[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)! But one last question regarding unix attributes in the AD stays: I noticed that uidnumber/gid... is not written back to the active directory when creating a user or group. I set idmap_ldb:use rfc2307 = yes in my smb.conf, but it seems that samba-tool is ignoring this. Is this a bug? At http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html I see a script that wraps around the samba-tool when creating a user. After creating it asks winbind for uid/gid and writes these information back to AD. This seems fine as workaround but it would be nice if samba-tool does this out-of-the-box or? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
Try the following. Since Win7 does traffic shaping. in adminstrative dos box. run netsh interface tcp set global autotuning=disabled ( the original setting is : netsh interface tcp set global autotuningl=normal ) and test again. Gr. Louis -Oorspronkelijk bericht- Van: j...@samba.org [mailto:samba-boun...@lists.samba.org] Namens Jeremy Allison Verzonden: dinsdag 13 augustus 2013 2:18 Aan: Philipp Lies CC: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
Am 8/13/2013 2:18 AM, schrieb Jeremy Allison: On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). 0010111010100101000010 - enough data? ;-) What kind of information do you need? Philipp Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
Am 8/13/2013 10:50 AM, schrieb L.P.H. van Belle: Try the following. Since Win7 does traffic shaping. in adminstrative dos box. run netsh interface tcp set global autotuning=disabled ( the original setting is : netsh interface tcp set global autotuningl=normal ) and test again. Thanks, this boosted the speed ~5MB/s for both connections but the difference between server 1 and server 2 is still at ~10-15 MB/s. It's nothing critical, I'm just curious what could cause this. Cheers Philipp Gr. Louis -Oorspronkelijk bericht- Van: j...@samba.org [mailto:samba-boun...@lists.samba.org] Namens Jeremy Allison Verzonden: dinsdag 13 augustus 2013 2:18 Aan: Philipp Lies CC: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
On Tue, 2013-08-13 at 10:06 +0200, Markus Gillmeister wrote: Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)! But one last question regarding unix attributes in the AD stays: I noticed that uidnumber/gid... is not written back to the active directory when creating a user or group. I set idmap_ldb:use rfc2307 = yes in my smb.conf, but it seems that samba-tool is ignoring this. Is this a bug? I would imagine that it is not a bug, as this is standard Windows AD behaviour (well it is up to Server 2008R2, might have changed in Server 2012). JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
On Tue, 2013-08-13 at 10:06 +0200, Markus Gillmeister wrote: Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)! But one last question regarding unix attributes in the AD stays: I noticed that uidnumber/gid... is not written back to the active directory when creating a user or group. I set idmap_ldb:use rfc2307 = yes in my smb.conf, but it seems that samba-tool is ignoring this. Is this a bug? At http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html I see a script that wraps around the samba-tool when creating a user. After creating it asks winbind for uid/gid and writes these information back to AD. This seems fine as workaround but it would be nice if samba-tool does this out-of-the-box or? Hi You have to add the attribute yourself on 4.0.8 and earlier. That's what our scripts do. It's unfortunate that samba-tool doesn't do this. The devs use a non AD solution for rfc2307. There is some better news: the new RC's and master have e.g. samba-tool user add steve [...] --uid-number=12345678 which does add the necessary attribute to AD I'd recommend using the latest version of sssd. It has native support for AD and loads of other goodies such as dynamic dns. Although it's non-trivial building it on Debian, it would be worth the effort. Many congrats on getting 1.8.4 working however. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Backup DC DNS Issues
Hi, I’m having issues with Samba4 as a backup DC on a Windows server domain. The Linux machine (on CentOS 6.4) and a compiled version of Samba 4.0.7 has joined the domain fine, and I’ve manually added the DNS entries as required. I’ve attempted this with both a BIND backend and the internal backend, but both times I’ve run into problems with DNS updates. When using the internal database and running the samba_dnsupdate tool, I get TSIG errors: TSIG error with server: tsig verify failed. When I’m using BIND, I get TKEY is unacceptable errors. I’ve tried most of the suggestions I can find through Google, but no success. I am at a bit of a loss. I’ve definitely ensured that selinux and iptables are disabled, I’ve re-setup everything from scratch several times following the guides on the wiki site to the letter, deleted and rejoined the DC (delete computer account on Windows side, delete smb.conf and dns.keytab file on CentOS side, and re-setup), plus a few other things I can’t recall (permissions based mainly). This is running in a lab environment, so I’m happy to play around with this as much as required in order to get it working. I can also provide whatever logs and messages asked for. Is anyone able to give me a bit of hand with troubleshooting this problem? Thanks, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Odd Samba 4 (4.2.0pre1-GIT-b505111; actually only using client) behaviour #2 - accept: Software caused connection abort.
Caught it in the act! As predicted, almost immediately after sending my original message (!) . However unfortunately, it's not particularly useful . ... 16327: write(7, \0, 1)= 1 16327: setcontext(0xFEFFD690) 16327: waitid(P_ALL, 0, 0xFEFFDD70, WEXITED|WTRAPPED|WNOHANG) = 0 16327: siginfo: SIGCLD CLD_EXITED pid=26937 status=0x 16327: waitid(P_ALL, 0, 0xFEFFDD70, WEXITED|WTRAPPED|WNOHANG) = 0 16327: siginfo: SIG#0 16327: pollsys(0x0809B4D0, 8, 0xFEFFDF18, 0x) = 1 16327: fd=39 ev=POLLIN|POLLHUP rev=0 16327: fd=38 ev=POLLIN|POLLHUP rev=0 16327: fd=34 ev=POLLIN|POLLHUP rev=0 16327: fd=36 ev=POLLIN|POLLHUP rev=0 16327: fd=37 ev=POLLIN|POLLHUP rev=0 16327: fd=35 ev=POLLIN|POLLHUP rev=0 16327: fd=33 ev=POLLIN|POLLHUP rev=0 16327: fd=6 ev=POLLIN|POLLHUP rev=POLLIN 16327: timeout: 59.99900 sec 16327: read(6, \0, 16)= 1 16327: pollsys(0x0809B4D0, 8, 0xFEFFDF18, 0x) (sleeping...) 16327: fd=39 ev=POLLIN|POLLHUP rev=0 16327: fd=38 ev=POLLIN|POLLHUP rev=0 16327: fd=34 ev=POLLIN|POLLHUP rev=0 16327: fd=36 ev=POLLIN|POLLHUP rev=0 16327: fd=37 ev=POLLIN|POLLHUP rev=0 16327: fd=35 ev=POLLIN|POLLHUP rev=0 16327: fd=33 ev=POLLIN|POLLHUP rev=0 16327: fd=6 ev=POLLIN|POLLHUP rev=0 16327: timeout: 59.99900 sec 16327: pollsys(0x0809B4D0, 8, 0xFEFFDF18, 0x) = 1 16327: fd=39 ev=POLLIN|POLLHUP rev=0 16327: fd=38 ev=POLLIN|POLLHUP rev=0 16327: fd=34 ev=POLLIN|POLLHUP rev=0 16327: fd=36 ev=POLLIN|POLLHUP rev=0 16327: fd=37 ev=POLLIN|POLLHUP rev=POLLIN 16327: fd=35 ev=POLLIN|POLLHUP rev=0 16327: fd=33 ev=POLLIN|POLLHUP rev=0 16327: fd=6 ev=POLLIN|POLLHUP rev=0 16327: timeout: 59.99900 sec 16327: accept(37, 0xFEFFDDCC, 0xFEFFDDB8, SOV_DEFAULT) = 41 16327: AF_INET name = X.X.X.X port = 28986 16327: forkx(0)= 26942 16327: lwp_sigmask(SIG_SETMASK, 0x00011080, 0x, 0x, 0x) = 0xFFBFFEFF [0x] 16327: close(41) = 0 16327: pollsys(0x0809B4D0, 8, 0xFEFFDF18, 0x) = 1 16327: fd=39 ev=POLLIN|POLLHUP rev=0 16327: fd=38 ev=POLLIN|POLLHUP rev=0 16327: fd=34 ev=POLLIN|POLLHUP rev=0 16327: fd=36 ev=POLLIN|POLLHUP rev=0 16327: fd=35 ev=POLLIN|POLLHUP rev=POLLIN 16327: fd=33 ev=POLLIN|POLLHUP rev=0 16327: fd=6 ev=POLLIN|POLLHUP rev=0 16327: fd=37 ev=POLLIN|POLLHUP rev=0 16327: timeout: 44.69600 sec 16327: accept(35, 0xFEFFDDCC, 0xFEFFDDB8, SOV_DEFAULT) Err#130 ECONNABORTED 16327: fstat(40, 0xFEFFD1A0)= 0 16327: d=0x0888 i=22079 m=002 l=0 u=0 g=0 rdev=0x02480248 16327: at = Aug 12 17:30:31 BST 2013 [ 1376325031.0 ] 16327: mt = Aug 12 17:30:31 BST 2013 [ 1376325031.0 ] 16327: ct = Aug 12 17:30:31 BST 2013 [ 1376325031.0 ] 16327: bsz=8192 blks=0 fs=BADVFS 16327: time() = 1376345330 16327: getpid()= 16327 [1] 16327: putmsg(40, 0xFEFFDB80, 0xFEFFDB90, 0) = 0 16327: ctl: maxlen=24 len=24 buf=0xFEFFD230: 98 0 tFE\0\010\0.. 16327: 98 0 tFE\0\010\0 XD2FFFE \CF iFE HFA\b\b1B\0\0\0 16327: dat: maxlen=1280 len=151 buf=0xFEFFD250: A u g 1 2 2.. 16327:A u g 1 2 2 3 : 0 8 : 5 0 s m b d [ 1 6 3 2 7 ] : [ I D 16327: 7 0 2 9 1 1 F A C I L I T Y _ A N D _ P R I O R I T Y ] [ 16327:2 0 1 3 / 0 8 / 1 2 2 3 : 0 8 : 5 0 . 0 4 3 5 8 2 , 0 ] 16327:. . / s o u r c e 3 / s m b d / s e r v e r . c : 5 5 6 ( s m b 16327:d _ a c c e p t _ c o n n e c t i o n )\n\n\0 ... However hopefully that might be of use to someone - unfortunately it does just look like a Solaris specific nasty. There should be no reason for the abort; everything is directly connected on uncongested gigabit Ethernet, so it's unlikely to be TCP timeout related and I can't see a client aborting the connection before even it's established (that might happen if the clients, or possibly the server were desperately short of IP resources but that isn't going to be the case either). It doesn't appear to be related to the number of connections either, so I can't immediately think of any sensible reason for the connection to abort. What might also be interesting to investigate (though completely unrelated) is why there's an fstat(40, 0xFEFFD1A0) when writing the message - descriptor 40 is the socket for the syslog() connection, so
Re: [Samba] Speed differences for windows clients
If you have a socket options line in your config, comment it out and restart smbd and see if that helps. On Aug 13, 2013 4:17 AM, Philipp Lies philipp.l...@cin.uni-tuebingen.de wrote: Am 8/13/2013 10:50 AM, schrieb L.P.H. van Belle: Try the following. Since Win7 does traffic shaping. in adminstrative dos box. run netsh interface tcp set global autotuning=disabled ( the original setting is : netsh interface tcp set global autotuningl=normal ) and test again. Thanks, this boosted the speed ~5MB/s for both connections but the difference between server 1 and server 2 is still at ~10-15 MB/s. It's nothing critical, I'm just curious what could cause this. Cheers Philipp Gr. Louis -Oorspronkelijk bericht- Van: j...@samba.org [mailto:samba-boun...@lists.samba.org] Namens Jeremy Allison Verzonden: dinsdag 13 augustus 2013 2:18 Aan: Philipp Lies CC: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
Thanks, but here is no socket option set. Here's the smb.conf w/o shares: [global] workgroup = XXX server string = Samba Server Version %v netbios name = XXX log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 security = user passdb backend = ldapsam:ldap://localhost ldap suffix = dc=... ldap admin dn = cn=... ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap passwd sync = No ldap ssl = start tls domain master = no domain logons = yes preferred master = yes os level = 35 Pretty minimal, that's why I thought maybe someone here knows if I should set some additional parameter. Am 8/13/2013 2:07 PM, schrieb Ricky Nance: If you have a socket options line in your config, comment it out and restart smbd and see if that helps. On Aug 13, 2013 4:17 AM, Philipp Lies philipp.l...@cin.uni-tuebingen.de wrote: Am 8/13/2013 10:50 AM, schrieb L.P.H. van Belle: Try the following. Since Win7 does traffic shaping. in adminstrative dos box. run netsh interface tcp set global autotuning=disabled ( the original setting is : netsh interface tcp set global autotuningl=normal ) and test again. Thanks, this boosted the speed ~5MB/s for both connections but the difference between server 1 and server 2 is still at ~10-15 MB/s. It's nothing critical, I'm just curious what could cause this. Cheers Philipp Gr. Louis -Oorspronkelijk bericht- Van: j...@samba.org [mailto:samba-boun...@lists.samba.org] Namens Jeremy Allison Verzonden: dinsdag 13 augustus 2013 2:18 Aan: Philipp Lies CC: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 4 and roaming profiles
I've just setup a samba4 system (zentyal) to act as authentication and file server in a mixed lan (windows and linux clients). The problem is that my linux pcs and windows winxp clients point to a username folder on the server, while the windows7 clients point to a username.V2 folder. This is an issue due to the different types of roaming profiles in different windows versions (xp 7). So I need a workaround to make the windows7 cliients point to username folders. TIA Antonello -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
can be several things for explain the difference. 1) fragmentation. 2) testfile is on server 1 at the beginning of the disk, second server at the end. 3) is the hardware the same, if not, maybe the server nic drivers is better of server 1. 4) are the harddisk the same ? speed (rpm) , throughput? , size? just some things to consider. -Oorspronkelijk bericht- Van: philipp.l...@cin.uni-tuebingen.de [mailto:samba-boun...@lists.samba.org] Namens Philipp Lies Verzonden: dinsdag 13 augustus 2013 14:11 Aan: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients Thanks, but here is no socket option set. Here's the smb.conf w/o shares: [global] workgroup = XXX server string = Samba Server Version %v netbios name = XXX log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 security = user passdb backend = ldapsam:ldap://localhost ldap suffix = dc=... ldap admin dn = cn=... ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap passwd sync = No ldap ssl = start tls domain master = no domain logons = yes preferred master = yes os level = 35 Pretty minimal, that's why I thought maybe someone here knows if I should set some additional parameter. Am 8/13/2013 2:07 PM, schrieb Ricky Nance: If you have a socket options line in your config, comment it out and restart smbd and see if that helps. On Aug 13, 2013 4:17 AM, Philipp Lies philipp.l...@cin.uni-tuebingen.de wrote: Am 8/13/2013 10:50 AM, schrieb L.P.H. van Belle: Try the following. Since Win7 does traffic shaping. in adminstrative dos box. run netsh interface tcp set global autotuning=disabled ( the original setting is : netsh interface tcp set global autotuningl=normal ) and test again. Thanks, this boosted the speed ~5MB/s for both connections but the difference between server 1 and server 2 is still at ~10-15 MB/s. It's nothing critical, I'm just curious what could cause this. Cheers Philipp Gr. Louis -Oorspronkelijk bericht- Van: j...@samba.org [mailto:samba-boun...@lists.samba.org] Namens Jeremy Allison Verzonden: dinsdag 13 augustus 2013 2:18 Aan: Philipp Lies CC: samba@lists.samba.org Onderwerp: Re: [Samba] Speed differences for windows clients On Mon, Aug 12, 2013 at 10:00:18AM +0200, Philipp Lies wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Nope. Need more data :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 and roaming profiles
Hai, Profiles of XP and Win7(8) are different and should NOT be in the same folder. This is why you have a V2 profile folder and this is NOT the username folder. You can redirect desktop / documents / userhome to the same point. but not the profile folder. -Oorspronkelijk bericht- Van: i...@antonellofacchetti.it [mailto:samba-boun...@lists.samba.org] Namens antonello Verzonden: dinsdag 13 augustus 2013 14:33 Aan: samba@lists.samba.org Onderwerp: [Samba] samba 4 and roaming profiles I've just setup a samba4 system (zentyal) to act as authentication and file server in a mixed lan (windows and linux clients). The problem is that my linux pcs and windows winxp clients point to a username folder on the server, while the windows7 clients point to a username.V2 folder. This is an issue due to the different types of roaming profiles in different windows versions (xp 7). So I need a workaround to make the windows7 cliients point to username folders. TIA Antonello -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] “Failed to find a writeable DC for domain” joining to win2k3 AD DC
I have a CentOS 6.4 box with SerNet's Samba 4.0.8 installed and no smb.conf file yet, as it should be. I want it to become an AD DC in my existing Windows domain, replicating from the existing Windows Server 2003 box. I have SELinux enabled and want it to stay that way. I'm getting this error trying to run samba-tool: $ sudo samba-tool domain join currentwindowsadserver.mydomain.lan DC -Uadministrator --realm=currentwindowsadserver.mydomain.lan Finding a writeable DC for domain 'currentwindowsadserver.mydomain.lan' ERROR(exception): uncaught exception - Failed to find a writeable DC for domain 'currentwindowsadserver.mydomain.lan' File /usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 552, in run machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) File /usr/lib64/python2.6/site-packages/samba/join.py, line 1082, in join_DC machinepass, use_ntvfs, dns_backend, promote_existing) File /usr/lib64/python2.6/site-packages/samba/join.py, line 73, in __init__ ctx.server = ctx.find_dc(domain) File /usr/lib64/python2.6/site-packages/samba/join.py, line 246, in find_dc raise Exception(Failed to find a writeable DC for domain '%s' % domain) I have a StackExchange thread open with all the things I've tried changing and all the things I've verified so far: http://unix.stackexchange.com/questions/86516/samba-4-gives-failed-to-find-a-writeable-dc-for-domain-on-samba-tool-domain-jo I'd appreciate any pointers. I seem to have run out of things to try. Thanks, Kev -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 LDAP NTLM password nightly injection
Luc, Very helpful... I'm doing a migration from a very non-standard samba ldap implementation that we can't just migrate. We would like to save the users' passwords though. I'm testing using known password hashes and I'm having trouble authenticating after I change the passwords. How can I extract what is being inserted in to samba4 in order to verify that I'm doing things correctly? Thanks! Bo - Original Message - From: Luc Lalonde luc.lalo...@polymtl.ca To: samba@lists.samba.org Cc: Andrew Bartlett abart...@samba.org Sent: Tuesday, April 9, 2013 11:25:47 AM Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection Ok this works: #!/usr/bin/env python import sys sys.path.insert(0, /usr/local/samba/lib64/python2.6/site-packages) sys.path.insert(1, /usr/local/samba/lib/python2.6/site-packages) from samba import Ldb, registry from samba.param import LoadParm from samba.provision import provision, FILL_FULL, ProvisioningError, setsysvolacl from samba.samba3 import passdb from samba.samba3 import param as s3param from samba.dcerpc import lsa, samr, security from samba.dcerpc.security import dom_sid from samba.credentials import Credentials from samba import dsdb from samba.ndr import ndr_pack from samba import unix2nttime # Convert Hex to Byte string def HexToByte( hexStr ): bytes = [] hexStr = ''.join( hexStr.split( ) ) for i in range(0, len(hexStr), 2): bytes.append( chr( int (hexStr[i:i+2], 16 ) ) ) return ''.join( bytes ) # Connect to samba4 backend new_lp_ctx = s3param.get_context() new_lp_ctx.load(/usr/local/samba/etc/smb.conf) new_lp_ctx.set(private dir, /usr/local/samba/private) s4_passdb = passdb.PDB(new_lp_ctx.get(passdb backend)) # Change testuser password new_userdata = s4_passdb.getsampwnam(testuser) new_userdata.nt_passwd = HexToByte(878D8014606CDA29677A44EFA1353FC7) new_userdata.lanman_passwd = HexToByte(552902031BEDE9EFAAD3B435B51404EE) s4_passdb.update_sam_account(new_userdata) I was missing some module paths and the extra info for connecting to the LDB database... Now I just have to generalize this procedure so that I can update the passwords every night like I do with Samba3-LDAP. Andrew, thanks for the pointers. I'm posting this in case it can help someone else. - Original Message - From: Luc Lalonde luc.lalo...@polymtl.ca To: Andrew Bartlett abart...@samba.org Cc: samba@lists.samba.org Sent: Wednesday, March 27, 2013 7:38:05 PM GMT -05:00 US/Canada Eastern Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection Hello Andrew, How would I convert the below base16 strings into raw bytes acceptable to this routine? We presently inject the NTLM passwords directly into our LDAP database for Samba3. Also, I can't seem to figure out the argument values for 'passdb.PDB'. I tried 'ldb', 'samba_dsdb'. Thanks for your help! On 2013-03-27, at 6:18 PM, Andrew Bartlett abart...@samba.org wrote: On Tue, 2013-03-26 at 11:10 -0400, Luc Lalonde wrote: Hello Andrew, I'm finally diving into this project... First off, my sysadmin stuff is mostly in Perl. So my Python is rudimentary at best. Here we go anyway... I've looked at the 'upgrade.py' but I can't seem to figure out how to connect to the Samba4 passwd database. In the script I see these lines: ### # Connect to samba4 backend s4_passdb = passdb.PDB(new_lp_ctx.get(passdb backend)) I would appreciate a hint on how to connect to the database please. Where is the 'passdb' object referenced from? Once that's done, from what I understand, I should be able to change the passwords directly: ### # Change foo-user password admin_userdata = s4_passdb.getsampwnam(foo-user) admin_userdata.nt_passwd = 878D8014606CDA29677A44EFA1353FC7 admin_userdata.lanman_passwd = 552902031BEDE9EFAAD3B435B51404EE s4_passdb.update_sam_account(admin_userdata) ### Sort of. Those values are not base16 strings, but raw bytes, but otherwise that looks pretty much right at a first glance. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Luc Lalonde, analyste - Département de génie informatique: École polytechnique de Montréal (514) 340-4711 x5049
Re: [Samba] Samba/winbind UID mismatch.
That did not work. But on the bright side, it looks like it is doing that only for one user and only via smb. Other services which use the same winbind authentication seem to work fine for that user such ftp and afp. I am going to recreate the user and see if it resolves the issue. Thanks for your help. - Pramod On Aug 12, 2013, at 4:52 AM, steve st...@steve-ss.com wrote: On 12/08/13 13:04, Pramod Venugopal wrote: Hello everyone, I am running Samba 4.0.8 on Arch Linux (installed from the Arch Repo) I have winbind authentication configured and working. I am able to login via ssh, and at the machine console with my samba credentials. I also have a Windows 8 client and an OS X client which is able to connect to this system via smb. However, when I create files or directories via smb I seem to have a UID mismatch compared to when I create files/directories via shell or at the console When I type id at the shell, it tells me my uid is 318 . Files created at the shell or console have this as the owner. When I copy files via smb the uid is 300. In idmap.ldb , my xidNumber is 318. Am I missing something ? Thanks in advance, - Pramod Hi A quick fix maybe. 1. Add the line: idmap_ldb use:rfc2307 = Yes to smb.conf 2. add: uidNumber: 318 to the DN of the user 3. Always work on the DC either by ssh or at the console. Then the uidNumber will _always_ be 318. There are many ways to do the same but I don't know Arch so dare not suggest. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba signature.asc Description: Message signed with OpenPGP using GPGMail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/winbind UID mismatch.
Even stranger. This happens only when the user is a member of the domain admins group. When I removed the user from Domain Admins , the uid is correct. On Aug 13, 2013, at 9:06 AM, Pramod Venugopal pra...@dvnull.org wrote: That did not work. But on the bright side, it looks like it is doing that only for one user and only via smb. Other services which use the same winbind authentication seem to work fine for that user such ftp and afp. I am going to recreate the user and see if it resolves the issue. Thanks for your help. - Pramod On Aug 12, 2013, at 4:52 AM, steve st...@steve-ss.com wrote: On 12/08/13 13:04, Pramod Venugopal wrote: Hello everyone, I am running Samba 4.0.8 on Arch Linux (installed from the Arch Repo) I have winbind authentication configured and working. I am able to login via ssh, and at the machine console with my samba credentials. I also have a Windows 8 client and an OS X client which is able to connect to this system via smb. However, when I create files or directories via smb I seem to have a UID mismatch compared to when I create files/directories via shell or at the console When I type id at the shell, it tells me my uid is 318 . Files created at the shell or console have this as the owner. When I copy files via smb the uid is 300. In idmap.ldb , my xidNumber is 318. Am I missing something ? Thanks in advance, - Pramod Hi A quick fix maybe. 1. Add the line: idmap_ldb use:rfc2307 = Yes to smb.conf 2. add: uidNumber: 318 to the DN of the user 3. Always work on the DC either by ssh or at the console. Then the uidNumber will _always_ be 318. There are many ways to do the same but I don't know Arch so dare not suggest. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba signature.asc Description: Message signed with OpenPGP using GPGMail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/winbind UID mismatch.
From a google search it looks like that is how it was intended. http://thr3ads.net/samba/2013/03/2189446-Samba4-File-ownership-for-Domain-Admins-members Thanks for your help. - Pramod On Aug 13, 2013, at 9:18 AM, Pramod Venugopal pra...@dvnull.org wrote: Even stranger. This happens only when the user is a member of the domain admins group. When I removed the user from Domain Admins , the uid is correct. On Aug 13, 2013, at 9:06 AM, Pramod Venugopal pra...@dvnull.org wrote: That did not work. But on the bright side, it looks like it is doing that only for one user and only via smb. Other services which use the same winbind authentication seem to work fine for that user such ftp and afp. I am going to recreate the user and see if it resolves the issue. Thanks for your help. - Pramod On Aug 12, 2013, at 4:52 AM, steve st...@steve-ss.com wrote: On 12/08/13 13:04, Pramod Venugopal wrote: Hello everyone, I am running Samba 4.0.8 on Arch Linux (installed from the Arch Repo) I have winbind authentication configured and working. I am able to login via ssh, and at the machine console with my samba credentials. I also have a Windows 8 client and an OS X client which is able to connect to this system via smb. However, when I create files or directories via smb I seem to have a UID mismatch compared to when I create files/directories via shell or at the console When I type id at the shell, it tells me my uid is 318 . Files created at the shell or console have this as the owner. When I copy files via smb the uid is 300. In idmap.ldb , my xidNumber is 318. Am I missing something ? Thanks in advance, - Pramod Hi A quick fix maybe. 1. Add the line: idmap_ldb use:rfc2307 = Yes to smb.conf 2. add: uidNumber: 318 to the DN of the user 3. Always work on the DC either by ssh or at the console. Then the uidNumber will _always_ be 318. There are many ways to do the same but I don't know Arch so dare not suggest. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba signature.asc Description: Message signed with OpenPGP using GPGMail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 and roaming profiles
Jerry Carter provided this example long ago when Vista first started the v2 profile. It might still be viable in Samba4. https://lists.samba.org/archive/samba-technical/2007-April/053054.html Dale On 08/13/2013 9:09 AM, L.P.H. van Belle wrote: Hai, Profiles of XP and Win7(8) are different and should NOT be in the same folder. This is why you have a V2 profile folder and this is NOT the username folder. You can redirect desktop / documents / userhome to the same point. but not the profile folder. -Oorspronkelijk bericht- Van: i...@antonellofacchetti.it [mailto:samba-boun...@lists.samba.org] Namens antonello Verzonden: dinsdag 13 augustus 2013 14:33 Aan: samba@lists.samba.org Onderwerp: [Samba] samba 4 and roaming profiles I've just setup a samba4 system (zentyal) to act as authentication and file server in a mixed lan (windows and linux clients). The problem is that my linux pcs and windows winxp clients point to a username folder on the server, while the windows7 clients point to a username.V2 folder. This is an issue due to the different types of roaming profiles in different windows versions (xp 7). So I need a workaround to make the windows7 cliients point to username folders. TIA Antonello -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 LDAP NTLM password nightly injection
Duh... got it, nvm... new_userdata = s4_passdb.getsampwnam(jtest) print binascii.hexlify(new_userdata.nt_passwd) And my troubleshooting was required by a typo that I made.. argh! - Original Message - From: Bo Kersey b...@vircio.com To: Luc Lalonde luc.lalo...@polymtl.ca Cc: samba@lists.samba.org, Andrew Bartlett abart...@samba.org Sent: Tuesday, August 13, 2013 11:03:40 AM Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection Luc, Very helpful... I'm doing a migration from a very non-standard samba ldap implementation that we can't just migrate. We would like to save the users' passwords though. I'm testing using known password hashes and I'm having trouble authenticating after I change the passwords. How can I extract what is being inserted in to samba4 in order to verify that I'm doing things correctly? Thanks! Bo - Original Message - From: Luc Lalonde luc.lalo...@polymtl.ca To: samba@lists.samba.org Cc: Andrew Bartlett abart...@samba.org Sent: Tuesday, April 9, 2013 11:25:47 AM Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection Ok this works: #!/usr/bin/env python import sys sys.path.insert(0, /usr/local/samba/lib64/python2.6/site-packages) sys.path.insert(1, /usr/local/samba/lib/python2.6/site-packages) from samba import Ldb, registry from samba.param import LoadParm from samba.provision import provision, FILL_FULL, ProvisioningError, setsysvolacl from samba.samba3 import passdb from samba.samba3 import param as s3param from samba.dcerpc import lsa, samr, security from samba.dcerpc.security import dom_sid from samba.credentials import Credentials from samba import dsdb from samba.ndr import ndr_pack from samba import unix2nttime # Convert Hex to Byte string def HexToByte( hexStr ): bytes = [] hexStr = ''.join( hexStr.split( ) ) for i in range(0, len(hexStr), 2): bytes.append( chr( int (hexStr[i:i+2], 16 ) ) ) return ''.join( bytes ) # Connect to samba4 backend new_lp_ctx = s3param.get_context() new_lp_ctx.load(/usr/local/samba/etc/smb.conf) new_lp_ctx.set(private dir, /usr/local/samba/private) s4_passdb = passdb.PDB(new_lp_ctx.get(passdb backend)) # Change testuser password new_userdata = s4_passdb.getsampwnam(testuser) new_userdata.nt_passwd = HexToByte(878D8014606CDA29677A44EFA1353FC7) new_userdata.lanman_passwd = HexToByte(552902031BEDE9EFAAD3B435B51404EE) s4_passdb.update_sam_account(new_userdata) I was missing some module paths and the extra info for connecting to the LDB database... Now I just have to generalize this procedure so that I can update the passwords every night like I do with Samba3-LDAP. Andrew, thanks for the pointers. I'm posting this in case it can help someone else. - Original Message - From: Luc Lalonde luc.lalo...@polymtl.ca To: Andrew Bartlett abart...@samba.org Cc: samba@lists.samba.org Sent: Wednesday, March 27, 2013 7:38:05 PM GMT -05:00 US/Canada Eastern Subject: Re: [Samba] Samba 4 LDAP NTLM password nightly injection Hello Andrew, How would I convert the below base16 strings into raw bytes acceptable to this routine? We presently inject the NTLM passwords directly into our LDAP database for Samba3. Also, I can't seem to figure out the argument values for 'passdb.PDB'. I tried 'ldb', 'samba_dsdb'. Thanks for your help! On 2013-03-27, at 6:18 PM, Andrew Bartlett abart...@samba.org wrote: On Tue, 2013-03-26 at 11:10 -0400, Luc Lalonde wrote: Hello Andrew, I'm finally diving into this project... First off, my sysadmin stuff is mostly in Perl. So my Python is rudimentary at best. Here we go anyway... I've looked at the 'upgrade.py' but I can't seem to figure out how to connect to the Samba4 passwd database. In the script I see these lines: ### # Connect to samba4 backend s4_passdb = passdb.PDB(new_lp_ctx.get(passdb backend)) I would appreciate a hint on how to connect to the database please. Where is the 'passdb' object referenced from? Once that's done, from what I understand, I should be able to change the passwords directly: ### # Change foo-user password admin_userdata = s4_passdb.getsampwnam(foo-user) admin_userdata.nt_passwd = 878D8014606CDA29677A44EFA1353FC7 admin_userdata.lanman_passwd = 552902031BEDE9EFAAD3B435B51404EE s4_passdb.update_sam_account(admin_userdata) ### Sort of. Those values are not
[Samba] sharing files as standalone server in samba4
I am a little confuse here, if I want to share a folder with samba4 but as a standalone server, the same procedure applies as for the DC mode? # mkdir -p /srv/samba/Demo/ Add a new share to your smb.conf: [Demo] path = /srv/samba/Demo/ read only = no and managing permissions from windows as explained here https://wiki.samba.org/index.php/Setup_and_configure_file_shares? or it is like the samba 3 way, doing chmod to the folder and adding or restricting users in the smb.conf with for example write list, read list, valid users, etc options? for example Mkdir sharedfolder Chgrp –R users sharedfolder *1 Chmod 2770 sharedfolder [sharedfiles] Path=/home/easgs/sharedfolder Read list= a,b,c Write list = d,e,f Force group = users Guest ok = no Valid users = a,b,c,d,e,f, @users Directory mask = 2770 Create mask = 2770 Force create mode = 2770 Force directory mode = 2770 oplocks = no level2 oplocks = no thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
On Mon, 12 Aug 2013 10:00:18 +0200 Philipp Lies philipp.l...@cin.uni-tuebingen.de wrote: Hi, we have a strange phenomenon with the transfer speed between windows clients and samba servers. Here's the setup: server 1: centos 6.3 with samba 3.5.10 server 2: centos 6.4 with samba 3.6.9 both servers are configured as BDC and have - aside from netbios name - identical smb.conf which contains ldapsam as backend and all other parameters are not set (i.e. default) When I mount a share from a linux client, the transfer speed is ~112MB/sec to either server from any linux client. However, when I mount a share from Windows clients, the speed to server 1 is ~95MB/s and to server 2 ~85MB/s. We tested this with several windows clients (all running Windows 7 with all updates). The speed difference between linux client and windows client is not what's confusing me but that server 2 is always slower than server 1. Any ideas what could cause this? Philipp The speed difference between Linux and Windows clients is most likely explained by the fact that Linux clients will almost always negotiate POSIX extensions with the server. At that point, they're allowed to bump up the rsize/wsize values to much larger values. Newer kernels will default to 1M for both. That greatly increases throughput. As far as the difference between the two servers from windows clients, it'll be difficult to be sure without doing some more legwork to track down the cause. -- Jeff Layton jlay...@redhat.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Speed differences for windows clients
Different anti-virus software, fragmentation of the disks, differeng network configurations involving the use of jumbo frames, intervening switches that may be busy or doing deep packet inspection, etc., etc. can all interfere with file transfer speed across a network in different ways to different servers. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Failed to find a writeable DC for domain joining to win2k3 AD DC
Look at your /etc/resolv.conf There should be an entry of your existing DC in it ex.: nameserver your.existing.dc And you should be able to ping the existing DC. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Kevin Field Gesendet: Dienstag, 13. August 2013 16:15 An: samba@lists.samba.org Betreff: [Samba] Failed to find a writeable DC for domain joining to win2k3 AD DC I have a CentOS 6.4 box with SerNet's Samba 4.0.8 installed and no smb.conf file yet, as it should be. I want it to become an AD DC in my existing Windows domain, replicating from the existing Windows Server 2003 box. I have SELinux enabled and want it to stay that way. I'm getting this error trying to run samba-tool: $ sudo samba-tool domain join currentwindowsadserver.mydomain.lan DC -Uadministrator --realm=currentwindowsadserver.mydomain.lan Finding a writeable DC for domain 'currentwindowsadserver.mydomain.lan' ERROR(exception): uncaught exception - Failed to find a writeable DC for domain 'currentwindowsadserver.mydomain.lan' File /usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 552, in run machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) File /usr/lib64/python2.6/site-packages/samba/join.py, line 1082, in join_DC machinepass, use_ntvfs, dns_backend, promote_existing) File /usr/lib64/python2.6/site-packages/samba/join.py, line 73, in __init__ ctx.server = ctx.find_dc(domain) File /usr/lib64/python2.6/site-packages/samba/join.py, line 246, in find_dc raise Exception(Failed to find a writeable DC for domain '%s' % domain) I have a StackExchange thread open with all the things I've tried changing and all the things I've verified so far: http://unix.stackexchange.com/questions/86516/samba-4-gives-failed-to-find-a -writeable-dc-for-domain-on-samba-tool-domain-jo I'd appreciate any pointers. I seem to have run out of things to try. Thanks, Kev -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dc3c4c0 docs: Add man vfs_syncops.8 to waf build. from 0260601 s3: smbd/connection: added routines to compute share connections http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dc3c4c00e65f1ffdd32bf7c2e957da98b5913084 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 12 09:02:07 2013 +0200 docs: Add man vfs_syncops.8 to waf build. Signed-off-by: Karolin Seeger ksee...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Reviewed-by: David Disseldorp dd...@samba.org Part of a fix for bug #7364 - man vfs_syncops missing. Autobuild-User(master): Karolin Seeger ksee...@samba.org Autobuild-Date(master): Tue Aug 13 12:09:45 CEST 2013 on sn-devel-104 --- Summary of changes: docs-xml/wscript_build |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index f2d977a..d729aa8 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -76,6 +76,7 @@ manpages=''' manpages/vfs_smb_traffic_analyzer.8 manpages/vfs_streams_depot.8 manpages/vfs_streams_xattr.8 + manpages/vfs_syncops.8 manpages/vfs_time_audit.8 manpages/vfs_tsmsm.8 manpages/vfs_xattr_tdb.8 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via f3a9fe5 s3-libads: Print a message if no realm has been specified. via a183dcd s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. via e9edcb3 docs: Add man page for vfs_linux_xfs_sgid. from 694d54a VERSION: Bump version number up to 4.1.0rc3... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit f3a9fe50ead03732a34afaedcbdb0ee90bb6dc5a Author: Andreas Schneider a...@samba.org Date: Mon Aug 5 09:25:11 2013 +0200 s3-libads: Print a message if no realm has been specified. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Mon Aug 5 12:24:44 CEST 2013 on sn-devel-104 (cherry picked from commit 6659f0164c6b8d7ad522bcd6c2c6748c3d9bca81) The last 2 patches address bug #10073 - net ads join - segmentation fault in create_local_private_krb5_conf_for_domain. Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-1-test): Tue Aug 13 12:16:00 CEST 2013 on sn-devel-104 commit a183dcd3af2cba6025515296e954b836fbf9a9fd Author: Günther Deschner g...@samba.org Date: Fri May 17 15:14:35 2013 +0200 s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org (cherry picked from commit 6dc7c63efa95d0c04b542667d9b6a6621c8139bf) commit e9edcb30907d825d2a5a825f3a88edf9753e7995 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 12 10:02:31 2013 +0200 docs: Add man page for vfs_linux_xfs_sgid. Signed-off-by: Karolin Seeger ksee...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Tue Aug 13 02:06:30 CEST 2013 on sn-devel-104 (cherry picked from commit 906de702e641bb0da8ec9074b80d6e94bdb17cfe) Fix bug #7490 - man vfs_linux_xfs_sgid missing. --- Summary of changes: ...s_fake_perms.8.xml = vfs_linux_xfs_sgid.8.xml} | 35 ++- docs-xml/wscript_build |1 + source3/libads/kerberos.c | 10 ++ 3 files changed, 29 insertions(+), 17 deletions(-) copy docs-xml/manpages/{vfs_fake_perms.8.xml = vfs_linux_xfs_sgid.8.xml} (53%) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_fake_perms.8.xml b/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml similarity index 53% copy from docs-xml/manpages/vfs_fake_perms.8.xml copy to docs-xml/manpages/vfs_linux_xfs_sgid.8.xml index 6916ced..17ed1ac 100644 --- a/docs-xml/manpages/vfs_fake_perms.8.xml +++ b/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml @@ -1,24 +1,24 @@ ?xml version=1.0 encoding=iso-8859-1? !DOCTYPE refentry PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; -refentry id=vfs_fake_perms.8 +refentry id=vfs_linux_xfs_sgid.8 refmeta - refentrytitlevfs_fake_perms/refentrytitle + refentrytitlevfs_syncops/refentrytitle manvolnum8/manvolnum refmiscinfo class=sourceSamba/refmiscinfo refmiscinfo class=manualSystem Administration tools/refmiscinfo - refmiscinfo class=version4.0/refmiscinfo + refmiscinfo class=version4.1/refmiscinfo /refmeta refnamediv - refnamevfs_fake_perms/refname - refpurposeenable read only Roaming Profiles/refpurpose + refnamevfs_linux_xfs_sgid/refname + refpurpose/refpurpose /refnamediv refsynopsisdiv cmdsynopsis - commandvfs objects = fake_perms/command + commandvfs objects = linux_xfs_sgid/command /cmdsynopsis /refsynopsisdiv @@ -29,13 +29,14 @@ citerefentryrefentrytitlesamba/refentrytitle manvolnum7/manvolnum/citerefentry suite./para - paraThe commandvfs_fake_perms/command VFS module was created - to allow Roaming Profile files and directories to be set (on - the Samba server under UNIX) as read only. This module will, - if installed on the Profiles share, report to the client that - the Profile files and directories are writeable. This satisfies - the client even though the files will never be overwritten as - the client logs out or shuts down. + para + commandvfs_linux_xfs_sgid/command is a VFS module to work around an + old Linux XFS bug that still exists: Under certain circumstances the + SGID bit is not inherited (ulink url=http://oss.sgi.com/bugzilla/show_bug.cgi?id=280; +
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 1a61c56 s3-libads: Print a message if no realm has been specified. via dea6282 s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. from 9439729 Ensure gpfs kernel leases are wrapped in a become_root()/unbecome_root() pair. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 1a61c5632c1a444eb916290342241660cbb59988 Author: Andreas Schneider a...@samba.org Date: Mon Aug 5 09:25:11 2013 +0200 s3-libads: Print a message if no realm has been specified. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Mon Aug 5 12:24:44 CEST 2013 on sn-devel-104 (cherry picked from commit 6659f0164c6b8d7ad522bcd6c2c6748c3d9bca81) The last 2 patches address bug #10073 - net ads join - segmentation fault in create_local_private_krb5_conf_for_domain. Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-0-test): Tue Aug 13 12:16:48 CEST 2013 on sn-devel-104 commit dea6282d3b7bda6389c2f101c14159274472b780 Author: Günther Deschner g...@samba.org Date: Fri May 17 15:14:35 2013 +0200 s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org (cherry picked from commit 6dc7c63efa95d0c04b542667d9b6a6621c8139bf) --- Summary of changes: source3/libads/kerberos.c | 10 ++ 1 files changed, 10 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 50a409c..cac3474 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -838,6 +838,16 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, return false; } + if (realm == NULL) { + DEBUG(0, (No realm has been specified! Do you really want to + join an Active Directory server?\n)); + return false; + } + + if (domain == NULL || pss == NULL || kdc_name == NULL) { + return false; + } + dname = lock_path(smb_krb5); if (!dname) { return false; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 87c63fd docs: Add man vfs_syncops.8 to waf build. via 117e7ee docs: Add basic man page for vfs_syncops. from f3a9fe5 s3-libads: Print a message if no realm has been specified. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 87c63fd449bebf6165525c9a469ecb313dc13745 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 12 09:02:07 2013 +0200 docs: Add man vfs_syncops.8 to waf build. Signed-off-by: Karolin Seeger ksee...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Reviewed-by: David Disseldorp dd...@samba.org Part of a fix for bug #7364 - man vfs_syncops missing. Autobuild-User(master): Karolin Seeger ksee...@samba.org Autobuild-Date(master): Tue Aug 13 12:09:45 CEST 2013 on sn-devel-104 (cherry picked from commit dc3c4c00e65f1ffdd32bf7c2e957da98b5913084) Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-1-test): Tue Aug 13 14:42:31 CEST 2013 on sn-devel-104 commit 117e7ee14bcc71af95d4bdcf7e574d82c972b3f4 Author: Karolin Seeger ksee...@samba.org Date: Fri Aug 9 10:57:51 2013 +0200 docs: Add basic man page for vfs_syncops. Fix bug #7364 - man vfs_syncops missing. Signed-off-by: Karolin Seeger ksee...@samba.org Reviewed-by: David Disseldorp dd...@samba.org Autobuild-User(master): David Disseldorp dd...@samba.org Autobuild-Date(master): Fri Aug 9 13:19:12 CEST 2013 on sn-devel-104 (cherry picked from commit 6fb300f7b44cc6eb83e10b7272c2e08c150e05ba) --- Summary of changes: docs-xml/manpages/vfs_syncops.8.xml | 99 +++ docs-xml/wscript_build |1 + 2 files changed, 100 insertions(+), 0 deletions(-) create mode 100644 docs-xml/manpages/vfs_syncops.8.xml Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_syncops.8.xml b/docs-xml/manpages/vfs_syncops.8.xml new file mode 100644 index 000..ccb0b67 --- /dev/null +++ b/docs-xml/manpages/vfs_syncops.8.xml @@ -0,0 +1,99 @@ +?xml version=1.0 encoding=iso-8859-1? +!DOCTYPE refentry PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; +refentry id=vfs_syncops.8 + +refmeta + refentrytitlevfs_syncops/refentrytitle + manvolnum8/manvolnum + refmiscinfo class=sourceSamba/refmiscinfo + refmiscinfo class=manualSystem Administration tools/refmiscinfo + refmiscinfo class=version4.1/refmiscinfo +/refmeta + + +refnamediv + refnamevfs_syncops/refname + refpurposeEnsure meta data operations are performed synchronously./refpurpose +/refnamediv + +refsynopsisdiv + cmdsynopsis + commandvfs objects = syncops/command + /cmdsynopsis +/refsynopsisdiv + +refsect1 + titleDESCRIPTION/title + + paraThis VFS module is part of the + citerefentryrefentrytitlesamba/refentrytitle + manvolnum7/manvolnum/citerefentry suite./para + + para + Some filesystems (even some journaled filesystems) require that a + fsync() be performed on many meta data operations to ensure that the + operation is guaranteed to remain in the filesystem after a power + failure. This is particularly important for some cluster filesystems + which are participating in a node failover system with clustered + Samba. On those filesystems the commandvfs_syncops/command VFS module + provides a way to perform those operations safely. + /para + + paraThis module is stackable./para + +/refsect1 + +refsect1 + titleCONFIGURATION/title + + para + Most of the performance loss with the commandvfs_syncops/command + VFS module is in fsync on close(). You can disable that with + commandsyncops:onclose = no/command that can be set either globally + or per share. + /para + + para + On certain filesystems that only require the last data written to be + fsync()'ed, you can disable the metadata synchronization of this module with + commandsyncops:onmeta = no/command. This option can be set either + globally or per share. + /para + + para + The commandvfs_syncops/command VFS module can also be disabled + completely for a share with commandsyncops:disable = true/command. + /para +/refsect1 + +refsect1 + titleEXAMPLES/title + + paraAdd syncops functionality for [share]:/para +programlisting +smbconfsection name=[share]/ + smbconfoption name=path/data/share/smbconfoption + smbconfoption name=vfs objectssyncops/smbconfoption + smbconfoption name=syncops:oncloseno/smbconfoption +/programlisting + +/refsect1 + +refsect1 + titleVERSION/title + + paraThis man
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-08-13-1537/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-08-13-1537/samba3.stderr http://git.samba.org/autobuild.flakey/2013-08-13-1537/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-08-13-1537/samba.stderr http://git.samba.org/autobuild.flakey/2013-08-13-1537/samba.stdout The top commit at the time of the failure was: commit 52d66d81f1a873b8106973d1cdece032b7080805 Author: Andreas Schneider a...@samba.org Date: Mon Aug 12 20:22:04 2013 +0200 s3-winbind: Fix a segfault passing NULL to a fstring argument. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082 Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Tue Aug 13 13:58:26 CEST 2013 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). from 52d66d8 s3-winbind: Fix a segfault passing NULL to a fstring argument. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1b57fd180c2640598c13d2459a7c7a6f04708388 Author: Günther Deschner g...@samba.org Date: Mon Aug 12 17:23:12 2013 +0200 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). Fallback to lsa named-pipe connection when tcp connection has failed twice (it could be a trusted domain connection where we cannot setup a secure channel). Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615 BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899 Signed-off-by: Günther Deschner g...@samba.org Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Tested-by: Christof Schmitt christof.schm...@us.ibm.com Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_cm.c |9 +++-- 1 files changed, 7 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 08c763c..1832b2b 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2651,11 +2651,16 @@ NTSTATUS cm_connect_lsat(struct winbindd_domain *domain, invalidate_cm_connection(domain-conn); status = cm_connect_lsa_tcp(domain, mem_ctx, cli); } - if (!NT_STATUS_IS_OK(status)) { + if (NT_STATUS_IS_OK(status)) { return status; } - return NT_STATUS_OK; + /* +* we tried twice to connect via ncan_ip_tcp and schannel and +* failed - maybe it is a trusted domain we can't connect to ? +* do not try tcp next time - gd +*/ + domain-can_do_ncacn_ip_tcp = false; } status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy); -- Samba Shared Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-08-14-0015/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-08-14-0015/samba3.stderr http://git.samba.org/autobuild.flakey/2013-08-14-0015/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-08-14-0015/samba.stderr http://git.samba.org/autobuild.flakey/2013-08-14-0015/samba.stdout The top commit at the time of the failure was: commit 1b57fd180c2640598c13d2459a7c7a6f04708388 Author: Günther Deschner g...@samba.org Date: Mon Aug 12 17:23:12 2013 +0200 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). Fallback to lsa named-pipe connection when tcp connection has failed twice (it could be a trusted domain connection where we cannot setup a secure channel). Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615 BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899 Signed-off-by: Günther Deschner g...@samba.org Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Tested-by: Christof Schmitt christof.schm...@us.ibm.com Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104