[Samba] Cannot rename directory - Samba acting two different ways on identical systems
Ubuntu Samba server running Version 3.4.0 Most windows and OS X clients connect with no issues. Permissions are working correctly on shares and umask settings are working on Window 7, OS X, and XP. The annoying mystery here is that these little bugs are annoying users and taking up precious time... Most recently, Mac1 (OS X 10.6.5 smb Version 3.0.28a-apple) is able to change a directory's name and Mac2 isn't able to rename SAME directory: Both Mac1 and Mac2 have: SAME OS X 10.6.5 SAME version of Samba = Version 3.0.28a-apple SAME samba user account authenticated (user1) SAME method of accessing server (IP - not Bonjour) I have also tested this from a PC... and I've verified that the permissions mapping to the local user account is 0770 when I stat it from the terminal on both Mac1 and Mac2. So, it doesn't appear to be a permissions issue since the permissions on both computers are: drwxrwx--- 2 Mac1localuser staff 16384 Jan 17 14:48 FOLDERR drwxrwx--- 2 Mac2localuser staff 16384 Jan 17 14:52 FOLDERR Can anyone help me begin troubleshooting this? I'd really like for smb to be completely reliable... Here is copy of the log.smbd @ log level 3 - I have excerpted the section regarding renaming the directory: -- WHEN RENAME FAILS (Mac 2): -- [2011/01/19 19:56:32, 3] smbd/reply.c:5949(rename_internals) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER [2011/01/19 19:56:32, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDERR] [/mnt/store] [2011/01/19 19:56:32, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR [2011/01/19 19:56:32, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDER] [/mnt/store] [2011/01/19 19:56:32, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER [2011/01/19 19:56:32, 3] smbd/reply.c:5760(rename_internals_fsp) rename_internals_fsp: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR - data/FOLDER [2011/01/19 19:56:32, 3] smbd/reply.c:6009(rename_internals) rename_internals: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR - data/FOLDER [2011/01/19 19:56:32, 3] smbd/error.c:60(error_packet_set) error packet at smbd/reply.c(6241) cmd=7 (SMBmv) NT_STATUS_ACCESS_DENIED -- WHEN RENAME WORKS (Mac 1): -- [2011/01/19 19:57:38, 3] smbd/reply.c:5949(rename_internals) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER [2011/01/19 19:57:38, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDERR] [/mnt/store] [2011/01/19 19:57:38, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR [2011/01/19 19:57:38, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDER] [/mnt/store] [2011/01/19 19:57:38, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER [2011/01/19 19:57:38, 3] smbd/reply.c:5784(rename_internals_fsp) rename_internals_fsp: succeeded doing rename on data/FOLDERR - data/FOLDER [2011/01/19 19:57:38, 3] smbd/reply.c:6009(rename_internals) rename_internals: Error NT_STATUS_OK rename data/FOLDERR - data/FOLDER Also here is my conf file (users/IPs changed to protect the innocent): [@server:~]$ cat /etc/samba/smb.conf (01-19 19:47) [global] netbios name = server server string = server workgroup = Workgroup security = user hosts allow = 127. 192.168.2. interfaces = 127.0.0.1/8 192.168.2.0/24 bind interfaces only = yes remote announce = 192.168.2.255 remote browse sync = 192.168.2.255 log file = /var/log/samba/samba.log max log size = 1000 log level = 3 null passwords = no username level = 6 password level = 6 encrypt passwords = true unix password sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no domain master = no preferred master = no domain logons = no os level = 33 logon drive = m: logon home = \\%L\homes\%u logon path = \\%L\profiles\%u logon script = %G.bat time server = no name resolve order = wins lmhosts bcast wins support = no wins proxy = no dns proxy = no preserve case = yes short preserve case = yes client use spnego = no client signing = no client schannel = no server signing = no server schannel = no nt pipe support = yes nt status support = yes allow trusted domains = no obey pam restrictions = yes enable spoolss = yes client plaintext auth = no disable netbios = no follow symlinks = no update encrypted = yes pam password change = no passwd chat timeout = 120 hostname lookups = no username map = /etc/samba/smbusers smb passwd file = /etc/samba/smbpasswd passwd program = /usr/bin/passwd '%u' passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n add user script
[Samba] fetch passwords from AD and group membership from /etc/group
Hi List, I want to use Active Directory for my samba users passwords and /etc/group for storing group membership. /etc/nsswitch.conf looks like: group: file Problem: the tests i ran show that the samba server does not know about group membership (deleting file from other user belonging to the same group fails). The same test works as expectet when winbindd is switched off. What do i have to do to fix this while having winbindd running? Regards, Marius -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot rename directory - Samba acting two different ways on identical systems
On 20 January 2011 15:17, Ben Sigman b...@rentageekla.com wrote: Hi Ben, I's been 4 hours and nobody has replied yet so I'll bite. IMHO, most (many) Samba issues can be resolved by correcting your Linux pernissions and groups for your users. Ubuntu Samba server running Version 3.4.0 [...] The annoying mystery here is that these little bugs are annoying users and taking up precious time... Most recently, Mac1 (OS X 10.6.5 smb Version 3.0.28a-apple) is able to change a directory's name and Mac2 isn't able to rename SAME directory: Both Mac1 and Mac2 have: SAME OS X 10.6.5 SAME version of Samba = Version 3.0.28a-apple SAME samba user account authenticated (user1) SAME method of accessing server (IP - not Bonjour) I have also tested this from a PC... and I've verified that the permissions mapping to the local user account is 0770 when I stat it from the terminal on both Mac1 and Mac2. So, it doesn't appear to be a permissions issue since the permissions on both computers are: drwxrwx--- 2 Mac1localuser staff 16384 Jan 17 14:48 FOLDERR drwxrwx--- 2 Mac2localuser staff 16384 Jan 17 14:52 FOLDERR What is the location of this test directories? If both of these folders are trying to be changed by the same user account why are both of these directories owned by different users? I'm assuming that Mac1localuser and Mac2localuser both belong to the staff group on the Samba server? Can anyone help me begin troubleshooting this? I'd really like for smb to be completely reliable... Here is copy of the log.smbd @ log level 3 - I have excerpted the section regarding renaming the directory: -- WHEN RENAME FAILS (Mac 2): -- [2011/01/19 19:56:32, 3] smbd/reply.c:5949(rename_internals) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER [2011/01/19 19:56:32, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDERR] [/mnt/store] [2011/01/19 19:56:32, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR [2011/01/19 19:56:32, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDER] [/mnt/store] [2011/01/19 19:56:32, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER [2011/01/19 19:56:32, 3] smbd/reply.c:5760(rename_internals_fsp) rename_internals_fsp: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR - data/FOLDER [2011/01/19 19:56:32, 3] smbd/reply.c:6009(rename_internals) rename_internals: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR - data/FOLDER [2011/01/19 19:56:32, 3] smbd/error.c:60(error_packet_set) error packet at smbd/reply.c(6241) cmd=7 (SMBmv) NT_STATUS_ACCESS_DENIED -- WHEN RENAME WORKS (Mac 1): -- [2011/01/19 19:57:38, 3] smbd/reply.c:5949(rename_internals) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER [2011/01/19 19:57:38, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDERR] [/mnt/store] [2011/01/19 19:57:38, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR [2011/01/19 19:57:38, 3] smbd/vfs.c:865(check_reduced_name) reduce_name [data/FOLDER] [/mnt/store] [2011/01/19 19:57:38, 3] smbd/vfs.c:974(check_reduced_name) reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER [2011/01/19 19:57:38, 3] smbd/reply.c:5784(rename_internals_fsp) rename_internals_fsp: succeeded doing rename on data/FOLDERR - data/FOLDER [2011/01/19 19:57:38, 3] smbd/reply.c:6009(rename_internals) rename_internals: Error NT_STATUS_OK rename data/FOLDERR - data/FOLDER Also here is my conf file (users/IPs changed to protect the innocent): [@server:~]$ cat /etc/samba/smb.conf (01-19 19:47) [global] netbios name = server server string = server workgroup = Workgroup security = user hosts allow = 127. 192.168.2. interfaces = 127.0.0.1/8 192.168.2.0/24 bind interfaces only = yes remote announce = 192.168.2.255 remote browse sync = 192.168.2.255 log file = /var/log/samba/samba.log max log size = 1000 log level = 3 null passwords = no username level = 6 password level = 6 encrypt passwords = true unix password sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no domain master = no preferred master = no domain logons = no os level = 33 logon drive = m: logon home = \\%L\homes\%u logon path = \\%L\profiles\%u logon script = %G.bat time server = no name resolve order = wins lmhosts bcast wins support = no wins proxy = no dns proxy = no preserve case = yes short preserve case = yes client use spnego = no client signing = no client schannel = no server signing = no server schannel = no nt pipe support = yes nt
[Samba] Samba name/address mismatch
Hello In samba log file I've a message like this: [2011/01/18 16:04:04, 0] lib/util_sock.c:matchname(1749) matchname: host name/address mismatch: :::192.168.168.202 != pc-ser-tun.eda that fills log.smbd. I've never used ipv6 and ping pc-ser-tun.eda returns: PING pc-ser-tun.eda (192.168.168.202) 56(84) bytes of data. 64 bytes from pc-ser-tun.eda (192.168.168.202): icmp_seq=1 ttl=128 time=0.092 ms and in smb.conf i've this entry: hosts allow = 127. 192.168.1. 192.168.168. can you help me to remove this mismatch from log.smbd ? Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Managing win7 machines..
I'm curious how others manage their windows 7 machines on a samba 3.x.x domain .. especial the part of policies and scripts. i got the win7 running in the samba domain, but i'm stuck in the policies part.. and i don't want to use nitrobit for this. how do other users do this.. ?! thx, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Permission to access shared folders on XP client
Hi. I have a samba PDC on lenny, using roaming profiles. All work fine, but i have a question. Some station need share folders with others station, but i dont know how to permit access only to some users to that shared folders. All the permission work fine on the samba shared folders, for group users; but if i need share from XP, the users cant access to that. By Example: An user in the Human resources dept need share some local folders only for the same dept users. How can i permit that from samba? I cant create local users to manage the permission, because all use roaming profiles, so i cant depend of the local users. Thanks and regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ADS OS fields with samba 3.3.2
2011/1/19 Pena Pena Jacobo Jose jpena...@cantv.com.ve: Hi everybody, I am using samba 3.3.2 provided by Debian and I am looking for a way to populate this fields[1] during domain join against w2k3 sp3. I was reading the mailing list and I found a thread[2] from 3 years ago that speak about the problem but I can not get the solution. There is anybody who knows how to do it? Use osName and osVersion options with net ads join. They are available from Samba 3.0.25. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SMB2 Negotiate Request
On Wed, Jan 19, 2011 at 05:51:45PM -0800, Mike Smith wrote: Thanks for the reply. I have set max protocol = smb2 and I can use the SMB2 protocol fine. I'll try and explain my issue better: When I say negotiate request and I talking about the packets that are sent between the client and server. The SMB2 protocol is driven by requests from the client and responses from the server. The very first packet that is sent from client to server contains a header and a message (SMB2_NEGOTIATE) that tells the server what dialects of the protocol the client understands. When I send this packet the samba server does not respond to it, and I time out. Windows 7 responds to this packet as expected. If I use a SMB packet (instead of SMB2) and use that to negotiate a SMB2 connection, it will work, but what I want to know is if there is a reason it's not responding the the SMB2 packet as it (apparently) should. Can you test this against v3-6-test please ? If it still fails report as a bug in bugzilla and I'll get it fixed asap. SMB2 isn't really supported in 3.5.x, 3.6.0 will be the first production release with complete SMB2 support. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] idmap troubles with any version 3.30 or later
Hello list. The issue I have is that with the changes made to the idmap functionality of winbind, as regards the enumeration of rfc2307 users and groups using getent passwd and getent group, only those AD users that are not in the domains included in the idmap config (domain) statements (the ones in trusted domains that get their ID mappings auto-assigned by the TDB backend with id's in the idmap uid / gid ranges) get enumerated. The ones that have the RFC2307 attributes defined within the idmap group (domain) range statements will return their uid/gid/homedir/shell info only if you specify getent passwd (username) but they do not enumerate with a getent passwd. Same with getent group (groupname) vs getent group. I have had to create the symlinks in /usr/lib and /usr/lib64 for the /lib/nss_winbind.so.2, /lib/nss_wins.so.2, /lib64/nss_winbind.so.2 and /lib64/nss_wins.so.2 libs manually because the installer did not create them for me, and until I did so, getent passwd and getent group only displayed the local /etc/passwd and /etc/group entries. Question - are there any other symlinks that should be created for any other aspect of the nss idmap functionality that may not have been created by the install process, that would be breaking the user / group enumeration functionality of nss_winbind.so, and if so, what libs need to be symlinked to which folders using what names? I have tried version 3.3x, 3.4.3 and 3.5.4 all with the same lack of results from getent passwd and getent group but it functioned properly under 3.2.7, so it can't be Thanks in advance, Jim. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender and delete it. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. No employee or agent is authorized to conclude any binding agreement on behalf of Visa Lighting with another party by email without express written confirmation by an authorized representative of the Company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] libwbclient not found
Hi, I've just done a fresh install of ubuntu maverick, I added the PPA sources deb http://ppa.launchpad.net/samba-team/ppa/ubuntu maverick main deb-src http://ppa.launchpad.net/samba-team/ppa/ubuntu maverick main installed Samba4 For some reason samba can't find libwbclient root@morannon:/etc/apt/sources.list.d# ldd -d -r /usr/sbin/samba linux-vdso.so.1 = (0x7fff0dbff000) libsamba-util.so.0 = /usr/lib/libsamba-util.so.0 (0x7f2229b84000) libauth.so = /usr/lib/samba/libauth.so (0x7f2229971000) libcluster.so = /usr/lib/samba/libcluster.so (0x7f222976d000) libsamba-hostconfig.so.0 = /usr/lib/libsamba-hostconfig.so.0 (0x7f2229557000) libcredentials.so = /usr/lib/samba/libcredentials.so (0x7f2229344000) libldbsamba.so = /usr/lib/samba/libldbsamba.so (0x7f2229119000) libservice.so = /usr/lib/samba/libservice.so (0x7f2228f0b000) libntvfs.so = /usr/lib/samba/libntvfs.so (0x7f2228ca2000) libndr.so.0 = /usr/lib/libndr.so.0 (0x7f2228a89000) libprocess_model.so = /usr/lib/samba/libprocess_model.so (0x7f2228886000) libevents.so = /usr/lib/samba/libevents.so (0x7f2228684000) libgensec.so.0 = /usr/lib/libgensec.so.0 (0x7f2228459000) libdcerpc.so.0 = /usr/lib/libdcerpc.so.0 (0x7f222818b000) liberrors.so = /usr/lib/samba/liberrors.so (0x7f2227f06000) libsamdb.so.0 = /usr/lib/libsamdb.so.0 (0x7f2227cf1000) libndr-samba4.so = /usr/lib/samba/libndr-samba4.so (0x7f22278fa000) libsamdb-common.so = /usr/lib/samba/libsamdb-common.so (0x7f22276d4000) libroken.so.18 = /usr/lib/libroken.so.18 (0x7f22274bf000) libldb.so.0 = /usr/lib/libldb.so.0 (0x7f2227287000) libtalloc.so.2 = /usr/lib/libtalloc.so.2 (0x7f222707c000) libpopt.so.0 = /lib/libpopt.so.0 (0x7f2226e6f000) libtevent.so.0 = /usr/lib/libtevent.so.0 (0x7f2226c63000) libpthread.so.0 = /lib/libpthread.so.0 (0x7f2226a46000) libc.so.6 = /lib/libc.so.6 (0x7f22266c2000) librt.so.1 = /lib/librt.so.1 (0x7f22264ba000) libwbclient.so = not found libsamba-sockets.so = /usr/lib/samba/libsamba-sockets.so (0x7f222629f000) libdcerpc-samba4.so = /usr/lib/samba/libdcerpc-samba4.so (0x7f2226099000) libcli-ldap.so = /usr/lib/samba/libcli-ldap.so (0x7f2225e81000) libsecurity.so = /usr/lib/samba/libsecurity.so (0x7f2225c63000) libauthkrb5.so = /usr/lib/samba/libauthkrb5.so (0x7f2225a48000) libpam.so.0 = /lib/libpam.so.0 (0x7f222583b000) libtdb-wrap.so = /usr/lib/samba/libtdb-wrap.so (0x7f2225637000) libdl.so.2 = /lib/libdl.so.2 (0x7f2225433000) libgssapi-samba4.so.2 = /usr/lib/samba/libgssapi-samba4.so.2 (0x7f22251f2000) libkrb5-samba4.so.26 = /usr/lib/samba/libkrb5-samba4.so.26 (0x7f2224e9a000) libcom_err.so.2 = /lib/libcom_err.so.2 (0x7f2224c96000) libtdb.so.1 = /usr/lib/libtdb.so.1 (0x7f2224a86000) libndr-samba.so = /usr/lib/samba/libndr-samba.so (0x7f2224767000) libwrap_xattr.so = /usr/lib/samba/libwrap_xattr.so (0x7f2224564000) libshares.so = /usr/lib/samba/libshares.so (0x7f222435b000) libcli-nbt.so = /usr/lib/samba/libcli-nbt.so (0x7f222414e000) libndr-standard.so.0 = /usr/lib/libndr-standard.so.0 (0x7f2223b9d000) libcrypt.so.1 = /lib/libcrypt.so.1 (0x7f2223964000) libresolv.so.2 = /lib/libresolv.so.2 (0x7f222374a000) /lib64/ld-linux-x86-64.so.2 (0x7f2229dba000) libnetif.so = /usr/lib/samba/libnetif.so (0x7f2223546000) libgcrypt.so.11 = /lib/libgcrypt.so.11 (0x7f22232cd000) libgnutls.so.26 = /usr/lib/libgnutls.so.26 (0x7f222302b000) libasn1.so.8 = /usr/lib/libasn1.so.8 (0x7fd9d000) libhx509.so.5 = /usr/lib/libhx509.so.5 (0x7fb57000) libwind.so.0 = /usr/lib/libwind.so.0 (0x7f92e000) libz.so.1 = /lib/libz.so.1 (0x7f715000) libgpg-error.so.0 = /lib/libgpg-error.so.0 (0x7f511000) libtasn1.so.3 = /usr/lib/libtasn1.so.3 (0x7f2ff000) libhcrypto.so.4 = /usr/lib/libhcrypto.so.4 (0x7f0cc000) undefined symbol: wbcErrorString(/usr/lib/samba/libauth.so) undefined symbol: wbcFreeMemory (/usr/lib/samba/libauth.so) undefined symbol: wbcAuthenticateUserEx (/usr/lib/samba/libauth.so) I find this odd as: ls -l /usr/lib/libwbclient.so.0 -rw-r--r-- 1 root root 100240 2011-01-07 04:55 /usr/lib/libwbclient.so.0 ldconfig -v |grep libwb libwbclient.so.0 - libwbclient.so.0 What am I missing? Thanks --Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Possible bug in nss_winbind with ad backend and rfc2307
I ran some tests to see why getent passwd was not enumerating my domain users and discovered this: If I getent passwd username it returns the user information including the primary group defined in the Unix attributes. If I add a Unix GID in the idmap config range to the domain's Domain Users group and getent passwd, it returns all of my domain users with all of the Unix attributes as defined in AD for them, BUT it replaces the primary group GID with the GID I defined for the Domain Users group. Apparently, some genius decided that the best way to look up users in AD is by membership in Domain Users rather than iterating through the directory looking for users that have rfc2307 attributes defined, totally ignoring the rfc2307 group attribute on the user objects. The suspected bug is that it is not using the rfc2307 primary GID attribute, but rather is defaulting the Domain Users group as the primary group for all users regardless of the rfc2307 attributes. Is there a way to force Winbind not to use the Domain Users group as the primary group for the winbindd_getpwent process, so it returns the rfc2307 group attribute as it used to / should? Or do I have to redo all of my group file ownership/permissions on all of my servers to match Domain Users for some ungodly reason? Currently running Samba 3.4.3 on SLES 11.1, and authenticating against Windows 2003R2 AD, but I suspect this same bug/feature was introduced with the idmap changes in 3.30 and above so should apply to all versions above 3.30. I don't know if the same logic is being used in v4 winbind idmap process... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Managing win7 machines..
I did that, but that doesn't make win7 obey the ntconfig.pol (nt4 policies) as far as i know win7 can't handle these policies, so i think i need an other way to apply policies to win7. thx. Collen. On 20-1-2011 17:17, Wagg, Dave wrote: I don't know about version 3 but have you made the following changes to the Control Panel à Admin Tools à Local Security Policy à Local Policies à Security options Change the Network Security: LAN Manager authentication level to Send LM NTLM responses Remove 128 bit encryption on the following 2 items as well: Network security: Minimum session security for NTLM SSP based CLIENTS and Network security: Minimum session security for NTLM SSP based SERVERS -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Collen Blijenberg Sent: Thursday, January 20, 2011 10:42 AM To: samba@lists.samba.org Subject: [Samba] Managing win7 machines.. I'm curious how others manage their windows 7 machines on a samba 3.x.x domain .. especial the part of policies and scripts. i got the win7 running in the samba domain, but i'm stuck in the policies part.. and i don't want to use nitrobit for this. how do other users do this.. ?! thx, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Managing win7 machines..
No ntconfig.pol anymore. You may use kixtart or other tools. Or Registry-files. But be aware Some registry-things can only be done by administrator and no one else. If you have the most win 7 clients It is better to switch over to samba4. You can then manage your group policies with Microsoft tools on the fly. With things that samba4 does not support at this moment use a samba 3 domain member. Good Luck Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Collen Blijenberg Gesendet: Freitag, 21. Januar 2011 08:35 An: samba@lists.samba.org Betreff: Re: [Samba] Managing win7 machines.. I did that, but that doesn't make win7 obey the ntconfig.pol (nt4 policies) as far as i know win7 can't handle these policies, so i think i need an other way to apply policies to win7. thx. Collen. On 20-1-2011 17:17, Wagg, Dave wrote: I don't know about version 3 but have you made the following changes to the Control Panel à Admin Tools à Local Security Policy à Local Policies à Security options Change the Network Security: LAN Manager authentication level to Send LM NTLM responses Remove 128 bit encryption on the following 2 items as well: Network security: Minimum session security for NTLM SSP based CLIENTS and Network security: Minimum session security for NTLM SSP based SERVERS -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Collen Blijenberg Sent: Thursday, January 20, 2011 10:42 AM To: samba@lists.samba.org Subject: [Samba] Managing win7 machines.. I'm curious how others manage their windows 7 machines on a samba 3.x.x domain .. especial the part of policies and scripts. i got the win7 running in the samba domain, but i'm stuck in the policies part.. and i don't want to use nitrobit for this. how do other users do this.. ?! thx, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] idmap troubles with any version 3.30 or later
This point is of interest. I just have a look at the ldapsam:trusted =yes and ldapsam:editposix=yes parameters and set up a test system. But if this is true I use the old way without winbind. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Jim Stalewski Gesendet: Donnerstag, 20. Januar 2011 21:04 An: samba@lists.samba.org Betreff: [Samba] idmap troubles with any version 3.30 or later Hello list. The issue I have is that with the changes made to the idmap functionality of winbind, as regards the enumeration of rfc2307 users and groups using getent passwd and getent group, only those AD users that are not in the domains included in the idmap config (domain) statements (the ones in trusted domains that get their ID mappings auto-assigned by the TDB backend with id's in the idmap uid / gid ranges) get enumerated. The ones that have the RFC2307 attributes defined within the idmap group (domain) range statements will return their uid/gid/homedir/shell info only if you specify getent passwd (username) but they do not enumerate with a getent passwd. Same with getent group (groupname) vs getent group. I have had to create the symlinks in /usr/lib and /usr/lib64 for the /lib/nss_winbind.so.2, /lib/nss_wins.so.2, /lib64/nss_winbind.so.2 and /lib64/nss_wins.so.2 libs manually because the installer did not create them for me, and until I did so, getent passwd and getent group only displayed the local /etc/passwd and /etc/group entries. Question - are there any other symlinks that should be created for any other aspect of the nss idmap functionality that may not have been created by the install process, that would be breaking the user / group enumeration functionality of nss_winbind.so, and if so, what libs need to be symlinked to which folders using what names? I have tried version 3.3x, 3.4.3 and 3.5.4 all with the same lack of results from getent passwd and getent group but it functioned properly under 3.2.7, so it can't be Thanks in advance, Jim. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender and delete it. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. No employee or agent is authorized to conclude any binding agreement on behalf of Visa Lighting with another party by email without express written confirmation by an authorized representative of the Company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 039dd96 s4:selftest: mark samba4.nbt.winsreplication.owned as knownfail via 3f09dc3 s4:selftest/skip: remove samba4.tokengroups.python from c3ad9bf s3:smbd: use anonymous_shared_free() for shared memory signing state http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 039dd96be236ab0ed1656bd854f407d26e8d3433 Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 20 08:43:27 2011 +0100 s4:selftest: mark samba4.nbt.winsreplication.owned as knownfail This sometimes fails on a busy server. metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Thu Jan 20 09:29:12 CET 2011 on sn-devel-104 commit 3f09dc3444c41b0303d4ffb79b7a43bc1ac0c28f Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 20 08:34:28 2011 +0100 s4:selftest/skip: remove samba4.tokengroups.python metze --- Summary of changes: source4/selftest/knownfail |1 + source4/selftest/skip |1 - 2 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 7e11f22..541e861 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -79,3 +79,4 @@ samba4.smb2.compound.*.related2 samba4.smb2.compound.*.invalid2 samba4.ldap.acl.*.search.* # ACL search behaviour not enabled by default samba4.ldap.acl.*.ntSecurityDescriptor.* # ACL extended checks on search not enabled by default +samba4.nbt.winsreplication.owned # fails sometimes, timing related diff --git a/source4/selftest/skip b/source4/selftest/skip index f6592de..671269a 100644 --- a/source4/selftest/skip +++ b/source4/selftest/skip @@ -84,4 +84,3 @@ smb2.acls # new test which doesn't pass yet # ktutil might not be installed or from mit... # we should build a samba4ktutil and use that instead samba4.blackbox.ktpass # this test isn't portable ... -samba4.tokengroups.python # randonly fails with an error -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 330b922 s4/wintest New ESXi configuration file via fbe6d15 s4-auth Remove special case for account_sid from auth_serversupplied_info via cce5231 s4-gensec Add prototype for gensec_ntlmssp_init() via 084b4e2 libcli/auth move ntlmssp_wrap() and ntlmssp_unwrap() into common code. from 039dd96 s4:selftest: mark samba4.nbt.winsreplication.owned as knownfail http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 330b922bd6a80ccbdc6122012ce1ed273fd3f2e0 Author: Zahari Zahariev zahari.zahar...@postpath.com Date: Thu Jan 20 15:26:18 2011 +0200 s4/wintest New ESXi configuration file This is a way to use wintest as it is unchanged and work with ESXi virtualization solution instead of VirtualBox or KVM. As the virtualization server is a remote Linux like machine I use 'sshpass' wrapper SSH to execute stop/reset/revert commands. Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Fri Jan 21 00:29:15 CET 2011 on sn-devel-104 commit fbe6d155bf177c610ee549cc534650b0f0700e8a Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 20 23:39:37 2011 +1100 s4-auth Remove special case for account_sid from auth_serversupplied_info This makes everything reference a server_info-sids list, which is now a struct dom_sid *, not a struct dom_sid **. This is in keeping with the other sid lists in the security_token etc. In the process, I also tidy up the talloc tree (move more structures under their logical parents) and check for some possible overflows in situations with a pathological number of sids. Andrew Bartlett commit cce5231b4d4ee9d4918004586bda9d499596d3d4 Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 20 16:38:08 2011 +1100 s4-gensec Add prototype for gensec_ntlmssp_init() Andrew Bartlett commit 084b4e235e2f500614638cb9c023a5ae8c2e531d Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 20 16:37:04 2011 +1100 libcli/auth move ntlmssp_wrap() and ntlmssp_unwrap() into common code. The idea here is to allow the source3/libads/sasl.c code to call this instead of the lower level ntlmssp_* functions. Andrew Bartlett --- Summary of changes: libcli/auth/ntlmssp.h|8 ++ libcli/auth/ntlmssp_sign.c | 139 +++ source4/auth/auth.h |7 +- source4/auth/auth_sam_reply.c| 152 ++ source4/auth/ntlm/auth_developer.c | 14 +-- source4/auth/ntlm/auth_server.c | 13 +-- source4/auth/ntlm/auth_unix.c|6 +- source4/auth/ntlmssp/ntlmssp.h |2 + source4/auth/ntlmssp/ntlmssp_sign.c | 135 ++- source4/auth/sam.c | 68 +-- source4/auth/session.c | 112 +-- source4/auth/system_session.c| 56 +- source4/dsdb/common/util_groups.c| 13 +- source4/dsdb/samdb/ldb_modules/operational.c |4 +- source4/dsdb/samdb/samdb.c | 53 -- source4/smbd/service_named_pipe.c|2 +- source4/torture/auth/pac.c | 25 ++-- source4/torture/rpc/remote_pac.c | 20 ++-- wintest/conf/zahari-esxi.conf| 46 19 files changed, 464 insertions(+), 411 deletions(-) create mode 100644 wintest/conf/zahari-esxi.conf Changeset truncated at 500 lines: diff --git a/libcli/auth/ntlmssp.h b/libcli/auth/ntlmssp.h index dead412..495d94f 100644 --- a/libcli/auth/ntlmssp.h +++ b/libcli/auth/ntlmssp.h @@ -160,4 +160,12 @@ NTSTATUS ntlmssp_unseal_packet(struct ntlmssp_state *ntlmssp_state, uint8_t *data, size_t length, const uint8_t *whole_pdu, size_t pdu_length, const DATA_BLOB *sig); +NTSTATUS ntlmssp_wrap(struct ntlmssp_state *ntlmssp_state, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB *in, + DATA_BLOB *out); +NTSTATUS ntlmssp_unwrap(struct ntlmssp_state *ntlmssp_stae, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB *in, + DATA_BLOB *out); NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state); diff --git a/libcli/auth/ntlmssp_sign.c b/libcli/auth/ntlmssp_sign.c index 3cf1ed7..0e57c07 100644 --- a/libcli/auth/ntlmssp_sign.c +++ b/libcli/auth/ntlmssp_sign.c @@ -388,6 +388,145 @@ NTSTATUS ntlmssp_unseal_packet(struct ntlmssp_state *ntlmssp_state, return status; } +NTSTATUS ntlmssp_wrap(struct ntlmssp_state
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via c68f4af Remove all uses of ./ in pathnames - make canonical. This will become important when we need to guarantee canonical names for hashing. (cherry picked from commit f278cc1a1f253b6492ef60c2879bdae6a2730084) via 4f84d67 Ensure we don't use ./ in findfirst pathnames. Use a directory open of . instead. (cherry picked from commit de4b09ca01b1747c49bb0058147977ff39d054bb) via f97f6a0 Make processing of incoming stream rename paths common between reply_mv and ntrename. Ensure we don't depend on ./ in the streams module. (cherry picked from commit bb54f72b94dca9206bf377b0d6a4b669e389e339) from fabfc89 s3:smbd: use anonymous_shared_free() for shared memory signing state http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit c68f4af4f9c4e580ec4192a6e1c0e67fbba52455 Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:32:57 2011 -0800 Remove all uses of ./ in pathnames - make canonical. This will become important when we need to guarantee canonical names for hashing. (cherry picked from commit f278cc1a1f253b6492ef60c2879bdae6a2730084) commit 4f84d6720779bf1a3cc855e9d4508a7026eb4e59 Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:30:28 2011 -0800 Ensure we don't use ./ in findfirst pathnames. Use a directory open of . instead. (cherry picked from commit de4b09ca01b1747c49bb0058147977ff39d054bb) commit f97f6a061ef497de3eade580bcf0a008bba33002 Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:27:56 2011 -0800 Make processing of incoming stream rename paths common between reply_mv and ntrename. Ensure we don't depend on ./ in the streams module. (cherry picked from commit bb54f72b94dca9206bf377b0d6a4b669e389e339) --- Summary of changes: source3/modules/vfs_streams_depot.c | 20 +- source3/smbd/nttrans.c | 26 +- source3/smbd/reply.c| 153 +++--- source3/smbd/trans2.c | 12 ++- 4 files changed, 134 insertions(+), 77 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c index 853d7b4..9870d0d 100644 --- a/source3/modules/vfs_streams_depot.c +++ b/source3/modules/vfs_streams_depot.c @@ -661,7 +661,6 @@ static int streams_depot_rename(vfs_handle_struct *handle, { struct smb_filename *smb_fname_src_stream = NULL; struct smb_filename *smb_fname_dst_stream = NULL; - struct smb_filename *smb_fname_dst_mod = NULL; bool src_is_stream, dst_is_stream; NTSTATUS status; int ret = -1; @@ -692,23 +691,7 @@ static int streams_depot_rename(vfs_handle_struct *handle, goto done; } - /* -* Handle passing in a stream name without the base file. This is -* exercised by the NTRENAME streams rename path. -*/ - if (StrCaseCmp(smb_fname_dst-base_name, ./) == 0) { - status = create_synthetic_smb_fname(talloc_tos(), - smb_fname_src-base_name, - smb_fname_dst-stream_name, - NULL, smb_fname_dst_mod); - if (!NT_STATUS_IS_OK(status)) { - errno = map_errno_from_nt_status(status); - goto done; - } - } - - status = stream_smb_fname(handle, (smb_fname_dst_mod ? - smb_fname_dst_mod : smb_fname_dst), + status = stream_smb_fname(handle, smb_fname_dst, smb_fname_dst_stream, false); if (!NT_STATUS_IS_OK(status)) { errno = map_errno_from_nt_status(status); @@ -721,7 +704,6 @@ static int streams_depot_rename(vfs_handle_struct *handle, done: TALLOC_FREE(smb_fname_src_stream); TALLOC_FREE(smb_fname_dst_stream); - TALLOC_FREE(smb_fname_dst_mod); return ret; } diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index da1231c..9d6a892 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1495,6 +1495,7 @@ void reply_ntrename(struct smb_request *req) uint32_t ucf_flags_dst = 0; uint16 rename_type; TALLOC_CTX *ctx = talloc_tos(); + bool stream_rename = false; START_PROFILE(SMBntrename); @@ -1527,10 +1528,16 @@ void reply_ntrename(struct smb_request *req) goto out; } - /* The newname must begin with a ':' if the oldname contains a ':'. */ - if (strchr_m(oldname, ':') (newname[0] != ':')) { - reply_nterror(req, NT_STATUS_INVALID_PARAMETER); - goto out; + if (!lp_posix_pathnames())
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 78b931c Remove all uses of ./ in pathnames - make canonical. This will become important when we need to guarantee canonical names for hashing. via de4b09c Ensure we don't use ./ in findfirst pathnames. Use a directory open of . instead. via bb54f72 Make processing of incoming stream rename paths common between reply_mv and ntrename. Ensure we don't depend on ./ in the streams module. from 330b922 s4/wintest New ESXi configuration file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 78b931ce6c840ade646c1c6030fa2d6acb77208b Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:32:57 2011 -0800 Remove all uses of ./ in pathnames - make canonical. This will become important when we need to guarantee canonical names for hashing. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Jan 21 02:59:56 CET 2011 on sn-devel-104 commit de4b09ca01b1747c49bb0058147977ff39d054bb Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:30:28 2011 -0800 Ensure we don't use ./ in findfirst pathnames. Use a directory open of . instead. commit bb54f72b94dca9206bf377b0d6a4b669e389e339 Author: Jeremy Allison j...@samba.org Date: Thu Jan 20 16:27:56 2011 -0800 Make processing of incoming stream rename paths common between reply_mv and ntrename. Ensure we don't depend on ./ in the streams module. --- Summary of changes: source3/modules/vfs_streams_depot.c | 20 +- source3/smbd/nttrans.c | 26 +- source3/smbd/reply.c| 153 +++--- source3/smbd/trans2.c | 12 ++- 4 files changed, 134 insertions(+), 77 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c index 853d7b4..9870d0d 100644 --- a/source3/modules/vfs_streams_depot.c +++ b/source3/modules/vfs_streams_depot.c @@ -661,7 +661,6 @@ static int streams_depot_rename(vfs_handle_struct *handle, { struct smb_filename *smb_fname_src_stream = NULL; struct smb_filename *smb_fname_dst_stream = NULL; - struct smb_filename *smb_fname_dst_mod = NULL; bool src_is_stream, dst_is_stream; NTSTATUS status; int ret = -1; @@ -692,23 +691,7 @@ static int streams_depot_rename(vfs_handle_struct *handle, goto done; } - /* -* Handle passing in a stream name without the base file. This is -* exercised by the NTRENAME streams rename path. -*/ - if (StrCaseCmp(smb_fname_dst-base_name, ./) == 0) { - status = create_synthetic_smb_fname(talloc_tos(), - smb_fname_src-base_name, - smb_fname_dst-stream_name, - NULL, smb_fname_dst_mod); - if (!NT_STATUS_IS_OK(status)) { - errno = map_errno_from_nt_status(status); - goto done; - } - } - - status = stream_smb_fname(handle, (smb_fname_dst_mod ? - smb_fname_dst_mod : smb_fname_dst), + status = stream_smb_fname(handle, smb_fname_dst, smb_fname_dst_stream, false); if (!NT_STATUS_IS_OK(status)) { errno = map_errno_from_nt_status(status); @@ -721,7 +704,6 @@ static int streams_depot_rename(vfs_handle_struct *handle, done: TALLOC_FREE(smb_fname_src_stream); TALLOC_FREE(smb_fname_dst_stream); - TALLOC_FREE(smb_fname_dst_mod); return ret; } diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index da1231c..9d6a892 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1495,6 +1495,7 @@ void reply_ntrename(struct smb_request *req) uint32_t ucf_flags_dst = 0; uint16 rename_type; TALLOC_CTX *ctx = talloc_tos(); + bool stream_rename = false; START_PROFILE(SMBntrename); @@ -1527,10 +1528,16 @@ void reply_ntrename(struct smb_request *req) goto out; } - /* The newname must begin with a ':' if the oldname contains a ':'. */ - if (strchr_m(oldname, ':') (newname[0] != ':')) { - reply_nterror(req, NT_STATUS_INVALID_PARAMETER); - goto out; + if (!lp_posix_pathnames()) { + /* The newname must begin with a ':' if the + oldname contains a ':'. */ + if (strchr_m(oldname, ':')) { + if (newname[0] != ':') { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + goto out; +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1a96ec2 pidl:Samba4/NDR/Client: remove compat mode for dcerpc_pipe based bindings via b7d6d3b s3:librpc: remove prototype of dcerpc_binding_handle_set_ref_alloc() from 78b931c Remove all uses of ./ in pathnames - make canonical. This will become important when we need to guarantee canonical names for hashing. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1a96ec21095c3524558b9a28643f84a28701db13 Author: Stefan Metzmacher me...@samba.org Date: Sat Jan 15 08:59:16 2011 +0100 pidl:Samba4/NDR/Client: remove compat mode for dcerpc_pipe based bindings The only consumer openchange uses the dcerpc_binding_handle based functions now. metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Fri Jan 21 08:16:25 CET 2011 on sn-devel-104 commit b7d6d3b840df959fe6a0df6810c8601872d57649 Author: Stefan Metzmacher me...@samba.org Date: Sat Jan 15 08:55:28 2011 +0100 s3:librpc: remove prototype of dcerpc_binding_handle_set_ref_alloc() This function doesn't exist anymore. metze --- Summary of changes: pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm | 57 -- source3/librpc/rpc/dcerpc.h |3 -- 2 files changed, 0 insertions(+), 60 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm index 3230958..2397f1a 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm @@ -220,49 +220,6 @@ sub ParseFunction_r_Sync() $self-pidl(); } -sub ParseFunction_Compat_Sync() -{ - my ($self, $if, $fn, $name) = @_; - my $uname = uc $name; - - my $proto = NTSTATUS dcerpc_$name\_compat(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct $name *r); - - $self-pidl_hdr(#ifdef DCERPC_CALL_$uname\_COMPAT); - $self-pidl_hdr(#define dcerpc_$name(p, m, r) dcerpc_$name\_compat(p, m, r)); - $self-pidl_hdr(#endif /* DCERPC_CALL_$uname\_COMPAT */); - - $self-fn_declare($proto); - $self-pidl({); - $self-indent; - $self-pidl(NTSTATUS status;); - $self-pidl(); - - $self-pidl(status = dcerpc_$name\_r(p-binding_handle, mem_ctx, r);); - $self-pidl(); - - $self-pidl(if (NT_STATUS_IS_RPC(status)) {); - $self-indent; - $self-pidl(status = NT_STATUS_NET_WRITE_FAULT;); - $self-deindent; - $self-pidl(}); - $self-pidl(); - - if (defined($fn-{RETURN_TYPE}) and $fn-{RETURN_TYPE} eq NTSTATUS) { - $self-pidl(if (NT_STATUS_IS_OK(status)) {); - $self-indent; - $self-pidl(status = r-out.result;); - $self-deindent; - $self-pidl(}); - $self-pidl(); - } - - $self-pidl(return status;); - - $self-deindent; - $self-pidl(}); - $self-pidl(); -} - sub ElementDirection($) { my ($e) = @_; @@ -682,9 +639,7 @@ sub ParseFunction_Sync() $fn_args .= ,\n . $pad . mapTypeName($fn-{RETURN_TYPE}). *result; } - $self-pidl_hdr(#ifndef DCERPC_CALL_$uname\_COMPAT); $self-fn_declare($fn_str($fn_args)); - $self-pidl_hdr(#endif /* DCERPC_CALL_$uname\_COMPAT */); $self-pidl({); $self-indent; $self-pidl(struct $name r;); @@ -740,8 +695,6 @@ sub ParseFunction($$$) $self-ParseFunction_r_Recv($if, $fn, $fn-{NAME}); $self-ParseFunction_r_Sync($if, $fn, $fn-{NAME}); - $self-ParseFunction_Compat_Sync($if, $fn, $fn-{NAME}); - foreach my $e (@{$fn-{ELEMENTS}}) { next unless (grep(/out/, @{$e-{DIRECTION}})); @@ -811,16 +764,6 @@ sub ParseInterface($$) $self-pidl_hdr(); } - $self-pidl_hdr(#ifdef DCERPC_IFACE_$ifu\_COMPAT); - foreach my $fn (@{$if-{FUNCTIONS}}) { - next if has_property($fn, noopnum); - next if has_property($fn, todo); - my $fnu = uc($fn-{NAME}); - $self-pidl_hdr(#define DCERPC_CALL_$fnu\_COMPAT 1); - } - $self-pidl_hdr(#endif /* DCERPC_IFACE_$ifu\_COMPAT */); - $self-pidl_hdr(); - $self-pidl(/* $if-{NAME} - client functions generated by pidl */); $self-pidl(); diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h index 3183645..ea6aea7 100644 --- a/source3/librpc/rpc/dcerpc.h +++ b/source3/librpc/rpc/dcerpc.h @@ -259,9 +259,6 @@ void *_dcerpc_binding_handle_data(struct dcerpc_binding_handle *h); #define dcerpc_binding_handle_data(_h, _type) \ talloc_get_type_abort(_dcerpc_binding_handle_data(_h), _type) -_DEPRECATED_ void dcerpc_binding_handle_set_ref_alloc(struct