[Samba] conflicting credential setting samba as PDC
hi, I'm trying to use samba 2.26 pre 2 as a file sharing server and a PDC, when I tried joining the domain, it asked for a username and password, after the input there was always an error, either the user name is unknown, or conflicting credentials can anyone help me with this, got the following from the log file [2004/11/22 10:19:12, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) User pc24$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. [2004/11/22 10:19:14, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) get_md4pw: Workstation pc24$: no account in domain [2004/11/22 10:25:19, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1416) unable to open passdb database. [2004/11/22 10:25:32, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1416) unable to open passdb database. [2004/11/22 10:25:47, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1416) unable to open passdb database. [2004/11/22 10:26:43, 0] smbd/service.c:make_connection(252) pc24 (192.168.88.254) couldn't find service ::{2227a280-3aea-1069-a2de-08002b30309d} [2004/11/22 10:27:07, 0] smbd/service.c:make_connection(252) pc24 (192.168.88.254) couldn't find service ::{2227a280-3aea-1069-a2de-08002b30309d} -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 slow printing solution
Hello! Problem still exists. I failed to find the reason, so here are my observations regarding the problem. On Tuesday 16 November 2004 10:16, Walter Willmertinger wrote: Thank you very much, I tried your solution 3 (the http- or URL -printing method). Speed is now very good. [...] Jason Balicki schrieb: Walter Willmertinger wrote: I upgraded to 3.0.8 with no difference in the speed of the printer dialogue and other printer related topics. It is still very, very slow. For example, Adobe 6.0 takes about 10 seconds to show the printer dialogue. So it seems, that the problem is not fixed. I sure think it is a problem in SP2, because I removed already SP2 and all works in normal speed. The problem is that you cannot go around SP2 only if you ignore any MS XP updates. [...] Here's what I've learned: 1) It's NOT universal, and only appears to affect certain printers/ print drivers. I have Canon ImageRunners that have this problem, but I have several HP printers and a Ricoh color laser that doesn't. The Canon printers have the problem no matter what driver I attempt to print with (they support PCL and PostScript.) I've tried every version of both languages that I could get my hands on. True. I use a CANON color driver or a Kyocera KX driver for the KM2530. Allways the same problem. HP drivers from the Windows CD does not have the problem. 2) It IS an issue with Windows XP SP 2 and Samba. If I change either of those, i.e., uninstall SP2 or share the printer on another Windows machine (or use a print method other than smb) the problem goes away. same here. 3) You can work around the problem by printing to CUPS/IPP directly. When setting up the printer select network printer and then select the connect to a printer on the Internet... radio button. Then you can use the url http://servername:631/printers/printername to connect to your printer. This has the distinct drawback of [...] This is a non point 'n print solution... [...] Bret Jordan schrieb: Also if your printers are in a different VLAN check your firewall rules and or router ACLs to make sure the CUPs/Samba server can talk about to the clients correctly. When you do a packet capture you will see what I am talking about. Bret Darrin Yeager wrote: On the printer server, we are running samba 3.0.1, and on the WINS server we are running an older version, 2.2.5. Recently, some of our computers were upgraded to XP SP2. After the upgrade, accessing the samba shared printers from the XP machines was incredibly slow. It would take tens of seconds to even bring up the printer status window, and printing from acrobat could take several minutes. You'll have to upgrade the 3.0.1 box - MS introduced a bug in XP SP2 for printing which samba fixed in the later versions ( 3.0.5 I believe). Look at the release notes for the latest samba version and search for SP2 and you'll see the problem. http://samba.org/samba/history/samba-3.0.8.html Not mentioned before: 1st. On my system the problem only occurrs, when the client has a local devicemode ! This is created, when the user changes some settings of the printer. The devicemode is located in the registry under HKEY_CURRENT_USER\Printers\Connections\servername,printer_name. No more slow down, after deleting the devicemode. Could you please verify, if this is true in your enviroments? 2nd. All drivers I tried out, only have this problem, if they have a large private data field in the devicemode. Maybe the problem is related to this. 3rd. The slow down is a loop through the printer's registry values. In the network trace I can see GetPrinterData calls over and over. Hopefully someone gets an idea, how to work around this MS bug. Greetings, Martin -- Martin Zielinski [EMAIL PROTECTED] Software Development SEH Computertechnik GmbH www.seh.de -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 slow printing solution
I think, you found the solution. Although I did not find the entry HKEY_CURRENT_USER\Printers\Connections\servername,printer_name as this tree was empty! There was no entry for the problematic printer. But I looked the other subkeys DevModePerUser and deleted all keys for this printer. I also find an entry in DevModes2 and Settings, I deleted these also. Now the printing dialogue is opening with MS Word and Adobe in less than one second. If I find anything new maybe after some reboots, I will tell you! Regards, Walter Martin Zielinski schrieb: Hello! Problem still exists. I failed to find the reason, so here are my observations regarding the problem. On Tuesday 16 November 2004 10:16, Walter Willmertinger wrote: Thank you very much, I tried your solution 3 (the http- or URL -printing method). Speed is now very good. [...] Jason Balicki schrieb: Walter Willmertinger wrote: I upgraded to 3.0.8 with no difference in the speed of the printer dialogue and other printer related topics. It is still very, very slow. For example, Adobe 6.0 takes about 10 seconds to show the printer dialogue. So it seems, that the problem is not fixed. I sure think it is a problem in SP2, because I removed already SP2 and all works in normal speed. The problem is that you cannot go around SP2 only if you ignore any MS XP updates. [...] Here's what I've learned: 1) It's NOT universal, and only appears to affect certain printers/ print drivers. I have Canon ImageRunners that have this problem, but I have several HP printers and a Ricoh color laser that doesn't. The Canon printers have the problem no matter what driver I attempt to print with (they support PCL and PostScript.) I've tried every version of both languages that I could get my hands on. True. I use a CANON color driver or a Kyocera KX driver for the KM2530. Allways the same problem. HP drivers from the Windows CD does not have the problem. 2) It IS an issue with Windows XP SP 2 and Samba. If I change either of those, i.e., uninstall SP2 or share the printer on another Windows machine (or use a print method other than smb) the problem goes away. same here. 3) You can work around the problem by printing to CUPS/IPP directly. When setting up the printer select network printer and then select the connect to a printer on the Internet... radio button. Then you can use the url http://servername:631/printers/printername to connect to your printer. This has the distinct drawback of [...] This is a non point 'n print solution... [...] Bret Jordan schrieb: Also if your printers are in a different VLAN check your firewall rules and or router ACLs to make sure the CUPs/Samba server can talk about to the clients correctly. When you do a packet capture you will see what I am talking about. Bret Darrin Yeager wrote: On the printer server, we are running samba 3.0.1, and on the WINS server we are running an older version, 2.2.5. Recently, some of our computers were upgraded to XP SP2. After the upgrade, accessing the samba shared printers from the XP machines was incredibly slow. It would take tens of seconds to even bring up the printer status window, and printing from acrobat could take several minutes. You'll have to upgrade the 3.0.1 box - MS introduced a bug in XP SP2 for printing which samba fixed in the later versions ( 3.0.5 I believe). Look at the release notes for the latest samba version and search for SP2 and you'll see the problem. http://samba.org/samba/history/samba-3.0.8.html Not mentioned before: 1st. On my system the problem only occurrs, when the client has a local devicemode ! This is created, when the user changes some settings of the printer. The devicemode is located in the registry under HKEY_CURRENT_USER\Printers\Connections\servername,printer_name. No more slow down, after deleting the devicemode. Could you please verify, if this is true in your enviroments? 2nd. All drivers I tried out, only have this problem, if they have a large private data field in the devicemode. Maybe the problem is related to this. 3rd. The slow down is a loop through the printer's registry values. In the network trace I can see GetPrinterData calls over and over. Hopefully someone gets an idea, how to work around this MS bug. Greetings, Martin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RT_SIGNAL_* issue - samba 3.0.9
This is part of the log and strace output from samba 3.0.9 running on kernel 2.4.27. The output from samba 3.0.8 on kernel 2.6.9 looked somewhat similar... I haven't seen much on the list or ancilliary documentation recently, other than it is fixed for samba 3.0... Could someone please shed some light on this? Syslog entries: Nov 22 22:25:48 toshiba smbd[32209]: [2004/11/22 22:25:48, 0] smbd/oplock_linux. c:linux_init_kernel_oplocks(289) Nov 22 22:25:48 toshiba smbd[32209]: Failed to setup RT_SIGNAL_LEASE handler Nov 22 22:25:48 toshiba smbd[32209]: [2004/11/22 22:25:48, 0] smbd/notify_kernel .c:kernel_notify_init(225) Nov 22 22:25:48 toshiba smbd[32209]: Failed to setup RT_SIGNAL_NOTIFY handler strace output: [pid 32209] 22:25:48.977573 time([1101122748]) = 1101122748 [pid 32209] 22:25:48.977656 getpid()= 32209 [pid 32209] 22:25:48.977734 rt_sigaction(SIGPIPE, {0x4046bfb4, [], 0x400}, { SIG_DFL}, 8) = 0 [pid 32209] 22:25:48.977834 send(24, 27Nov 22 22:25:48 smbd[32209]:..., 76, 0) = 76 [pid 32209] 22:25:48.977916 rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0 [pid 32209] 22:25:48.977989 semop(0x40248de0, 0x16, 0x40249a40, 0x40246bb8) = 0 [pid 32209] 22:25:48.978063 write(19, Failed to setup RT_SIGNAL_LEAS..., 42) = 42 ... [pid 32209] 22:25:48.979340 time([1101122748]) = 1101122748 [pid 32209] 22:25:48.979418 getpid()= 32209 [pid 32209] 22:25:48.979492 rt_sigaction(SIGPIPE, {0x4046bfb4, [], 0x400}, { SIG_DFL}, 8) = 0 [pid 32209] 22:25:48.979589 send(24, 27Nov 22 22:25:48 smbd[32209]:..., 77, 0) = 77 [pid 32209] 22:25:48.979714 rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0 [pid 32209] 22:25:48.979789 semop(0x40248de0, 0x16, 0x40249a40, 0x40246bb8) = 0 [pid 32209] 22:25:48.979908 write(19, Failed to setup RT_SIGNAL_NOTI..., 43) = 43 tom - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Lagging failed login attempts
Paul Gienger wrote: It completely depends on your logging settings. Perhaps show your smb.conf global section so we can tell. In my setup, and from the looks of things around here, a lot of other peoples, is that there is a main log.smbd file and then also a log for each machine. Check in those if you are so configured. I'm sure we'll have better info for you once we see your globals. None of which are terribly useful or consice for loggin access attempts. Then you aren't trying hard enough. I 'was' getting stuff like this in my logs all over the place check_ntlm_password: Authentication for user [training] - [training] FAILED with error NT_STATUS_NO_SUCH_USER and check_ntlm_password: Authentication for user [cmcleod] - [cmcleod] FAILED with error NT_STATUS_WRONG_PASSWORD Well I don't see those - I DID look first ! If that isn't a failed login then I don't know what is. Depending on your setup you'll see this in a machine specific file or the unified log file. Trolling through isn't that bad, if you do a grep for NT and then another grep for FAILED you'll get the machine it was coming from (in the file: section of grep) and probably the username (as above) and the reason it was failed (also above). slox:/var/log/samba # ls -l total 6662 drwxr-x---2 root root 648 2004-11-22 08:53 . drwxr-xr-x 10 root root 7736 2004-11-20 00:15 .. -rw-r--r--1 root root 516017 2004-11-22 08:53 log.nmbd -rw-r--r--1 root root31367 2004-05-21 00:15 log.nmbd-20040521.gz -rw-r--r--1 root root31987 2004-11-01 00:15 log.nmbd-20041101.gz -rw-r--r--1 root root41480 2004-11-05 00:15 log.nmbd-20041105.gz -rw-r--r--1 root root36204 2004-11-11 00:15 log.nmbd-2004.gz -rw-r--r--1 root root40248 2004-11-18 00:15 log.nmbd-20041118.gz -rw-r--r--1 root root 591783 2004-11-22 08:52 log.smbd -rw-r--r--1 root root39300 2004-05-28 00:15 log.smbd-20040528.gz -rw-r--r--1 root root46070 2004-11-01 00:15 log.smbd-20041101.gz -rw-r--r--1 root root44033 2004-11-02 00:15 log.smbd-20041102.gz -rw-r--r--1 root root55800 2004-11-03 00:15 log.smbd-20041103.gz -rw-r--r--1 root root55538 2004-11-04 00:15 log.smbd-20041104.gz -rw-r--r--1 root root38379 2004-11-06 00:15 log.smbd-20041106.gz -rw-r--r--1 root root38531 2004-11-11 00:15 log.smbd-2004.gz -rw-r--r--1 root root51668 2004-11-18 00:15 log.smbd-20041118.gz -rw-r--r--1 root root 5120229 2004-10-29 21:12 log.smbd.old slox:/var/log/samba # grep FAILED * slox:/var/log/samba # grep NT * Binary file log.nmbd-20041101.gz matches Binary file log.nmbd-20041118.gz matches Binary file log.smbd-20041104.gz matches Binary file log.smbd-20041106.gz matches Binary file log.smbd-20041118.gz matches slox:/var/log/samba # This was after I'd deliberately done a failed login. If you're not seeing that, turn up your log level until you do. I don't think I've ever operated higher than 2 in production. I still don't get failed login messages at log level 3. I've changed the 'log file' parameter to log to individual machine files, and then did a bad login on my PC, this is what I got in the machine log file (on log level 2) : slox:/var/log/samba # cat log.pc180-shobson [2004/11/22 09:44:03, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1318) failed to decode PDU [2004/11/22 09:44:03, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(504) process_request_pdu: failed to do schannel processing. [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:ldap_open_connection(217) ldap_open_connection: connection opened [2004/11/22 09:44:03, 0] passdb/pdb_ldap.c:ldap_connect_system(316) ldap_connect_system: Binding to ldap server as uid=cyrus,dc=colony,dc=com [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:ldap_connect_system(331) ldap_connect_system: succesful connection to the LDAP server [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) ldap_search_one_user: searching for:[((uid=pc180-shobson$)(objectclass=sambaAccount))] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [uid] = [pc180-shobson$] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) Entry found for user: pc180-shobson$ [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [pwdLastSet] = [1098964404] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [logonTime] = [0] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [logoffTime] = [0] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [kickoffTime] = [0] [2004/11/22 09:44:03, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute:
[Samba] Date/Time Stamp
Hi Is there any way to reproduce the FTP behavior with Samba 3? The desired effect is not to respect timestamps from Windows files and just create them with Samba server date/time stamp when we drag/drop, copy/paste, cut/paste, old files to a disk share. We are replacing an FTP server with Samba3, so far it's doing great job, but this effect is needed (don't ask why please, app requirement)... regards Guillermo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Linux Administration Course
Applied Technology Research Center. Linux and Unix Fundamentals (LPI 101/102) - 40 Hours Course in Karachi, Pakistan. 3 Hours class every Sunday. 11:00 - 14:00 Starting 28th of November 2004. Rs 5000 per participant. To register please call Mrs. Irfana on 92-333-2335380, 92-21-4980523, or Khawar Nehal on 92-300-9284698 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: bit by 3.0.8 username map affect on homes share, Solution
Thanks to nobody I came up with a solution on my own. All my username map entries now require two mappings, the domain one which is used for authentication and just the username by itself which does the homes share. Like so... fred = MYDOMAIN\fredw fredw On Fri, 19 Nov 2004 15:40:36 -0600 Tom Schaefer [EMAIL PROTECTED] wrote: Samba is a domain member server authenticating to a MS-Windows domain controller. With 3.0.7 and all previous version for the past few years I could map a Windows to Unix userid in the username map file like so.. fred = fredw His home directory was then accessible as \\servername\fredw so \\servername\%username% from a Windows NTx client. I make EXTENSIVE use of that functionality. I missed the 3.0.8 release where I take it this actually changed but after spending hours today with the 3.0.9 release today I eventually figure out that my username map now has to have entries like so.. fred = MYDOMAIN\fredw fine I can deal with that, but what's killing me is that then a share named fredw doesn't get automatically created via the [homes] section like it used to. With previous versions of Samba \\servername\fred, \\servername\homes, and \\servername\fredw where all available. With the new Samba only \\servername\fred and \\servername\homes are created, no fredw. A Windows NT client trying to connect to \\servername\%username% is out of luck since its effectively using \\servername\fredw. I have thousands of such clients. I have about 14,000 users and over 2500 of them require username mappings in my username map file and they all access their home share as \\servername\%username%. Have mercy on me oh gods of Samba. Thankyou, Tom Schaefer Unix Admistrator University of Missouri St. Louis -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Samba installation error
hello Dirk, thanks for the info. Sorry, im new to the Linux World. I just wanted to ask, will the samba2.that comes with my RedHat9.2 installation work for what I want to achieve(to connect my LinuxPC to my Windows PC so that I can exchange files between the two?) - im asking so that I dont uninstall Samba2 and begin to have problems installing the new version. Also, you said it has to be configured via command line, swat or webmin how do I configure it? thanks Toks Hi, at first, use the default samba mailing list ([EMAIL PROTECTED]) second, you have to uninstall samba first, before installing the new release. rpm -e samba-2. rpm -ivh samba-3. or use the redhat package manager or kde packagemanager (kpackage) third, you won't find any samba icon, it has to be configured via command line, swat or webmin. hope this helps Mit freundlichem Gruß, Dirk Laurenz Systems Engineer Fujitsu Siemens Computers Sales Central Europe Deutschland Professional Service Organisation Nord / Ost Hildesheimer Strasse 25 30880 Laatzen Germany Telephone: +49 (511) 84 89 - 18 08 Telefax: +49 (511) 84 89 - 25 18 08 Mobile: +49 (170) 22 10 781 Email: mailto:[EMAIL PROTECTED] Internet: http://www.fujitsu-siemens.com http://www.fujitsu-siemens.de/rl/servicesupport/itdienstleistungen/competencecenter.html *** -| -Original Message- -| From: -| [EMAIL PROTECTED] ts.samba.org [mailto:samba-technical--| [EMAIL PROTECTED] -| On Behalf Of Prince Tokunbo -| Sent: Saturday, November 20, 2004 3:51 PM -| To: [EMAIL PROTECTED] -| Subject: Samba installation error -| -| hello, -| -| WHAT I WANT TO DO: -| I have 2Pcs, one running on Windows, and the other on -| RedHat Linux 9. I -| want to be able to copy files(documents) from my Windows PC -| to the Linux -| and viceversa. -| -| A friend informed me about the SAMBA software - that -| it(samba-3.0.9-1_rh9.i386.rpm) can accomplish the task I -| mentioned above, -| and Ive downloaded it on my Linux PC. -| -| I followed instructions How to Install and Test SAMBA on -| http://www.bibsyst.no/samba/docs/man/Samba-HOWTO-Collection/ install.html -| -| issuing the command rpm -i samba-3.0.9-1_rh9.i386.rpm, I -| get the following -| errors: -| -| [EMAIL PROTECTED] john]# rpm -i samba-3.0.9-1_rh9.i386.rpm -| warning: samba-3.0.9-1_rh9.i386.rpm: V3 DSA signature: NOKEY, key ID -| f17f9772 -| file /etc/rc.d/init.d/winbind from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /etc/samba/smb.conf from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_winbind.so.2 from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_wins.so.2 from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/security/pam_winbind.so from install of -| samba-3.0.9-1 -| conflicts with file from -| package samba-common-2.2.7a-7.9.0 -| file /usr/bin/smbpasswd from install of samba-3.0.9-1 -| conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/testparm from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/testprns from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/wbinfo from install of samba-3.0.9-1 -| conflicts with -| file from package samba-common-2.2.7a-7.9.0 -| file /usr/sbin/winbindd from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/testparm.1.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/testprns.1.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/wbinfo.1.gz from install -| of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man5/lmhosts.5.gz from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man5/smb.conf.5.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man8/smbpasswd.8.gz from install of -| samba-3.0.9-1 conflicts with file from package -| samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man8/winbindd.8.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /etc/logrotate.d/samba from install of samba-3.0.9-1 -| conflicts with file from package samba-2.2.7a-7.9.0 -| file /etc/pam.d/samba from install of samba-3.0.9-1 -| conflicts with -| file from package samba-2.2.7a-7.9.0 -| file /etc/rc.d/init.d/smb from install of -| samba-3.0.9-1
[Samba] RE: Samba installation error
If you just want to share some files, version 2 will fit your needs. So skip the part installing samba and continue with setting it up from the howto. Mit freundlichem Gruß, Dirk Laurenz Systems Engineer Fujitsu Siemens Computers Sales Central Europe Deutschland Professional Service Organisation Nord / Ost Hildesheimer Strasse 25 30880 Laatzen Germany Telephone: +49 (511) 84 89 - 18 08 Telefax:+49 (511) 84 89 - 25 18 08 Mobile: +49 (170) 22 10 781 Email: mailto:[EMAIL PROTECTED] Internet: http://www.fujitsu-siemens.com http://www.fujitsu-siemens.com/ http://www.fujitsu-siemens.de/rl/servicesupport/itdienstleistungen/competencecenter.html *** From: Prince Tokunbo [mailto:[EMAIL PROTECTED] Sent: Monday, November 22, 2004 3:10 PM To: [EMAIL PROTECTED] Subject: RE: Samba installation error hello Dirk, thanks for the info. Sorry, im new to the Linux World. I just wanted to ask, will the samba2.that comes with my RedHat9.2 installation work for what I want to achieve(to connect my LinuxPC to my Windows PC so that I can exchange files between the two?) - im asking so that I dont uninstall Samba2 and begin to have problems installing the new version. Also, you said it has to be configured via command line, swat or webmin how do I configure it? thanks Toks Hi, at first, use the default samba mailing list ([EMAIL PROTECTED]) second, you have to uninstall samba first, before installing the new release. rpm -e samba-2. rpm -ivh samba-3. or use the redhat package manager or kde packagemanager (kpackage) third, you won't find any samba icon, it has to be configured via command line, swat or webmin. hope this helps Mit freundlichem Gruß, Dirk Laurenz Systems Engineer Fujitsu Siemens Computers Sales Central Europe Deutschland Professional Service Organisation Nord / Ost Hildesheimer Strasse 25 30880 Laatzen Germany Telephone: +49 (511) 84 89 - 18 08 Telefax: +49 (511) 84 89 - 25 18 08 Mobile: +49 (170) 22 10 781 Email: mailto:[EMAIL PROTECTED] Internet: http://www.fujitsu-siemens.com http://www.fujitsu-siemens.de/rl/servicesupport/itdienstleistungen/competencecenter.html *** -| -Original Message- -| From: -| [EMAIL PROTECTED] ts.samba.org [mailto:samba-technical--| [EMAIL PROTECTED] -| On Behalf Of Prince Tokunbo -| Sent: Saturday, November 20, 2004 3:51 PM -| To: [EMAIL PROTECTED] -| Subject: Samba installation error -| -| hello, -| -| WHAT I WANT TO DO: -| I have 2Pcs, one running on Windows, and the other on -| RedHat Linux 9. I -| want to be able to copy files(documents) from my Windows PC -| to the Linux -| and viceversa. -| -| A friend informed me about the SAMBA software - that -| it(samba-3.0.9-1_rh9.i386.rpm) can accomplish the task I -| mentioned above, -| and Ive downloaded it on my Linux PC. -| -| I followed instructions How to Install and Test SAMBA on -| http://www.bibsyst.no/samba/docs/man/Samba-HOWTO-Collection/ install.html -| -| issuing the command rpm -i samba-3.0.9-1_rh9.i386.rpm, I -| get the following -| errors: -| -| [EMAIL PROTECTED] john]# rpm -i samba-3.0.9-1_rh9.i386.rpm -| warning: samba-3.0.9-1_rh9.i386.rpm: V3 DSA signature: NOKEY, key ID -| f17f9772 -| file /etc/rc.d/init.d/winbind from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /etc/samba/smb.conf from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_winbind.so.2 from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_wins.so.2 from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/security/pam_winbind.so from install of -| samba-3.0.9-1 -| conflicts with file from -| package samba-common-2.2.7a-7.9.0 -| file /usr/bin/smbpasswd from
Re: [Samba] RE: Samba installation error
Prince Tokunbo, Suggest you download and read: http://www.samba.org/samba/docs/Samba-Guide.pdf Chapters 2 through 4 should get you started. Cheers, John T. On Monday 22 November 2004 07:10, Prince Tokunbo wrote: hello Dirk, thanks for the info. Sorry, im new to the Linux World. I just wanted to ask, will the samba2.that comes with my RedHat9.2 installation work for what I want to achieve(to connect my LinuxPC to my Windows PC so that I can exchange files between the two?) - im asking so that I dont uninstall Samba2 and begin to have problems installing the new version. Also, you said it has to be configured via command line, swat or webmin how do I configure it? thanks Toks Hi, at first, use the default samba mailing list ([EMAIL PROTECTED]) second, you have to uninstall samba first, before installing the new release. rpm -e samba-2. rpm -ivh samba-3. or use the redhat package manager or kde packagemanager (kpackage) third, you won't find any samba icon, it has to be configured via command line, swat or webmin. hope this helps Mit freundlichem Gruß, Dirk Laurenz Systems Engineer Fujitsu Siemens Computers Sales Central Europe Deutschland Professional Service Organisation Nord / Ost Hildesheimer Strasse 25 30880 Laatzen Germany Telephone: +49 (511) 84 89 - 18 08 Telefax: +49 (511) 84 89 - 25 18 08 Mobile: +49 (170) 22 10 781 Email: mailto:[EMAIL PROTECTED] Internet: http://www.fujitsu-siemens.com http://www.fujitsu-siemens.de/rl/servicesupport/itdienstleistungen/competen cecenter.html *** -| -Original Message- -| From: -| [EMAIL PROTECTED] ts.samba.org [mailto:samba-technical--| [EMAIL PROTECTED] -| On Behalf Of Prince Tokunbo -| Sent: Saturday, November 20, 2004 3:51 PM -| To: [EMAIL PROTECTED] -| Subject: Samba installation error -| -| hello, -| -| WHAT I WANT TO DO: -| I have 2Pcs, one running on Windows, and the other on -| RedHat Linux 9. I -| want to be able to copy files(documents) from my Windows PC -| to the Linux -| and viceversa. -| -| A friend informed me about the SAMBA software - that -| it(samba-3.0.9-1_rh9.i386.rpm) can accomplish the task I -| mentioned above, -| and Ive downloaded it on my Linux PC. -| -| I followed instructions How to Install and Test SAMBA on -| http://www.bibsyst.no/samba/docs/man/Samba-HOWTO-Collection/ install.html -| -| issuing the command rpm -i samba-3.0.9-1_rh9.i386.rpm, I -| get the following -| errors: -| -| [EMAIL PROTECTED] john]# rpm -i samba-3.0.9-1_rh9.i386.rpm -| warning: samba-3.0.9-1_rh9.i386.rpm: V3 DSA signature: NOKEY, key ID -| f17f9772 -| file /etc/rc.d/init.d/winbind from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /etc/samba/smb.conf from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_winbind.so.2 from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /lib/libnss_wins.so.2 from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /lib/security/pam_winbind.so from install of -| samba-3.0.9-1 -| conflicts with file from -| package samba-common-2.2.7a-7.9.0 -| file /usr/bin/smbpasswd from install of samba-3.0.9-1 -| conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/testparm from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/testprns from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/bin/wbinfo from install of samba-3.0.9-1 -| conflicts with -| file from package samba-common-2.2.7a-7.9.0 -| file /usr/sbin/winbindd from install of -| samba-3.0.9-1 conflicts -| with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/testparm.1.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/testprns.1.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man1/wbinfo.1.gz from install -| of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man5/lmhosts.5.gz from install of samba-3.0.9-1 -| conflicts with file from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man5/smb.conf.5.gz from install of -| samba-3.0.9-1 conflicts with file -| from package samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man8/smbpasswd.8.gz from install of -| samba-3.0.9-1 conflicts with file from package -| samba-common-2.2.7a-7.9.0 -| file /usr/share/man/man8/winbindd.8.gz from install of -| samba-3.0.9-1 conflicts with file -| from package
[Samba] Samba 3.0.x, Crystal Reports, roaming profiles
Hi, I'm not sure who to blame for this one. I've got a user who I have just last week moved to our Samba PDC. He has a roaming profile. He has noticed that when he uses Seagate Crystal Reports, his Recent Documents portion (under the File menu) gets cleared out every time he logs out. He did not have this behavior with a local-only profile. It is probably not a Samba issue but I thought I would write to see if anyone else had a similar problem, since I am a Samba newbie. If the solution does not involve Samba but you know it, I would really appreciate if you would reply off-list. By the way he owns and has write permission to every file in his profile. Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Swat and win2K domain
Hello, So I just setup samba and swat on one machine here in my office. I can see the work group that this machine has created from all my windows based machines and I can see my windows domain from the linux box. This made me happy since I am a nubie to this Linux stuff. But that's where the joy stopped. When I double click on the linux box from my windows box network places I get an error that says might not have permission to use this network resourceThe network path was not found. From the linux box when I double click on one of my windows computers I get The folder contents could not be displayed.. Sorry, could not display all the contents of Windows Network: 'server name' here is my samba config file: # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/11/18 15:43:55 # Global parameters [global] dos charset = CP850 unix charset = UTF-8 display charset = LOCALE workgroup = LINIX TEST realm = SCREAMPOINT-NY netbios name = LINIX TEST netbios aliases = netbios scope = server string = Samba Server interfaces = bind interfaces only = No security = DOMAIN auth methods = encrypt passwords = Yes update encrypted = No client schannel = Auto server schannel = Auto allow trusted domains = Yes hosts equiv = min password length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = * smb passwd file = /usr/local/samba/private/smbpasswd private dir = /usr/local/samba/private passdb backend = smbpasswd algorithmic rid base = 1000 root directory = guest account = nobody pam password change = No passwd program = passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No passwd chat timeout = 2 check password script = username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = 0 lanman auth = Yes ntlm auth = Yes client NTLMv2 auth = No client lanman auth = Yes client plaintext auth = Yes preload modules = use kerberos keytab = No log level = 0 syslog = 1 syslog only = No log file = /usr/local/samba/var/log.%m max log size = 50 debug timestamp = Yes debug hires timestamp = No debug pid = No debug uid = No smb ports = 445 139 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes disable netbios = No acl compatibility = defer sharing violations = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts wins host bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = Yes use spnego = Yes client signing = auto server signing = No client use spnego = Yes change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 kernel change notify = Yes lpq cache time = 10 max smbd processes = 0 paranoid server security = Yes max disk size = 0 max open files = 1 socket options = TCP_NODELAY use mmap = Yes hostname lookups = No name cache timeout = 660 load printers = Yes printcap cache time = 0 printcap name = /etc/printcap cups server = disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = mangling method = hash2 mangle prefix = 1 stat cache = Yes machine password timeout = 604800 add user script = delete user script = add group script = delete group script = add user to group script = delete user from group script = set primary group script = add machine script = shutdown script = abort shutdown script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 20 lm announce = Auto lm interval = 60 preferred master = Auto local master = Yes domain master = Auto browse list = Yes enhanced browsing = Yes dns proxy = No wins proxy = No wins server = wins support = No wins hook = wins partners = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 ldap admin dn = ldap delete dn = No ldap filter = (uid=%u) ldap group suffix = ldap idmap suffix = ldap machine suffix = ldap passwd sync = no ldap replication sleep = 1000 ldap suffix = ldap ssl = ldap timeout = 15 ldap user suffix = add share command = change share command = delete share command = config file =
[Samba] Re: XP Pro Folder Redirection / Roaming Profiles Question
Hi folks, I running samba 3.x in PDC mode with an ldap backend. Works great! I use roaming profiles with folder redirection on win2k, no problem. Here's the issue, I have a few machines that run xp pro that I need to give the users domain access but NOT roaming profiles. So, I have disabled roaming profiles on the pcs by using the no propagate changes to the server and only allow local profiles in the group policy editor on the pc. However, when I logon as a domain user it's still loading their domain registry and thus redirecting folders to the PDC. Is there any way around this? I want the users to be able to logon with their roaming profiles on the win2k machines but logon with a local profile on the xp pro machines. The reason is that the xp machines are media creation machines which would result in massive profiles. I am open to an alternate method to achieve the same objective. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: XP Pro - Folder Redirection / Roaming Profiles Question
Hi folks, I running samba 3.x in PDC mode with an ldap backend. Works great! I use roaming profiles with folder redirection on win2k, no problem. Here's the issue, I have a few machines that run xp pro that I need to give the users domain access but NOT roaming profiles. So, I have disabled roaming profiles on the pcs by using the no propagate changes to the server and only allow local profiles in the group policy editor on the pc. However, when I logon as a domain user it's still loading their domain registry and thus redirecting folders to the PDC. Is there any way around this? I want the users to be able to logon with their roaming profiles on the win2k machines but logon with a local profile on the xp pro machines. The reason is that the xp machines are media creation machines which would result in massive profiles. I am open to an alternate method to achieve the same objective. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP/PDC/Directory Server
Alright, I promise I won't put in any more threads regarding this nightmare. Let me rephrase my previous question. Is there *anyone* out there who has XP Pro systems successfully logging into Samba PDC's with Netscape Directory backends? I've rebuilt all components a few times and still I get the same behavior. XP Pro authenticates, begins the login process, and then the machine reboots. Win2k works fine. Did this with a default install as well as with the latest updates. Any info would be appreciated. Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Cross-subnet browsing, with a twist
Hi, We have a server being hosted in a data center. We would like to use it as our PDC. I got the remote browse sync and announce figured out. But, if possible, we would prefer not have the domain/workgroup advertised on the subnet where the PDC reside and conversely not receive the browse list for workgroup hosted on the PDC subnet on our local net. Right now, I firewalled the subnet address for UDP 137 and 138 on the PDC, but it break name resolution for reasons I don't understand. Are there a better way to do that ? Feel free to ask for clarification if you don't understand. I'm trying to be concise, but I admit the I have problem formulating the problem to myself ! Etienne Goyer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Files not appearing on Samba mount.
We have a share on a Windows 2000 Server that is mounted onto a RedHat box using the following entry in fstab: //server/filesystem /opt/bumvfs smbfs username=username,password=password,debug=4,dmask=777,fmask=777,sockopt= SO_KEEPALIVE 0 0 On this we create a directory structure such as: \dodgy_test\wxy2\VFStp\VFSnetwork_entities\VFSCommonReports\VFSGM_H\VFSR eports\VFSStandard+Reports\VFSRegion Then we create files with names such as: 19/11/2004 12:21 207 VFSREGN1+%280603%29+deFILE.vfsproperties 19/11/2004 12:21 45,526 VFSREGN1+%280603%29+en 19/11/2004 12:21 206 VFSREGN1+%280603%29+enFILE.vfsproperties 19/11/2004 12:21 202 VFSREGN1+%280603%29FILE.vfsproperties 19/11/2004 12:21 92,539 VFSREGN1+%280604%29 19/11/2004 12:21 81,633 VFSREGN1+%280604%29+de 19/11/2004 12:21 207 VFSREGN1+%280604%29+deFILE.vfsproperties 19/11/2004 12:21 75,055 VFSREGN1+%280604%29+en 19/11/2004 12:21 206 VFSREGN1+%280604%29+enFILE.vfsproperties 19/11/2004 12:21 202 VFSREGN1+%280604%29FILE.vfsproperties 19/11/2004 12:21 59,911 VFSREGN1+%280702%29 19/11/2004 12:21 202 VFSREGN1+%280702%29FILE.vfsproperties 19/11/2004 12:21 61,171 VFSREGN1+%280703%29 19/11/2004 12:21 49,564 VFSREGN1+%280703%29+de 19/11/2004 12:21 207 VFSREGN1+%280703%29+deFILE.vfsproperties The files appear fine on the Windows box and can be seen with no problem. If you go to this directory on the Samba mount on the Linux box you cannot see the files unless you create a file with a letter at the beginning of the alpabet (see below). The directory listing is like this : [EMAIL PROTECTED] VFSRegion]$ ls -la total 0 [EMAIL PROTECTED] VFSRegion]$ Until you create a file with a name at the front of the Alphabet. [EMAIL PROTECTED] VFSRegion]$ touch Aardvark [EMAIL PROTECTED] VFSRegion]$ ls -la | more total 16299 drwxrwxrwx 1 root root 4096 Nov 22 10:12 . drwxrwxrwx 1 root root 4096 Nov 19 13:59 .. -rwxr-xr-x 1 root root 0 Nov 22 10:12 Aardvark -rwxr-xr-x 1 root root 10 Nov 22 09:26 BigAaardvark -rwxr-xr-x 1 root root 207 Nov 19 12:21 VFSREGN1+%280603%29+deFILE.vfsproperties -rwxr-xr-x 1 root root 45526 Nov 19 12:21 VFSREGN1+%280603%29+en -rwxr-xr-x 1 root root 206 Nov 19 12:21 VFSREGN1+%280603%29+enFILE.vfsproperties -rwxr-xr-x 1 root root 202 Nov 19 12:21 VFSREGN1+%280603%29FILE.vfsproperties -rwxr-xr-x 1 root root 92539 Nov 19 12:21 VFSREGN1+%280604%29 -rwxr-xr-x 1 root root 81633 Nov 19 12:21 VFSREGN1+%280604%29+de -rwxr-xr-x 1 root root 207 Nov 19 12:21 VFSREGN1+%280604%29+deFILE.vfsproperties -rwxr-xr-x 1 root root 75055 Nov 19 12:21 VFSREGN1+%280604%29+en And so on. If you then remove those files at the front of the Alphabet you get this : [EMAIL PROTECTED] VFSRegion]$ rm Aardvark BigAaardvark rm: remove regular empty file `Aardvark'? Y rm: remove regular file `BigAaardvark'? Y [EMAIL PROTECTED] VFSRegion]$ ls -la total 0 [EMAIL PROTECTED] VFSRegion]$ We have tried this on RedHat 9 running 2.4.20-31.9smp and samba 2.2.7a and also on RedHat Enterprise running 2.4.21-20.ELsmp and Samba 3.0.7-1.3E.1. Has anyone else seen this before and is there any way around it Any help appreciated. ___ ProQuest Alison The information contained in this e-mail and any attached files is intended only for the use of the person(s) to whom it is addressed and may be privileged, confidential and exempt from disclosure under applicable law. The views of the author may not necessarily reflect the views of the Company. If you are not the intended recipient please do not copy or convey this message or any attached files to any other person but delete this message and any attached files and notify us of incorrect receipt via e-mail to [EMAIL PROTECTED] This e-mail has been scanned for all viruses by Star Internet. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Fedora Core 3 and Samba
Over the last week I've upgraded one of my samba servers to FC3. I ran into some problems joining XP machines to the domain. Tracing back the problem I've found that FC3 has changed the behavior of the useradd/adduser script. It will no longer allow a UNIX account to be added to the system that has a '$' in it. I've verified this behavior by trying it at the command line, it doesn't work there and give the error: [EMAIL PROTECTED](~): useradd newer\$ useradd: invalid user name 'newer$ Upon speculation we believe this might be to bring Fedora/Redhat user utils in line with POSIX standards. Under POSIX this is the Portable Filename Charcterset which is as follows: ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789._- Notice no '$'. But the standard goes on to say extended characters are allowed, but it will result in noncompliant use... This is behaving this way on a test server and the latest Redhat ES (running on our production server) still works fine. But I'm concerned that they'll move ES/AS etc. to behaving the same way. If this is a direction that Redhat moves to, and possibly other distributions (assuming it's truly POSIX standards driving this), this seems like it may have a big impact on Samba when trying to add a machine to the domain. I don't know if this is something Fedora/Redhat has done on purpose or by accident, but it seems to hurt Samba. Any help or info would be appreciated. -- Paul Espinosa [EMAIL PROTECTED] IT Supervisor The World Company 785/312-6912 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows 98 can't print to Samba printer
I have recently set up a basic file and print server at my office using Fedora Core 3 and Samba 3.0.8pre1-0.pre1.3 . We have a variety of clients (1 X WinXP Pro, 1 X Win XP Home, 3 X Win 2k, 1 X Win 98). I can access all file shares on the server from all clients with no problems. I can print to our Samsung ML-2150 printer (connected to the server via USB) from all clients except the Windows 98 system. I can access file shares from the Win 98 system, and I can see the printer and install it, but when I try to print a test page immediately after adding it, I get the error message: The network printer is no longer available. I don't know why Win 98 can't print, but all the others can. Here is a copy of my smb.conf file: # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/11/18 13:28:21 # Global parameters [global] workgroup = THERMATEK netbios name = KAITLYN server string = Linux Server unix password sync = Yes preferred master = No domain master = No wins support = Yes ldap ssl = no hosts allow = 192.168.1., 127.0.0.1 [homes] valid users = %S read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [PROJECTS] path = /shares/Projects write list = @employees, @management read only = No inherit permissions = Yes case sensitive = No msdfs proxy = no [THERMATEK] path = /shares/Thermatek valid users = @employees, @management write list = @employees, @management read only = No inherit permissions = Yes [MANAGEMENT] path = /shares/Management write list = @management read only = No inherit permissions = Yes [TEMP] comment = Temp directory (Will be deleted periodically!) path = /shares/Temp write list = @employees, @management read only = No inherit permissions = Yes [ML-2150] comment = Samsung ML-2150 connected to Linux server path = /var/spool/samba read only = No guest ok = Yes printable = Yes printer name = ML-2150 use client driver = Yes oplocks = No share modes = Yes Any help would be appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows 98 can't print to Samba printer
AFAIR, this was fixed in 3.0.9 -- see the release notes. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 22 Nov 2004, Jarod Legault wrote: I have recently set up a basic file and print server at my office using Fedora Core 3 and Samba 3.0.8pre1-0.pre1.3 . We have a variety of clients (1 X WinXP Pro, 1 X Win XP Home, 3 X Win 2k, 1 X Win 98). I can access all file shares on the server from all clients with no problems. I can print to our Samsung ML-2150 printer (connected to the server via USB) from all clients except the Windows 98 system. I can access file shares from the Win 98 system, and I can see the printer and install it, but when I try to print a test page immediately after adding it, I get the error message: The network printer is no longer available. I don't know why Win 98 can't print, but all the others can. Here is a copy of my smb.conf file: # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/11/18 13:28:21 # Global parameters [global] workgroup = THERMATEK netbios name = KAITLYN server string = Linux Server unix password sync = Yes preferred master = No domain master = No wins support = Yes ldap ssl = no hosts allow = 192.168.1., 127.0.0.1 [homes] valid users = %S read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [PROJECTS] path = /shares/Projects write list = @employees, @management read only = No inherit permissions = Yes case sensitive = No msdfs proxy = no [THERMATEK] path = /shares/Thermatek valid users = @employees, @management write list = @employees, @management read only = No inherit permissions = Yes [MANAGEMENT] path = /shares/Management write list = @management read only = No inherit permissions = Yes [TEMP] comment = Temp directory (Will be deleted periodically!) path = /shares/Temp write list = @employees, @management read only = No inherit permissions = Yes [ML-2150] comment = Samsung ML-2150 connected to Linux server path = /var/spool/samba read only = No guest ok = Yes printable = Yes printer name = ML-2150 use client driver = Yes oplocks = No share modes = Yes Any help would be appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Files not appearing on Samba mount.
On Monday 22 November 2004 12:21 pm, Garry Argrave wrote: We have a share on a Windows 2000 Server that is mounted onto a RedHat box using the following entry in fstab: //server/filesystem /opt/bumvfs smbfs I don't believe smbfs is part of Samba. Try using cifs instead. Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows 98 can't print to Samba printer
Thank you very much. That fixed my problem. - Original Message - From: Ryan Novosielski [EMAIL PROTECTED] To: Jarod Legault [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, November 22, 2004 9:34 AM Subject: Re: [Samba] Windows 98 can't print to Samba printer AFAIR, this was fixed in 3.0.9 -- see the release notes. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 22 Nov 2004, Jarod Legault wrote: I have recently set up a basic file and print server at my office using Fedora Core 3 and Samba 3.0.8pre1-0.pre1.3 . We have a variety of clients (1 X WinXP Pro, 1 X Win XP Home, 3 X Win 2k, 1 X Win 98). I can access all file shares on the server from all clients with no problems. I can print to our Samsung ML-2150 printer (connected to the server via USB) from all clients except the Windows 98 system. I can access file shares from the Win 98 system, and I can see the printer and install it, but when I try to print a test page immediately after adding it, I get the error message: The network printer is no longer available. I don't know why Win 98 can't print, but all the others can. Here is a copy of my smb.conf file: # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/11/18 13:28:21 # Global parameters [global] workgroup = THERMATEK netbios name = KAITLYN server string = Linux Server unix password sync = Yes preferred master = No domain master = No wins support = Yes ldap ssl = no hosts allow = 192.168.1., 127.0.0.1 [homes] valid users = %S read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [PROJECTS] path = /shares/Projects write list = @employees, @management read only = No inherit permissions = Yes case sensitive = No msdfs proxy = no [THERMATEK] path = /shares/Thermatek valid users = @employees, @management write list = @employees, @management read only = No inherit permissions = Yes [MANAGEMENT] path = /shares/Management write list = @management read only = No inherit permissions = Yes [TEMP] comment = Temp directory (Will be deleted periodically!) path = /shares/Temp write list = @employees, @management read only = No inherit permissions = Yes [ML-2150] comment = Samsung ML-2150 connected to Linux server path = /var/spool/samba read only = No guest ok = Yes printable = Yes printer name = ML-2150 use client driver = Yes oplocks = No share modes = Yes Any help would be appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SaveAs Permissions
When I open a file (Word doc in this case) on a share I have marked as read-only and the do a SaveAs to a share that has a force create mode = 0775, I would expect the file created to be writable by user/group. But the permissions I get are 666. I can't get the write permission to show up. If I copy the same file using windows Explorer, it is creatred correctly. I tried to open a .txt file from a cdrom drive and SaveAs. This worked as expected? Is this the way it is supposed to work? Is it MSWord at fault? -mjm -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.1 - Release Date: 11/19/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help with ERROR message, adding machine to ADS server
I get this error message when trying to add my Samba 3.0.8 machine to a windows 2000 ADS. I've searched the forums and the web for anyone else with this error with no luck. net ads join -U Administrator Administrator's password: [2004/11/22 13:38:58, 0] libads/ldap.c:ads_add_machine_acct(1366) ads_add_machine_acct: Host account for jeeves2 already exists - modifying old account Using short domain name -- OFFICE [2004/11/22 13:38:58, 0] libads/kerberos.c:get_service_ticket(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@OFFICE.CHROMA.COM failed: Preauthentication failed Segmentation fault I know why I'm getting the first error but, what is a service ticket and why is the server showing the domain twice? Any help would be appreciated. -Gregg -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cups newbe
After getting everything setup and running I am getting a Access denied, unable to connect error on the printer window, but I can still print test pages???.. In my experience, this message is related to Windows not knowing/getting the printer queue information from Samba correctly (printing will still work though). Try adding lpq command = lpstat -o %p to the [Printers] section. You may need to look at the description for the lpq command to get the correct syntax for your setup. You may also want to look at the lprm command as well. lprm command = cancel %p-%j -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printer shares
On 22 Nov 2004 09:33:25 +0530 Shailesh P Shirali [EMAIL PROTECTED] wrote: You can try adding the option, 'guest ok=no' under your [laser] section. As far as I know 'guest ok = no should be the default if not set to yes. - Shailesh From: Sebastian Kutsch [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] printer shares Date: 20 Nov 2004 14:28:16 +0100 Content-Transfer-Encoding: 7bit From: Sebastian Kutsch [EMAIL PROTECTED] Precedence: list Subject: [Samba] printer shares Date: Sat, 20 Nov 2004 14:28:16 +0100 To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII MIME-Version: 1.0 Message: 3 Hi, I have the problem, that from a Windows 2000 System (possibly from others to), a user can use a printershare with the guest account and I don't know why. Following my smb.conf: Samba config file created using SWAT # from 192.168.2.20 (192.168.2.20) # Date: 2004/11/20 14:26:14 # Global parameters [global] unix charset = ISO_8859-15 display charset = ISO_8859-15 workgroup = WG interfaces = sis0 security = SHARE os level = 65 preferred master = Yes ldap ssl = no create mask = 0640 directory mask = 0750 mangled names = No [printers] path = /tmp printable = Yes browseable = No [Exchange] path = /RAID5_0/public_exchange read only = No [Music] path = /RAID5_0/Music [homes] valid users = %S read only = No browseable = No [Video] path = /RAID5_0/Video [RPG] path = /RAID5_0/RPG read only = No [laser] path = /var/spool/lpd/samba printer admin = root read only = No hosts allow = 192.168.2. printable = Yes printing = lprng print command = lpr [EMAIL PROTECTED] -r -P'%p' %s lpq command = lpq [EMAIL PROTECTED] -P'%p' lprm command = lprm [EMAIL PROTECTED] -P'%p' %j lppause command = lpc [EMAIL PROTECTED] hold '%p' %j lpresume command = lpc [EMAIL PROTECTED] release '%p' %j queuepause command = lpc [EMAIL PROTECTED] stop '%p' queueresume command = lpc [EMAIL PROTECTED] start '%p' printer name = laser oplocks = No share modes = No It would be great if someoone could give me a hint. Sebastian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba connection problem
I am running Samba on an IBM iSeries PowerPC based install of Linux RH EL 3. I map a Linux Samba share to my XP machine with no problem. I can browse folders with no problem, however, when I work with any files, ie, copy or edit, after a long delay, I get the file with the following gibberish prepended. SMB. d ; [Tests] [Tests] is the first part of the file, the rest appears to be part of an SMB packet. This fails from W2k, XP and NT. SMBClient works fine. Everything else seems to work fine in Samba. Any ideas? Thanks, MikeB-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: setfacl fails for some user names and not others
I've now tried this with 3.0.5 and 3.0.6. 3.0.5 seems to work correctly but 3.0.6 fails. Andi. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind and changing directories
Hi, I installed Samba 3.0.7-1.3E on a RHEL 3.0 box. I've got Winbind configured and talking nicely to my Win2k Active Directory server--yay! None of my user accounts are in /etc/passwd--yet. There's no need, as winbind handles authentication and locating the user's directory. I like the idea of that, because I can administer user accounts from the AD box. However, cd ~user doesn't work anymore. I guess I expected the cd built-in command for bash or tcsh to use getent to locate the user directory, but it doesn't seem to. This is going to be inconvenient for everyone. Has anyone else had this problem and found a cure? Did it involve creating an alias or substitute cd command, or just adding local users to /etc/passwd? Thanks in advance, -Adam -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind samba-3.0.2a-1 ADS
Hi With samba-3.0.2a-1 security = ADS when i run getent passwd che command after 3000 users hangs :-( This is winbindd.log 2004/11/23 00:15:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(166) Added domain DOM1 dom1.it S-1-5-21-1626095602-1864631766-1846952604 [2004/11/23 00:15:48, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) krb5_cc_get_principal failed (No credentials cache found) [2004/11/23 00:15:50, 1] nsswitch/winbindd_util.c:add_trusted_domain(166) Added domain DOM2 S-1-5-21-1077550351-1415582459-91453608 [2004/11/23 00:15:50, 1] nsswitch/winbindd_util.c:add_trusted_domain(166) Added domain DOM3 S-1-5-21-703334514-673151589-12547700 [2004/11/23 00:22:16, 1] nsswitch/winbindd_util.c:add_trusted_domain(166) Added domain DOM3 dom3.it S-1-5-21-1801674531-412668190-839522115 Any idea ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba pdc acting weird
I'm trying to make windows xp a member of a samba domain, after pressing ok, I type in Administrator (has uid=0) and type the password, but windows tells me that The user name could not be found. although the log file looks ok, help? [2004/11/23 02:28:06, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/11/23 02:28:06, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/11/23 02:28:06, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: Administrator [2004/11/23 02:28:06, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2004/11/23 02:28:06, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [Administrator] - [Administrator] - [Administrator] succeeded [2004/11/23 02:28:06, 2] lib/access.c:check_access(324) Allowed connection from (192.168.168.169) [2004/11/23 02:28:06, 2] smbd/server.c:exit_server(571) Closing connections [2004/11/23 02:28:07, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/11/23 02:28:07, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/11/23 02:28:07, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: Administrator [2004/11/23 02:28:07, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2004/11/23 02:28:07, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [Administrator] - [Administrator] - [Administrator] succeeded [2004/11/23 02:28:07, 2] lib/access.c:check_access(324) Allowed connection from (192.168.168.169) [2004/11/23 02:28:07, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2487) Returning domain sid for domain TUXSLARE - S-1-5-21-3478344579-1724594306-3091338028 [2004/11/23 02:28:12, 2] smbd/server.c:exit_server(571) Closing connections Thanks Ps.: samba is version 3.0.8 -- Netiquette - http://www.ietf.org/rfc/rfc1855.txt signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] vampire fails because of Debian smbldap-tools problem
Hi people, As usual I've tried a number of different approaches to this problem and can't figure it out. I don't have enough knowledge. Every time I do net rpc vampire I get this crap spewed at me: Use of uninitialized value in substitution (s///) at /usr/share/perl5/smbldap_tools.pm line 106, CONFIGFILE line 233. Use of uninitialized value in substitution (s///) at /usr/share/perl5/smbldap_tools.pm line 106, CONFIGFILE line 245. Use of uninitialized value in string at /usr/share/perl5/smbldap_tools.pm line 153. Use of uninitialized value in string at /usr/share/perl5/smbldap_tools.pm line 153. erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad hostname '' ) at /usr/share/perl5/smbldap_tools.pm line 153. Creating unix group: 'Hire Accounting' I've got this in my smbldap.conf file: # Master LDAP : needed for write operations # Ex: $masterLDAP = 127.0.0.1; $masterLDAP = guests1.guestsfurniturehire.com.au; $masterPort = 389; And /usr/share/perl5/smbldap_tools.pm line 106, has this: 101 sub subst_configvar 102 { 103 my $value = shift; 104 my $vars = shift; 105 106 $value =~ s/\$\{([^}]+)\}/$vars-{$1} ? $vars-{$1} : $1/eg; 107 return $value; 108 } 109 /usr/share/perl5/smbldap_tools.pm line 153 Says this: 150 sub connect_ldap_master 151 { 152 # bind to a directory with dn and password 153 my $ldap_master = Net::LDAP-new( 154 154 $config{masterLDAP}, These are the files provided by Debian sarge with an apt-get install smbldap-tools. And libnet-ldap-perl has been installed. I don't know what to do next. I'm hoping that someone can please help me figure out what is missing. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] input/output error
hi all! I can mount smbfs share, but when I try to edit file on that mount it gets locked and in the log file I've got this: kernel: smb_trans2: invalid data, disp=0, cnt=0, tot=0, ofs=0 kernel: smb_add_request: request [0b82ce40, mid=26] timed out! kernel 2.6.9 samba 3.0.8, 3.0.9 OS fedora core 3, (tried on freebsd, samething) tried to play with server settings, nothing helped (windows boxes work fine with the same server) Any suggestions? Thanks Alex -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
svn commit: samba r3902 - in branches/SAMBA_4_0/source/libcli/raw: .
Author: metze Date: 2004-11-22 08:15:27 + (Mon, 22 Nov 2004) New Revision: 3902 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3902 Log: fix compiler warnings metze Modified: branches/SAMBA_4_0/source/libcli/raw/raweas.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/raw/raweas.c === --- branches/SAMBA_4_0/source/libcli/raw/raweas.c 2004-11-22 07:59:14 UTC (rev 3901) +++ branches/SAMBA_4_0/source/libcli/raw/raweas.c 2004-11-22 08:15:27 UTC (rev 3902) @@ -57,7 +57,7 @@ put a ea_list into a pre-allocated buffer - buffer must be at least of size ea_list_size() */ -void ea_put_list(char *data, uint_t num_eas, struct ea_struct *eas) +void ea_put_list(void *data, uint_t num_eas, struct ea_struct *eas) { int i; uint32_t ea_size; @@ -83,7 +83,7 @@ put a chained ea_list into a pre-allocated buffer - buffer must be at least of size ea_list_size() */ -void ea_put_list_chained(char *data, uint_t num_eas, struct ea_struct *eas) +void ea_put_list_chained(void *data, uint_t num_eas, struct ea_struct *eas) { int i;
svn commit: samba r3903 - in branches/SAMBA_4_0/source/libcli/raw: .
Author: metze Date: 2004-11-22 08:31:36 + (Mon, 22 Nov 2004) New Revision: 3903 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3903 Log: better fix for -r 3902 (not introduce new warnings:-) metze Modified: branches/SAMBA_4_0/source/libcli/raw/raweas.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/raw/raweas.c === --- branches/SAMBA_4_0/source/libcli/raw/raweas.c 2004-11-22 08:15:27 UTC (rev 3902) +++ branches/SAMBA_4_0/source/libcli/raw/raweas.c 2004-11-22 08:31:36 UTC (rev 3903) @@ -57,7 +57,7 @@ put a ea_list into a pre-allocated buffer - buffer must be at least of size ea_list_size() */ -void ea_put_list(void *data, uint_t num_eas, struct ea_struct *eas) +void ea_put_list(uint8_t *data, uint_t num_eas, struct ea_struct *eas) { int i; uint32_t ea_size; @@ -83,7 +83,7 @@ put a chained ea_list into a pre-allocated buffer - buffer must be at least of size ea_list_size() */ -void ea_put_list_chained(void *data, uint_t num_eas, struct ea_struct *eas) +void ea_put_list_chained(uint8_t *data, uint_t num_eas, struct ea_struct *eas) { int i;
svn commit: samba r3904 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/lsa torture/rpc
Author: abartlet Date: 2004-11-22 08:47:47 + (Mon, 22 Nov 2004) New Revision: 3904 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3904 Log: * Add new LSA calls to open trusted domains * Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/librpc/idl/netlogon.idl branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/torture/rpc/lsa.c branches/SAMBA_4_0/source/torture/rpc/samlogon.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-22 08:31:36 UTC (rev 3903) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-22 08:47:47 UTC (rev 3904) @@ -56,10 +56,10 @@ /**/ /* Function: 0x03 */ - NTSTATUS lsa_QuerySecObj ( + NTSTATUS lsa_QuerySecurity ( [in,ref] policy_handle *handle, [in] uint32 sec_info, - [out]sec_desc_buf *sd + [out]sec_desc_buf *sdbuf ); @@ -396,8 +396,15 @@ NTSTATUS lsa_GetSystemAccessAccount(); /* Function:0x18 */ NTSTATUS lsa_SetSystemAccessAccount(); + /* Function:0x19 */ - NTSTATUS lsa_OpenTrustedDomain(); + NTSTATUS lsa_OpenTrustedDomain( + [in,ref] policy_handle *handle, + [in,ref] dom_sid2 *sid, + [in] uint32 access_mask, + [out,ref]policy_handle *trustdom_handle + ); + /* Function: 0x1a */ NTSTATUS lsa_QueryInfoTrustedDomain(); /* Function: 0x1b */ @@ -566,7 +573,12 @@ NTSTATUS lsa_SetDomInfoPolicy(); /* Function 0x37 */ - NTSTATUS lsa_OpenTrustedDomainByName(); + NTSTATUS lsa_OpenTrustedDomainByName( + [in,ref] policy_handle *handle, + [in] lsa_Name name, + [in] uint32 access_mask, + [out,ref]policy_handle *trustdom_handle + ); /* Function 0x38 */ NTSTATUS lsa_TestCall(); Modified: branches/SAMBA_4_0/source/librpc/idl/netlogon.idl === --- branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 08:31:36 UTC (rev 3903) +++ branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 08:47:47 UTC (rev 3904) @@ -255,6 +255,8 @@ /* Function 0x05 */ /* secure channel types */ + /* Only SEC_CHAN_WKSTA can forward requests to other domains. */ + const int SEC_CHAN_WKSTA = 2; const int SEC_CHAN_DOMAIN = 4; const int SEC_CHAN_BDC = 6; @@ -527,7 +529,7 @@ uint32 unknown6; uint32 unknown7; uint32 unknown8; - } netr_DELTA_ACCOUNTS; + } netr_DELTA_ACCOUNT; typedef struct { uint16 unknown; @@ -574,9 +576,9 @@ NETR_DELTA_RENAME_ALIAS = 11, NETR_DELTA_ALIAS_MEMBER = 12, NETR_DELTA_POLICY = 13, - NETR_DELTA_TRUSTED_DOMAIN = 14, + NETR_DELTA_TRUSTED_DOMAIN = 14, NETR_DELTA_DELETE_TRUST = 15, - NETR_DELTA_ACCOUNTS = 16, + NETR_DELTA_ACCOUNT = 16, NETR_DELTA_DELETE_ACCOUNT = 17, NETR_DELTA_SECRET = 18, NETR_DELTA_DELETE_SECRET= 19, @@ -599,9 +601,9 @@ [case(NETR_DELTA_RENAME_ALIAS)]netr_DELTA_RENAME *rename_alias; [case(NETR_DELTA_ALIAS_MEMBER)]netr_DELTA_ALIAS_MEMBER *alias_member; [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy; - [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain; + [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain; [case(NETR_DELTA_DELETE_TRUST)]netr_DELTA_DELETE_TRUST delete_trust; - [case(NETR_DELTA_ACCOUNTS)]netr_DELTA_ACCOUNTS *accounts; + [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account; [case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account; [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret; [case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret; @@ -626,7 +628,7 @@ [case(NETR_DELTA_POLICY)] dom_sid2 *sid;
svn commit: samba r3905 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: abartlet Date: 2004-11-22 08:50:20 + (Mon, 22 Nov 2004) New Revision: 3905 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3905 Log: (oops, missing file: samsync.c) * Add new LSA calls to open trusted domains * Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Sorry, the patch is too large (476 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3905
svn commit: samba r3906 - in branches/SAMBA_4_0/source/libcli/auth: .
Author: metze Date: 2004-11-22 10:59:46 + (Mon, 22 Nov 2004) New Revision: 3906 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3906 Log: fix compiler warnings metze Modified: branches/SAMBA_4_0/source/libcli/auth/credentials.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/auth/credentials.c === --- branches/SAMBA_4_0/source/libcli/auth/credentials.c 2004-11-22 08:50:20 UTC (rev 3905) +++ branches/SAMBA_4_0/source/libcli/auth/credentials.c 2004-11-22 10:59:46 UTC (rev 3906) @@ -172,7 +172,7 @@ /* ARCFOUR encrypt/decrypt a password buffer using the session key */ -void creds_arcfour_crypt(struct creds_CredentialState *creds, char *data, size_t len) +void creds_arcfour_crypt(struct creds_CredentialState *creds, uint8_t *data, size_t len) { DATA_BLOB session_key = data_blob(creds-session_key, 16);
svn commit: samba r3907 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/lsa torture/rpc
Author: abartlet Date: 2004-11-22 11:59:59 + (Mon, 22 Nov 2004) New Revision: 3907 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3907 Log: * Rename lsa_Name to lsa_String * Add new IDL to LSA, to query information about trusted domains (for cross-check with SamSync). Andrew Bartlett Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/torture/rpc/lsa.c branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Sorry, the patch is too large (502 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3907
svn commit: samba r3908 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: abartlet Date: 2004-11-22 12:01:14 + (Mon, 22 Nov 2004) New Revision: 3908 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3908 Log: We know that this field is a flag of some kind, and matches the output on LSA. Andrew Bartlett Modified: branches/SAMBA_4_0/source/librpc/idl/netlogon.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/netlogon.idl === --- branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 11:59:59 UTC (rev 3907) +++ branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 12:01:14 UTC (rev 3908) @@ -502,7 +502,7 @@ netr_String unknown2; netr_String unknown3; netr_String unknown4; - uint32 unknown5; + uint32 flags; uint32 unknown6; uint32 unknown7; uint32 unknown8;
svn commit: samba r3909 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: abartlet Date: 2004-11-22 12:34:34 + (Mon, 22 Nov 2004) New Revision: 3909 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3909 Log: Fix cross-reference test for trusted domains. Andrew Bartlett Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c === --- branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-22 12:01:14 UTC (rev 3908) +++ branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-22 12:34:34 UTC (rev 3909) @@ -782,7 +782,7 @@ struct lsa_OpenTrustedDomain t; struct policy_handle trustdom_handle; struct lsa_QueryInfoTrustedDomain q; - union lsa_TrustedDomainInfo info[4]; + union lsa_TrustedDomainInfo *info[4]; int levels [] = {1, 3}; int i; @@ -803,17 +803,17 @@ for (i=0; i ARRAY_SIZE(levels); i++) { q.in.trustdom_handle = trustdom_handle; q.in.level = levels[i]; - q.out.info = info[levels[i]]; status = dcerpc_lsa_QueryInfoTrustedDomain(samsync_state-p_lsa, mem_ctx, q); if (!NT_STATUS_IS_OK(status)) { printf(QueryInfoTrustedDomain level %d failed - %s\n, levels[i], nt_errstr(status)); return False; } + info[levels[i]] = q.out.info; } - TEST_STRING_EQUAL(info[1].info1.domain_name, trusted_domain-domain_name); - TEST_INT_EQUAL(info[3].info3.flags, trusted_domain-flags); + TEST_STRING_EQUAL(info[1]-info1.domain_name, trusted_domain-domain_name); + TEST_INT_EQUAL(info[3]-info3.flags, trusted_domain-flags); TEST_SEC_DESC_EQUAL(trusted_domain-sdbuf, lsa, trustdom_handle); DLIST_ADD(samsync_state-trusted_domains, new);
svn commit: samba r3910 - in branches/SAMBA_4_0/source: include libcli/util
Author: metze Date: 2004-11-22 14:28:09 + (Mon, 22 Nov 2004) New Revision: 3910 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3910 Log: add some error codes metze Modified: branches/SAMBA_4_0/source/include/doserr.h branches/SAMBA_4_0/source/libcli/util/doserr.c Changeset: Modified: branches/SAMBA_4_0/source/include/doserr.h === --- branches/SAMBA_4_0/source/include/doserr.h 2004-11-22 12:34:34 UTC (rev 3909) +++ branches/SAMBA_4_0/source/include/doserr.h 2004-11-22 14:28:09 UTC (rev 3910) @@ -183,9 +183,12 @@ #define WERR_OBJECT_PATH_INVALID W_ERROR(161) #define WERR_NO_MORE_ITEMS W_ERROR(259) #define WERR_MORE_DATA W_ERROR(234) +#define WERR_CAN_NOT_COMPLETE W_ERROR(1003) +#define WERR_INVALID_DOMAINNAME W_ERROR(1212) #define WERR_INVALID_OWNER W_ERROR(1307) -#define WERR_CAN_NOT_COMPLETE W_ERROR(1003) +#define WERR_NO_SUCH_USER W_ERROR(1317) #define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338) +#define WERR_NO_SUCH_DOMAIN W_ERROR(1355) #define WERR_SERVER_UNAVAILABLE W_ERROR(1722) #define WERR_INVALID_FORM_NAME W_ERROR(1902) #define WERR_INVALID_FORM_SIZE W_ERROR(1903) @@ -232,6 +235,9 @@ #define WERR_DFS_CANT_CREATE_JUNCT W_ERROR(NERR_BASE+569) /* DS errors */ +#define WERR_DS_SERVICE_BUSY W_ERROR(0x200e) +#define WERR_DS_SERVICE_UNAVAILABLE W_ERROR(0x200f) +#define WERR_DS_NO_SUCH_OBJECT W_ERROR(0x2030) #define WERR_DS_OBJ_NOT_FOUND W_ERROR(0x208d) Modified: branches/SAMBA_4_0/source/libcli/util/doserr.c === --- branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-11-22 12:34:34 UTC (rev 3909) +++ branches/SAMBA_4_0/source/libcli/util/doserr.c 2004-11-22 14:28:09 UTC (rev 3910) @@ -67,6 +67,12 @@ { WERR_DFS_CANT_CREATE_JUNCT, WERR_DFS_CANT_CREATE_JUNCT }, { WERR_INVALID_SECURITY_DESCRIPTOR, WERR_INVALID_SECURITY_DESCRIPTOR }, { WERR_INVALID_OWNER, WERR_INVALID_OWNER }, + { WERR_INVALID_DOMAINNAME, WERR_INVALID_DOMAINNAME }, + { WERR_NO_SUCH_USER, WERR_NO_SUCH_USER }, + { WERR_NO_SUCH_DOMAIN, WERR_NO_SUCH_DOMAIN }, + { WERR_DS_SERVICE_BUSY, WERR_DS_SERVICE_BUSY }, + { WERR_DS_SERVICE_UNAVAILABLE, WERR_DS_SERVICE_UNAVAILABLE }, + { WERR_DS_NO_SUCH_OBJECT, WERR_DS_NO_SUCH_OBJECT }, { WERR_DS_OBJ_NOT_FOUND, WERR_DS_OBJ_NOT_FOUND }, { WERR_GENERAL_FAILURE, WERR_GENERAL_FAILURE }, { WERR_PRINTQ_FULL, WERR_PRINTQ_FULL },
svn commit: samba r3911 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: gd Date: 2004-11-22 14:34:45 + (Mon, 22 Nov 2004) New Revision: 3911 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3911 Log: typo. Guenther Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c trunk/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2004-11-22 14:28:09 UTC (rev 3910) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2004-11-22 14:34:45 UTC (rev 3911) @@ -189,7 +189,7 @@ return retval; default: /* we don't know anything about this return value */ - _pam_log(LOG_ERR, internal module error (retval = %d, user = `%s', + _pam_log(LOG_ERR, internal module error (retval = %d, user = `%s'), retval, user); return retval; } Modified: trunk/source/nsswitch/pam_winbind.c === --- trunk/source/nsswitch/pam_winbind.c 2004-11-22 14:28:09 UTC (rev 3910) +++ trunk/source/nsswitch/pam_winbind.c 2004-11-22 14:34:45 UTC (rev 3911) @@ -189,7 +189,7 @@ return retval; default: /* we don't know anything about this return value */ - _pam_log(LOG_ERR, internal module error (retval = %d, user = `%s', + _pam_log(LOG_ERR, internal module error (retval = %d, user = `%s'), retval, user); return retval; }
svn commit: samba r3912 - branches/SAMBA_3_0/source/po trunk/source/po
Author: gd Date: 2004-11-22 15:20:38 + (Mon, 22 Nov 2004) New Revision: 3912 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3912 Log: More fixes to have proper german in swat. (The new german orthography is another story...) Thanks to Reiner Klaproth and Bj?\195?\182rn Jacke [EMAIL PROTECTED]. Guenther Modified: branches/SAMBA_3_0/source/po/de.msg trunk/source/po/de.msg Changeset: Sorry, the patch is too large (713 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3912
svn commit: samba r3913 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: metze Date: 2004-11-22 17:08:25 + (Mon, 22 Nov 2004) New Revision: 3913 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3913 Log: fix the build metze Modified: branches/SAMBA_4_0/source/torture/rpc/xplogin.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/xplogin.c === --- branches/SAMBA_4_0/source/torture/rpc/xplogin.c 2004-11-22 15:20:38 UTC (rev 3912) +++ branches/SAMBA_4_0/source/torture/rpc/xplogin.c 2004-11-22 17:08:25 UTC (rev 3913) @@ -392,13 +392,13 @@ { struct lsa_LookupNames l; struct lsa_TransSidArray sids; - struct lsa_Name lsaname; + struct lsa_String lsaname; uint32_t count = 0; sids.count = 0; sids.sids = NULL; - lsaname.name = name; + lsaname.string = name; l.in.handle = handle; l.in.num_names = 1;
svn commit: samba r3914 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/netlogon torture/rpc
Author: metze Date: 2004-11-22 17:14:57 + (Mon, 22 Nov 2004) New Revision: 3914 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3914 Log: add idl, torture test and simple server for netr_DrsGetDCNameEx2() metze Modified: branches/SAMBA_4_0/source/librpc/idl/netlogon.idl branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c branches/SAMBA_4_0/source/torture/rpc/netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/netlogon.idl === --- branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 17:08:25 UTC (rev 3913) +++ branches/SAMBA_4_0/source/librpc/idl/netlogon.idl 2004-11-22 17:14:57 UTC (rev 3914) @@ -1007,8 +1007,29 @@ // /* Function 0x22 */ - WERROR netr_DSRGETDCNAMEEX2(); + typedef struct { + unistr *dc_unc; + unistr *dc_address; + int32 dc_address_type; + GUID domain_guid; + unistr *domain_name; + unistr *forest_name; + uint32 dc_flags; + unistr *dc_site_name; + unistr *client_site_name; + } netr_DrsGetDCNameEx2Info; + WERROR netr_DrsGetDCNameEx2( + [in] unistr *server_unc, + [in] unistr *client_account, + [in] uint32 mask, + [in] unistr *domain_name, + [in] GUID *domain_guid, + [in] unistr *site_name, + [in] uint32 flags, + [out] netr_DrsGetDCNameEx2Info *info + ); + // /* Function 0x23 */ WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(); Modified: branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c === --- branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2004-11-22 17:08:25 UTC (rev 3913) +++ branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2004-11-22 17:14:57 UTC (rev 3914) @@ -1045,12 +1045,49 @@ /* - netr_DSRGETDCNAMEEX2 + netr_DrsGetDCNameEx2 */ -static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct netr_DSRGETDCNAMEEX2 *r) +static WERROR netr_DrsGetDCNameEx2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct netr_DrsGetDCNameEx2 *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + const char * const attrs[] = { dnsDomain, objectGUID, NULL }; + void *sam_ctx; + struct ldb_message **res; + int ret; + + ZERO_STRUCT(r-out); + + sam_ctx = samdb_connect(mem_ctx); + if (sam_ctx == NULL) { + return WERR_DS_SERVICE_UNAVAILABLE; + } + + ret = samdb_search(sam_ctx, mem_ctx, NULL, res, attrs, + ((objectClass=domainDNS)(dnsDomain=%s)), + r-in.domain_name); + if (ret != 1) { + return WERR_NO_SUCH_DOMAIN; + } + + r-out.info = talloc_p(mem_ctx, struct netr_DrsGetDCNameEx2Info); + if (!r-out.info) { + return WERR_NOMEM; + } + + /* TODO: - return real IP address +* - check all r-in.* parameters (server_unc is ignored by w2k3!) +*/ + r-out.info-dc_unc = talloc_asprintf(mem_ctx, %s.%s, lp_netbios_name(),lp_realm()); + r-out.info-dc_address = talloc_strdup(mem_ctx, 0.0.0.0); + r-out.info-dc_address_type= 1; + r-out.info-domain_guid= samdb_result_guid(res[0], objectGUID); + r-out.info-domain_name= samdb_result_string(res[0], dnsDomain, NULL); + r-out.info-forest_name= samdb_result_string(res[0], dnsDomain, NULL); + r-out.info-dc_flags = 0xE1FD; + r-out.info-dc_site_name = talloc_strdup(mem_ctx, Default-First-Site-Name); + r-out.info-client_site_name = talloc_strdup(mem_ctx, Default-First-Site-Name); + + return WERR_OK; } Modified: branches/SAMBA_4_0/source/torture/rpc/netlogon.c === --- branches/SAMBA_4_0/source/torture/rpc/netlogon.c2004-11-22 17:08:25 UTC (rev 3913) +++ branches/SAMBA_4_0/source/torture/rpc/netlogon.c2004-11-22 17:14:57 UTC (rev 3914) @@ -887,7 +887,47 @@ return True; } +/* + try a netlogon netr_DrsGetDCNameEx2 +*/ +static BOOL test_netr_DrsGetDCNameEx2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) +{ + NTSTATUS status; + struct netr_DrsGetDCNameEx2 r; + BOOL ret = True; + r.in.server_unc = talloc_asprintf(mem_ctx, %s, dcerpc_server_name(p)); + r.in.client_account = NULL; + r.in.mask = 0x; + r.in.domain_name= talloc_asprintf(mem_ctx, %s, lp_realm()); +
svn commit: samba r3915 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: metze Date: 2004-11-22 17:30:32 + (Mon, 22 Nov 2004) New Revision: 3915 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3915 Log: a few updates to the DsCrackNames() torture test metze Modified: branches/SAMBA_4_0/source/torture/rpc/drsuapi.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/drsuapi.c === --- branches/SAMBA_4_0/source/torture/rpc/drsuapi.c 2004-11-22 17:14:57 UTC (rev 3914) +++ branches/SAMBA_4_0/source/torture/rpc/drsuapi.c 2004-11-22 17:30:32 UTC (rev 3915) @@ -26,11 +26,8 @@ struct DsPrivate { struct policy_handle bind_handle; - struct GUID domain_guid; - struct GUID site_guid; - struct GUID computer_guid; - struct GUID server_guid; - struct GUID ntds_guid; + const char *domain_guid_str; + struct drsuapi_DsGetDCInfo2 dcinfo; }; static BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, @@ -110,6 +107,54 @@ dns_domain = r.out.ctr.ctr1-array[0].dns_domain_name; nt4_domain = r.out.ctr.ctr1-array[0].result_name; + r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_GUID; + + printf(testing DsCrackNames with name '%s' desired format:%d\n, + names[0].str, r.in.req.req1.format_desired); + + status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status)) { + const char *errstr = nt_errstr(status); + if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { + errstr = dcerpc_errstr(mem_ctx, p-last_fault_code); + } + printf(dcerpc_drsuapi_DsCrackNames failed - %s\n, errstr); + ret = False; + } else if (!W_ERROR_IS_OK(r.out.result)) { + printf(DsCrackNames failed - %s\n, win_errstr(r.out.result)); + ret = False; + } + + if (!ret) { + return ret; + } + + priv-domain_guid_str = r.out.ctr.ctr1-array[0].result_name; + + r.in.req.req1.format_offered= DRSUAPI_DS_NAME_FORMAT_GUID; + r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + names[0].str = priv-domain_guid_str; + + printf(testing DsCrackNames with name '%s' desired format:%d\n, + names[0].str, r.in.req.req1.format_desired); + + status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status)) { + const char *errstr = nt_errstr(status); + if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { + errstr = dcerpc_errstr(mem_ctx, p-last_fault_code); + } + printf(dcerpc_drsuapi_DsCrackNames failed - %s\n, errstr); + ret = False; + } else if (!W_ERROR_IS_OK(r.out.result)) { + printf(DsCrackNames failed - %s\n, win_errstr(r.out.result)); + ret = False; + } + + if (!ret) { + return ret; + } + r.in.req.req1.format_offered= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_FQDN_1779; names[0].str = nt4_domain; @@ -138,7 +183,7 @@ r.in.req.req1.format_offered= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_FQDN_1779; - names[0].str = talloc_asprintf(mem_ctx, %s%s$, nt4_domain, dcerpc_server_name(p)); + names[0].str = talloc_asprintf(mem_ctx, %s%s$, nt4_domain, priv-dcinfo.netbios_name); printf(testing DsCrackNames with name '%s' desired format:%d\n, names[0].str, r.in.req.req1.format_desired); @@ -276,7 +321,7 @@ r.in.req.req1.format_offered= DRSUAPI_DS_NAME_FORMAT_GUID; r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_FQDN_1779; - names[0].str = GUID_string2(mem_ctx, priv-site_guid); + names[0].str = GUID_string2(mem_ctx, priv-dcinfo.site_guid); printf(testing DsCrackNames with Site GUID '%s' desired format:%d\n, names[0].str, r.in.req.req1.format_desired); @@ -298,7 +343,8 @@ return ret; } - names[0].str = GUID_string2(mem_ctx, priv-computer_guid); + r.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + names[0].str = GUID_string2(mem_ctx, priv-dcinfo.computer_guid); printf(testing DsCrackNames with Computer GUID '%s' desired format:%d\n, names[0].str, r.in.req.req1.format_desired); @@ -320,7 +366,7 @@ return ret; } - names[0].str = GUID_string2(mem_ctx, priv-server_guid); + names[0].str = GUID_string2(mem_ctx, priv-dcinfo.server_guid); printf(testing DsCrackNames with Server GUID '%s' desired format:%d\n, names[0].str,
svn commit: samba r3916 - in branches/SAMBA_4_0/source/smb_server: .
Author: tridge Date: 2004-11-23 00:09:23 + (Tue, 23 Nov 2004) New Revision: 3916 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3916 Log: w2k3 does not check the max_setup count in nttrans requests Modified: branches/SAMBA_4_0/source/smb_server/nttrans.c Changeset: Modified: branches/SAMBA_4_0/source/smb_server/nttrans.c === --- branches/SAMBA_4_0/source/smb_server/nttrans.c 2004-11-22 17:30:32 UTC (rev 3915) +++ branches/SAMBA_4_0/source/smb_server/nttrans.c 2004-11-23 00:09:23 UTC (rev 3916) @@ -413,10 +413,13 @@ return; } +#if 0 + /* w2k3 does not check the max_setup count */ if (trans.out.setup_count trans.in.max_setup) { req_reply_error(req, NT_STATUS_BUFFER_TOO_SMALL); return; } +#endif if (trans.out.params.length trans.in.max_param) { status = NT_STATUS_BUFFER_TOO_SMALL; trans.out.params.length = trans.in.max_param;
svn commit: samba r3917 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/lsa torture/rpc
Author: abartlet Date: 2004-11-23 00:31:00 + (Tue, 23 Nov 2004) New Revision: 3917 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3917 Log: A few more LSA RPCs found in my wanderings (for trusted domains, these seem to be 'shortcut' RPCs, that just avoid an open/query pair). Rename a few others to give us a slightly sensible pattern. Andrew Bartlett Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/torture/rpc/lsa.c branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-23 00:09:23 UTC (rev 3916) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-23 00:31:00 UTC (rev 3917) @@ -435,7 +435,7 @@ } lsa_TrustedDomainInfo; /* Function: 0x1a */ - NTSTATUS lsa_QueryInfoTrustedDomain( + NTSTATUS lsa_QueryTrustedDomainInfo( [in,ref] policy_handle *trustdom_handle, [in] uint16 level, [out,switch_is(level)] lsa_TrustedDomainInfo *info @@ -544,7 +544,13 @@ ); /* Function: 0x27 */ - NTSTATUS lsa_QueryTrustDomainInfo(); + NTSTATUS lsa_QueryTrustedDomainInfoBySid( + [in,ref] policy_handle *handle, + [in,ref] dom_sid2 *dom_sid, + [in] uint16 level, + [out,switch_is(level)] lsa_TrustedDomainInfo *info +); + /* Function: 0x28 */ NTSTATUS lsa_SetTrustDomainInfo(); /* Function: 0x29 */ @@ -581,7 +587,12 @@ NTSTATUS lsa_SetInfoPolicy2(); /* Function 0x30 */ - NTSTATUS lsa_QueryTrustedDomainInfoByName(); + NTSTATUS lsa_QueryTrustedDomainInfoByName( + [in,ref] policy_handle *handle, + [in] lsa_String trusted_domain, + [in] uint16 level, + [out,switch_is(level)] lsa_TrustedDomainInfo *info + ); /* Function 0x31 */ NTSTATUS lsa_SetTrustedDomainInfoByName(); Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-11-23 00:09:23 UTC (rev 3916) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-11-23 00:31:00 UTC (rev 3917) @@ -613,10 +613,10 @@ /* - lsa_QueryInfoTrustedDomain + lsa_QueryTrustedDomainInfo */ -static NTSTATUS lsa_QueryInfoTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_QueryInfoTrustedDomain *r) +static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryTrustedDomainInfo *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } @@ -743,10 +743,10 @@ /* - lsa_QueryTrustDomainInfo + lsa_QueryTrustedDomainInfoBySid */ -static NTSTATUS lsa_QueryTrustDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_QueryTrustDomainInfo *r) +static NTSTATUS lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryTrustedDomainInfoBySid *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-11-23 00:09:23 UTC (rev 3916) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-11-23 00:31:00 UTC (rev 3917) @@ -769,12 +769,12 @@ return False; } - printf(\nTesting OpenTrustedDomain and OpenTrustedDomainByName\n); + printf(\nTesting OpenTrustedDomain, OpenTrustedDomainByName and QueryInfoTrustedDomain\n); for (i=0; i domains.count; i++) { struct lsa_OpenTrustedDomain trust; struct lsa_OpenTrustedDomainByName trust_by_name; - struct policy_handle trust_handle; + struct policy_handle trustdom_handle; struct policy_handle handle2; struct lsa_Close c; int levels [] = {1, 3, 6}; @@ -782,7 +782,7 @@ trust.in.handle = handle; trust.in.sid = domains.domains[i].sid; trust.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - trust.out.trustdom_handle = trust_handle; + trust.out.trustdom_handle = trustdom_handle;
svn commit: samba r3918 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: gd Date: 2004-11-23 01:05:31 + (Tue, 23 Nov 2004) New Revision: 3918 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3918 Log: Allow to set OWNER- and GROUP-entries while setting security descriptors with smbcacls and using with the -S or -M switch. Fixes #404 and #2076. Guenther Modified: branches/SAMBA_3_0/source/utils/smbcacls.c trunk/source/utils/smbcacls.c Changeset: Modified: branches/SAMBA_3_0/source/utils/smbcacls.c === --- branches/SAMBA_3_0/source/utils/smbcacls.c 2004-11-23 00:31:00 UTC (rev 3917) +++ branches/SAMBA_3_0/source/utils/smbcacls.c 2004-11-23 01:05:31 UTC (rev 3918) @@ -657,6 +657,14 @@ } } + if (sd-owner_sid) { + old-owner_sid = sd-owner_sid; + } + + if (sd-grp_sid) { + old-grp_sid = sd-grp_sid; + } + break; case SMB_ACL_ADD: @@ -674,7 +682,7 @@ sort_acl(old-dacl); /* Create new security descriptor and set it */ - sd = make_sec_desc(ctx,old-revision, old-type, NULL, NULL, + sd = make_sec_desc(ctx,old-revision, old-type, old-owner_sid, old-grp_sid, NULL, old-dacl, sd_size); fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS); Modified: trunk/source/utils/smbcacls.c === --- trunk/source/utils/smbcacls.c 2004-11-23 00:31:00 UTC (rev 3917) +++ trunk/source/utils/smbcacls.c 2004-11-23 01:05:31 UTC (rev 3918) @@ -657,6 +657,14 @@ } } + if (sd-owner_sid) { + old-owner_sid = sd-owner_sid; + } + + if (sd-grp_sid) { + old-grp_sid = sd-grp_sid; + } + break; case SMB_ACL_ADD: @@ -674,7 +682,7 @@ sort_acl(old-dacl); /* Create new security descriptor and set it */ - sd = make_sec_desc(ctx,old-revision, old-type, NULL, NULL, + sd = make_sec_desc(ctx,old-revision, old-type, old-owner_sid, old-grp_sid, NULL, old-dacl, sd_size); fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS);
svn commit: samba r3919 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: abartlet Date: 2004-11-23 03:11:38 + (Tue, 23 Nov 2004) New Revision: 3919 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3919 Log: Add more info levels to the QueryTrustedDomainInfo structures, with names and other assistance from the ethereal sources. More work needs to be done to validate some of the levels, which do not appear in the query - perhaps they are modification levels. Andrew Bartlett Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-23 01:05:31 UTC (rev 3918) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-23 03:11:38 UTC (rev 3919) @@ -411,27 +411,93 @@ [size_is(size),length_is(length)] uint8 *data; } lsa_DATA_BUF; + typedef [flag(NDR_PAHEX)] struct { + uint32 size; + [size_is(size)] uint8 *data; + } lsa_DATA_BUF2; + + typedef enum { + LSA_TRUSTED_DOMAIN_INFO_NAME=1, + LSA_TRUSTED_DOMAIN_INFO_2=2, + LSA_TRUSTED_DOMAIN_INFO_FLAGS=3, + LSA_TRUSTED_DOMAIN_INFO_PASSWORD=4, + LSA_TRUSTED_DOMAIN_INFO_5=5, + LSA_TRUSTED_DOMAIN_INFO_INFO_EX=6, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO=7, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO=8, + LSA_TRUSTED_DOMAIN_INFO_INFO_ALL=12 + } lsa_TrustDomInfoEnum; + typedef struct { lsa_String domain_name; - } lsa_TrustDomainInfo1; + } lsa_TrustDomainInfoName; typedef struct { uint32flags; - } lsa_TrustDomainInfo3; + } lsa_TrustDomainInfoFlags; typedef struct { + lsa_DATA_BUF *password; + lsa_DATA_BUF *old_password; + } lsa_TrustDomainInfoPassword; + + typedef struct { + lsa_String domain_name; + dom_sid2*sid; + } lsa_TrustDomainInfo5; + + typedef struct { lsa_String name; lsa_String name2; dom_sid2*sid; uint32 unknown1; uint32 unknown2; uint32 unknown3; - } lsa_TrustDomainInfo6; + } lsa_TrustDomainInfoInfoEx; + typedef struct { + HYPER_T unknown1; + uint32 unknown2; + lsa_DATA_BUF2 data; + } lsa_TrustDomainInfoBuffer; + + typedef struct { + uint32 unknown1; + lsa_TrustDomainInfoBuffer *buff1; + lsa_TrustDomainInfoBuffer *buff2; + uint32 unknown2; + lsa_TrustDomainInfoBuffer *buff3; + lsa_TrustDomainInfoBuffer *buff4; + } lsa_TrustDomainInfoAuthInfo; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoFlags flags; + lsa_TrustDomainInfoAuthInfo auth_info; + } lsa_TrustDomainInfoFullInfo; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_DATA_BUF2data1; + } lsa_TrustDomainInfo11; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_DATA_BUF2data1; + lsa_TrustDomainInfoFlags flags; + lsa_TrustDomainInfoAuthInfo auth_info; + } lsa_TrustDomainInfoInfoAll; + typedef union { - [case(1)]lsa_TrustDomainInfo1 info1; - [case(3)]lsa_TrustDomainInfo3 info3; - [case(6)]lsa_TrustDomainInfo6 info6; + [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name; + [case(LSA_TRUSTED_DOMAIN_INFO_FLAGS)] lsa_TrustDomainInfoFlags flags; + [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password; + [case(LSA_TRUSTED_DOMAIN_INFO_5)] lsa_TrustDomainInfo5 info5; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoExinfo_ex; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info; + [case(11)]lsa_TrustDomainInfo11 info11; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all; } lsa_TrustedDomainInfo; /* Function: 0x1a */ Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-11-23 01:05:31 UTC (rev 3918) +++
svn commit: samba-docs r283 - in trunk/Samba-HOWTO-Collection: .
Author: sharpe Date: 2004-11-23 06:00:23 + (Tue, 23 Nov 2004) New Revision: 283 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=283 Log: Fix a small but annoying cut-n-pasteo with the net groupmap modify exampled. You do not specify a RID on a modify command. Modified: trunk/Samba-HOWTO-Collection/NT4Migration.xml Changeset: Modified: trunk/Samba-HOWTO-Collection/NT4Migration.xml === --- trunk/Samba-HOWTO-Collection/NT4Migration.xml 2004-11-18 11:03:57 UTC (rev 282) +++ trunk/Samba-HOWTO-Collection/NT4Migration.xml 2004-11-23 06:00:23 UTC (rev 283) @@ -271,9 +271,9 @@ Keep this as a shell script for future re-use # First assign well known domain global groups -net groupmap modify ntgroup=Domain Admins unixgroup=root rid=512 -net groupmap modify ntgroup=Domain Users unixgroup=users rid=513 -net groupmap modify ntgroup=Domain Guests unixgroup=nobody rid=514 +net groupmap modify ntgroup=Domain Admins unixgroup=root +net groupmap modify ntgroup=Domain Users unixgroup=users +net groupmap modify ntgroup=Domain Guests unixgroup=nobody # Now for our added domain global groups net groupmap add ntgroup=Designers unixgroup=designers type=d rid=3200