow UPN authentication to be processed by a Samba PDC? Is it possible to strip the @domain from the user before authentication at samba or map the UPN user to a dom\username for authentication? Thanks, Andrew LOGS /var/log/samba/log.user: SAM Logon (Interactive). Domain:[domain]. User:[u...@domain@XENDESKTOP1] Requested Domain:[domain] /var/log/samba/log.user: check_ntlm_password: Checking password for unmapped user [domain]\[u...@domain]@[XENDESKTOP1] with the new password interface /var/log/samba/log.user: check_ntlm_password: mapped user is: [domain]\[u...@domain]@[XENDESKTOP1] /var/log/samba/log.user: check_sam_security: Couldn't find user 'u...@domain' in passdb. /var/log/samba/log.user: check_ntlm_password: Authentication for user [u...@domain] - [u...@domain] FAILED with error NT_STATUS_NO_SUCH_USER -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.6 - problems with vfs objects = recycle
Hi, I just upgraded samba from 3.0.37 to 3.4.6 on a gentoo machine. After converting the passwd file (pdbedit -i smbpasswd -e tdbsam) I tried to login from a windows client but it didn''t work. After commenting the vfs-recycle entries in the shares definition I could successfully login. I cannot find any hint that the vfs objects in samba 3.4 has changed. Can somebody help? Thanks in advance, grassu this is the error I see in samba log: # tail -f /var/log/samba/log.ws-mo Can't find a vfs module [recycle] [2010/06/13 10:58:02, 0] smbd/vfs.c:322(smbd_vfs_init) smbd_vfs_init: vfs_init_custom failed for recycle [2010/06/13 10:58:02, 0] smbd/service.c:846(make_connection_snum) vfs_init failed for service Projekte [2010/06/13 10:58:02, 0] lib/module.c:59(do_smb_load_module) Error trying to resolve symbol 'init_samba_module' in /usr/lib/samba/vfs/recycle.so: /usr/lib/samba/vfs/recycle.so: undefined symbol: init_samba_module but recycle.so is there: # locate recycle.so /usr/lib/samba/vfs/recycle.so my smb.conf # less /etc/samba/smb.conf [global] workgroup = Server server string = PDC [Server :: Samba Server %v] printcap name = cups printing = cups cups options =raw load printers = yes log level = 1 log file = /var/log/samba/log.%m max log size = 1 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces= lo eth0 eth1 bind interfaces only = yes hosts allow = 127.0.0.1 192.168.2.0/24 hosts deny= 0.0.0.0/0 security = user encrypt passwords = yes # PDC-Eintraege ### local master = yes os level = 65 domain master = yes preferred master = yes null passwords = no hide unreadable = yes domain logons = yes logon script = %G.bat logon path = \\%L\profiles\%U logon drive = z: logon home = \\%L\%U\.9xprofile wins support = yes name resolve order = wins lmhosts hosts bcast dns proxy = no time server = yes # smb passwd file = /home/samba/smbpasswd add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u passwd program = /usr/bin/passwd %u passwd chat = *New password:* %n\r *New password (again):* %n\r \ *Password changed* dos charset = 850 unix charset = ISO8859-1 [netlogon] path = /home/samba/netlogon public = no writeable = no browseable = no [profiles] path = /home/samba/profiles browseable = yes writeable = yes default case = lower preserve case = no short preserve case = no case sensitive = no hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @staff root create mode = 0600 directory mode = 0700 guest ok = no csc policy = disable [Intern] comment = [I:] Bueroadministration path = /home/shares/Intern public = no writeable = yes browseable = yes valid users = @admin-staff write list = @admin-staff read list = @admin-staff create mask = 0660 directory mask = 0770 force group = admin-staff # vfs objects = recycle # recycle:repository=.recycle.%u # recycle:keeptree=1 # recycle:noversions=1 SNIP and the build settings: net-fs/samba-3.4.6 was built with the following: USE=acl client cups ldap netapi pam readline server smbclient syslog -addns -ads -aio -avahi -caps -cluster -debug -doc -examples -fam -ldb -quota -smbsharemodes -swat -winbind -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba migration to another llinux distro
- Don't use RAID5 for your /boot or OS slices. If your raid configuration gets messed up the system can't boot. A messed up mirror is easier to recover from. RAID5 for your data is OK- since at that point the OS is up and running. Some of my colleagues argue you shouldn't even use a mirror for your /boot partition, but instead should just back it up to another disk. At work I usually RAID 1 my 256 MB /boot with all the hard drives that are also in the raid5/6 arrays. This is usually 6 to 10 drives. On top of that I keep the OS on its own smaller raid 5/6. So my partitions on every disk are usually boot raid 1 (over all disks) swap (seperate swap on all disks) root raid (raid 5/6 over all disks) data raid (raid 5/6 over all disks) on top of the data raid I usually use lvm for simpler partitioning and spanning across a second raid if I choose to do that in the future. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
On Tue, Jun 15, 2010 at 9:47 AM, Benjamin Allen bal...@jeffcolib.org wrote: Is there anything else this could possibly be? Did you try simplifying the share for testing purposes? Remove a few lines, something like: = [xdrives] comment = X Drive Repository path = /share/samba/domain/home browseable = yes valid users = @OURDOMAIN+smb (this is a group) hide unreadable = no read only = no = Maybe even remove the valid users line (you're troubleshooting - it may help to determine what's going on): = [xdrives] comment = X Drive Repository path = /share/samba/domain/home browseable = yes hide unreadable = no read only = no = Also check that there is no 'valid users' line in the global section (you didn't supply all of that section). Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
Thank you for the responses. Here is The complete smb.conf, as I'm trying it with the test setup suggested. [global] workgroup = DOMAIN passdb backend = tdbsam printing = cups printcap name = cups printcap cache time = 750 cups options = raw map to guest = Bad User logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: usershare allow guests = No idmap gid = 1-2 idmap uid = 1-2 realm = DOMAIN.FULL security = ADS template homedir = /home/%D/%U template shell = /bin/bash winbind separator = + winbind refresh tickets = yes wins server = 10.10.10.5 wins support = No log level = 2 [home] comment = X Drive Repository path = /share/samba/domain/home hide unreadable = no read only = no Here is the log output: tail /var/log/samba/log.smbd [2010/06/15 09:46:54, 2] auth/auth.c:310(check_ntlm_password) check_ntlm_password: authentication for user [myname] - [myname] - [DOMAIN+myname] succeeded [2010/06/15 09:46:54, 0] smbd/service.c:1009(make_connection_snum) '/share/samba/domain/home' does not exist or permission denied when connecting to [home] Error was Permission denied [2010/06/15 09:46:57, 2] auth/auth.c:320(check_ntlm_password) [2010/06/15 09:46:57, 2] smbd/service.c:584(create_connection_server_info) guest user (from session setup) not permitted to access this share (home) [2010/06/15 09:46:57, 1] smbd/service.c:676(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED On the off hand chance this is something related to how the drive is mounted: cat /proc/mounts: ... /dev/mapper/nhvg-nhsvr /share reiserfs rw,relatime,acl,user_xattr 0 0 ... df -h: ... /dev/mapper/nhvg-nhsvr 568G 113G 456G 20% /share ... None of the other errors existed before using this setup, so I figure this is still the root of the issue: [2010/06/15 09:46:54, 0] smbd/service.c:1009(make_connection_snum) '/share/samba/domain/home' does not exist or permission denied when connecting to [home] Error was Permission denied It seems like an obvious error of Permission denied. But I don't have SELinux enabled, the share is chown'd to my user, and it's chmod'd to 777. I can run su DOMAIN+myname, receive a shell in that directory and create and delete files. Smbpasswd shouldn't be needed (as far as I understand), because all the usernames and passwords are drawn from out Win2003 Domain Controller. Thanks, Ben On Tue, Jun 15, 2010 at 9:35 AM, Chris Smith smb...@chrissmith.org wrote: On Tue, Jun 15, 2010 at 9:47 AM, Benjamin Allen bal...@jeffcolib.org wrote: Is there anything else this could possibly be? Did you try simplifying the share for testing purposes? Remove a few lines, something like: = [xdrives] comment = X Drive Repository path = /share/samba/domain/home browseable = yes valid users = @OURDOMAIN+smb (this is a group) hide unreadable = no read only = no = Maybe even remove the valid users line (you're troubleshooting - it may help to determine what's going on): = [xdrives] comment = X Drive Repository path = /share/samba/domain/home browseable = yes hide unreadable = no read only = no = Also check that there is no 'valid users' line in the global section (you didn't supply all of that section). Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Logging file creation with full_audit
I'm trying to set up a samba server to audit only the file operations that I care about, which are create, modify, delete, and rename (for files and folders). I've got the full_audit vfs module working well, except that I haven't been able to figure out what to set it to log (in the full_audit:success setting) to include file creation and modification. If I log pwrite, then it floods the logs with many entries for every single file write, especially when writing large files. I get almost 200 messages when writing a 10 MB file. Is there something I can log to make it write a single entry on file creation or modification? Write doesn't seem to log anything, but pwrite is far too verbose for my needs. Also, creating an empty file doesn't seem to get logged either, even with link in the full_audit:success setting. For example, if I right-click in windows explorer and create a new text file without changing the name, nothing is logged. This is my current full_audit module configuration: full_audit:prefix = %u|%I|%S full_audit:success = mkdir rmdir write rename unlink pwrite link full_audit:failure = none full_audit:facility = local5 full_audit:priority = info Is there a way to get full_audit to log the way I'm looking for? Or is there another audit module that would do better? I'm just trying to end up with a nice clean audit log without unneeded entries. Any ideas would be greatly appreciated. Thanks. Darren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 ????
Log file from PDC Domain A attached. Any suggestions?? From: wikk...@hotmail.com To: gaiseric.van...@gmail.com; samba@lists.samba.org Date: Mon, 14 Jun 2010 16:47:28 + Subject: Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 I have set those parameters as you suggested without NT4 problems. This has had no effect on the trust relationship, I still get the same message. I can submit a log file from DomainA,if it would help? Date: Mon, 14 Jun 2010 11:45:29 -0400 From: gaiseric.van...@gmail.com To: samba@lists.samba.org Subject: Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 lanman and plaintext auth should only be needed if you are support Windows 95/98 machines. NT 4 with SP6 should not require this. So I would first disable lanman and plaintext on Domain A, and make sure it has not broken authentication with your NT4 machine. On 06/14/2010 11:39 AM, Wikked one wrote: There are some differences when I run testparm -v. PDC for Domain A lanman auth=Yes ntlm auth=Yes client NTMLv2=No client lanman auth=Yes client plaintext auth=Yes PDC for Domain B lanman auth=No ntlm auth=Yes client NTMLv2=No client lanman auth=No client plaintext auth=No From: gaiseric.van...@gmail.com To: samba@lists.samba.org Date: Sun, 13 Jun 2010 21:31:58 -0400 Subject: Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 If you run testparm -v on each, are the encryption parameters (NTLM etc) the same? From: Wikked one [mailto:wikk...@hotmail.com] Sent: Sunday, June 13, 2010 7:56 AM To: gaiseric.van...@gmail.com; samba@lists.samba.org Subject: RE: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 LDAP backend. I am 100% sure about the passwords since I set them up just previous to the process. The short answer to upgrading domain A is no,and the log files do not indicate anything. I will increase the log level when I resume testing tomorrow. The long answer to upgrading is this: Since we are looking towards Windows 7 workstation deployment,we realize we need to use Samba 3.3 ,our existing domain (Samba 3.0.33) has NT4 workstations and legacy Netbios system names that we do not want to carry forward. So the solution I am hoping to implement is a new Samba 3.3 domain with a new domain name and SID that supports windows 7 (got that working) but also has a two way domain trust established. This would allow incremental deployment rather than a hard cut over. Thanks! From: gaiseric.van...@gmail.com To: samba@lists.samba.org Date: Sat, 12 Jun 2010 17:15:59 -0400 Subject: Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 What is the backend? In domain A, you should have a user account for domain B (so that A can be trusted by B.) And vice versa. The passwords created for those accounts should be the passwords used when establishing trusts. So you should be 100% certain about those passwords. Any chance you can upgrade DomainA to samba 3.3.12? Do the log files show anything (maybe the wrong encryption levels for authenticating passwords?) -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Wikked one Sent: Friday, June 11, 2010 5:05 AM To: samba@lists.samba.org Subject: Re: [Samba] Domain Trusts with Samba 3.0.33 and 3.3.12 From: wikk...@hotmail.com To: samba@lists.samba.org Date: Wed, 9 Jun 2010 18:30:19 + Subject: [Samba] Domain Trusts Anybody? Greetings List, I've been attempting to establish a two way domain trust between Samba Domains. The reasons why are numerous but mainly so that our Samba PDC supports Window7. Domain A is Samba 3.0.33 and domain B is Samba 3.3.12 and I've established that domain B trusts domain A without issue,however when I attempt to trust domain B on domain A, I get the following error. Could not connect to server DomainA PDC. Storing password for trusted domain failed. I'm certain the password is correct. _ Hotmail is redefining busy with tools for the New Busy. Get more from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:W L:en-US:WM_HMP:042010_2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
On Tue, Jun 15, 2010 at 11:01 AM, Benjamin Allen bal...@jeffcolib.org wrote: It seems like an obvious error of Permission denied. I would go a step further. Make sure you have a valid username map, for example: == $ cat /etc/samba/smbusers root = administrator nobody = guest == assuming 'nobody' is your nix guest account, if not define it with the 'guest account' parameter and create/edit the file accordingly With a corresponding line in the global section of smb.conf: == username map = /etc/samba/smbusers == Be sure to keep your: == map to guest = Bad User == entry as well. Then add: == guest ok = yes == to the share. Can you connect then? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
I tried the below instructions and no luck. Good idea though. I changed the path to: path = /home as a test. I was able to enter the folder with no access denied errors. Something thinks differently of /home then they do of /srv or /share. Any idea why this could be? Thank you, Ben On Tue, Jun 15, 2010 at 11:15 AM, Chris Smith smb...@chrissmith.org wrote: On Tue, Jun 15, 2010 at 11:01 AM, Benjamin Allen bal...@jeffcolib.org wrote: It seems like an obvious error of Permission denied. I would go a step further. Make sure you have a valid username map, for example: == $ cat /etc/samba/smbusers root = administrator nobody = guest == assuming 'nobody' is your nix guest account, if not define it with the 'guest account' parameter and create/edit the file accordingly With a corresponding line in the global section of smb.conf: == username map = /etc/samba/smbusers == Be sure to keep your: == map to guest = Bad User == entry as well. Then add: == guest ok = yes == to the share. Can you connect then? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SAMBA PDC LOGIN - UPN (u...@realm) to DOM\USER
--- Original message --- Subject: [Samba] SAMBA PDC LOGIN - UPN (u...@realm) to DOM\USER From: Andrew Grimmett agrimm...@lssidata.com To: samba@lists.samba.org Date: Tuesday, 15/06/2010 7:01 AM I have looked and looked but have not been able to find out how to allow UPN authentication to be processed by a Samba PDC? Is it possible to strip the @domain from the user before authentication at samba or map the UPN user to a dom\username for authentication? Are you certain Xen's NTLM Auth is not adding this? Thanks, Andrew LOGS /var/log/samba/log.user: SAM Logon (Interactive). Domain:[domain]. User:[u...@domain@XENDESKTOP1] Requested Domain:[domain] /var/log/samba/log.user: check_ntlm_password: Checking password for unmapped user [domain]\[u...@domain]@[XENDESKTOP1] with the new password interface /var/log/samba/log.user: check_ntlm_password: mapped user is: [domain]\[u...@domain]@[XENDESKTOP1] /var/log/samba/log.user: check_sam_security: Couldn't find user 'u...@domain' in passdb. /var/log/samba/log.user: check_ntlm_password: Authentication for user [u...@domain] - [u...@domain] FAILED with error NT_STATUS_NO_SUCH_USER -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
Solved! The magic command was chmod 755 /dev/mapper/nhvg I wouldn't have thought the permissions on the volume group itself would cause that error, but it seems so. When I mounted /home to the Volume Group, the error recurred. Usually I have no problem with the permissions on devices. Thank you all for your time! Ben On Tue, Jun 15, 2010 at 11:46 AM, Benjamin Allen bal...@jeffcolib.orgwrote: I tried the below instructions and no luck. Good idea though. I changed the path to: path = /home as a test. I was able to enter the folder with no access denied errors. Something thinks differently of /home then they do of /srv or /share. Any idea why this could be? Thank you, Ben On Tue, Jun 15, 2010 at 11:15 AM, Chris Smith smb...@chrissmith.orgwrote: On Tue, Jun 15, 2010 at 11:01 AM, Benjamin Allen bal...@jeffcolib.org wrote: It seems like an obvious error of Permission denied. I would go a step further. Make sure you have a valid username map, for example: == $ cat /etc/samba/smbusers root = administrator nobody = guest == assuming 'nobody' is your nix guest account, if not define it with the 'guest account' parameter and create/edit the file accordingly With a corresponding line in the global section of smb.conf: == username map = /etc/samba/smbusers == Be sure to keep your: == map to guest = Bad User == entry as well. Then add: == guest ok = yes == to the share. Can you connect then? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- Benjamin T. Allen Junior Network Administrator Jefferson County Library Central Services -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logging file creation with full_audit
On 15/06/2010 12:09 PM, Jeremy Allison wrote: On Tue, Jun 15, 2010 at 10:04:57AM -0500, Darren Hildebrand wrote: I'm trying to set up a samba server to audit only the file operations that I care about, which are create, modify, delete, and rename (for files and folders). I've got the full_audit vfs module working well, except that I haven't been able to figure out what to set it to log (in the full_audit:success setting) to include file creation and modification. If I log pwrite, then it floods the logs with many entries for every single file write, especially when writing large files. I get almost 200 messages when writing a 10 MB file. Is there something I can log to make it write a single entry on file creation or modification? Write doesn't seem to log anything, but pwrite is far too verbose for my needs. We don't use write anymore - all writes go through pwrite. You want to log open, not pwrite. Jeremy. Thanks, it looks like open is a lot closer to what I'm looking for. Just one more question with that - it looks like open logs reads and writes, where I'm really just concerned about writes. I can see that they're distinguished with the r and w near the end of the log line, but is there any way to log only the w entries? I'm sure I could come up with a way to filter it using syslog as well, but I was hoping to be able to not have them sent to syslog in the first place if there's a way to do that. Thanks. Darren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logging file creation with full_audit
On Tue, Jun 15, 2010 at 12:20:34PM -0500, Darren Hildebrand wrote: On 15/06/2010 12:09 PM, Jeremy Allison wrote: On Tue, Jun 15, 2010 at 10:04:57AM -0500, Darren Hildebrand wrote: I'm trying to set up a samba server to audit only the file operations that I care about, which are create, modify, delete, and rename (for files and folders). I've got the full_audit vfs module working well, except that I haven't been able to figure out what to set it to log (in the full_audit:success setting) to include file creation and modification. If I log pwrite, then it floods the logs with many entries for every single file write, especially when writing large files. I get almost 200 messages when writing a 10 MB file. Is there something I can log to make it write a single entry on file creation or modification? Write doesn't seem to log anything, but pwrite is far too verbose for my needs. We don't use write anymore - all writes go through pwrite. You want to log open, not pwrite. Jeremy. Thanks, it looks like open is a lot closer to what I'm looking for. Just one more question with that - it looks like open logs reads and writes, where I'm really just concerned about writes. I can see that they're distinguished with the r and w near the end of the log line, but is there any way to log only the w entries? I'm sure I could come up with a way to filter it using syslog as well, but I was hoping to be able to not have them sent to syslog in the first place if there's a way to do that. Not without code changes to the audit module I'm afraid. What you want is to log all opens with the O_CREAT flag set, but the audit module isn't specific enough to do that. You'll have to filter post logging I'm afraid (or change the audit_open call to check for the O_CREAT flag in the flags variable before logging). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logging file creation with full_audit
On 15/06/2010 12:22 PM, Jeremy Allison wrote: On Tue, Jun 15, 2010 at 12:20:34PM -0500, Darren Hildebrand wrote: On 15/06/2010 12:09 PM, Jeremy Allison wrote: On Tue, Jun 15, 2010 at 10:04:57AM -0500, Darren Hildebrand wrote: I'm trying to set up a samba server to audit only the file operations that I care about, which are create, modify, delete, and rename (for files and folders). I've got the full_audit vfs module working well, except that I haven't been able to figure out what to set it to log (in the full_audit:success setting) to include file creation and modification. If I log pwrite, then it floods the logs with many entries for every single file write, especially when writing large files. I get almost 200 messages when writing a 10 MB file. Is there something I can log to make it write a single entry on file creation or modification? Write doesn't seem to log anything, but pwrite is far too verbose for my needs. We don't use write anymore - all writes go through pwrite. You want to log open, not pwrite. Jeremy. Thanks, it looks like open is a lot closer to what I'm looking for. Just one more question with that - it looks like open logs reads and writes, where I'm really just concerned about writes. I can see that they're distinguished with the r and w near the end of the log line, but is there any way to log only the w entries? I'm sure I could come up with a way to filter it using syslog as well, but I was hoping to be able to not have them sent to syslog in the first place if there's a way to do that. Not without code changes to the audit module I'm afraid. What you want is to log all opens with the O_CREAT flag set, but the audit module isn't specific enough to do that. You'll have to filter post logging I'm afraid (or change the audit_open call to check for the O_CREAT flag in the flags variable before logging). Jeremy. All right, I'll find a way to deal with the logging that I'm getting then. It's already a LOT cleaner than it was with pwrite. Thanks a lot for your quick and helpful responses! Darren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Adding Domain User Accounts to Windows 7 Clients (Samba 3.4.8 PDC)
Hi, I've searched the logs and google trying to find a fix for my problem and have so far not succeeded. I've got a Samba PDC (Debian Lenny), running Samba 3.4.8 from Debian Backports. It is using an OpenLdap backend. We have encountered little to no problems over the last several years. And of course, we have to upgrade to Windows 7 (64-bit), from XP-64. So, here we are. Following the wiki here: http://wiki.samba.org/index.php/Windows7 I have made the registry changes mentioned on this page. I can successfully join the Windows 7 client to our Samba PDC. Furthermore, domain users are able to login, by using the following syntax: domain\username and password. Finally, users are able to access domain shares without difficulty. However, I am unable to successfully add domain user accounts to the client. When I attempt this, I receive the following error: The user could not be added because the following error has occurred: The trust relationship between the workstation and the primary domain failed. Can anybody help pinpoint my error? My samba PDC logs show the following: Jun 15 12:11:31 nishnabotna smbd[2746]: [2010/06/15 12:11:31, 0] auth/auth_sam.c:355(check_sam_security) Jun 15 12:11:31 nishnabotna smbd[2746]: check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' Jun 15 12:11:32 nishnabotna smbd[2746]: [2010/06/15 12:11:32, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) Jun 15 12:11:32 nishnabotna smbd[2746]: _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client CALLENDER machine account CALLENDER$ And perhaps to state the obvious, the user I'm attempting to add does exist on the network. By the way, I'm getting this error when trying to add ANY domain user account to Windows 7 clients. I would appreciate any input you might offer. Thanks, Bryan Walton -- Bryan K. Walton Division of Physiologic Imaging Systems Administrator University of Iowa Hospitals and Clinics -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
On Tue, Jun 15, 2010 at 9:57 AM, t...@tms3.com wrote: On Tuesday 15/06/2010 at 9:17 am, Alberto Moreno wrote: On Mon, Jun 14, 2010 at 11:45 PM, t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] windows 7 unable to join domain From: Alberto Moreno ports...@gmail.com To: samba@lists.samba.org Date: Monday, 14/06/2010 11:03 PM On Mon, Jun 14, 2010 at 6:11 PM, t...@tms3.com wrote: SNIP I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. http://wiki.samba.org/index.php/Windows7 There's a reg file that comes with the source code. Not sure about binary packages. Cheers, SNIP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Like tms3 told u, we have to make some changes to the register before we join ms 7 to the domain, I already did and works, no issue. Another thing I see in your smb.conf: security = DOMAIN. In my little knowledge about samba, if u have a PDC it must say: security = user. Went u add a BDC it must say: security = DOMAIN. I disagree on the last point. Security = user is default, so no entry necessary. For PDC I use: os level = 64 preferred master = Yes domain logons =Yes domain master = Yes For BDC I use (if on separate nodes) �� os level = 64 preferred master = Yes domain logons =Yes domain master = no If on same node os level = 60 preferred master = Auto domain logons =Yes domain master = no In domain security mode, the Samba server has a machine account (domain security trust account) and causes all authentication requests to be passed through to the domain controllers. The Samba server is made into a domain member server by using the following directives in smb.conf. security = domain Hi. I point this because on his smb.conf file he us using security=domain, by default like u say is =user. Oh, not trying to be a snit, just that if you use sec=domain then the BDC will call the PDC for authing. It will work, it's just that it kinda (IMHO) makes the BDC sorta useless. And over WAN links wastes bandwidth. Cheers, Thanks!!! Last thing, smbldap-tools using the base repo from Centos 5.5 depend on Samba-3.0.x, u must build your own rpm to work with samba3x. My two cents. -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba No problem my friend, we are here to learn, thanks for sharing. -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar Samba permission denied error
On Tue, Jun 15, 2010 at 12:46 PM, Benjamin Allen bal...@jeffcolib.org wrote: I tried the below instructions and no luck. Good idea though. Right. The idea was to take Samba permissions out of the equation which would then lead in the proper direction for a solution. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
On Tue, Jun 15, 2010 at 10:40 AM, Alberto Moreno ports...@gmail.com wrote: On Tue, Jun 15, 2010 at 9:57 AM, t...@tms3.com wrote: On Tuesday 15/06/2010 at 9:17 am, Alberto Moreno wrote: On Mon, Jun 14, 2010 at 11:45 PM, t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] windows 7 unable to join domain From: Alberto Moreno ports...@gmail.com To: samba@lists.samba.org Date: Monday, 14/06/2010 11:03 PM On Mon, Jun 14, 2010 at 6:11 PM, t...@tms3.com wrote: SNIP I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. http://wiki.samba.org/index.php/Windows7 There's a reg file that comes with the source code. Not sure about binary packages. Cheers, SNIP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Like tms3 told u, we have to make some changes to the register before we join ms 7 to the domain, I already did and works, no issue. Another thing I see in your smb.conf: security = DOMAIN. In my little knowledge about samba, if u have a PDC it must say: security = user. Went u add a BDC it must say: security = DOMAIN. I disagree on the last point. Security = user is default, so no entry necessary. For PDC I use: os level = 64 preferred master = Yes domain logons =Yes domain master = Yes For BDC I use (if on separate nodes) �� os level = 64 preferred master = Yes domain logons =Yes domain master = no If on same node os level = 60 preferred master = Auto domain logons =Yes domain master = no In domain security mode, the Samba server has a machine account (domain security trust account) and causes all authentication requests to be passed through to the domain controllers. The Samba server is made into a domain member server by using the following directives in smb.conf. security = domain Hi. I point this because on his smb.conf file he us using security=domain, by default like u say is =user. Oh, not trying to be a snit, just that if you use sec=domain then the BDC will call the PDC for authing. It will work, it's just that it kinda (IMHO) makes the BDC sorta useless. And over WAN links wastes bandwidth. Cheers, Thanks!!! Last thing, smbldap-tools using the base repo from Centos 5.5 depend on Samba-3.0.x, u must build your own rpm to work with samba3x. My two cents. -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba No problem my friend, we are here to learn, thanks for sharing. -- LIving the dream... U say that u already have some XP clients on your domain, which meant that works. U are trying to add a Windows 7 capable of being able to be part of a Domain, like Ultimate Edition or compatible right? not a Home Edition. U are using ldap on centos, which is working? Because u have XP clients inside the domain, they can see the PDC of your domain? Could u please give us the output of testparm+testparm of your PDC. Thanks!!! -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
On Jun 15, 2010, at 1:42 AM, Ciernik Tomas wrote: Hi, I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive The specified network name is no longer available. I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. Per some googling, I've turned off both: *- Network security:Minimum session security for NTLM SSP (including RPC based) Clients* - *Network security:Minimum session security for NTLM SSP (including RPC based) Servers* and changed *Network Security LAN Manager authentication level* to *Send LM NTLM – use NTLMv2 session security if negotiated* in the Local Security Policies. See: http://wiki.samba.org/index.php/Windows7 for the correct settings. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] libldb-samba.so does not link in source4 samba
I am building in source4. Where are these symbols defined? Is any library that is not getting linked? samba/source4 # make WAF_MAKE=1 ../buildtools/bin/waf build Waf: Entering directory `/usr/src/bamba/samba/source4/bin' [1816/1961] Linking default/source4/lib/ldb/libldb-samba4.so [1908/1961] Linking default/source4/lib/ldb/ldbadd default/source4/lib/ldb/libldb-samba4.so: undefined reference to `zError' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `inflateReset' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `deflate' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `inflateInit2_' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `inflate' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `deflateReset' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `inflateSetDictionary' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `deflateInit2_' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `deflateSetDictionary' collect2: ld returned 1 exit status Waf: Leaving directory `/usr/src/bamba/samba/source4/bin' Build failed: - task failed (err #1): {task: cc_link ldbutil_28.o,cmdline_28.o,ldbadd_29.o,popt_common_3.o,credentials_1.o,popt_credentials_5.o - ldbadd} make: *** [all] Error 1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 unable to join domain
On Tue, Jun 15, 2010 at 1:04 PM, delpheye delph...@gmail.com wrote: results of testparm -v: Load smb config files from /etc/samba/smb.conf Processing section [homes] Processing section [netlogon] Processing section [profiles] Processing section [public] Processing section [former.employees] Processing section [temp] Processing section [joadmin] Processing section [labs] Processing section [business] Loaded services file OK. WARNING: You have some share names that are longer than 12 characters. These may not be accessible to some older clients. (Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.) Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] dos charset = CP850 unix charset = UTF-8 display charset = LOCALE workgroup = DOMAIN.COM realm = netbios name = DOMAIN-FS netbios aliases = netbios scope = server string = Samba 3.3.8-0.51.el5 interfaces = bind interfaces only = No config backend = file security = USER auth methods = encrypt passwords = Yes update encrypted = No client schannel = Auto server schannel = Auto allow trusted domains = Yes map to guest = Never null passwords = No obey pam restrictions = No password server = * smb passwd file = /var/lib/samba/private/smbpasswd private dir = /var/lib/samba/private passdb backend = ldapsam:ldap://127.0.0.1 algorithmic rid base = 1000 root directory = guest account = nobody enable privileges = Yes pam password change = No passwd program = /usr/bin/passwd '%u' passwd chat = *New UNIX password* %n\n *Retype new UNIX password* %n\n *updated successfully* passwd chat debug = No passwd chat timeout = 2 check password script = username map = /etc/samba/smbusers password level = 0 username level = 0 unix password sync = Yes restrict anonymous = 0 lanman auth = No ntlm auth = Yes client NTLMv2 auth = No client lanman auth = No client plaintext auth = No preload modules = use kerberos keytab = No log level = 5 syslog = 1 syslog only = No log file = max log size = 5000 debug timestamp = Yes debug prefix timestamp = No debug hires timestamp = No debug pid = No debug uid = No debug class = No enable core files = Yes smb ports = 445 139 large readwrite = Yes max protocol = NT1 min protocol = CORE min receivefile size = 0 read raw = Yes write raw = Yes disable netbios = No reset on zero vc = No acl compatibility = auto defer sharing violations = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = wins bcast hosts max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = Yes use spnego = Yes client signing = auto server signing = No client use spnego = Yes client ldap sasl wrapping = plain enable asu support = No svcctl list = deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 30 max smbd processes = 0 paranoid server security = Yes max disk size = 0 max open files = 1 socket options = TCP_NODELAY use mmap = Yes hostname lookups = No name cache timeout = 660 ctdbd socket = cluster addresses = clustering = No load printers = Yes printcap cache time = 750 printcap name = cups cups server = cups connection timeout = 30 iprint server = disable spoolss = No addport command = enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = mangling method = hash2 mangle prefix = 1 max stat cache size = 256 stat cache = Yes machine password timeout = 604800 add user script = /usr/sbin/smbldap-useradd -m %u rename user script = delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u shutdown script = abort shutdown script = username map script = logon script = logon.bat logon path = \\domain-fs\profiles\%u logon drive = H: logon home = \\domain-fs\%U domain logons = Yes init logon delayed hosts = init logon delay = 100 os level = 64 lm announce = Auto lm interval = 5
Re: [Samba] Samba packages for debian squeeze
Quoting Robert LeBlanc (rob...@leblancnet.us): I have had 'net' not correctly registered on some squeeze machines. Since I don't use the net command often, I just run net.samba3. I'm sure you could do an `update-alternatives --config net` as root and choose to use net.samba3 to restore the use of just 'net'. Thanks for your input, Robert. The command that's run in samba-common-bin's postinst script is: update-alternatives --install /usr/bin/net net /usr/bin/net.samba3 10 \ --slave /usr/share/man/man8/net.8.gz net.8.gz /usr/share/man/man8/net.samba3.8.gz It's surprising to hear that the net alternative wasn't properly registered after installing samba-common-bin. More details about this would be in any case appreciated. And a reproducible test case is certainly worth a bug report in Debian against samba-common-bin. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] libldb-samba.so does not link in source4 samba
On 15 June 2010 21:49, Shirish Pargaonkar shirishpargaon...@gmail.com wrote: I am building in source4. Where are these symbols defined? Is any library that is not getting linked? Those symbols are from zlib. It seems that libz.a is found during compilation and later libz.so.xxx is not found when trying to link ldbadd. libz.so.* would normally be found in /lib. Is it not there? samba/source4 # make WAF_MAKE=1 ../buildtools/bin/waf build Waf: Entering directory `/usr/src/bamba/samba/source4/bin' [1816/1961] Linking default/source4/lib/ldb/libldb-samba4.so [1908/1961] Linking default/source4/lib/ldb/ldbadd default/source4/lib/ldb/libldb-samba4.so: undefined reference to `zError' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `inflateReset' default/source4/lib/ldb/libldb-samba4.so: undefined reference to `deflate' [...] -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Idmap module nss already registered ???
Hello, we are running samba 3.3.8 on RHEL 5.5 - connected to Active Directory via winbind. Everything seems to work fine: matching of UID/GID is working which can be tested with ... wbinfo -i username wbinfo -n username wbinfo -s SID ... BUT it takes about 1 min until a connection to the samba server can be established or until the available samba shares are listed: net use x: \\sambatest\sharename (takes about 1 min) or net view \\sambatest (takes about 1 min) Here is the part from smb.conf which configures the WINBIND connection. ... template shell = winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nss info = rfc2307 idmap config TESTDOM : range = 100-100 idmap config TESTDOM : schema_mode = rfc2307 idmap config TESTDOM : readonly = yes idmap config TESTDOM : backend = ad And here is the corresponding nsswitch.conf section: passwd: files winbind These are the entries from log.winbindd-idmap [2010/06/14 15:59:02, 0] winbindd/idmap.c:smb_register_idmap(149) Idmap module nss already registered! The delay is caused by winbind since without winbind you get fast response. Any ideas how to speed-up winbind and/or avoiding the Idmap module nss already registered error ? regards - I have been getting these errors (with different symptoms) on RHEL for quite a while since upgrading to 3.3 and 3.5. What does your smb.conf look like? -=Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28
-Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Allen Chen Sent: Friday, June 11, 2010 2:25 PM To: samba@lists.samba.org Subject: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28 Hi, there I'm using Samba 3.4.5 and 3.0.28 on RHEL 5.2, and I noticed that on both samba servers 'root postexec' script in [netlogon] is executed automatically when logged in for around 11 minutes. This makes me crazy to track when a use is logged out. The man page smb.conf.5 says: postexec (S) This option specifies a command to be run whenever the service is disconnected. I don't understand when a user is still logged in, why 'root postexec' script gets called after 11 minutes. though everything still works fine. I used to have Samba 3.0.22 and 'root postexec' script was executed only when users logout. It doesn't matter how long you have logged in. How can I fix this issue? Thanks, Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Shot in the dark: your deadtime is causing the service to disconnect and execute the postexec (not that it should, just guessing here). -=Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28
On 06/15/2010 04:50 PM, Andrew Masterson wrote: -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Allen Chen Sent: Friday, June 11, 2010 2:25 PM To: samba@lists.samba.org Subject: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28 Hi, there I'm using Samba 3.4.5 and 3.0.28 on RHEL 5.2, and I noticed that on both samba servers 'root postexec' script in [netlogon] is executed automatically when logged in for around 11 minutes. This makes me crazy to track when a use is logged out. The man page smb.conf.5 says: postexec (S) This option specifies a command to be run whenever the service is disconnected. I don't understand when a user is still logged in, why 'root postexec' script gets called after 11 minutes. though everything still works fine. I used to have Samba 3.0.22 and 'root postexec' script was executed only when users logout. It doesn't matter how long you have logged in. The postexec script will execute only when the client hangs up the connection. Hanging up of the connection can be considerably delayed after a user logs out. This is a client configuration issue - nothing to do with Samba. Unfortunately, Windows will close idle connections and then re-open them when they are needed. This too is a client behavioral characteristic. Samba does not of its own volition close connections like that. How can I fix this issue? Make sure that the Windows client hangs up the connection as soon as the user logs out. I have no idea how you would do this though - perhaps a search of the Microsoft knowledge-base may turn up a useful pointer. Cheers, John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Microsoft OneNote 2007 painfully slow
-Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Robert LeBlanc Sent: Monday, June 07, 2010 2:45 PM To: samba@lists.samba.org Subject: [Samba] Microsoft OneNote 2007 painfully slow We have a user trying to share a OneNote 2007 notebook and it takes minutes to load a 20 KB notebook. I've opened a 500 KB Excel spreadsheet from the same share and it took seconds. Has anyone else run into this problem? We are running Samba 3.4.8 on Debian Squeeze. Thanks, Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University --- When I have run into stuff like this it is because an application is trying to modify security permissions on the files that it doesn't have the right to (like with creater\owner, etc.). Given that M$ is fond of creating temporary lock files, etc. you may want to start looking there first. -=Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Microsoft OneNote 2007 painfully slow
On Tue, Jun 15, 2010 at 4:07 PM, Andrew Masterson andrew.master...@nuvistaenergy.com wrote: -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Robert LeBlanc Sent: Monday, June 07, 2010 2:45 PM To: samba@lists.samba.org Subject: [Samba] Microsoft OneNote 2007 painfully slow We have a user trying to share a OneNote 2007 notebook and it takes minutes to load a 20 KB notebook. I've opened a 500 KB Excel spreadsheet from the same share and it took seconds. Has anyone else run into this problem? We are running Samba 3.4.8 on Debian Squeeze. Thanks, Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University --- When I have run into stuff like this it is because an application is trying to modify security permissions on the files that it doesn't have the right to (like with creater\owner, etc.). Given that M$ is fond of creating temporary lock files, etc. you may want to start looking there first. -=Andrew I don't recall seeing any temp files like Word/Excel/etc 2007 (we ran into that problem, in fact I still have a script running every 15 minutes to scan the file system and 'fix' the permissions). I'll watch the directory as I open up the NoteBook and see if I can see any funny business. Thanks, Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28
John H Terpstra wrote: On 06/15/2010 04:50 PM, Andrew Masterson wrote: -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Allen Chen Sent: Friday, June 11, 2010 2:25 PM To: samba@lists.samba.org Subject: [Samba] root postexec issue on both Samba 3.4.5 and 3.0.28 Hi, there I'm using Samba 3.4.5 and 3.0.28 on RHEL 5.2, and I noticed that on both samba servers 'root postexec' script in [netlogon] is executed automatically when logged in for around 11 minutes. This makes me crazy to track when a use is logged out. The man page smb.conf.5 says: postexec (S) This option specifies a command to be run whenever the service is disconnected. I don't understand when a user is still logged in, why 'root postexec' script gets called after 11 minutes. though everything still works fine. I used to have Samba 3.0.22 and 'root postexec' script was executed only when users logout. It doesn't matter how long you have logged in. The postexec script will execute only when the client hangs up the connection. Hanging up of the connection can be considerably delayed after a user logs out. This is a client configuration issue - nothing to do with Samba. the user is still working on the XP machine! Unfortunately, Windows will close idle connections and then re-open them when they are needed. This too is a client behavioral characteristic. Samba does not of its own volition close connections like that. How can I fix this issue? Make sure that the Windows client hangs up the connection as soon as the user logs out. I have no idea how you would do this though - perhaps a search of the Microsoft knowledge-base may turn up a useful pointer. Cheers, John T. Thank you John for the reply. I fixed it by myself: I just move 'root postexec' option from [netlogon] to [homes], (everybody has a home directory) and just leave 'root preexec' option in [netlogon]. I don't understand why [netlogon] service gets disconnected after around 11minutes on samba 3.4.5 and 3.0.28. but it doesn't happen on samba 3.0.22. Thanks, Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba packages for debian squeeze
On Tue, Jun 15, 2010 at 2:43 PM, Christian PERRIER bubu...@debian.orgwrote: Quoting Robert LeBlanc (rob...@leblancnet.us): I have had 'net' not correctly registered on some squeeze machines. Since I don't use the net command often, I just run net.samba3. I'm sure you could do an `update-alternatives --config net` as root and choose to use net.samba3 to restore the use of just 'net'. Thanks for your input, Robert. The command that's run in samba-common-bin's postinst script is: update-alternatives --install /usr/bin/net net /usr/bin/net.samba3 10 \ --slave /usr/share/man/man8/net.8.gz net.8.gz /usr/share/man/man8/net.samba3.8.gz It's surprising to hear that the net alternative wasn't properly registered after installing samba-common-bin. More details about this would be in any case appreciated. And a reproducible test case is certainly worth a bug report in Debian against samba-common-bin. I haven't run into the problem on Squeeze recently, personally, so it may have gotten fixed in the last couple of releases. I did have a lenny box with 3.4.8 from backports that had the problem a couple of days ago, but I did two today without any problems. I just chalked it up as a fluke and used the full command and went on with my life. The server does not have any net entries in /etc/alternatives. Is there a log I can look at and see what may have failed? If there is, I can submit a bug, but I can't reproduce it on demand. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbclient against win7 server cifs/smb2
When lmcompatiblity level is set to 5, against a window7 server, source3/smbclient fails to authenticate with error NT_STATUS_LOGON_FAILURE using cifs server signing = enabled client signing = enabled client ntlmv2 auth = yes Am I missing something in either smb.conf setup or Windows7 settings for it to fail for me? And not sure whether source3/smbclient works with smb2 (tcpdump does not capture anything) server signing = enabled client signing = enabled client ntlmv2 auth = yes max protocol = smb2 min protocol = smb2 Again, I may have incorrect setup! When I can compile source4/smbclient, will attempt above with that client. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/LDAP and home dir creation
Subject: [Samba] Samba/LDAP and home dir creation Hi, all. I'm working on a project to create a Samba PDC with LDAP authentication. I've been pretty successful in getting everything to work. However, I've run into a small snag: The PDC is built on an OpenSuse 11.2 box. Most of the member servers are also OpenSuse 11.2 boxes. However, a CentOS 5.5 server was just added to the mix. While users can lo into the CentOS box, with LDAP providing the creds, no home directory is automagically created as in the OpenSuse boxes. I'd like to fix that, with your help. I've used authconfig-tui on the CentOS box to enable Use LDAP and Use LDAP Authentication (the equivalent of YAST's LDAP Client config tool?). I believe my smb.conf and ldap.conf files are correct (I'll provide them if you all need to see them). Any ideas? Thanks. Dimitri -- To avoid messing with PAM, you can also do something like root preexec=/data/Backup/createhomes.sh %D %S in your smb.conf and the file createhomes.sh looks something like #!/bin/bash if [ ! -d /data/homes/$1/$2 ]; then mkdir /data/homes/$1/$2 chmod g+s /data/homes/$1/$2 chown $2:domain admins /data/homes/$1/$2 chmod 770 /data/homes/$1/$2 /usr/bin/setfacl -m g:domain admins:rwx /data/homes/$1/$2 /usr/bin/setfacl -m u:$2:rwx /data/homes/$1/$2 /usr/bin/setfacl -m g:domain users:000 /data/homes/$1/$2 fi exit 0 -=Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Pdbedit show only user root
Hi, When i put the command pdbedit plus any user name show the message user not found. Only user root is exibited. Why the others not show? the service smbd winb nmbd slapd is running without problem. Example *r...@abramissrv smbldap-tools]# pdbedit -Lv teste* Username not found! *[r...@abramissrv smbldap-tools]# pdbedit -Lv root* Unix username:root NT username: root Account Flags:[U ] User SID: S-1-5-21-1281201103-1048660758-78004217-500 Primary Group SID:S-1-5-21-1281201103-1048660758-78004217-513 Full Name:root Home Directory: HomeDir Drive: Logon Script: Profile Path: Domain: REDEADM.COM Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: never Password last set:Tue, 15 Jun 2010 13:56:24 BRT Password can change: Tue, 15 Jun 2010 13:56:24 BRT Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FF [r...@abramissrv smbldap-tools]# My smb.conf --authconfig--end-line-- unix charset = LOCALE workgroup = REDEADM.COM netbios name = AbramisSRV interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldap://127.0.0.1 enable privileges = Yes username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 name resolve order = wins bcast hosts time server = Yes #printcap name = CUPS show add printer wizard = No add user script = /opt/IDEALX/sbin/smbldap-useradd -m %u delete user script = /opt/IDEALX/sbin//smbldap-userdel %u add group script = /opt/IDEALX/sbin/smbldap-groupadd -p %g delete group script = /opt/IDEALX/sbin/smbldap-groupdel %g add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m %u %g delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x %u %g set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g %g %u add machine script = /opt/IDEALX/sbin/smbldap-useradd -w %u #logon script = scripts\logon.bat #logon path = \\%L\profiles\%U #logon drive = X: logon path = logon home = domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=redeadm,dc=com ldap machine suffix = ou=Computers #ldap user suffix = ou=Users ldap user suffix = ou=Internet ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=adm,dc=redeadm,dc=com idmap backend = ldap:ldap://127.0.0.1 #caso de errado descomente a duas proximas linhas idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes #printing = cups #printer admin = root, chrisr *Thank very much* -- Bruno Steven - Administrador de sistemas. LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 https://www.lpi.org/caf/Xamman/certification MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 https://mcp.microsoft.com/authenticate/validatemcp.aspx P Antes de imprimir pense em sua responsabilidade e comprometimento com o Meio Ambiente. Before printing this message, think about your ecologic responsability and environment commitment. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Transferring PDC responsibility without LDAP
I'm using a NT4-style domain on my home network, with Samba 3.5.3 acting as PDC. I would like to transfer PDC responsibilty to a different GNU/Linux machine so I can retire the original PDC. With Windows DCs, I understand this is simple -- just create a BDC, promote it, and remove the old. However, an analogous approach would be problematic here, because in Samba going from one DC to two is a massive increase in complexity. (Because of the LDAP requirements) I suspect it might work, in this case, to do what the HOWTO expressly forbids, which is to invoke net rpc getsid without configuring LDAP. If I shut down the old server before starting smbd on the new, I should avoid the synchronization risk. The sequence would be: 1. Create configuration file on new PDC broadly similar to the old. 2. Clear out any lingering .tdb files on the new PDC from past test runs of smbd there as an isolated server. (smbd is not running at this point.) 3. Run net rpc getsid on the new PDC. 4. Make sure all clients are logged out. 5. Shut down smbd/nmbd on the old PDC, hopefully for good. 6. Copy old PDC's profile directories and passdb.tdb to the new PDC. 7. Use pdbedit to update the profile directory location for each user. 8. Start smbd/nmbd on the new PDC. 9. Start logging in from clients again. Thoughts? Michael Deutschmann mich...@talamasca.ocis.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Pdbedit show only user root
Have you tried manually creating the unix account (if necessary) and then the samba account (with smbpasswd -a command.) Or are you just creating the samba account with smbpasswd -a and hoping that the add user script creates the unix account. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Bruno Steven Sent: Tuesday, June 15, 2010 8:51 PM To: samba@lists.samba.org Subject: [Samba] Pdbedit show only user root Hi, When i put the command pdbedit plus any user name show the message user not found. Only user root is exibited. Why the others not show? the service smbd winb nmbd slapd is running without problem. Example *r...@abramissrv smbldap-tools]# pdbedit -Lv teste* Username not found! *[r...@abramissrv smbldap-tools]# pdbedit -Lv root* Unix username:root NT username: root Account Flags:[U ] User SID: S-1-5-21-1281201103-1048660758-78004217-500 Primary Group SID:S-1-5-21-1281201103-1048660758-78004217-513 Full Name:root Home Directory: HomeDir Drive: Logon Script: Profile Path: Domain: REDEADM.COM Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: never Password last set:Tue, 15 Jun 2010 13:56:24 BRT Password can change: Tue, 15 Jun 2010 13:56:24 BRT Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FF [r...@abramissrv smbldap-tools]# My smb.conf --authconfig--end-line-- unix charset = LOCALE workgroup = REDEADM.COM netbios name = AbramisSRV interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldap://127.0.0.1 enable privileges = Yes username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 name resolve order = wins bcast hosts time server = Yes #printcap name = CUPS show add printer wizard = No add user script = /opt/IDEALX/sbin/smbldap-useradd -m %u delete user script = /opt/IDEALX/sbin//smbldap-userdel %u add group script = /opt/IDEALX/sbin/smbldap-groupadd -p %g delete group script = /opt/IDEALX/sbin/smbldap-groupdel %g add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m %u %g delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x %u %g set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g %g %u add machine script = /opt/IDEALX/sbin/smbldap-useradd -w %u #logon script = scripts\logon.bat #logon path = \\%L\profiles\%U #logon drive = X: logon path = logon home = domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=redeadm,dc=com ldap machine suffix = ou=Computers #ldap user suffix = ou=Users ldap user suffix = ou=Internet ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=adm,dc=redeadm,dc=com idmap backend = ldap:ldap://127.0.0.1 #caso de errado descomente a duas proximas linhas idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes #printing = cups #printer admin = root, chrisr *Thank very much* -- Bruno Steven - Administrador de sistemas. LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 https://www.lpi.org/caf/Xamman/certification MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 https://mcp.microsoft.com/authenticate/validatemcp.aspx P Antes de imprimir pense em sua responsabilidade e comprometimento com o Meio Ambiente. Before printing this message, think about your ecologic responsability and environment commitment. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Transferring PDC responsibility without LDAP
Is the new machine going to have the same IP address and machine name? I would think that in that case you should be able to copy the configuration files, profile directories, private and locks directories over to the new machine. You could copy all the samba stuff over to the new machine, take the old machine off the network, change the host name and ip of the new machine to that off the old machine and start samba back up. From the point of view of both unix and samba services, you are on the same machine (just with an updated OS and hardware.) You are not promoting/demoting domain controllers, and you don't have two DC's active at the same time. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Michael Deutschmann Sent: Tuesday, June 15, 2010 8:51 PM To: samba@lists.samba.org Subject: [Samba] Transferring PDC responsibility without LDAP I'm using a NT4-style domain on my home network, with Samba 3.5.3 acting as PDC. I would like to transfer PDC responsibilty to a different GNU/Linux machine so I can retire the original PDC. With Windows DCs, I understand this is simple -- just create a BDC, promote it, and remove the old. However, an analogous approach would be problematic here, because in Samba going from one DC to two is a massive increase in complexity. (Because of the LDAP requirements) I suspect it might work, in this case, to do what the HOWTO expressly forbids, which is to invoke net rpc getsid without configuring LDAP. If I shut down the old server before starting smbd on the new, I should avoid the synchronization risk. The sequence would be: 1. Create configuration file on new PDC broadly similar to the old. 2. Clear out any lingering .tdb files on the new PDC from past test runs of smbd there as an isolated server. (smbd is not running at this point.) 3. Run net rpc getsid on the new PDC. 4. Make sure all clients are logged out. 5. Shut down smbd/nmbd on the old PDC, hopefully for good. 6. Copy old PDC's profile directories and passdb.tdb to the new PDC. 7. Use pdbedit to update the profile directory location for each user. 8. Start smbd/nmbd on the new PDC. 9. Start logging in from clients again. Thoughts? Michael Deutschmann mich...@talamasca.ocis.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Tue Jun 15 06:00:01 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-06-14 00:00:02.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-06-15 00:00:03.0 -0600 @@ -1,9 +1,9 @@ -Build status as of Mon Jun 14 06:00:01 2010 +Build status as of Tue Jun 15 06:00:01 2010 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 30 1 0 +ccache 30 2 0 ldb 30 16 0 libreplace 30 11 0 lorikeet 0 0 0 @@ -16,7 +16,7 @@ samba_3_master 28 28 0 samba_3_next 28 28 6 samba_4_0_test 30 30 0 -samba_4_0_waf 30 29 0 +samba_4_0_waf 30 29 1 talloc 30 12 0 tdb 28 17 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b16e602... s4:dsdb Move linked attribute restrictions to objectclass_attrs via 8ea4118... s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. via 0800c9e... s4:selftest Remove unused basedn specification in selftest env setup via 982f688... s4:selftest Remove becomedc tests from knownfail, these should now pass via b5d80a2... s4:dsdb Rework the vampire schema handling to convert 3 times. via 7c60ac9... s4:provision Allow a specific prefix map to be loaded into a new schema provision via 9e28ced... s4:dsdb Keep the DRS-based prefix map for use in provision-based schema via 5323485... s4:dsdb Allow the setting an override on the schema via 6a2f7fe... s4:dsdb Use the schema from our local provision to decode the schema via ecf782d... s4:torture Rework NET-API-BECOMEDC test to use libnet_vampire callbacks. via c313590... s4:libnet Steal ldb and lp_ctx from python result into correct structures. via 1104b41... s4:libnet Make the libnet_vampire default callbacks non-static from 2977c65... s4 torture: RAW-WRITE should check lockread_supported http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b16e602660e9fcfe7a0e46633e81c898b2053238 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 14 13:19:43 2010 +1000 s4:dsdb Move linked attribute restrictions to objectclass_attrs This puts more of the schema restrictions in one place. Andrew Bartlett commit 8ea411847262fec592b48d1a5a3bf4809653a420 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 14 13:27:59 2010 +1000 s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. Andrew Bartlett commit 0800c9e6f19f7905159ac3ab457ce8cd1899c995 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 10:20:37 2010 +1000 s4:selftest Remove unused basedn specification in selftest env setup commit 982f688c02aae76e362d9c310284f1c830565759 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 12 13:24:57 2010 +1000 s4:selftest Remove becomedc tests from knownfail, these should now pass Signed-off-by: Kamen Mazdrashki kame...@samba.org commit b5d80a225e06a65c6681eef6d065980d94329f58 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 12 11:05:47 2010 +1000 s4:dsdb Rework the vampire schema handling to convert 3 times. This seems like a lot of duplicate work, but by the end we should have, in normal LDB format, the remote DRS schema, having bootstrapped it with the locally loaded schema. The multiple steps are to resolve the problems with references to schema items that we don't 'yet' know about. Andrew Bartlett Signed-off-by: Kamen Mazdrashki kame...@samba.org commit 7c60ac97bf72aa08df39aa9695607270e39931c5 Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 10 21:33:45 2010 +1000 s4:provision Allow a specific prefix map to be loaded into a new schema provision This allows the prefixMap from a DRS server to be used when loading the schema from the local files. This helps us then import other schema with this map in place. Andrew Bartlett Signed-off-by: Kamen Mazdrashki kame...@samba.org commit 9e28ceda96a0c76752af851db4ccba86c010ed67 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 9 21:53:01 2010 +1000 s4:dsdb Keep the DRS-based prefix map for use in provision-based schema We need to use the remote prefix map for the provision schema, or else we can't decode new, non-standard attributes into OIDs. Then once we decode that schema, we can try again and get them properly translated. Andrew Bartlett Signed-off-by: Kamen Mazdrashki kame...@samba.org commit 5323485eb3d5aeb844535c5b08fbdd3e7f8c9429 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 9 20:52:02 2010 +1000 s4:dsdb Allow the setting an override on the schema The change here is to try and convert a per the previous rules, but if we don't know a particular OID as a attributeID, then store it as an OID (for example). This allows known values to be converted as before, but still copes with unknown values. Andrew Bartlett Signed-off-by: Kamen Mazdrashki kame...@samba.org commit 6a2f7fe04c2c658e59fba01f7346303676b121b3 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 9 18:57:52 2010 +1000 s4:dsdb Use the schema from our local provision to decode the schema This works on the assumption that the schema partition can only contain schema objects. We may need to pass down some kind of 'relax' to the DRS - LDB conversion code, so that it allows incomplete conversions, so that we don't fail if a new attribute is present, and we can't
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 60ea593... s3-waf: fix the build. from b16e602... s4:dsdb Move linked attribute restrictions to objectclass_attrs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 60ea59331b7d7306e67dfea199e23841625c2b51 Author: Günther Deschner g...@samba.org Date: Tue Jun 15 11:43:30 2010 +0200 s3-waf: fix the build. Guenther --- Summary of changes: source3/wscript_build |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/wscript_build b/source3/wscript_build index 6206d2f..47a330a 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -157,6 +157,7 @@ LIB_SRC = '''${LIBSAMBAUTIL_SRC} ${UTIL_SRC} ${CRYPTO_SRC} lib/conn_tdb.c lib/adt_tree.c lib/gencache.c lib/sessionid_tdb.c lib/module.c lib/events.c ${LIBTEVENT_SRC0} + lib/server_contexts.c lib/ldap_escape.c ${CHARSET_STATIC} lib/secdesc.c lib/util_seaccess.c ../libcli/security/secace.c ../libcli/security/sddl.c @@ -641,7 +642,6 @@ WINBINDD_SRC1 = '''winbindd/winbindd.c winbindd/winbindd_pam_chauthtok.c winbindd/winbindd_pam_auth_crap.c winbindd/winbindd_pam_chng_pswd_auth_crap.c - winbindd/winbindd_event.c auth/token_util.c auth/check_samsec.c auth/server_info.c -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 026fcc6... ldb: Bump version number, use same ABI version for Samba4 and non-Samba 4 versions.s via fb7a98a... ldb: Fix included ldb build. via de68718... wafsamba: Fix filenames for ldb modules. via 0d7f8fb... wafsamba: Fix building of modules as shared libraries. via 12b4647... wafsamba: Improve assertion error message to include the module. via e27ef3d... ldb: Only build standard ldb modules when building bundled ldb. via 7fe9e6c... dsdb: Fix includes when building against system ldb. via 419928b... wafsamba: Only add init function if not building module as shared library. via 6c93361... dsdb: Build modules as external modules when using system ldb. via 9ac0a87... ldb-samba: Add missing dependency on credentials code. from 60ea593... s3-waf: fix the build. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 026fcc6a4f1b50518f2b1d33b278f5b671fb18a1 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 13:12:23 2010 +0200 ldb: Bump version number, use same ABI version for Samba4 and non-Samba 4 versions.s commit fb7a98aa32875f8b113974e062c240e636a7ef64 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 02:46:16 2010 +0200 ldb: Fix included ldb build. commit de68718d3ddb9a8e88267fae51e90d5db9b91fe7 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 01:35:42 2010 +0200 wafsamba: Fix filenames for ldb modules. commit 0d7f8fb73d95c4658e785cb2f8bba57baf85b487 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 01:24:20 2010 +0200 wafsamba: Fix building of modules as shared libraries. commit 12b46472896bc89dd7f1597a1f7ffeb5589046b1 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 01:00:40 2010 +0200 wafsamba: Improve assertion error message to include the module. commit e27ef3dd6d59c3e985e912671976ee30b1c613d5 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 00:59:49 2010 +0200 ldb: Only build standard ldb modules when building bundled ldb. commit 7fe9e6cd69c03246cf56cacc6a2d4e0693dc1101 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 00:55:03 2010 +0200 dsdb: Fix includes when building against system ldb. commit 419928b8dfec9b055fc2bb775c40ee57108892e6 Author: Jelmer Vernooij jel...@samba.org Date: Thu Jun 10 13:02:59 2010 +0200 wafsamba: Only add init function if not building module as shared library. commit 6c9336110c75b9c14739c772f96147af5cea1eac Author: Jelmer Vernooij jel...@samba.org Date: Wed Jun 2 13:37:15 2010 +0200 dsdb: Build modules as external modules when using system ldb. commit 9ac0a876a744e571ea9d797b59a033ff6db6241f Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 1 13:28:50 2010 +0200 ldb-samba: Add missing dependency on credentials code. --- Summary of changes: buildtools/wafsamba/samba_deps.py |3 +- buildtools/wafsamba/wafsamba.py| 68 + source4/auth/gensec/wscript_build |2 +- source4/dsdb/samdb/ldb_modules/descriptor.c|4 +- source4/dsdb/samdb/ldb_modules/linked_attributes.c |2 +- source4/dsdb/samdb/ldb_modules/objectclass.c |2 +- source4/dsdb/samdb/ldb_modules/operational.c |4 +- source4/dsdb/samdb/ldb_modules/wscript_build | 117 ++- source4/lib/ldb-samba/wscript_build|2 +- .../ldb/ABI/{ldb-0.9.10.sigs = ldb-0.9.12.sigs} |1 + source4/lib/ldb/common/ldb_modules.c |4 + source4/lib/ldb/wscript| 158 ++-- source4/nbt_server/wscript_build |5 +- source4/smbd/wscript_build |2 +- 14 files changed, 215 insertions(+), 159 deletions(-) copy source4/lib/ldb/ABI/{ldb-0.9.10.sigs = ldb-0.9.12.sigs} (99%) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_deps.py b/buildtools/wafsamba/samba_deps.py index d00fe7f..94b7484 100644 --- a/buildtools/wafsamba/samba_deps.py +++ b/buildtools/wafsamba/samba_deps.py @@ -55,10 +55,11 @@ def expand_subsystem_deps(bld): continue t = bld.name_to_obj(s, bld.env) -bld.ASSERT(t is not None, Subsystem target %s not found % s) for d in subsystems[s]: type = targets[d['TARGET']] if type != 'DISABLED' and type != 'EMPTY': +bld.ASSERT(t is not None, +Subsystem target %s for %s (%s) not found % (s, d['TARGET'], type)) t.samba_deps_extended.append(d['TARGET']) t2 = bld.name_to_obj(d['TARGET'], bld.env) t2.samba_includes_extended.extend(t.samba_includes_extended) diff --git
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c88c9c... Attempt to fix SamDB test infrastructure (not used in Samba anywhere, only in OpenChange). from 026fcc6... ldb: Bump version number, use same ABI version for Samba4 and non-Samba 4 versions.s http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c88c9c5006bd4e23105740defa7db0949a21e74 Author: Jelmer Vernooij jel...@samba.org Date: Mon Jun 14 02:15:32 2010 +0200 Attempt to fix SamDB test infrastructure (not used in Samba anywhere, only in OpenChange). --- Summary of changes: source4/scripting/python/samba/provision.py |6 ++-- source4/scripting/python/samba/tests/samdb.py | 40 +--- 2 files changed, 25 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 60d7fc9..8b07f89 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -416,7 +416,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None, def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole, - targetdir, sid_generator,eadb): + targetdir, sid_generator=internal, eadb=False): Create a new smb.conf file based on a couple of basic settings. assert smbconf is not None @@ -844,7 +844,7 @@ def setup_gpo(sysvolpath, dnsdomain, policyguid, policyguid_dc): def setup_samdb(path, setup_path, session_info, provision_backend, lp, names, logger, domainsid, domainguid, policyguid, policyguid_dc, fill, adminpass, krbtgtpass, machinepass, invocationid, dnspass, ntdsguid, -serverrole, am_rodc, dom_for_fun_level=None, schema=None): +serverrole, am_rodc=False, dom_for_fun_level=None, schema=None): Setup a complete SAM Database. :note: This will wipe the main SAM database file! @@ -1120,7 +1120,7 @@ def provision(setup_dir, logger, session_info, sitename=None, ol_mmr_urls=None, ol_olc=None, setup_ds_path=None, slapd_path=None, nosync=False, - ldap_dryrun_mode=False,useeadb=False, am_rodc=False): + ldap_dryrun_mode=False, useeadb=False, am_rodc=False): Provision samba4 :note: caution, this wipes all existing data! diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py index 9645c04..0ad53cc 100644 --- a/source4/scripting/python/samba/tests/samdb.py +++ b/source4/scripting/python/samba/tests/samdb.py @@ -16,13 +16,16 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see http://www.gnu.org/licenses/. # -from samba.auth import system_session import logging import os -from samba.provision import setup_samdb, guess_names, make_smbconf, find_setup_dir +import uuid + +from samba.auth import system_session +from samba.provision import setup_samdb, guess_names, make_smbconf, find_setup_dir, provision_paths_from_lp +from samba.provisionbackend import ProvisionBackend from samba.tests import TestCaseInTempDir from samba.dcerpc import security -import uuid +from samba.schema import Schema from samba import param @@ -53,6 +56,7 @@ class SamDBTestCase(TestCaseInTempDir): domain=EXAMPLE dnsdomain=example.com serverrole=domain controller +policyguid_dc = str(uuid.uuid4()).upper() smbconf = os.path.join(self.tempdir, smb.conf) make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain, @@ -69,21 +73,21 @@ class SamDBTestCase(TestCaseInTempDir): paths = provision_paths_from_lp(self.lp, names.dnsdomain) -provision_backend = ProvisionBackend(ldb, backend_type, - paths=paths, setup_path=self.setup_path, - lp=self.lp, credentials=None, - names=names, - message=message, hostname=hostname, - root=root, schema=schema, - domainsid=domainsid) - -self.samdb = setup_samdb(path, self.setup_path, session_info, provision_backend, - self.lp, names, - logging.getLogger(samdb), domainsid, - domainguid, - policyguid, False, secret, - secret, secret, invocationid, - secret, domain controller) +logger = logging.getLogger(provision) + +provision_backend =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d913aac... dcerpc-samr: Fix library name. from 8c88c9c... Attempt to fix SamDB test infrastructure (not used in Samba anywhere, only in OpenChange). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d913aacfe47153b927c537cd5869ba62eadfb676 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 16:38:15 2010 +0200 dcerpc-samr: Fix library name. --- Summary of changes: source4/librpc/dcerpc_samr.pc.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/librpc/dcerpc_samr.pc.in b/source4/librpc/dcerpc_samr.pc.in index c410223..903564d 100644 --- a/source4/librpc/dcerpc_samr.pc.in +++ b/source4/librpc/dcerpc_samr.pc.in @@ -7,5 +7,5 @@ Name: dcerpc_samr Description: DCE/RPC client library - SAMR Requires.private: dcerpc ndr Version: 0.0.1 -Libs: -L${libdir} -ldcerpc_samr +Libs: -L${libdir} -ldcerpc-samr Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 773e47f... wafsamba: Fix include path inheritance from module subsystems. from d913aac... dcerpc-samr: Fix library name. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 773e47f4a9c1601284eefac1efc8c139fdf2907a Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 20:35:22 2010 +0200 wafsamba: Fix include path inheritance from module subsystems. --- Summary of changes: buildtools/wafsamba/wafsamba.py | 22 -- source4/lib/ldb/wscript | 10 -- 2 files changed, 16 insertions(+), 16 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py index 666a282..fbb1726 100644 --- a/buildtools/wafsamba/wafsamba.py +++ b/buildtools/wafsamba/wafsamba.py @@ -330,9 +330,12 @@ def SAMBA_MODULE(bld, modname, source, source = bld.EXPAND_VARIABLES(source, vars=vars) -obj_target = modname + '.objlist' +if internal_module or BUILTIN_LIBRARY(bld, modname): +# treat internal modules as subsystems for now +if subsystem is not None: +deps += ' ' + subsystem -bld.SAMBA_SUBSYSTEM(obj_target, source, +bld.SAMBA_SUBSYSTEM(modname, source, deps=deps, includes=includes, autoproto=autoproto, @@ -341,10 +344,6 @@ def SAMBA_MODULE(bld, modname, source, local_include=local_include, enabled=enabled) -if internal_module or BUILTIN_LIBRARY(bld, modname): -# treat internal modules as subsystems for now -bld.SAMBA_SUBSYSTEM(modname, deps=obj_target, source=[], -enabled=enabled) bld.ADD_INIT_FUNCTION(subsystem, modname, init_function) return @@ -355,6 +354,17 @@ def SAMBA_MODULE(bld, modname, source, if not SET_TARGET_TYPE(bld, modname, 'MODULE'): return +obj_target = modname + '.objlist' + +obj_target = bld.SAMBA_SUBSYSTEM(obj_target, source, +deps=deps, +includes=includes, +autoproto=autoproto, +autoproto_extra_source=autoproto_extra_source, +cflags=cflags, +local_include=local_include, +enabled=enabled) + deps = TO_LIST(deps) deps.append(obj_target) realname = modname diff --git a/source4/lib/ldb/wscript b/source4/lib/ldb/wscript index 95a1a90..19f5322 100644 --- a/source4/lib/ldb/wscript +++ b/source4/lib/ldb/wscript @@ -79,7 +79,6 @@ def build(bld): init_function='LDB_BACKEND(ldapi),LDB_BACKEND(ldaps),LDB_BACKEND(ldap)', deps='talloc LIBCLI_LDAP CREDENTIALS', internal_module=not bld.CONFIG_SET('USING_SYSTEM_LDB'), - includes='include', subsystem='ldb') else: # this is not included in the s4 build @@ -123,50 +122,42 @@ def build(bld): bld.SAMBA_MODULE('ldb_paged_results', 'modules/paged_results.c', - includes='include', init_function='LDB_MODULE(paged_results)', subsystem='ldb') bld.SAMBA_MODULE('ldb_asq', 'modules/asq.c', - includes='include', init_function='LDB_MODULE(asq)', subsystem='ldb') bld.SAMBA_MODULE('ldb_server_sort', 'modules/sort.c', - includes='include', init_function='LDB_MODULE(server_sort)', subsystem='ldb') bld.SAMBA_MODULE('ldb_paged_searches', 'modules/paged_searches.c', - includes='include', init_function='LDB_MODULE(paged_searches)', enabled = s4_build, subsystem='ldb') bld.SAMBA_MODULE('ldb_rdn_name', 'modules/rdn_name.c', - includes='include', init_function='LDB_MODULE(rdn_name)', subsystem='ldb') bld.SAMBA_MODULE('ldb_sample', 'tests/sample_module.c', - includes='include', init_function='LDB_MODULE(sample)', subsystem='ldb') bld.SAMBA_MODULE('ldb_skel', 'modules/skel.c', - includes='include', init_function='LDB_MODULE(skel)',
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a4a127e... s4-waf: Fix build of libldb_ildap against system ldb. from 773e47f... wafsamba: Fix include path inheritance from module subsystems. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a4a127ea5a62102890f4eecde45fdb244023dfa3 Author: Jelmer Vernooij jel...@samba.org Date: Tue Jun 15 20:52:01 2010 +0200 s4-waf: Fix build of libldb_ildap against system ldb. --- Summary of changes: buildtools/wafsamba/wafsamba.py |2 +- source4/lib/ldb/ldb_ildap/ldb_ildap.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py index fbb1726..eb2d56e 100644 --- a/buildtools/wafsamba/wafsamba.py +++ b/buildtools/wafsamba/wafsamba.py @@ -356,7 +356,7 @@ def SAMBA_MODULE(bld, modname, source, obj_target = modname + '.objlist' -obj_target = bld.SAMBA_SUBSYSTEM(obj_target, source, +bld.SAMBA_SUBSYSTEM(obj_target, source, deps=deps, includes=includes, autoproto=autoproto, diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index dc1d987..044f91b 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -42,7 +42,7 @@ #include includes.h #include ldb_module.h -#include dlinklist.h +#include util/dlinklist.h #include libcli/ldap/libcli_ldap.h #include libcli/ldap/ldap_client.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6da4875... s4 torture: RAW-SEARCH: break out some of the old search levels via 2170a59... s4 torture: RAW-SEARCH: Only test supported info levels from a4a127e... s4-waf: Fix build of libldb_ildap against system ldb. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6da487580e9fac388ce3f3a2decaae03d5ae99a5 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Tue Jun 15 11:21:34 2010 -0700 s4 torture: RAW-SEARCH: break out some of the old search levels * Added two new parameters: raw_search_search and raw_ea_size which can be enabled/disabled based on whether the server supports RAW_SEARCH_SEARCH and/or RAW_SEARCH_EA_SIZE levels * Skip unsupported levels from the server and give a warning rather than failing. Signed-off-by: Tim Prouty tpro...@samba.org commit 2170a59215d00554b97dc2053eeb6dde38ef3e97 Author: Tim Prouty tpro...@samba.org Date: Mon Jun 14 16:50:29 2010 -0700 s4 torture: RAW-SEARCH: Only test supported info levels --- Summary of changes: source4/torture/raw/search.c | 76 +++-- source4/torture/smbtorture.c |2 + source4/torture/smbtorture.h | 11 ++ 3 files changed, 78 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/search.c b/source4/torture/raw/search.c index 3951605..f5419dc 100644 --- a/source4/torture/raw/search.c +++ b/source4/torture/raw/search.c @@ -28,6 +28,23 @@ #define BASEDIR \\testsearch +#define CHECK_STATUS_LEVEL(__tctx, __status, __level, __supp) \ + do {\ + if (NT_STATUS_EQUAL(__status, \ + NT_STATUS_NOT_SUPPORTED) || \ + NT_STATUS_EQUAL(__status, \ + NT_STATUS_NOT_IMPLEMENTED)) { \ + torture_warning(__tctx, (%s) Info \ + level #__level is %s, \ + __location__, nt_errstr(__status)); \ + __supp = false; \ + } else {\ + torture_assert_ntstatus_ok_goto(__tctx, \ + __status, ret, done, #__level failed);\ + __supp = true; \ + } \ + } while (0) + /* callback function for single_search */ @@ -242,6 +259,8 @@ static bool test_one_file(struct torture_context *tctx, NTSTATUS status; int i; union smb_fileinfo all_info, alt_info, name_info, internal_info; + bool all_info_supported, alt_info_supported, name_info_supported, + internal_info_supported; union smb_search_data *s; fnum = create_complex_file(cli, tctx, fname); @@ -265,7 +284,8 @@ static bool test_one_file(struct torture_context *tctx, levels[i].data); /* see if this server claims to support this level */ - if ((cap levels[i].capability_mask) != levels[i].capability_mask) { + if (((cap levels[i].capability_mask) != levels[i].capability_mask) + || NT_STATUS_EQUAL(levels[i].status, NT_STATUS_NOT_SUPPORTED)) { printf(search level %s(%d) not supported by server\n, levels[i].name, (int)levels[i].level); continue; @@ -304,22 +324,26 @@ static bool test_one_file(struct torture_context *tctx, all_info.generic.level = RAW_FILEINFO_ALL_INFO; all_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, all_info); - torture_assert_ntstatus_ok(tctx, status, RAW_FILEINFO_ALL_INFO failed); + CHECK_STATUS_LEVEL(tctx, status, RAW_FILEINFO_ALL_INFO, + all_info_supported); alt_info.generic.level = RAW_FILEINFO_ALT_NAME_INFO; alt_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, alt_info); - torture_assert_ntstatus_ok(tctx, status, RAW_FILEINFO_ALT_NAME_INFO failed); + CHECK_STATUS_LEVEL(tctx, status, RAW_FILEINFO_ALT_NAME_INFO, + alt_info_supported); internal_info.generic.level = RAW_FILEINFO_INTERNAL_INFORMATION; internal_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, internal_info); - torture_assert_ntstatus_ok(tctx, status,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2c12559... waf: Fix installation of pidl manapges. from 6da4875... s4 torture: RAW-SEARCH: break out some of the old search levels http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2c125595fb03d1f3940545438bb4ec462585beb7 Author: Jelmer Vernooij jel...@samba.org Date: Wed Jun 16 00:00:01 2010 +0200 waf: Fix installation of pidl manapges. --- Summary of changes: Read-Manifest-Now = pidl/blib/man1/.dummy |0 Read-Manifest-Now = pidl/blib/man3/.dummy |0 pidl/wscript | 12 +--- 3 files changed, 5 insertions(+), 7 deletions(-) copy Read-Manifest-Now = pidl/blib/man1/.dummy (100%) copy Read-Manifest-Now = pidl/blib/man3/.dummy (100%) Changeset truncated at 500 lines: diff --git a/Read-Manifest-Now b/pidl/blib/man1/.dummy similarity index 100% copy from Read-Manifest-Now copy to pidl/blib/man1/.dummy diff --git a/Read-Manifest-Now b/pidl/blib/man3/.dummy similarity index 100% copy from Read-Manifest-Now copy to pidl/blib/man3/.dummy diff --git a/pidl/wscript b/pidl/wscript index 872e238..3137ad0 100644 --- a/pidl/wscript +++ b/pidl/wscript @@ -11,14 +11,13 @@ def configure(conf): if conf.CHECK_PERL_MANPAGE(): conf.env.PERLMAN1EXT = conf.CHECK_PERL_MANPAGE(section='1') conf.env.PERLMAN3EXT = conf.CHECK_PERL_MANPAGE(section='3') -#conf.DEFINE('HAVE_PERL_MAKEMAKER', 1) +conf.DEFINE('HAVE_PERL_MAKEMAKER', 1) # yapp is used for building the parser conf.find_program('yapp', var='YAPP') -O755 = 493 def build(bld): -bld.INSTALL_FILES('${BINDIR}', 'pidl', chmod=O755) +bld.INSTALL_FILES('${BINDIR}', 'pidl', chmod=0755) bld.RECURSE('lib') @@ -44,9 +43,8 @@ def build(bld): link_command = 'rm -rf blib ln -s %s' % blib_bld t = bld.SAMBA_GENERATOR('pidl_manpages', -source=pidl_src, -target=pidl_manpages, -rule='cd ${pidl_srcdir} ${LINK_COMMAND} ${PERL} Makefile.PL make manifypods rm -f Makefile Makefile.old rm -f blib') + source=pidl_src, target=pidl_manpages, + rule='cd ${pidl_srcdir} ${LINK_COMMAND} ${PERL} Makefile.PL make manifypods rm -f Makefile Makefile.old rm -f blib') t.env.LINK_COMMAND = link_command # we want to prefer the git version of the parsers if we can. Only if the @@ -63,5 +61,5 @@ def build(bld): t.env.LINK_COMMAND = link_command for m in pidl_manpages: -dname=os.path.dirname(m)[5:] +dname = os.path.dirname(m)[5:] bld.INSTALL_FILES('${MANDIR}/'+dname, m, flat=True) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 81f7083... Remove unused function. from 2c12559... waf: Fix installation of pidl manapges. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 81f70834caa4d77f0799506bd9c17d05d631ebd4 Author: Jeremy Allison j...@samba.org Date: Tue Jun 15 15:33:44 2010 -0700 Remove unused function. --- Summary of changes: source3/include/proto.h |1 - source3/rpc_parse/parse_prs.c | 14 -- 2 files changed, 0 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index df991e3..cd8d942 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5077,7 +5077,6 @@ char *prs_alloc_mem_(prs_struct *ps, size_t size, unsigned int count); char *prs_alloc_mem(prs_struct *ps, size_t size, unsigned int count); TALLOC_CTX *prs_get_mem_context(prs_struct *ps); void prs_give_memory(prs_struct *ps, char *buf, uint32 size, bool is_dynamic); -char *prs_take_memory(prs_struct *ps, uint32 *psize); bool prs_set_buffer_size(prs_struct *ps, uint32 newsize); bool prs_grow(prs_struct *ps, uint32 extra_space); bool prs_force_grow(prs_struct *ps, uint32 extra_space); diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 673cb25..41bfd8a 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -194,20 +194,6 @@ void prs_give_memory(prs_struct *ps, char *buf, uint32 size, bool is_dynamic) } /*** - Take some memory back from a prs_struct. - / - -char *prs_take_memory(prs_struct *ps, uint32 *psize) -{ - char *ret = ps-data_p; - if(psize) - *psize = ps-buffer_size; - ps-is_dynamic = False; - prs_mem_free(ps); - return ret; -} - -/*** Set a prs_struct to exactly a given size. Will grow or tuncate if neccessary. / -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0687a0c... s4:selftest Change domain name for functional level 2000 DC via 35237d5... s4:libnet Remove 'ads min function level' checks. via 25abcb6... s4:dsdb Fix linked_attributes to cope with the Feb 2010 changes to DLIST via 5150f85... s4:dsdb Assert that we can't get backlinks as input in linked_attributes via f9018bc... s4:selftest Add test environment for functional level 2000 via d523e94... s4:provision Add import for DS_DOMAIN_FUNCTION_2000 via 814cb88... s4:provision Allow functional level 2000 to be chosen via 697cd13... s4:selftest Add vampire_dc test environment via ec6839a... s4:dsdb use dsdb_module_modify() rather than ldb_next_request() via ffa7877... s4:dsdb Handle backlinks for Windows 2000 level linked attributes via ecfce73... s4:dsdb Add control for signaling between repl_meta_data and linked_attributes from 81f7083... Remove unused function. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0687a0c9dc3804e34a64f64f064fbbadb3e72ad5 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 16 09:16:05 2010 +1000 s4:selftest Change domain name for functional level 2000 DC commit 35237d5356d50be16963b9561b17b045cd2c2999 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 23:01:51 2010 +1000 s4:libnet Remove 'ads min function level' checks. We support Windows 2000 native now. Andrew Bartlett commit 25abcb68185ed21ecf030ee6b081e2c912a687f5 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 22:57:14 2010 +1000 s4:dsdb Fix linked_attributes to cope with the Feb 2010 changes to DLIST The DLIST macros changed in behaviour in Feb 2010, and walking the lists backwards is no longer safe if you don't use the macros. Andrew Bartlett commit 5150f8597a2211414ddbd588e8bd64e0ef3c29a7 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 22:26:22 2010 +1000 s4:dsdb Assert that we can't get backlinks as input in linked_attributes The objectclass_attr module should prevent users creating such links, and the mrepl_meta_data module should only create them in functional level 2003 or above. Andrew Bartlett commit f9018bc0ea882bf9303350ca594262c88942c38f Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 22:24:36 2010 +1000 s4:selftest Add test environment for functional level 2000 This required that we pass the name of the realm down as a parameter, so we can start up two different realms. Andrew Bartlett commit d523e946b189826bd0ada2297ba6bdf7d6e73947 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 20:45:25 2010 +1000 s4:provision Add import for DS_DOMAIN_FUNCTION_2000 commit 814cb8895db8fbb39761ce5b2e581cb8cec9f77f Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 15 19:52:58 2010 +1000 s4:provision Allow functional level 2000 to be chosen commit 697cd139782a8337c1979442fc5d5705e748aa3f Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 12 10:36:12 2010 +1100 s4:selftest Add vampire_dc test environment This starts a domain controller, after running 'net vampire' to populate it. We don't use it as the 'all' environment yet, as the rest of the code isn't quite ready to handle it. Andrew Bartlett commit ec6839ac26ee54c501e3377d446cf9884175034e Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 14 15:50:13 2010 +1000 s4:dsdb use dsdb_module_modify() rather than ldb_next_request() This does exactly the same thing, but with less code. Andrew Bartlett commit ffa787772fe6b88a846209e1733d004d80c99afc Author: Andrew Bartlett abart...@samba.org Date: Sun Jun 13 15:54:23 2010 +1000 s4:dsdb Handle backlinks for Windows 2000 level linked attributes This revives the code from 5964acfa741d691c0196f91c0796122ec025f177, before tridge and I simplified this too much, and removed the Windows 2000 functional level linked attribute support. By telling the linked_attributes module that repl_meta_data has handled the links, we avoid a conflict for the new style (functional level 2003 and above) linked attributes. However, we still need backlinks for 2000 style linked attributes, so this allows that code in the linked_attributes module to be revived to handle those. Andrew Bartlett commit ecfce7365c8d3fffc5b8eeda13b18e2605ff7b02 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 14 15:30:36 2010 +1000 s4:dsdb Add control for signaling between repl_meta_data and linked_attributes This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 18f3e51... s4:dsdb Allow renames with (now removed) linked attributes from 0687a0c... s4:selftest Change domain name for functional level 2000 DC http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 18f3e5113ae18e120770ba93b0d36a7b176b0c52 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 16 12:01:10 2010 +1000 s4:dsdb Allow renames with (now removed) linked attributes It is important to allow the rename, even if we just have one-way links, as this happens on deleted objects, which have the backlinks alredy removed by repl_meta_data. Andrew Bartlett --- Summary of changes: source4/dsdb/samdb/ldb_modules/linked_attributes.c | 14 +++--- 1 files changed, 11 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index d2a435e..c21fda5 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -641,9 +641,17 @@ static int linked_attributes_fix_links(struct ldb_module *module, } msg = res-msgs[0]; - if (msg-num_elements != 1 || - ldb_attr_cmp(msg-elements[0].name, target-lDAPDisplayName) != 0) { - ldb_set_errstring(ldb, Bad msg elements in linked_attributes_fix_links); + if (msg-num_elements == 0) { + /* Forward link without backlink remaining - nothing to do here */ + continue; + } else if (msg-num_elements != 1) { + ldb_asprintf_errstring(ldb, Bad msg elements - got %u elements, expected one element to be returned in linked_attributes_fix_links for %s, + msg-num_elements, ldb_dn_get_linearized(msg-dn)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + if (ldb_attr_cmp(msg-elements[0].name, target-lDAPDisplayName) != 0) { + ldb_asprintf_errstring(ldb, Bad returned attribute in linked_attributes_fix_links: got %s, expected %s for %s, msg-elements[0].name, target-lDAPDisplayName, ldb_dn_get_linearized(msg-dn)); talloc_free(tmp_ctx); return LDB_ERR_OPERATIONS_ERROR; } -- Samba Shared Repository