Re: net user add name [-F user flags] ...
On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. -- cheers, ++ |Rafal 'Mimir' Szczesniak [EMAIL PROTECTED] | |*BSD, GNU/Linux and Samba / |__/
Re: net user add name [-F user flags] ...
Rafal Szczesniak wrote: On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. Samba *does* implement the createuser SAMR call, so this should work... (Both 2.2 and HEAD) I'll be very interested to see why it doesn't. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: net user add name [-F user flags] ...
On Mon, 7 Oct 2002, Andrew Bartlett wrote: Rafal Szczesniak wrote: On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. Samba *does* implement the createuser SAMR call, so this should work... (Both 2.2 and HEAD) However, there seems to be no way to specify that you want a workstation trust account or a domain trust account rather than an ordinary user. At least, not in the net user add command. Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], http://www.richardsharpe.com
Re: off-by-one error in RNetShareEnum
Steve Langasek wrote: The attached patch fixes an annoying, but not dangerous, off-by-one error in the RNetShareEnum in smbd/lanman.c. push_ascii() already takes into account the null termination, so subtracting one from the size of the destination buffer leaves us one byte short for the full string. Although the truncation doesn't seem to matter much for the clients I've tested with, applying this patch certainly eliminates a lot of noise from the logfiles. Generally considered 'a good thing' :-) Also, any time I give a password longer than 14 characters to smbclient, I get the same warning about truncated strings: convert_string: Required 28, available 15 This is due to the usage of push_ascii() in libsmb/smbencrypt.c:E_deshash(). Since the return value of push_ascii() is discarded, I assume the error is also not fatal; so it seems to me that before 3.0 is released, this debug statement ought to be reduced in severity. I'll fix this one up. We should probably push into an fstring, then copy the first 14 chars. I think the LM hash is meant to be truncated at 14, not null terminated, but I'll double-check. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: net user add name [-F user flags] ...
Richard Sharpe wrote: On Mon, 7 Oct 2002, Andrew Bartlett wrote: Rafal Szczesniak wrote: On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. Samba *does* implement the createuser SAMR call, so this should work... (Both 2.2 and HEAD) However, there seems to be no way to specify that you want a workstation trust account or a domain trust account rather than an ordinary user. At least, not in the net user add command. That's in the net rpc trustdom stuff at the moment. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
[PATCH] pdb_set_*
Hi Andrew,
here're the first steps of my pdb_set_* patch (THIS is NOT ready!!!)
every pdb_set function gets a uint8 flag (DEFAULT | SET | CHANGED)
then the backends can decide to only store changed values...
metze
-
Stefan metze Metzmacher [EMAIL PROTECTED]
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#*
HEAD/source/include/smb.h HEAD-pdb/source/include/smb.h
--- HEAD/source/include/smb.h Mon Oct 7 06:58:17 2002
+++ HEAD-pdb/source/include/smb.h Mon Oct 7 09:55:35 2002
@@ -569,25 +569,67 @@ typedef struct {
/*
* bit flags representing initialized fields in SAM_ACCOUNT
*/
-#define FLAG_SAM_UNINIT0x
-#define FLAG_SAM_UID 0x0001
-#define FLAG_SAM_GID 0x0002
-#define FLAG_SAM_SMBHOME 0x0004
-#define FLAG_SAM_PROFILE 0x0008
-#define FLAG_SAM_DRIVE 0x0010
-#define FLAG_SAM_LOGONSCRIPT 0x0020
-#define FLAG_SAM_LOGONTIME 0x0040
-#define FLAG_SAM_LOGOFFTIME0x0080
-#define FLAG_SAM_KICKOFFTIME 0x0100
-#define FLAG_SAM_CANCHANGETIME 0x0200
-#define FLAG_SAM_MUSTCHANGETIME0x0400
-#define FLAG_SAM_PLAINTEXT_PW 0x0800
+#define FLAG_SAM_UNINIT0x
+#define FLAG_SAM_USERNAME_CHANGED 0x0001
+#define FLAG_SAM_FULLNAME_CHANGED 0x0002
+#define FLAG_SAM_DOMAIN_DEFAULT0x0003
+#define FLAG_SAM_DOMAIN_CHANGED0x0004
+#define FLAG_SAM_NTUSERNAME_CHANGED0x0005
+#define FLAG_SAM_ACCTDESC_CHANGED 0x0006
+#define FLAG_SAM_UID_SET 0x0007
+#define FLAG_SAM_UID_CHANGED 0x0008
+#define FLAG_SAM_GID_SET 0x0009
+#define FLAG_SAM_GID_CHANGED 0x000A
+#define FLAG_SAM_USERSID_SET 0x000B
+#define FLAG_SAM_USERSID_CHANGED 0x000C
+#define FLAG_SAM_GROUPSID_SET 0x000D
+#define FLAG_SAM_GROUPSID_CHANGED 0x000E
+#define FLAG_SAM_ACCTCTRL_CHANGED 0x000F
+#define FLAG_SAM_SMBHOME_DEFAULT 0x0010
+#define FLAG_SAM_SMBHOME_CHANGED 0x0011
+#define FLAG_SAM_PROFILE_DEFAULT 0x0012
+#define FLAG_SAM_PROFILE_CHANGED 0x0013
+#define FLAG_SAM_DRIVE_DEFAULT 0x0014
+#define FLAG_SAM_DRIVE_CHANGED 0x0015
+#define FLAG_SAM_LOGONSCRIPT_DEFAULT 0x0016
+#define FLAG_SAM_LOGONSCRIPT_CHANGED 0x0017
+#define FLAG_SAM_HOURS_CHANGED 0x0018
+#define FLAG_SAM_HOURS_DEFAULT 0x0019
+#define FLAG_SAM_HOURSLEN_CHANGED 0x001A
+#define FLAG_SAM_HOURSLEN_DEFAULT 0x001B
+#define FLAG_SAM_LOGONDIVS_CHANGED 0x001C
+#define FLAG_SAM_UNIXHOMEDIR_CHANGED 0x001D
+#define FLAG_SAM_WORKSTATIONS_CHANGED 0x001E
+#define FLAG_SAM_MUNGEDDIAL_CHANGED0x001F
+#define FLAG_SAM_PLAINTEXT_PW_CHANGED 0x0020
+#define FLAG_SAM_LMPASSWD_CHANGED 0x0021
+#define FLAG_SAM_NTPASSWD_CHANGED 0x0022
+#define FLAG_SAM_PASSLASTSET_CHANGED 0x0023
+#define FLAG_SAM_CANCHANGETIME_DEFAULT 0x0024
+#define FLAG_SAM_CANCHANGETIME_CHANGED 0x0025
+#define FLAG_SAM_MUSTCHANGETIME_DEFAULT0x0026
+#define FLAG_SAM_MUSTCHANGETIME_CHANGED0x0027
+#define FLAG_SAM_LOGONTIME_DEFAULT 0x0028
+#define FLAG_SAM_LOGONTIME_CHANGED 0x0029
+#define FLAG_SAM_LOGOFFTIME_DEFAULT0x002A
+#define FLAG_SAM_LOGOFFTIME_CHANGED0x002B
+#define FLAG_SAM_KICKOFFTIME_DEFAULT 0x002C
+#define FLAG_SAM_KICKOFFTIME_CHANGED 0x002D
+#define FLAG_SAM_UNKNOWNSTR_CHANGED0x002E
+#define FLAG_SAM_UNKNOWN3_CHANGED 0x002F
+#define FLAG_SAM_UNKNOWN5_CHANGED 0x0030
+#define FLAG_SAM_UNKNOWN6_CHANGED 0x0031
+
+/* if you add a flag increment FLAG_SAM_COUNT */
+#define FLAG_SAM_COUNT 0x0031
+
+enum(DEFAULT,SET,CHANGED);
#define IS_SAM_UNIX_USER(x) \
- ((pdb_get_init_flag(x) FLAG_SAM_UID) \
- (pdb_get_init_flag(x) FLAG_SAM_GID))
+ ((pdb_get_init_flag(x,FLAG_SAM_UID_SET) \
+ (pdb_get_init_flag(x,FLAG_SAM_GID_SET)))
-#define IS_SAM_SET(x, flag)((x)-private.init_flag (flag))
+#define IS_SAM_SET(x, flag)pdb_get_init_flag(x, flag)
typedef struct sam_passwd
{
@@ -599,7 +641,7 @@ typedef struct sam_passwd
struct user_data {
/* initiailization flags */
- uint32 init_flag;
+ struct bitmap *init_flag;
time_t logon_time;/* logon time */
time_t logoff_time; /* logoff time */
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#*
HEAD/source/include/stamp-h HEAD-pdb/source/include/stamp-h
--- HEAD/source/include/stamp-h Thu Jan 1 01:00:00 1970
+++ HEAD-pdb/source/include/stamp-h
Re: net user add name [-F user flags] ...
On Mon, Oct 07, 2002 at 05:15:24PM +1000, Andrew Bartlett wrote: Rafal Szczesniak wrote: On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. Samba *does* implement the createuser SAMR call, so this should work... (Both 2.2 and HEAD) I'll be very interested to see why it doesn't. ok, then I'll see if it was my mistake and it really works. -- cheers, ++ |Rafal 'Mimir' Szczesniak [EMAIL PROTECTED] | |*BSD, GNU/Linux and Samba / |__/
Re: net user add name [-F user flags] ...
On Mon, Oct 07, 2002 at 06:12:00PM +0930, Richard Sharpe wrote: On Mon, 7 Oct 2002, Andrew Bartlett wrote: Rafal Szczesniak wrote: On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote: Hi, net help user suggests that net user add accepts optional -F user_flags, but in scanning the code, I don't see any flags being processed. Does the code actually accept flags? Can you use the above command to create a domain trust account, or must you use the smbpasswd command? Yes, but not against samba dc. Samba doesn't implement SAMR call which creates an account. Thus, it works only against native WinNT server. Or at least worked when I checked this last time. Samba *does* implement the createuser SAMR call, so this should work... (Both 2.2 and HEAD) However, there seems to be no way to specify that you want a workstation trust account or a domain trust account rather than an ordinary user. At least, not in the net user add command. See 'net rpc trustdom add' -- cheers, ++ |Rafal 'Mimir' Szczesniak [EMAIL PROTECTED] | |*BSD, GNU/Linux and Samba / |__/
Usrmgr.exe and Samba 3.0-alpha20.
Hi list, I like the use of the Usermanager for domains for windows. I played a litlle with this tool and noticed that the window95 version doesn't work because the RPC service is unavailable it say's. The NT version does work, altough there are some limitations. My questions at this moment are: - Will there still be support for the usrmgr tools in Samba in the future (considering that samba becomes more and more dc orientated)? - If so, then what will have to be done to be able to add groups and add members to groups through the usrmgr, considering that there is no mechanism (yet) to add a group with usrmgr and be able to define if it is a local or domain group? (This still requires the group to be added in two places where te later is the group mappings tdb which is managed with the smbgroupedit tool). Any comment on this would be welcome. Eddie.
Re: Usrmgr.exe and Samba 3.0-alpha20.
Eddie Lania wrote: Hi list, I like the use of the Usermanager for domains for windows. I played a litlle with this tool and noticed that the window95 version doesn't work because the RPC service is unavailable it say's. The NT version does work, altough there are some limitations. My questions at this moment are: - Will there still be support for the usrmgr tools in Samba in the future (considering that samba becomes more and more dc orientated)? - If so, then what will have to be done to be able to add groups and add members to groups through the usrmgr, considering that there is no mechanism (yet) to add a group with usrmgr and be able to define if it is a local or domain group? (This still requires the group to be added in two places where te later is the group mappings tdb which is managed with the smbgroupedit tool). Yes, usrmgr should work. I mess with it regularly, and it seems to work... I'll chase up the issues you have raised. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: Solaris fcntl bug 4700402
On Wed, 11 Sep 2002, Broughton, Jim wrote: This is Sun UK's answer after I requested the fix for Bug ID:4700402 ... Just to confirm, the fix will be put in to the latest version of solaris first (solaris 10) then back ported to earlier revisions. Although this has not happened yet, it is due to happen very soon. There is no patch available at the moment, but once the fix has been put in to Solaris 10, then back ported, a test binary will be produced. Does anyone know if there have been any further developments on the Solaris fcntl() issue? Regards, -- Neil Hoggarth Departmental Computer Officer [EMAIL PROTECTED] Laboratory of Physiology http://www.physiol.ox.ac.uk/~njh/ University of Oxford, UK
Re: [PATCH] pdb_set_*
Stefan (metze) Metzmacher wrote:
Hi Andrew,
here're the first steps of my pdb_set_* patch (THIS is NOT ready!!!)
every pdb_set function gets a uint8 flag (DEFAULT | SET | CHANGED)
then the backends can decide to only store changed values...
metze
Looks like a good start - a few comments below...
-
Stefan metze Metzmacher [EMAIL PROTECTED]
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#*
HEAD/source/include/smb.h HEAD-pdb/source/include/smb.h
--- HEAD/source/include/smb.h Mon Oct 7 06:58:17 2002
+++ HEAD-pdb/source/include/smb.h Mon Oct 7 09:55:35 2002
@@ -569,25 +569,67 @@ typedef struct {
/*
* bit flags representing initialized fields in SAM_ACCOUNT
*/
-#define FLAG_SAM_UNINIT0x
-#define FLAG_SAM_UID 0x0001
-#define FLAG_SAM_GID 0x0002
-#define FLAG_SAM_SMBHOME 0x0004
-#define FLAG_SAM_PROFILE 0x0008
-#define FLAG_SAM_DRIVE 0x0010
-#define FLAG_SAM_LOGONSCRIPT 0x0020
-#define FLAG_SAM_LOGONTIME 0x0040
-#define FLAG_SAM_LOGOFFTIME0x0080
-#define FLAG_SAM_KICKOFFTIME 0x0100
-#define FLAG_SAM_CANCHANGETIME 0x0200
-#define FLAG_SAM_MUSTCHANGETIME0x0400
-#define FLAG_SAM_PLAINTEXT_PW 0x0800
+#define FLAG_SAM_UNINIT0x
+#define FLAG_SAM_USERNAME_CHANGED 0x0001
+#define FLAG_SAM_FULLNAME_CHANGED 0x0002
+#define FLAG_SAM_DOMAIN_DEFAULT0x0003
+#define FLAG_SAM_DOMAIN_CHANGED0x0004
+#define FLAG_SAM_NTUSERNAME_CHANGED0x0005
+#define FLAG_SAM_ACCTDESC_CHANGED 0x0006
Why not make this an enum? Then create 3 bitmasks.
I think every element should have a 'default', 'set' and 'changed'
state.
+
+/* if you add a flag increment FLAG_SAM_COUNT */
+#define FLAG_SAM_COUNT 0x0031
+
+enum(DEFAULT,SET,CHANGED);
#define IS_SAM_UNIX_USER(x) \
- ((pdb_get_init_flag(x) FLAG_SAM_UID) \
- (pdb_get_init_flag(x) FLAG_SAM_GID))
+ ((pdb_get_init_flag(x,FLAG_SAM_UID_SET) \
+ (pdb_get_init_flag(x,FLAG_SAM_GID_SET)))
-#define IS_SAM_SET(x, flag)((x)-private.init_flag (flag))
+#define IS_SAM_SET(x, flag)pdb_get_init_flag(x, flag)
typedef struct sam_passwd
{
@@ -599,7 +641,7 @@ typedef struct sam_passwd
struct user_data {
/* initiailization flags */
- uint32 init_flag;
+ struct bitmap *init_flag;
time_t logon_time;/* logon time */
time_t logoff_time; /* logoff time */
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#*
HEAD/source/include/stamp-h HEAD-pdb/source/include/stamp-h
--- HEAD/source/include/stamp-h Thu Jan 1 01:00:00 1970
+++ HEAD-pdb/source/include/stamp-h Thu Sep 19 08:33:52 2002
@@ -0,0 +1 @@
+Sun Jul 18 20:32:29 UTC 1999
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#*
HEAD/source/passdb/pdb_get_set.c HEAD-pdb/source/passdb/pdb_get_set.c
--- HEAD/source/passdb/pdb_get_set.cFri Sep 27 07:40:04 2002
+++ HEAD-pdb/source/passdb/pdb_get_set.cMon Oct 7 09:22:01 2002
@@ -178,12 +178,12 @@ const DOM_SID *pdb_get_group_sid(const S
* @return the flags indicating the members initialised in the struct.
**/
-uint32 pdb_get_init_flag (const SAM_ACCOUNT *sampass)
+BOOL pdb_get_init_flag (const SAM_ACCOUNT *sampass, uint32 flag)
{
-if (sampass)
- return sampass-private.init_flag;
- else
-return FLAG_SAM_UNINIT;
+if (!sampass || !sampass-private.init_flags)
+ return False;
+
+return bitmap_query(sampass-private.init_flags, flag);
}
uid_t pdb_get_uid (const SAM_ACCOUNT *sampass)
@@ -334,109 +334,279 @@ uint32 pdb_get_unknown6 (const SAM_ACCOU
Collection of set...() functions for SAM_ACCOUNT_INFO.
/
-BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
+BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 acct_ctrl, uint8 flag)
{
+ uint32 sam_flag_changed = FLAG_SAM_ACCTCTRL_CHANGED;
+
if (!sampass)
return False;
- if (sampass) {
- sampass-private.acct_ctrl = flags;
- return True;
+ sampass-private.acct_ctrl = acct_ctrl;
+
+ switch(flag) {
+ case CHANGED:
+ if (!pdb_set_init_flag(sampass, sam_flag_changed)
+ return False;
+ break;
+ case DEFAULT:
+ case SET:
+
Re: [PATCH] pdb_set_*
At 21:51 07.10.2002 +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
Hi Andrew,
here're the first steps of my pdb_set_* patch (THIS is NOT ready!!!)
every pdb_set function gets a uint8 flag (DEFAULT | SET | CHANGED)
then the backends can decide to only store changed values...
metze
Looks like a good start - a few comments below...
:-)
+#define FLAG_SAM_ACCTDESC_CHANGED 0x0006
Why not make this an enum? Then create 3 bitmasks.
I make it with 2 bitmaps
sampass-private.change_flags;
sampass-private.set_flags;
I think every element should have a 'default', 'set' and 'changed'
state.
should I make a:
enum(DEFAULT=0,SET,CHANGED);
or:
enum(PDB_DEFAULT=0,PDB_SET,PDB_CHANGED);
???
I'm not sure if this logic looks quite right. As I mentioned above, I
think it's easist to make this identical for all the attributes. This
would allow us to make a new procecure:
BOOL set_init_flags(uint32 element, flag);
BOOL pdb_Set_init_flags(SAM_ACCOUNT *sampass, uint32 flag, uint8 value_flag);
That would do this swtich 'in general'. I would set every element as
'default' when we create a SAM_ACCOUNT, and make the changes when we
actually modify it. So 'changed' would mark both 'set' and 'changed',
while 'default' would mark none (clear both), and 'set' would just mark
'set' (clear changed). Hmm, I think this means we only need 2
bitmaps...
yep
@@ -1041,12 +1527,12 @@ BOOL pdb_set_pass_changed_now (SAM_ACCOU
if (!account_policy_get(AP_MAX_PASSWORD_AGE, expire)
|| (expire==(uint32)-1)) {
- if (!pdb_set_pass_must_change_time (sampass,
get_time_t_max(), False))
+ if (!pdb_set_pass_must_change_time (sampass,
get_time_t_max(), SET))
Hmm, shouldn't this be 'changed'?
yes to DEFAULT.
metze
-
Stefan metze Metzmacher [EMAIL PROTECTED]
Re: Solaris fcntl bug 4700402
Neil Hoggarth wrote: Does anyone know if there have been any further developments on the Solaris fcntl() issue? I haven't heard anything: customers tend to hear before I do, though. --dave -- David Collier-Brown, | Always do right. This will gratify DMCO's MTEC team in Toronto| some people and astonish the rest. Formerly Opcom, ACE and SIS. | (905) 415-2849 or x52849 | [EMAIL PROTECTED]
Re: sendfile profiling patch for utils/status.c
On Thu, 3 Oct 2002, Pierre Belanger wrote:
Hello all,
I'm including a tiny patch for utils/status.c , in
diff -u format ... Hope I did this right!
After applying the patch...
# ./bin/smbstatus -P
{snip}
read_bytes: 0
write_count:1
write_time: 166
write_bytes:54
sendfile_count: 4
sendfile_time: 16262
sendfile_bytes: 20480
lseek_count:2
lseek_time: 18
rename_count: 0
{snip}
The patch is attached in the mail. Fell free to all the
required printf where I add them, after the write_bytes,
or anywhere else...
Looks good to me. Applied to Samba-2.2
jerry
-
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
--http://www.plainjoe.org
SAMS Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2
--I never saved anything for the swim back. Ethan Hawk in Gattaca--
RFC Naming conventions in bug reports....
Folks,
I would like to propose the following naming conventions for
discussions here ('cause I'm always wondering what people mean
when they say theya re running 3.0)
3.0 - refers to either
(a) an distributed 3.0 alpha snapshot, or
(b) the latest checkout of the SAMBA_3_0 cvs branch
HEAD - obviously the HEAD cvs branch.
I think people are calling HEAD 3.0 out of habit which is
not really the case anymore
Thanks for humoring a confused dude :-)
cheers, jerry
-
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
--http://www.plainjoe.org
SAMS Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2
--I never saved anything for the swim back. Ethan Hawk in Gattaca--
RE: load balancing question
On Mon, 7 Oct 2002, Javid Abdul-AJAVID1 wrote: MSDFS is filey system right, how will it help to load balance samba connections what criteria does it rely to load balance ( like memory, or no of connetions etc.. ) Well, that is up to you. It is simple enough to roundrobin the entries. Doing something more sophisticated is a small matter of programming. Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], http://www.richardsharpe.com
Gums (Groups and Users Managent System)
Hi list,
my work is reaching a point I want to start receiving comments before I
put more effort into it.
As said on some sources, I was not satisfied with how the new sam
interface was coming out, and wanted to explorer a slightly different
path.
But I have little time and can work mostly on the weekend which is
already pretty busy. This mean I have not put as many comments as I
would have liked to put.
If you do not understand why I choose to do something one way and not
another feel free to ask, contribution is really welcome.
Something on the patch:
The most important thing is gums.h here it is the interface I had in
mind mostly.
gums.c is just here to be filled.
Helper.c instead is a bunch of work i've done while researching how bits
are in a real PDC, so I commit it to not risk loosing that work, it does
include a bunch of slightly modified routines (to include talloc
contexts mostly) made by jean francois that are yet in group/mapping.c,
these functions should on a later date be moved to a more appropriate
file like lib/util_seaccess.c or into a specifica file like
lib/util_secdesc.c (I vote for this one :)
Remember it is still work in progress, it is not ready even for a 0.1
version for my standards :-)
Enjoy,
Simo.
--
Simo Sorce - [EMAIL PROTECTED]
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
diff -uPr cvs.samba.org/samba/source/gums/gums.c source/gums/gums.c
--- cvs.samba.org/samba/source/gums/gums.c Thu Jan 1 01:00:00 1970
+++ source/gums/gums.c Thu Oct 3 16:47:03 2002
@@ -0,0 +1,86 @@
+/*
+ Unix SMB/CIFS implementation.
+ Grops and Users Management System initializations.
+ Copyright (C) Simo Sorce 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include includes.h
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_GUMS
+
+#define GMV_MAJOR 0
+#define GMV_MINOR 1
+
+static GUMS_FUNCTIONS *gums_functions;
+static void *dl_handle;
+
+PRIVS privs[] = {
+ {SE_PRIV_NONE, no_privs, No privilege}, /* this one MUST be first */
+ {SE_PRIV_ADD_MACHINES, SeMachineAccountPrivilege, Add workstations to the domain },
+ {SE_PRIV_SEC_PRIV, SeSecurityPrivilege, Manage the audit logs },
+ {SE_PRIV_TAKE_OWNER, SeTakeOwnershipPrivilege, Take ownership of file },
+ {SE_PRIV_ADD_USERS, SaAddUsers,Add users to the domain - Samba },
+ {SE_PRIV_PRINT_OPERATOR, SaPrintOp, Add or remove printers - Samba },
+ {SE_PRIV_ALL,SaAllPrivs,all privileges }
+};
+
+NTSTATUS gums_init(const char *module_name)
+{
+ int (*module_version)(int);
+ NTSTATUS (*module_init)();
+ gums_module_init module_init;
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(5, (Opening gums module %s\n, module_name));
+ dl_handle = sys_dlopen(module_name, RTLD_NOW);
+ if (!dl_handle) {
+ DEBUG(0, (ERROR: Failed to load gums module %s, error: %s\n, module_name, sys_dlerror()));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ module_version = sys_dlsym(dl_handle, gums_version);
+ if (!module_version) {
+ DEBUG(0, (ERROR: Failed to find gums module version!\n));
+ goto error;
+ }
+
+ if (module_version(GMV_MAJOR) != GUMS_VERSION_MAJOR) {
+ DEBUG(0, (ERROR: Module's major version does not match gums version!\n));
+ goto error;
+ }
+
+ if (module_version(GMV_MINOR) != GUMS_VERSION_MINOR) {
+ DEBUG(1, (WARNING: Module's minor version does not match gums version!\n));
+ }
+
+ module_init = sys_dlsym(dl_handle, gums_init);
+ if (!module_init) {
+ DEBUG(0, (ERROR: Failed to find gums module's init function!\n));
+ goto error;
+ }
+
+ DEBUG(5, (Initializing module %s\n, module_name));
+
+ ret = module_init(gums_functions);
+
+error:
+}
+
+NTSTATUS gums_unload(void) {
+
+}
diff -uPr cvs.samba.org/samba/source/gums/helper.c source/gums/helper.c
--- cvs.samba.org/samba/source/gums/helper.c Thu Jan 1 01:00:00 1970
+++ source/gums/helper.c Mon Oct 7 00:36:08 2002
@@ -0,0 +1,560 @@
+/*
+ Unix SMB/CIFS implementation.
+ GUMS backends helper functions
+ Copyright (C) Simo Sorce 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either
Re: [PATCH] give add printer command the printer comment
On Mon, 30 Sep 2002, Stefan (metze) Metzmacher wrote: Hi Jerry, here's a small patch to add the printer comment as parameter for the add printer command. This is probably a legitimate need. I also think we should remove the win9x driver location and remote machine netbios name parameter but I need to find out why they were added in the first place. I spoke with John Reilly about this earlier today and have a little more investigation to do before i'm confident. It also fix that smbd reloads the printers right. I don't think is is a complete fix actually. The problem is that the current implementation of add_printer_hook() really only works if you have the [printers] share defined. We need reload non-[printers] services as well. So the final fix will have to be a little more generic. I'm working on it today (or tomorrow). what is left to do is send a notify to the client that the printer list is updated. Good point. I'll have to look into this. cheers, jerry
winbindd and missing 0x1c role on UNICAST_SUBNET
I'm trying to get winbindd working (2.2.6pre2) but it won't start because it claims to not find the domain controller (Samba as PDC) that the rest of the network is happily using. -d10 output from winbindd: Could not open a connection to U_MTPPI for \PIPE\lsarpc (NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND) Digging into the code, winbindd gets a list of domain controllers via broadcast and then confirms each directly with a unicast query to the controller itself (in cm_get_dc_name in winbindd_cm.c) specifically querying the 0x1c role. That query is coming into nmbd as a unicast query. from log.nmbd: process_node_status_request: status request for name U_MTPPI1c from IP 192.168.92.56 on subnet UNICAST_SUBNET. Well, it seems that my nmbd isn't registering itself with a 0x1c on the UNICAST_SUBNET, because the GET_NEXT_SUBNET_INCLUDING_UNICAST macro (really the get_next_subnet_maybe_unicast function) only returns the unicast subnet as part of that linked list if the samba server is a WINS client. So the domain controller is not responding to the request from winbindd. Winbindd fails to get secrets, and does not work. If there's a way to make that query not come in as a unicast, then that's probably the best fix, but I don't know how, or even if it's possible. So, I can either fix winbindd to not directly confirm 0x1c, but maybe just use another role (0x1e?) or fix nmbd to register 0x1c on the UNICAST_SUBNET by replacing the GET_NEXT_SUBNET_INCLUDING_UNICAST with an alternative implementation of that get_next_subnet_maybe_unicast that returns the UNICAST_SUBNET even when not a WINS client. What's best? Does NT/2000/XP put itself on the UNICAST_SUBNET with the 0x1c role when it's acting as the PDC? Thanks, Kevin Stefanik
Re: load balancing question
Javid Abdul-AJAVID1 wrote: MSDFS is filey system right, how will it help to load balance samba connections what criteria does it rely to load balance ( like memory, or no of connetions etc.. ) MSDFS does not really load balance. MSDFS distributes the subdirectories of a directory between multiple servers transparently to the clients. So if each of your clients is accessing different files from different directories, then MSDFS can improve your performance. If all the clients are accessing the same files in the same directory, than you will need to either get a large enough single server, or you will need a file system that supports multiple hosts with a direct connection concurrent access to the disks. This is not really a SAMBA issue, because if the underlying filesystem and hosts support this, then SAMBA will transparently. I have received reports of SAMBA 1.19.x being used on a shared disk access OpenVMS cluster. There are also commercial LANMAN servers for some of these platforms, including those of my employer that run as a single process instead of the multiple process model of SAMBA. I do not know of any competative benchmarks between the commercial LANMAN servers and SAMBA. Such benchmarks could be difficult to instrument properly, and are highly dependent on the skill of the system administrator for each system, and the quality of the compilers for that platform. So it really depends on the specific client load as to what the best solution for you would be. It may require a more detailed engineering than could be done in a mailing list. The multiple SAMBA processes may not be the bottleneck for your proposed process. If the platorm knows how to share the code segment in memory, and the disks have good caching, the overhead for the processes may not be significant. -John [EMAIL PROTECTED] Personal Opinion Only
Identifying WinXP
Has anyone found a way to identify WinXP as the remote architecture of a client rather than just identifying it as Win2000? From everything I can find it is acting pretty much identical to a Win2000 client, which is a bit of an issue since I really would need to try to make a distinction. Any ideas? Kris
Re: load balancing question
On Mon, 7 Oct 2002, John E. Malmberg wrote: Javid Abdul-AJAVID1 wrote: MSDFS is filey system right, how will it help to load balance samba connections what criteria does it rely to load balance ( like memory, or no of connetions etc.. ) MSDFS does not really load balance. MSDFS distributes the subdirectories of a directory between multiple servers transparently to the clients. Well, my suggestion was that MSDFS be modified to return referrals to different machines that each provide access to the same distributed file system, and that these referals be rotated in a round robin fashion. At least, that is what we will be doing. So if each of your clients is accessing different files from different directories, then MSDFS can improve your performance. If all the clients are accessing the same files in the same directory, than you will need to either get a large enough single server, or you will need a file system that supports multiple hosts with a direct connection concurrent access to the disks. This is not really a SAMBA issue, because if the underlying filesystem and hosts support this, then SAMBA will transparently. I have received reports of SAMBA 1.19.x being used on a shared disk access OpenVMS cluster. There are also commercial LANMAN servers for some of these platforms, including those of my employer that run as a single process instead of the multiple process model of SAMBA. I do not know of any competative benchmarks between the commercial LANMAN servers and SAMBA. Such benchmarks could be difficult to instrument properly, and are highly dependent on the skill of the system administrator for each system, and the quality of the compilers for that platform. So it really depends on the specific client load as to what the best solution for you would be. It may require a more detailed engineering than could be done in a mailing list. The multiple SAMBA processes may not be the bottleneck for your proposed process. If the platorm knows how to share the code segment in memory, and the disks have good caching, the overhead for the processes may not be significant. -John [EMAIL PROTECTED] Personal Opinion Only -- Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], http://www.richardsharpe.com
Re: Solaris fcntl bug 4700402
I've also just recieved this t-patch, and I'll be testing this weekend. I'll post results asap. According to my contact at sun, they are looking at a Jan/03 date for the official release. Cheers, T. Romeril, Alan wrote: I have just been testing a binary T-patch fix for Solaris 8 on a machine here looks like the fix they`ve got is a good `un. Tridge`s locker program runs much better on the box I tested this patch on. For much better read a hell of a lot better in some cases. I`ve mailed off asking for any news on when it`ll hit the recommended set. Cheers, Alan David Collier-Brown wrote: Neil Hoggarth wrote: Does anyone know if there have been any further developments on the Solaris fcntl() issue? I haven't heard anything: customers tend to hear before I do, though. --dave
