=21175550id_secret=21175550-eae52450
Powered by Listbox: http://www.listbox.com
--
Gordon Ross g...@nexenta.com
Nexenta Systems, Inc. www.nexenta.com
Enterprise class storage for everyone
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
You could also tweak the krb5-config to support what this package wants.
It's just a script...
On Wed, Jun 8, 2016 at 10:45 PM, Paul B. Henson wrote:
>> From: Dan McDonald
>> Sent: Wednesday, June 08, 2016 9:45 AM
>>
>> > extra_link_args = check_krb5_config("--libs", "gssapi")
>>
On Tue, May 24, 2016 at 6:52 PM, Geoff Nordli wrote:
> On 16-05-24 03:41 PM, Geoff Nordli wrote:
>>
>> I just upgraded a server from OI to OmniOS-r151018.
>>
>> I am having a few issues with the connectivity to AD.
>>
>> I was able to join the domain no problem, but then the
Some of you may have heard about the vulnerability in SMB that affects
Windows and Samba systems, disclosed on April 12 and named "BadLock"
(www.badlock.org).
The native SMB service in Illumos is not subject to the Badlock vulnerabilities.
The main issues discovered by badlock.org relate to
I'm not sure how anyone ever gets access when your ACL has this ACE:
everyone@:rwxpdDaARWcCos:fd-:deny
Every long has the group "everyone" as a member, therefore that ACE
will match every logon. The ace also lists every possible permission,
so nothing should get through, no matter
On Thu, Apr 21, 2016 at 9:53 PM, Gordon Ross <gordon.w.r...@gmail.com> wrote:
> I'm not sure how anyone ever gets access when your ACL has this ACE:
> everyone@:rwxpdDaARWcCos:fd-:deny
>
> Every long has the group ...
Hah! Spell checkers - Gr! That should
DFS root support is there (it came out before the "lawnmower incident").
Should work the same as described in the S11 docs.
On Tue, Apr 26, 2016 at 10:53 PM, Paul B. Henson wrote:
> I was curious if it is possible to set up a share that acts as a Windows Dfs
> root using the
I haven't heard of anyone using autohome shares in a while, so it's
possible that functionality regressed.
As usual, I recommend grabbing a network trace (port 445) and dtrace
outputs from both /usr/lib/smbsrv/dtrace/smbsrv.d and
/usr/lib/smbsrv/dtrace/smbd-all.d -- all running while you
Hi Dan,
I can take a guess what this might be about.
There were several bugs fixed as part of the "extended security" work:
1122 smbsrv should use SPNEGO (inbound authentication)
One of those was that we used to give a client a "guest" logon
if they tried to logon to SMB with _any_ unrecognized
Auditing support for SMB/CIFS access is incomplete. The ZFS ACL
support for Auditing entries appears to be complete, but we're missing
the "hooks" that should be in the access control code paths (both
success and failure cases), and some "plumbing" to get the audit
events into the audit log in
2016 at 12:14 PM, Gordon Ross <gordon.w.r...@gmail.com> wrote:
> Sorry for the delay -- been quite busy. I do look at this list, but
> only occasionally.
>
> The way LDAP auth. works in SMB servers like Samba is that the server
> allows SMB clients (i.e. Windows) to logon usin
Sorry for the delay -- been quite busy. I do look at this list, but
only occasionally.
The way LDAP auth. works in SMB servers like Samba is that the server
allows SMB clients (i.e. Windows) to logon using accounts that work
the same as "local" accounts (what Windows would call "local"
accounts,
Interesting finding re. VHD support needing resiliency support in SMB 2.1.
Thanks for the KB article: https://support.microsoft.com/en-us/kb/2920193
We have resiliency support in NexentaStor 5.0 (shameless plug:)
https://nexenta.com/products/nexentastor
We should work on upstreaming that code
13 matches
Mail list logo