Re: [Samba] Is possible to use samba4 and openldap without ldapi?
Thanks for the patch, i test it and no more Not Implemented problem. But i have now another problem when a try to authenticate: smbclient -L localhost -Uadministrator%A123456a Failed to connect to ncacn_np:localhost - NT_STATUS_INTERNAL_DB_CORRUPTION In OpenLDAP the error is: conn=1000 op=8 SRCH base=dc=ceic,dc=junta-andalucia,dc=com scope=2 deref=0 filter=((!(isDeleted=TRUE))((sAMAccountName=administrator)(objectClass=user))) conn=1000 op=8 SRCH attr=isDeleted sAMAccountName objectClass objectClass sAMAccountName userPrincipalName servicePrincipalName replPropertyMetaData msDS-SupportedEncryptionTypes supplementalCredentials dBCSPwd unicodePwd userAccountControl objectSid pwdLastSet accountExpires logonHours userWorkstations displayName scriptPath profilePath homeDirectory homeDrive lastLogon lastLogoff accountExpires badPwdCount logonCount primaryGroupID memberOf entryUUID slap_global_control: unrecognized control: 1.2.840.113556.1.4.529 I check the controls with: ldapsearch -H ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi -x -b -s base supportedControl dn: supportedControl: 1.3.6.1.4.1.4203.666.5.14 supportedControl: 1.3.6.1.4.1.4203.1.9.1.1 supportedControl: 1.3.6.1.4.1.4203.666.11.9.5.1 supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1 supportedControl: 1.3.6.1.4.1.4203.666.5.16 supportedControl: 1.3.6.1.4.1.4203.666.5.17 supportedControl: 1.3.6.1.4.1.21008.108.63.1 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.666.11.7.2 supportedControl: 1.3.6.1.4.1.4203.666.5.12 supportedControl: 1.3.6.1.4.1.4203.666.5.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.1340 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.3.6.1.4.1.4203.666.5.15 supportedControl: 1.2.840.113556.1.4.1339 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 I don't find the extended dn control (1.2.840.113556.1.4.529), but appear in ldap.h: include/ldap.h:#define LDAP_CONTROL_X_EXTENDED_DN 1.2.840.113556.1.4.529 Which is the overlay to use the extended dn control? Thanks. 2010/7/27 Andrew Bartlett abart...@samba.org On Tue, 2010-07-27 at 09:58 +0200, Michael Wood wrote: Hi On 27 July 2010 08:22, Alejandro Escanero Blanco alejandro.escanero@juntadeandalucia.es wrote: I want to use samba4 in a openldap multimaster enviroment, but my tests are going bad, this are the problems: You might have more luck with your Samba4+OpenLDAP questions on the samba-technical list. - Provision is broken for openldap: NotImplementedError: bound method OpenLDAPBackend.post_setup of samba.provisionbackend.OpenLDAPBackend object at 0xb626194c For various reasons, the OpenLDAP backend for Samba4 is not functional at this time. A fix for this particular error is in my git repo, in the openldap-config branch, but this isn't enough, we have a serious issue with the dereference control that I have not yet debugged. http://gitweb.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/openldap-config (if someone wants to push those patches I'm fine with that, but we still have a long way to go to resolve the other issues) Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. -- Alejandro Escanero Blanco Administrador de Sistemas GNU/Linux Desarrollador de GOsa (http://www.gosa-project.org) Blog: http://www.mylifebetweencomputers.com Jabber: blain...@jabberes.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba-3.3.10 - Strength Problem with access on one share
Hi, i'm running samba on a FreeBSD 8.0 Jail and have a strength problem about one share with these error messages: pc (ip) connect to service bb.produkt.dev initially as user root (uid=0, gid=80) (pid 44072) pc (ip) couldn't find service bb.produkt.de pc (ip) couldn't find service bb.produkt.de pc (ip) couldn't find service bb.produkt.de pc (ip) couldn't find service bb.produkt.de Note, that the initial connect with an v at the end of the share name and the error messages are missing the v. The computer names pc is working with a wamp application on his windows box and using the share bb.produkt.dev in his PHP-Application. The path is defined like this: uploads.images.rootPath = \\fileserver\bb.produkt.dev\folder\frontend \folder\ The most weird think is, that the application and the access is running well, anyway the samba daemon drops this errors. This is my share: [bb.produkt.de] path = /home/samba/shares_nfs/folder valid users = @all browseable= yes writable = yes forceuser = root forcegroup = www create mask = 0777 directory mask = 0777 oplocks = false level2 oplocks = false posix locking = no Thanks! Björn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Import samba 3 to samba 4
I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Thanks Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does anybody use idmap_adex?
On Wed, 2010-07-28 at 11:38 -0400, simo wrote: On Wed, 2010-07-28 at 17:18 +0200, Nico De Ranter wrote: Actually I was just about to start using it. Guess I shouldn't? I'm looking for a solution to integrate an existing linux environment into a Windows AD environment. I already added all rc2307 info on the AD server. Now I need a way for the linux systems to fetch the username, uid, gif, shell and homedir from AD. Using LDAP directly is not an option as I can't do anonymous binds so that would require a hardcoded AD user and password on all systems (correct me if I'm wrong) According to the man pages it looks like idmap_adex will do exactly what I want. However I haven't been able to get it to work. Will idmap_adex disappear (if so, I won't invest anymore time in it)? Is there another way I can do this? No it will not disappear at least until we merge the useful features in the idmap_ad module. We just want to consolidate different modules into 1 supportable module, but not at the expense of cutting features users depend on. Simo. Ah, that's good to hear. In that case I'll start a new thread to get some help for my idmap_adex issue. Thanks for your very quick reply Nico -- With kind regards Nico De Ranter Senior System Administrator Techsoft Centre Technology and Software Centre Europe The Corporate Village - Da Vincilaan 7-D1 - B-1935 Zaventem - Belgium Phone:+32 (0)2 700 8641 Fax: +32 (0)2 700 8622 E-mail:nico.deran...@eu.sony.com A division of Sony Europe (Belgium) N.V. VAT BE 0413.825.160 - RPR Brussels Fortis - BIC GEBABEBB - IBAN BE41293037680010 The information contained in this message or any of its attachments may be confidential and is intended for the exclusive use of the addressee(s). Any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited without the express permission of the sender. The views expressed in this email are those of the individual and not necessarily those of Sony or Sony affiliated companies. Sony email is for business use only. This email and any response may be monitored by Sony to be in compliance with Sony's global policies and standards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 3.4.7 Ubuntu W2k3 as Memberserver
Hi, can anybody give me a help? I am using Ubuntu 10.04 LTS with Samba 3.4.7. My Windows XP Clients are working fine. They joined the domain and i can login as user and i get all my shares. On the Windows 2003 32-Bit Server, who also succesfully joined the domain, no userlogin is possible. I recieved error messages: The domain is not found nor a connection will be established. Here is my smb.conf and the log of my w2k3-server [global] adminusers = Administrator,root load printers = no usershare path = prefered master = yes domain master = yes wins support = true netbios name = carhs5 server string = server5 logon script = logon.bat local master = yes workgroup = CARHS logon path = os level = 99 security = user domain logons = yes oplocks = yes log level = 10 log file = /var/log/samba/log.%m [netlogon] comment = LogonService path = /etc/samba/logon/ public = yes writeable = no browsable = yes [2010/07/28 15:05:59, 3] smbd/process.c:1273(switch_message) switch message SMBtdis (pid 24808) conn 0x7f82c923ee10 [2010/07/28 15:05:59, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/07/28 15:05:59, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2010/07/28 15:05:59, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2010/07/28 15:05:59, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2010/07/28 15:05:59, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/07/28 15:05:59, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2010/07/28 15:05:59, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2010/07/28 15:05:59, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2010/07/28 15:05:59, 3] smbd/service.c:1240(close_cnum) taurus (192.168.0.24) closed connection to service IPC$ [2010/07/28 15:05:59, 3] smbd/connection.c:31(yield_connection) Yielding connection to IPC$ [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key E86001004950 [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0x7f82c92400b0 [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key E86001004950 [2010/07/28 15:05:59, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to / [2010/07/28 15:05:59, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/07/28 15:05:59, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2010/07/28 15:05:59, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2010/07/28 15:05:59, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2010/07/28 15:05:59, 5] lib/util.c:632(show_msg) [2010/07/28 15:05:59, 5] lib/util.c:642(show_msg) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=704 smt_wct=0 smb_bcc=0 [2010/07/28 15:05:59, 5] lib/util_sock.c:528(read_fd_with_timeout) read_fd_with_timeout: blocking read. EOF from client. [2010/07/28 15:05:59, 10] smbd/process.c:271(receive_smb_raw_talloc) receive_smb_raw: NT_STATUS_END_OF_FILE [2010/07/28 15:05:59, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/07/28 15:05:59, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2010/07/28 15:05:59, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2010/07/28 15:05:59, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2010/07/28 15:05:59, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key E860 [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0x7f82c92400b0 [2010/07/28 15:05:59, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key E860 [2010/07/28 15:05:59, 3] smbd/server.c:849(exit_server_common) Server exit (failed to receive smb request) Best Regards, Heinz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Terminalserver w2k3 is no longer dancing samba 3.4.7 anymore
Hi, till last week i was runnung my w2k3 Terminalserver (Name is TAURUS) as Memberserverserver of my Sambadomain on a Ubuntu 6.06 LTS. After some Geeks do an Updatesession on the MACintosh, working with sambashares was not possible anymore. Well, i installed a fresh ubuntu 10.04 lts on another hardware, with dhcp and dns services. I installed samba with most of the smb.conf file on the old ubuntusystem. This work fine for all the MACs and WinXP-PCs. The WinXP-PSs are joined into the Domain. Same to the Win2k3-Server. But the W2k3-Server do not find after reboot the domain. Not domainlogon is possible. Does anybody have any idea? My thoughts on this -- BIG BUG with samba 3.4.7 on Ubuntu 10.04 LTS Any help are welcome HEINZ Attached some logs of the samba-server at the failed logon of the Memberserver w2k3! smb.conf [global] adminusers = Administrator,root load printers = usershare path = prefered master = yes domain master = yes wins support = true netbios name = carhs5 server string = server5 logon script = logon.bat local master = yes workgroup = CARHS logon path = os level = 99 security = user domain logons = yes oplocks = yes log level = 10 log file = /var/log/samba/log.%m [netlogon] comment = LogonService path = /etc/samba/logon/ public = yes writeable = no browsable = yes [home] valid users = @carhs browseable = no writeable = yes path = /net/home create mask = 0751 comment = Homeverzeichnisse directory mask = 0751 create mode = 0751 nmbd.log [2010/07/29 15:30:17, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for CARHS on subnet UNICAST_SUBNET: found. [2010/07/29 15:30:17, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for CARHS on subnet UNICAST_SUBNET: found. [2010/07/29 15:30:17, 4] nmbd/nmbd_winsserver.c:2384(wins_write_database) wins_write_database: Dump of WINS name list. *20 TTL = PERMANENT192.168.0.13 64 ARBEITSGRUPPE1b TTL = Fri Jul 30 08:31:10 2010 192.168.0.13 64 CARHS11b TTL = Sat Jul 31 08:59:38 2010 192.168.0.13 64 CARHS51b TTL = Sat Jul 31 10:28:14 2010 192.168.0.13 66 CARHS11c TTL = Sat Jul 31 08:59:38 2010 192.168.0.13 e4 CARHS1b TTL = Sun Aug 1 15:17:00 2010 192.168.0.13 64 ARBEITSGRUPPE00 TTL = Fri Jul 30 08:31:10 2010 0.0.0.0 e4 CARHS100 TTL = Sat Jul 31 08:59:38 2010 0.0.0.0 e4 CARHS51c TTL = Sat Jul 31 10:28:14 2010 192.168.0.13 e6 ARBEITSGRUPPE1c TTL = Fri Jul 30 08:31:10 2010 192.168.0.13 e4 CARHS500 TTL = Sun Aug 1 15:17:00 2010 192.168.0.13 66 CARHS00 TTL = Sun Aug 1 15:17:00 2010 0.0.0.0 e4 __SAMBA__20 TTL = PERMANENT192.168.0.13 64 CARHS1c TTL = Sun Aug 1 15:17:00 2010 192.168.0.13 e4 WORKGROUP1b TTL = Thu Jul 29 15:47:35 2010 192.168.0.13 64 WORKGROUP1c TTL = Thu Jul 29 15:47:35 2010 192.168.0.13 e4 WORKGROUP00 TTL = Thu Jul 29 15:47:35 2010 0.0.0.0 e4 CARHS11e TTL = Sat Jul 31 08:59:38 2010 0.0.0.0 e4 *00 TTL = PERMANENT192.168.0.13 64 CARHS51e TTL = Sat Jul 31 10:28:14 2010 0.0.0.0 e6 ARBEITSGRUPPE1e TTL = Fri Jul 30 08:31:10 2010 0.0.0.0 e4 CARHS503 TTL = Sun Aug 1 15:17:00 2010 192.168.0.13 66 CARHS1e TTL = Sun Aug 1 15:17:00 2010 0.0.0.0 e4 __SAMBA__00 TTL = PERMANENT192.168.0.13 64 WORKGROUP1e TTL = Thu Jul 29 15:47:35 2010 0.0.0.0 e4 CARHS520 TTL = Sun Aug 1 15:17:00 2010 192.168.0.13 66 [2010/07/29 15:30:17, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for CARHS on subnet 192.168.0.13: found. [2010/07/29 15:30:17, 10] nmbd/nmbd_sendannounce.c:381(announce_myself_to_domain_master_browser) announce_myself_to_domain_master_browser: t (1280410217) - last(1280409944) 900 [2010/07/29 15:30:17, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet192.168.0.13: netmask= 255.255.255.0: log.smbd r...@carhs5:/etc# tail -f /var/log/samba/log.smbd TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2010/07/29 15:31:21, 5] lib/util_sock.c:371(print_socket_options) Socket options: SO_KEEPALIVE = 1
Re: [Samba] getent acting unreliable with idmap_ad
Hello Nico, I am unsure I will be able to help you further with this topic, I am not a Samba nor AD master ... I already list my servers in password server =, altough I do have the impression that Samba may have problems with my 2008R2 servers. I'll try playing with the settings. I cannot tell for 2008R2, we don't have this version yet ... - I stated clearly my /etc/krb5.conf Do you mean fill in /etc/krb5.conf properly or should I refer to it somewhere in the smb.conf file? I'm sure my krb5.conf is correct is I was using it in my old setup using kerberos+ldap authentication. I found some reference on the Internet to an smb.conf variable use kerberos keytab = yes however this doesn't seem to be accepted for Samba 3.4.7 I just filled it up properly, but did not mention Kerberos in any way in smb.conf Best regards --- Robert GRASSO System Engineer CEDRAT 15, Chemin de Malacher - Inovallée - 38246 MEYLAN Cedex - FRANCE Tel: +33 (0)4 76 90 50 45 Fax: +33 (0)4 76 90 16 09 mailto:robert.gra...@cedrat.com --- Support service : mailto:supp...@cedrat.com Commercial service : mailto:ced...@cedrat.com Web site : http://www.cedrat.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Domain trust between a Samba PDC domain and W2K AD domain
Hello, I would like to know which version of Samba is requied, if possible at all, to perform the following: I have a Samba domain (server is configured as a PDC) that requires to trust an AD domain (two-way) in order to share network ressources on both domains ? Many thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba errors
Hi, I have had serious problems while using samba share when I was trying to dump my server backup( image based backups from Symantec Backup Exec System Recovery software) on to samba share mounted on a Linux software raid array 1. The backup fails half way with windows error of Delayed write failed. I have tried this on other windows box, the same is the problem. The samba version is 3.5.4. ---contents of smb.conf... [global] workgroup = TUX-NET smb ports=139 interfaces = 192.168.10.20 eth0 bind interfaces only = true printing = cups printcap name = cups load printers = yes [aphbackup] comment = aph backup path = /aphbackup browseable = yes writable = yes valid user = wgbackup ~ log contents ... Aug 2 15:09:49 APHSTORAGESVR smbd[29235]: [2010/08/02 15:09:49.672643, 0] lib/util_sock.c:474(read_fd_with_timeout) Aug 2 15:09:49 APHSTORAGESVR smbd[29235]: [2010/08/02 15:09:49.684336, 0] lib/util_sock.c:1432(get_peer_addr_internal) Aug 2 15:09:49 APHSTORAGESVR smbd[29235]: getpeername failed. Error was Transport endpoint is not connected Aug 2 15:09:49 APHSTORAGESVR smbd[29235]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer. Would higly appreicate your prompt response. Regards, Krishna kumar Dubai -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [3.4.8/Debian Testing amd64] dpkg-build-package fails with linker error
Hello, I am facing a problem when rebuilding Samba 3.4.8dfsg2 on Debian Testing. Command used: dpkg-buildpackage -uc -us -rfakeroot --source-option=--format=1.0 Linking bin/smbcontrol /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/4.4.4/../../../../lib/libunwind-ptrace.a(_UPT_access_fpreg.o): relocation R_X86_64_32S against `_UPT_reg_offset' can not be used when making a shared object; recompile with -fPIC /usr/lib/gcc/x86_64-linux-gnu/4.4.4/../../../../lib/libunwind-ptrace.a: could not read symbols: Bad value collect2: ld returned 1 exit status make[1]: *** [bin/smbcontrol] Fehler 1 make[1]: Leaving directory `/root/201008042116-samba-3.4.8dfsg2-testing/source3' make: *** [build-stamp] Fehler 2 dpkg-buildpackage: Fehler: debian/rules build gab Fehler-Exitstatus 2 turing:~/201008042116-samba-3.4.8dfsg2-testing# === The same procedure did work flawless last time when I did it with 3.4.5dfsg1. Command used to build packages: dpkg-buildpackage -uc -us -rfakeroot == I found I need to add the format=1.0 option now because otherwise an error is thrown which had been only a information with 3.4.5. I assume this is not related to the linker error. (sorry logs in German only) 3.4.5 : dpkg-source: Information: Quellformat »3.0 (quilt)« verworfen: keine orig.tar-Datei gefunden dpkg-source: Information: verwende Quellformat »1.0« 3.4.8: dpkg-source: Fehler: kann nicht mit Quellformat »3.0 (quilt)« bauen: keine orig.tar-Datei gefunden dpkg-buildpackage: Fehler: dpkg-source --no-copy -b 201008042116-samba-3.4.8dfsg2-testing gab Fehler-Exitstatus 255 Mit freundlichen Grüßen / Kind Regards René Geile -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Import samba 3 to samba 4
On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurston dthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Thanks Dave Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 questions (idmap, forest, inter-domain trust)
Hello everyone, I am trying to go after learning Samba4 from two directions. Code and implementing it. (If you know Samba4, please help me answer the questions after the brief explanation.) I have used the following scenario before, it is real and a way for me to learn things: My siblings and I are setting up some family services (over VPN, etc.). There are X of us, including 1 being parents. So, we have X families. We are wanting these to do inter-domain trusts, or just forest level trust. Family1 ... Family X Should all trust one another. Q1: How do I set the Unix uid/gid range in Samba4 for the local domain? Is it possible before the first user is created? Q2: As I understand it, there are no inter-domain trusts yet with Samba4, is this accurate? Is it planned? Q3: As I understand it, Samba4 doesn't do forests yet. Is this accurate? Is it planned? Q4: If I setup the domains now with Samba4, can they be converted to a forest or setup with trusts later when it is supported? Thank you, Trever Adams -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Import samba 3 to samba 4
On 7 August 2010 19:11, Nico Kadel-Garcia nka...@gmail.com wrote: On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurston dthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) By default Samba 4 uses its own built in LDAP server and the OpenLDAP backend is currently not working properly. I have managed to migrate users from an Apple Open Directory server (which is based on MIT Kerberos and OpenLDAP) to Samba 4, but I was only using Open Directory for authentication of one service. No machines joined to OD or anything like that. All I needed to do was dump the kerberos database, import it to Heimdal, dump it from Heimdal again and then use the password hashes from the Heimdal dump to create the necessary unicodePwd attributes in Samba's directory. After that I used ldapsearch to get hold of the groups each user was a member of and then used ldbmodify (or perhaps ldapmodify. I can't remember now) to migrate them to Samba. I've never used Samba 3 as a PDC, so I'm not sure what the LDAP schema looks like and how it differs from what Samba 4 uses, but as long as the password hashes are in a compatible format, I imagine it's just a matter of slapcat or ldapsearch, munging the results and then ldbmodify to add the users to Samba 4. I don't know of an existing script to do this. Cc: samba-technical -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Question re kerberos and plain password login
Hi There, I've just upgraded to 2 new 2008 R2 domain controllers, and had been using 2003 integration with samba successfully. After hitting this issue https://bugzilla.samba.org/show_bug.cgi?id=6700 I upgraded my samba to 3.4.8, which seems to be working OK for pc hosts. However, I used to also log in some OSX 10.5 clients in using smb, and now these clients are getting password failed issues. I also allow AFP access using netatalk, and this is working correctly, which indicates winbind is checking things correctly. Is there any option needed to allow password login AND kerberos? On 3.2.4 with 2003 my config was working ok. There is no log created when the mac attempts to auth (unlike the log for each windows client) so I'm not sure where it's going wrong. Any help appreciated! Cheers,Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Project: writing a vfs module to preverse permissions with MS Office
Hello list, Short introduction: I'm Pierre, on my non-free time I work for Red Hat in Farnborough, UK. I'm not really using Samba extensively myself, but how could one not love a source tree containing torture.c and weird.c? About that, if anyone can explain what the latter is for, I'd be very interested... Add the weird charset in 3_0 and build it by default for ./configure --enable-developer in the git repodidn't hit me. Problem --- I'd like to write a workaround for MS Word with Samba Changes Owner of File http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2615334 A university is using relatively complex POSIX ACLs and the currently provided workaround wouldn't be enough. Approach A VFS module seems like the best way to go: 1) If a file is renamed to a MS Office temporary file, we store its permissions incl. POSIX ACLs 2) If a MS Office temporary file is renamed, we restore the permissions of the corresponding file in 1) if any Given both the renames were made by the same user, I assume no security checks are necessary. Obviously this means I should match the filenames for both MS Office documents and temporary files. A good reason to avoid such this procedure when MS Office is not involved is for example to avoid losing the SUID bit on binaries, even though it's far-fetched. Why this E-mail --- I found http://support.microsoft.com/kb/211632 which doesn't cover matching patterns but give examples. However I just reproduced the problem with Microsoft Office 2010 installation on Windows XP (cf logs extracts after my signature) and: - I got filenames without the ~wrd-like part they always show - It also applies to non-Microsoft file formats, making the list too long At the current stage I therefore intend: - To only rely on the .tmp extension for temporary files - Not to match any pattern for documents MS Office manipulates I'd rather: - Find some clever way to only store permissions of documents renamed by MS Office - Get better patterns to match temporary files How to help --- If you want to see this happen, mailing me to mention you could use this vfs module will motivate me :) If you are willing to help, you can do so by providing data from your environment: - Enabling vfs objects = extd_audit:2 for a share - Provide me with the corresponding logs when you save an existing file on this share grep vfs_extd_audit through your recent logs would be enough, no need to prepare them further Ideally, I'd like to get covered: - All versions of Microsoft Office - All versions of Microsoft Windows - All supported file formats? Moreover I'll be targeting/testing on Linux only, so other OSes users will be welcome. Thank you for your time, -- Pierre Carrier log.pierre-a3ca0284.1: vfs_extd_audit: rename old: ./s.docx newname: ./5D1CA1C1.tmp log.pierre-a3ca0284.1: vfs_extd_audit: rename old: ./86A278C0.tmp newname: ./s.docx log.pierre-a3ca0284.2: vfs_extd_audit: rename old: ./Classeur1.xls newname: ./F7C49255.tmp log.pierre-a3ca0284.2: vfs_extd_audit: rename old: ./9E117AA4.tmp newname: ./Classeur1.xls log.pierre-a3ca0284.2: vfs_extd_audit: rename old: ./Classeur1.xls newname: ./CFAF4030.tmp log.pierre-a3ca0284.2: vfs_extd_audit: rename old: ./DB0C8C2B.tmp newname: ./Classeur1.xls log.pierre-a3ca0284.3: vfs_extd_audit: rename old: ./a.odt newname: ./DD33EC9A.tmp log.pierre-a3ca0284.3: vfs_extd_audit: rename old: ./E629A9BD.tmp newname: ./a.odt log.pierre-a3ca0284.3: vfs_extd_audit: rename old: ./a.odt newname: ./4817EFB8.tmp log.pierre-a3ca0284.3: vfs_extd_audit: rename old: ./6F25FD3.tmp newname: ./a.odt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Sat Aug 7 06:00:02 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-08-06 00:00:02.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-08-07 00:00:03.0 -0600 @@ -1,9 +1,9 @@ -Build status as of Fri Aug 6 06:00:01 2010 +Build status as of Sat Aug 7 06:00:02 2010 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 32 1 0 +ccache 32 2 0 ccache-maint 30 2 0 ldb 32 10 0 libreplace 32 11 0 @@ -14,7 +14,7 @@ samba-docs 0 0 0 samba-web0 0 0 samba_3_current 32 32 4 -samba_3_master 32 32 1 +samba_3_master 32 31 1 samba_3_next 32 32 6 samba_4_0_test 32 32 0 samba_4_0_waf 36 32 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4c6fd60... s3: Remove an unnecessary NULL check from 16949ef... s3-net: fix copy/paste typo in usage of net printing. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4c6fd6043b3cf3b395b58037e99b1c2b7334a411 Author: Volker Lendecke v...@samba.org Date: Fri Aug 6 23:27:36 2010 +0200 s3: Remove an unnecessary NULL check Now that connections.tdb is not used for the broadcast messaging anymore, connections_fetch_entry is only called for real connections. --- Summary of changes: source3/lib/conn_tdb.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c index 0770f66..7f9c746 100644 --- a/source3/lib/conn_tdb.c +++ b/source3/lib/conn_tdb.c @@ -56,7 +56,7 @@ struct db_record *connections_fetch_entry(TALLOC_CTX *mem_ctx, ZERO_STRUCT(ckey); ckey.pid = procid_self(); - ckey.cnum = conn ? conn-cnum : -1; + ckey.cnum = conn-cnum; strlcpy(ckey.name, name, sizeof(ckey.name)); key.dsize = sizeof(ckey); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b03bc88... s3: Remove a pointless else from 4c6fd60... s3: Remove an unnecessary NULL check http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b03bc8822b5282fa1acd8e3a90b1424656fced4c Author: Volker Lendecke v...@samba.org Date: Sat Aug 7 10:29:43 2010 +0200 s3: Remove a pointless else --- Summary of changes: source3/smbd/server.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 82f2f48..1b7059c 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -439,7 +439,9 @@ static void smbd_accept_connection(struct tevent_context *ev, exit: exit_server_cleanly(end of child); return; - } else if (pid 0) { + } + + if (pid 0) { DEBUG(0,(smbd_accept_connection: sys_fork() failed: %s\n, strerror(errno))); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b47245... s4:ntlmssp Merge more aspects of the source3/ NTLMSSP layer via 6644f48... s4:ntlmssp Re-add gensec_ntlmssp wrapper to allow merge with source3/ via 1979486... s4:ntlmssp Always setup the session keys and signing state from b03bc88... s3: Remove a pointless else http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b47245a9d7292255a5dca8286283b5519de12e6 Author: Andrew Bartlett abart...@samba.org Date: Sat Aug 7 18:56:35 2010 +1000 s4:ntlmssp Merge more aspects of the source3/ NTLMSSP layer This changes the talloc treatment of the session keys to avoid memory duplication - the session key has always been allocated onto the ntlmssp_context by the auth subsystem callback. The remainder of the changes are cosmetics, such as avoiding using lm_session_key as a pointer (and avoiding then doing an if statement on something that is always true). Andrew Bartlett commit 6644f48d724085f839da86ef75bd814a46359ea5 Author: Andrew Bartlett abart...@samba.org Date: Fri Aug 6 17:53:44 2010 +1000 s4:ntlmssp Re-add gensec_ntlmssp wrapper to allow merge with source3/ By re-adding this wrapper, the actual guts of these functions are now very similar to that found in source3/libsmb/ntlmssp.c This should make it easier to merge the implementations. Andrew Bartlett commit 1979486c8ea9125cb8b16782acc0dcea9c6f552e Author: Andrew Bartlett abart...@samba.org Date: Fri Aug 6 17:51:34 2010 +1000 s4:ntlmssp Always setup the session keys and signing state While it would save some CPU to only setup the session key when requested (like windows does), this instead matches the implementation in source3/libsmb/ntlmssp.c We could re-add this later after the codebase is merged. Andrew Bartlett --- Summary of changes: source4/auth/ntlmssp/ntlmssp.c|4 +- source4/auth/ntlmssp/ntlmssp_server.c | 121 - 2 files changed, 76 insertions(+), 49 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index e55527a..74fa62f 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -47,7 +47,7 @@ static const struct ntlmssp_callbacks { },{ .role = NTLMSSP_SERVER, .command= NTLMSSP_NEGOTIATE, - .sync_fn= ntlmssp_server_negotiate, + .sync_fn= gensec_ntlmssp_server_negotiate, },{ .role = NTLMSSP_CLIENT, .command= NTLMSSP_CHALLENGE, @@ -55,7 +55,7 @@ static const struct ntlmssp_callbacks { },{ .role = NTLMSSP_SERVER, .command= NTLMSSP_AUTH, - .sync_fn= ntlmssp_server_auth, + .sync_fn= gensec_ntlmssp_server_auth, } }; diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 9cfc18c..c4c7544 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -67,21 +67,17 @@ static const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state, /** * Next state function for the Negotiate packet * - * @param gensec_security GENSEC state + * @param ntlmssp_state NTLMSSP state * @param out_mem_ctx Memory context for *out * @param in The request, as a DATA_BLOB. reply.data must be NULL * @param out The reply, as an allocated DATA_BLOB, caller to free. * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required. */ -NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, +NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, -const DATA_BLOB request, DATA_BLOB *reply) + const DATA_BLOB request, DATA_BLOB *reply) { - struct gensec_ntlmssp_context *gensec_ntlmssp = - talloc_get_type_abort(gensec_security-private_data, - struct gensec_ntlmssp_context); - struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp-ntlmssp_state; DATA_BLOB struct_blob; uint32_t neg_flags = 0; uint32_t ntlmssp_command, chal_flags; @@ -400,38 +396,27 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state, * @return Errors or NT_STATUS_OK. */ -static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, +static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 92282a8... s3: Remove references to smbd_messaging_context() from the spoolss server via a5a0711... s3: Remove a reference to smbd_messaging_context() via 19a9083... s3: Remove some references to smbd_messaging_context() via 77c6314... s3: Remove procid_self() from connections_fetch_entry() via 2122917... s3: Add msg_ctx to pipes_struct via c9b654f... s3: Remove smbd_messaging_context() from send_stat_cache_delete_message() from 4b47245... s4:ntlmssp Merge more aspects of the source3/ NTLMSSP layer http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 92282a815d2d7351b21fd734a345e1500db89068 Author: Volker Lendecke v...@samba.org Date: Sat Aug 7 12:35:54 2010 +0200 s3: Remove references to smbd_messaging_context() from the spoolss server commit a5a0711f0c5e8b3e42301d5b050197a413e86fa7 Author: Volker Lendecke v...@samba.org Date: Sat Aug 7 12:27:22 2010 +0200 s3: Remove a reference to smbd_messaging_context() commit 19a908350eef1ae7725e3412da087be8e7cf05b0 Author: Volker Lendecke v...@samba.org Date: Sat Aug 7 11:58:48 2010 +0200 s3: Remove some references to smbd_messaging_context() commit 77c63149a3c91798445a56b31624036473e7f570 Author: Volker Lendecke v...@samba.org Date: Thu Jul 8 18:00:07 2010 +0200 s3: Remove procid_self() from connections_fetch_entry() commit 21229178bd4703a70f222e102bd2588449ac023b Author: Volker Lendecke v...@samba.org Date: Tue Jul 6 22:52:19 2010 +0200 s3: Add msg_ctx to pipes_struct commit c9b654f5810f46b20e082895499c0bf2a3077173 Author: Volker Lendecke v...@samba.org Date: Tue Jul 6 22:43:14 2010 +0200 s3: Remove smbd_messaging_context() from send_stat_cache_delete_message() --- Summary of changes: source3/include/nt_printing.h |4 -- source3/include/ntdomain.h |1 + source3/include/proto.h|3 +- source3/lib/conn_tdb.c |3 +- source3/lib/dummysmbd.c|3 +- source3/locking/locking.c |3 +- source3/rpc_server/rpc_ncacn_np_internal.c |2 + source3/rpc_server/srv_netlog_nt.c | 11 +++--- source3/rpc_server/srv_spoolss_nt.c| 47 +++- source3/rpc_server/srv_srvsvc_nt.c | 35 source3/rpc_server/srv_wkssvc_nt.c |4 +- source3/smbd/close.c |3 +- source3/smbd/statcache.c |5 ++- 13 files changed, 69 insertions(+), 55 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/nt_printing.h b/source3/include/nt_printing.h index 199236b..a185aab 100644 --- a/source3/include/nt_printing.h +++ b/source3/include/nt_printing.h @@ -236,10 +236,6 @@ WERROR spoolss_map_to_os2_driver(TALLOC_CTX *mem_ctx, const char **pdrivername); const char *get_short_archi(const char *long_archi); -bool add_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, - struct spoolss_SetPrinterInfo2 *info2, - const char *remote_machine); - bool print_access_check(struct auth_serversupplied_info *server_info, int snum, int access_type); diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index f42ff58..071e915 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -134,6 +134,7 @@ struct pipes_struct { char client_address[INET6_ADDRSTRLEN]; struct auth_serversupplied_info *server_info; + struct messaging_context *msg_ctx; struct ndr_syntax_id syntax; diff --git a/source3/include/proto.h b/source3/include/proto.h index 7e56f7d..060776f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5838,7 +5838,8 @@ bool stat_cache_lookup(connection_struct *conn, char **pp_dirpath, char **pp_start, SMB_STRUCT_STAT *pst); -void send_stat_cache_delete_message(const char *name); +void send_stat_cache_delete_message(struct messaging_context *msg_ctx, + const char *name); void stat_cache_delete(const char *name); unsigned int fast_string_hash(TDB_DATA *key); bool reset_stat_cache( void ); diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c index 7f9c746..b95b4cd 100644 --- a/source3/lib/conn_tdb.c +++ b/source3/lib/conn_tdb.c @@ -18,6 +18,7 @@ */ #include includes.h +#include smbd/globals.h static struct db_context *connections_db_ctx(bool rw) { @@ -55,7 +56,7 @@ struct db_record *connections_fetch_entry(TALLOC_CTX *mem_ctx, TDB_DATA key; ZERO_STRUCT(ckey); - ckey.pid = procid_self(); + ckey.pid = sconn_server_id(conn-sconn); ckey.cnum =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 390bfed... s4:kcc_connection.c - fix typo in error message via bc702a3... s4:ldap.py - comment a test part which fails with another error code on Windows via 8243272... s4:ldap.py - test the new systemFlags constraint via f99d672... s4:objectclass LDB module - add operation - enhance and clean the systemFlags section via e009d02... s4:ldap.py - test for an invalid objectCategory attribute via 6e6af9c... s4:objectclass LDB module - add operation - implement objectCategory validation via 299b59b... s4:ldap.py - proof for the impossibility to add a LSA-specific object over LDAP via 89c71a8... s4:urgent_replication.py - relax also here the add of a secrets object via 67b1e1b... s3:dcesrv_lsa.c - use the RELAX control in order to create LSA objects via 25e973d... s4:dsdb/common/util.c - add a function dsdb_add via 7d62128... s4:objectclass LDB module - add operation - reject creation of LSA specific objects via a3c6d4c... s4:objectclass LDB module - add operation - move two checks via ace6f52... s4:objectclass LDB module - add operation - deny multiple objectclass message elements via 9f0cbe1... s4:objectclass LDB module - add operation - free mem_ctx as soon as possible from 92282a8... s3: Remove references to smbd_messaging_context() from the spoolss server http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 390bfed7b7d9edfa61e6d3b1f79ba33fbd44c42d Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 13:32:52 2010 +0200 s4:kcc_connection.c - fix typo in error message commit bc702a394ddd1912c621054acbc75f29166fd17a Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 12:30:33 2010 +0200 s4:ldap.py - comment a test part which fails with another error code on Windows commit 8243272fa071dadd62199f84d7caf608d90ea6ed Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 11:59:57 2010 +0200 s4:ldap.py - test the new systemFlags constraint commit f99d672b138e17e6b40f286a527812f75b65c3d7 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 11:50:10 2010 +0200 s4:objectclass LDB module - add operation - enhance and clean the systemFlags section Also here we have to test for single-valueness. commit e009d02bd5718fb5e9f636a616ff3b622d68325d Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 11:07:03 2010 +0200 s4:ldap.py - test for an invalid objectCategory attribute commit 6e6af9c14c1a421b8c3323982e5bd8bbb69589bb Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Aug 7 11:04:53 2010 +0200 s4:objectclass LDB module - add operation - implement objectCategory validation commit 299b59b7c3603642154d78a5e3251926c8ce6e62 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 22:23:22 2010 +0200 s4:ldap.py - proof for the impossibility to add a LSA-specific object over LDAP commit 89c71a8f06414a62c04d3460e9b4c9348bfb7fd1 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 22:22:57 2010 +0200 s4:urgent_replication.py - relax also here the add of a secrets object commit 67b1e1b8f3314f49d028a11df5ccda1e81986cda Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 22:00:27 2010 +0200 s3:dcesrv_lsa.c - use the RELAX control in order to create LSA objects commit 25e973d5db9ffa6d4138cdbe7c3dd1880149ad2a Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 21:58:57 2010 +0200 s4:dsdb/common/util.c - add a function dsdb_add commit 7d62128e2cce540043df84d51967e43bdca4c493 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 21:40:11 2010 +0200 s4:objectclass LDB module - add operation - reject creation of LSA specific objects (only using the RELAX flag allowed) commit a3c6d4c4d52c174d7fcac73fb315dc7e7c03fdd9 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 21:02:29 2010 +0200 s4:objectclass LDB module - add operation - move two checks To be more consistent with the MS-ADTS doc. commit ace6f52d57e40d3e198f844fd3f2f35392ffc620 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 21:01:38 2010 +0200 s4:objectclass LDB module - add operation - deny multiple objectclass message elements Requested by MS-ADTS 3.1.1.5.2.2 commit 9f0cbe1558ec473f0a75b662bbc123473aa0a7aa Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Aug 5 20:59:56 2010 +0200 s4:objectclass LDB module - add operation - free mem_ctx as soon as possible We don't need to have it around until the end of the function. --- Summary of changes: source4/dsdb/common/util.c | 30 ++
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 72fd7fb... s3: Remove some references to smbd_messaging_context() from 390bfed... s4:kcc_connection.c - fix typo in error message http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 72fd7fb49dac33bf4fd91bf1d8795f62b5a9fb82 Author: Volker Lendecke v...@samba.org Date: Sat Aug 7 13:23:07 2010 +0200 s3: Remove some references to smbd_messaging_context() --- Summary of changes: source3/smbd/process.c | 11 ++- 1 files changed, 6 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/process.c b/source3/smbd/process.c index b867ba1..d8ed563 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -2435,7 +2435,8 @@ static bool keepalive_fn(const struct timeval *now, void *private_data) */ static bool deadtime_fn(const struct timeval *now, void *private_data) { - struct smbd_server_connection *sconn = smbd_server_conn; + struct smbd_server_connection *sconn = + (struct smbd_server_connection *)private_data; if (sconn-using_smb2) { /* TODO: implement real idle check */ @@ -2443,7 +2444,7 @@ static bool deadtime_fn(const struct timeval *now, void *private_data) return true; } DEBUG( 2, ( Closing idle SMB2 connection\n ) ); - messaging_send(smbd_messaging_context(), procid_self(), + messaging_send(sconn-msg_ctx, procid_self(), MSG_SHUTDOWN, data_blob_null); return false; } @@ -2451,7 +2452,7 @@ static bool deadtime_fn(const struct timeval *now, void *private_data) if ((conn_num_open(sconn) == 0) || (conn_idle_all(sconn, now-tv_sec))) { DEBUG( 2, ( Closing idle SMB1 connection\n ) ); - messaging_send(smbd_messaging_context(), procid_self(), + messaging_send(sconn-msg_ctx, procid_self(), MSG_SHUTDOWN, data_blob_null); return False; } @@ -2807,7 +2808,7 @@ static bool fork_echo_handler(struct smbd_server_connection *sconn) close(listener_pipe[0]); - status = reinit_after_fork(smbd_messaging_context(), + status = reinit_after_fork(sconn-msg_ctx, smbd_event_context(), procid_self(), false); if (!NT_STATUS_IS_OK(status)) { @@ -3036,7 +3037,7 @@ void smbd_process(void) if (!(event_add_idle(smbd_event_context(), NULL, timeval_set(IDLE_CLOSED_TIMEOUT, 0), -deadtime, deadtime_fn, NULL))) { +deadtime, deadtime_fn, smbd_server_conn))) { DEBUG(0, (Could not add deadtime event\n)); exit(1); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6598d6d... s4:rpc_server/lsa: better include a .h file don't include a .c file from 72fd7fb... s3: Remove some references to smbd_messaging_context() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6598d6dc41743b5390c803097eea27f951efa531 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 7 18:15:01 2010 +0200 s4:rpc_server/lsa: better include a .h file don't include a .c file This fixes the build with --nonshared-binary=smbtorture, as use by the source3/ make test. metze --- Summary of changes: source4/rpc_server/lsa/dcesrv_lsa.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 7c7bdfd..0a94a87 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -27,8 +27,9 @@ #include auth/kerberos/kerberos.h #include librpc/gen_ndr/ndr_drsblobs.h #include librpc/gen_ndr/ndr_lsa.h +#include ../lib/crypto/crypto.h #include lib/util/tsort.h -#include dsdb/common/util.c +#include dsdb/common/util.h /* this type allows us to distinguish handle types -- Samba Shared Repository