[Samba] samba loses its browse list
hello i've asked this question a while ago, but noone could help me with it.. ill try to give more detail in this message: so, there is a samba file server on our lan, and the clients are all windows XP's. when i start the samba server, it becomes the local/domain master, and starts to build up its browse list (i can see that from the browse.dat file, and when i browse the network i can see computers in it) but after some while, cant quite define the time, it loses the list (browsing then network doesnt show up computers, and the browse.dat file becomes EMPTY) anyone has a clue, what could be causing this? or, do you need any other information? thanks in advance, cserem -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Printjobnames
Gerald (Jerry) Carter wrote: It's by design currently. The internal printing API needs to be updated to allow more information to be passed back from the underlying printing system such as job id (or something similar). And now who has to solve that jobs? The people from cups or from samba. I know with samba 2.2 the printjobnames was without the leading smbprn.0004 regards Franz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2nd try, cant print over samba
I remember that there was a bug in the printing part when using XP SP2 clients. This has been fixed in 2.2.11. First, you could use a more recent release of samba (wether 2.2.x or 3.0.x). In all samba-printing-problem-cases I've seen, *nothing* came out of the printer. So you could increase the loglevel of your cups-daemon and see, if there are any errors logged. Perhaps you have a problem with your cupsd (enable raw printing in /etc/mime.confs or something like that...) bye, Martin Jason wrote: do I not have enough info for someont to take a crack at this? hey folks. got cups set up and working on a freebsd 4.11 box running samba 2.2.10. I can print locally from the freebsd box just fine.. when I try to print from remote windows boxes on the network, I only get blank pages (may be empty banner or form feeds). but I jacked up the logging and the only error i see in there is [2005/07/01 10:37:55, 5] rpc_parse/parse_prs.c:prs_uint32(588) 86c4 buffer_size2: 86a9 [2005/07/01 10:37:55, 4] rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(168) Policy not found: [000] 00 00 00 00 10 02 00 00 00 00 00 00 B8 4C C5 42 .L.B [2005/07/01 10:37:55, 4] lib/util.c:dump_data(1549) [010] D2 06 01 00 [2005/07/01 10:37:55, 2] rpc_server/srv_spoolss_nt.c:find_printer_index_by_hnd(263) find_printer_index_by_hnd: Printer handle not found: _spoolss_writeprinter: Invalid handle (OTHER:6728 2:67612) I have the following in my smb.conf [global] printing = cups printcap name = cups hosts allow = 192.168.1. 127. and [designjet] comment = DesignJet 450C path = /var/spool/samba writeable = Yes guest ok = Yes printable = Yes printer = designjet any ideas what else to look at? -- Martin Zielinski [EMAIL PROTECTED] Software Development SEH Computertechnik GmbH www.seh.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba loses its browse list
-Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Csere Matyas Cc: samba@lists.samba.org Subject: [Samba] samba loses its browse list hello i've asked this question a while ago, but noone could help me with it.. ill try to give more detail in this message: so, there is a samba file server on our lan, and the clients are all windows XP's. when i start the samba server, it becomes the local/domain master, and starts to build up its browse list (i can see that from the browse.dat file, and when i browse the network i can see computers in it) but after some while, cant quite define the time, it loses the list (browsing then network doesnt show up computers, and the browse.dat file becomes EMPTY) anyone has a clue, what could be causing this? or, do you need any other information? Please check your network. Seems that one of your XPs is becoming the master browser. Please the nmbd logs on your samba server to know which box is becoming the master browser. If it's an XP machine, check Microsoft website. I seem to remember that there are two settings in Windows which will prevent a Windows box becoming the master browser. Cheers, Guu -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 01/07/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain Children
hi, I have a pdc domain called, 'shinyang' then, how can i create a called domain children, such as 'sycompany1.shinyang'? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba loses its browse list
hi is it possible that it looses the master browser status, and it still thinks that it is the master browser? (which it does) thanks wd Guus Leeuw jr. wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Csere Matyas Cc: samba@lists.samba.org Subject: [Samba] samba loses its browse list hello i've asked this question a while ago, but noone could help me with it.. ill try to give more detail in this message: so, there is a samba file server on our lan, and the clients are all windows XP's. when i start the samba server, it becomes the local/domain master, and starts to build up its browse list (i can see that from the browse.dat file, and when i browse the network i can see computers in it) but after some while, cant quite define the time, it loses the list (browsing then network doesnt show up computers, and the browse.dat file becomes EMPTY) anyone has a clue, what could be causing this? or, do you need any other information? Please check your network. Seems that one of your XPs is becoming the master browser. Please the nmbd logs on your samba server to know which box is becoming the master browser. If it's an XP machine, check Microsoft website. I seem to remember that there are two settings in Windows which will prevent a Windows box becoming the master browser. Cheers, Guu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] restrict share access to [EMAIL PROTECTED] only
I would like to restrict a share access for users and allow only share browsing for a valid user which connects from a certain IP. So for example, I would like to allow joe to connect to [test] only from 192.168.1.2. If Joe connects from 192.168.1.3, he should be denied access. Any ideas how can I do this? -- Tomek WPKG - automated software distribution http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind creating duplicate users
Can anyone explain how the SID is generated ?. Is there some kind of Algorithm ? yes, there is: 2xRID + 1000, 2xRGID + 1001 winbind uses some other algorithms, e.g. UID=RID+1 greez -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind-Problem with samba 3.0.14a/3.0.20pre and Solaris
Hi Guys, anybody has a idea why getent groups only lists a few groups from my NT4-Dom. ? I have configured samba with security=domain, uid and gid maps and configured nsswitch.conf to use windbind. wbinfo -g works fine but getent group stops after few domaingroups. I think the problem is the domain-user - group because i can query all domaingroups with gentent group domain\groupname except the group domain-users. This group has more the 2000 members in it, it´s possible thats the problem under solaris. I have also a linux - based NAS-head for tests here this box works fine and lists all groups with getent group. thank you Joerg Dietze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba loses its browse list
-Original Message- From: Csere Matyas [mailto:[EMAIL PROTECTED] Sent: Monday, July 04, 2005 09:16 To: Guus Leeuw jr. Cc: samba@lists.samba.org Subject: Re: [Samba] samba loses its browse list is it possible that it looses the master browser status, and it still thinks that it is the master browser? (which it does) Unless there is some grave mistake in the sources, I wouldn't think so... The master browser status is obtained via a competition protocol whereby the server with the maximum free CPU cycles normally wins the competition, and gets the status after which it will announce the new master browser. Did you check following samba configuration flag: * preferred master This flag should be set to Yes so that the samba is most likely to become master browser all the time. Cheers, Guus -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 01/07/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba loses its browse list
prefered/domain/local masters and os level are set according to the documentation. i can see that it wins the election, but i cant see that another computer wins after that, however, if i issue smbclient -L samba_machine i can clearly see that it is the master for the domain, and also that there arent any other computers recognised by it. Guus Leeuw jr. wrote: -Original Message- From: Csere Matyas [mailto:[EMAIL PROTECTED] Sent: Monday, July 04, 2005 09:16 To: Guus Leeuw jr. Cc: samba@lists.samba.org Subject: Re: [Samba] samba loses its browse list is it possible that it looses the master browser status, and it still thinks that it is the master browser? (which it does) Unless there is some grave mistake in the sources, I wouldn't think so... The master browser status is obtained via a competition protocol whereby the server with the maximum free CPU cycles normally wins the competition, and gets the status after which it will announce the new master browser. Did you check following samba configuration flag: * preferred master This flag should be set to Yes so that the samba is most likely to become master browser all the time. Cheers, Guus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] limiting netlogon scripts to a subnet?-will this work?
John H. schrieb: Would this work? The problem is, I do not have roaming profiles in use(As it is not practical for us, as users tend to use the same computers). I want only users with IP from 192.168.1.x to load the databases. The loaddatabases.cmd file in question would contain rem Grab IP address and dump to a file ipconfig %userprofile%\ipconfig.txt echo Checking for your location findstr 192.168.1 %userprofile%\ipconfig.txt if errorlevel 1 goto notLoading echo Loading Databases rd /S /Q C:\Access\Databases xcopy /C /Y /K /F /Z /Q /E /H Q:\Access\FrontEnds C:\Access\Databases\ goto end :notLoading echo Not loading Databases goto :end :end __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com hi, time ago i wrote a netlogon script that checks the ip of the inloging client to match a vpn net and do not install printers drivers , this was for win 2000 german version, it isnt what you looking for but may help to setup equal jobs @echo off REM we look if the login is from vpn range ipconfig |FIND IP |FIND . %temp%.\$ for /F tokens=2 delims=: %%I in (%temp%.\$) do set IP=%%I del %temp%.\$ set IP=%IP:~1% echo IP=%IP% REM 10.10.3.0 is a login via vpn pptpd net ip Set | Find IP=10.10.3. NUL If ErrorLevel 1 GoTo Check GoTo End REM now we will see if the loging machine matches our office, cause we have different printer autoinstalls for different offices, which are reflected by the clients name :Check Echo COMPUTERNAME=%COMPUTERNAME% Set | Find COMPUTERNAME=LAPRD NUL If ErrorLevel 1 GoTo Next GoTo FOUND :Next Echo COMPUTERNAME=%COMPUTERNAME% Set | Find COMPUTERNAME=WSRD NUL If ErrorLevel 1 GoTo Next2 GoTo FOUND :Next2 REM Echo match not found REM pause GoTo End :FOUND REM Ok the logged in machine belongs to our office, check if the user belongs to our office ifmember /v /l DOMAINAME\rdusers REM ok the machine matches our office , the user matches our office lets give him the printers if errorlevel 1 call rdprinstall.bat GoTo End :End Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compilation of samba-2.2.2 on AIX415 failed
Hi... I had that error also. I fixed that including this line #include sys/select.h in nsswitch/wb_common.c Regards Marcelo No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 01/07/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ntlm_auth doesn`t work with machine accounts
I try tu use ntlm_auth with a freeradius doing peap authentification. AFAIK, if I want to log my user on a domain, I have to authenticate my machine before. I saw many EAP request from my machine using host/hostname.domain.org as Username... that's why I want to authenticate my machine... Regards, Jeremy Andrew Bartlett a écrit : On Thu, 2005-06-30 at 21:11 +0200, Jérémy Cluzel wrote: Hi, I saw your post on the samba ML... I've the same problem... do you find a solution ? Someone told me to rewrite the auth_ntlm... but I think I'm not able to do this.. This isn't to do with ntlm_auth, but either the winbind backend or the remote server. I need to see traces, from a modified windows server, set to sign (rather than seal) schannel requests to the DC. This should give me the information to allow this to work. I never expected machine accounts to be able to use NTLM authentication, as it goes against historical practice. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Annoying lpq commands appear after testparm
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Geoff Scott wrote: I am using a master-smb.conf with one other include for the shares file. Every time that I do a testparm -s master-smb.conf and then check the resulting file I see these config directives, which I haven't defined: printing = cups print command = lpq command = %p lprm command = But this is after I have defined printing = cups, any ideas why? Or is this standard behaviour? This is actually required since the background lpq daemon was introduced. Someone needed to have a sharename != cups printer name. Just ignore it. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyThEIR7qMdg1EfYRAvK1AJ9Xb0XsxEGyldsk/SXgg5cRjXNaOQCeJ7pV juAO34J606jI3pOlygY64wY= =6j5/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Printjobnames
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Franz Pförtsch wrote: Gerald (Jerry) Carter wrote: It's by design currently. The internal printing API needs to be updated to allow more information to be passed back from the underlying printing system such as job id (or something similar). And now who has to solve that jobs? The people from cups or from samba. I know with samba 2.2 the printjobnames was without the leading smbprn.0004 Yeah. And Samba 2.2. was actually broken when mapping cups jobs to CIFS joib ids as a result of this. I'll accept any patches that fix this issue but don't break other functionality. I just don't have time at the moment to work on it myself. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyTinIR7qMdg1EfYRAi4sAJ9ogitiTHVPtM3lVjKaAeF39sqMaQCg65qD jGhfRdndf2+HAWIWlpwAbdM= =26qq -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: unknown auth type 9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Don Watson wrote: Jerry, Thanks to a lot of advice from John Terpstra, I believe I have solved the problem. The root user must be in the ldap database, and its password must be set (I used smbldap-passwd for this). On the Windows side, use the Administrator user to add the machine to the domain. The only thing I'm not sure of is the relationship between the Windows Administrator user and the Linux root user. There should be no relationship actually. With the introduction of privileges in Samba 3.0.11, you don't need root any more. What people originally did was to create a user named Administrator with a uid of 0 and a rid of 500. It was never really necessary. Administrator is just a name that people were less afraid of than root. I just created an account named root with a different password. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyTwkIR7qMdg1EfYRAhOyAJ9zqaAC/hQ31hYFwHp0dEz43csDGwCgok1j Jk3hRiBQRmsdA3n16hFitVs= =btnM -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Lock accounts with SAMBA
Hi, I'm a busy sysadmin locking and unlocking user accounts. I'd like to be able to do it from my linux -kerberos enabled samba workstation. I can easily use net commands to see if a user's account is locked in the ADS. How do I actually lock it from within samba. I've written a user management system at the school that does lots of things, I'd like it to be able to do this using Linux. So any advice, would be great fully appreciated. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] finding # of people using a share
Samba/bin/net status sessions Samba/bin/net status shares First shows status of all sessions logged in, second shows which processes are attached to which shares. Also, smbstatus will report a simplar report with the combination of the two, we prefet 'net status' command though because it's referenced by username rather than just process id. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tomasz Chmielewski Sent: Saturday, July 02, 2005 1:07 PM To: Charles McLaughlin Cc: samba@lists.samba.org Subject: Re: [Samba] finding # of people using a share Charles McLaughlin schrieb: Hello, Is there a way to find the number of people using a samba share? I'd like to know if people have files open before I restart samba or reboot the server. Maybe smbstatus? -- Tomek WPKG - automated software deployment with Samba http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind creating duplicate users
i think if you fix the problem with the ridbase you will also solve the problem of having duplicated users you could also try to set winbind trusted domains only = yes greez -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Lock accounts with SAMBA
Look into ldap; if you are a busy admin as you say you are - then why re-invent the wheel? There are numerous LDAP account management systems, and bearing in mind that you're using linux somewhere at the desktop level - you can use LDAP for BOTH samba and UNIX accounts. As far as locking/unlocking an account goes, simply enable/disable it via LDAP, simple ldapmodify command from the shell and you're good to go - or even better, use PERL and make yourself a simple web-interface if you'd prefer. In my humble experience, LDAP is definetly the way to go. We've got a single LDAP repository of all users, domains, machine accounts, idmaps, etc. This repository is then made redundant by slave ldap servers which also enables load-sharing, and fail-safe systems. It's eay to work with, works across almost any platform: we have Sun Solaris/Sparc Workstations, FreeBSD servers workstations on the UNIX side using nss_ldap and pam_ldap, as well as numerous windows accounts in a domain environment serviced by the FreeBSD servers running OpenLDAP and Samba. We're using LAM (LDAP Account Manager); a free(ly) available PHP-based LDAP Account Management GUI - which allows us to administer users, accounts, and machine accounts from anywhere on the network via a web browser. If time, conveinience, and ease-of-use are you biggest administrative hurdles - then LDAP is what you're missing. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christopher Welsh Sent: Monday, July 04, 2005 9:45 AM To: samba@lists.samba.org Subject: [Samba] Lock accounts with SAMBA Hi, I'm a busy sysadmin locking and unlocking user accounts. I'd like to be able to do it from my linux -kerberos enabled samba workstation. I can easily use net commands to see if a user's account is locked in the ADS. How do I actually lock it from within samba. I've written a user management system at the school that does lots of things, I'd like it to be able to do this using Linux. So any advice, would be great fully appreciated. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Users and smbldap-useradd
FYI: i had to change smbldap-tools a little bit
function sub group_add_user in smbldap-tools.pm
i used the scripts to vampire a NT PDC
all users were added to the group Domain Users although it's there
default group - thus i had 300 users in a group, which unecesarily took
resources
if ($is_member == 1) {
print User \$userid\ already member of the group
\$group\.\n;
} else {
// new line
if ($dn ne cn=Domain Users,dc=) {
//go on
}
greez
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution
Deutscher Platz 6
D-04103 Leipzig
Germany
Phone: 49 (0)341 - 3550 137
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Can't Start SMB Services and Question
Benjamin,
I made the suggested correction (and another one that I should already
have done: create the /scripts directory and put the login.bat into
it--doh), and there's improvement. Now I get an
NT_STATUS_BAD_NETWORK_NAME error. That's a separate problem that I need
to work, and I think I know what's causing it.
However, I still need to run under a different smb.conf (and hence the
network name problem) because with the smb config file I attached
earlier, I still can't run smb services.
Attached is the testparm output, still reflecting no (syntactical) errors.
Thanks for your help.
Eric Hines
Benjamin Biel wrote:
Hi Mr. E Hines,
check following typs in your conf.
- logon script = scripts\login.bat
+ logon script = \scripts\login.bat
Besfor make testparm and send me your srenn, then i can help you better.
--
He can compress the most words into the smallest ideas of any man
I ever met.
- Abraham Lincoln
Load smb config files from smb.conf.example3_4
Processing section [printers]
Processing section [IPC$]
Processing section [homes]
Processing section [netlogon]
Processing section [profiles]
Processing section [accounts]
Processing section [backups]
Processing section [apps]
Loaded services file OK.
# Global parameters
[global]
workgroup = DOM_TEST
interfaces = eth1, lo
bind interfaces only = Yes
passdb backend = tdbsam
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n
*Password*changed*
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = \scripts\login.bat
logon path = \\%L\profiles\%U
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap ssl = no
utmp = Yes
idmap uid = 1-2
idmap gid = 1-2
map acl inherit = Yes
veto files = /*.eml/*.nws/*.{*}/
veto oplock files = /*.doc/*.xls/*.mdb/
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
use client driver = Yes
default devmode = Yes
browseable = No
[IPC$]
path = /tmp
hosts allow = 192.168.1.0/24, 127.0.0.1
hosts deny = 0.0.0.0/0
[homes]
comment = Home Directories
valid users = %S
read only = No
map acl inherit = No
veto files =
veto oplock files =
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[accounts]
comment = Quicken Files
path = /data/accounts
read only = No
[backups]
comment = Miscellaneous Backups
path = /data/backups
read only = No
[apps]
comment = Application Files
path = /apps
admin users = mfwic
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sambaserver slows down, too many smbd processes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gerald (Jerry) Carter wrote: Holger Wesser wrote: Sorry folks for asking again, but I don't know how to get the problem solved. My Samba server works fine, but after some days the server doesn't kill old smbd processes, so a ps aux looks like that: Are you reexporting NFS shares by chance ? Run an strace on one of the smbd process and see what it is doing. No, I am not reexporting NFS shares. Well, I will strace the parent and child processes of smbd and collect as many informations as I can ;-) Holger -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyVIZO0QDuZMdP0sRAneIAJ95k2MEaZsO24AJ9RvrjJgU1/7NcgCbBpAJ Q1mV1Q5WWhVoe7E31G73Hpw= =oi2A -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Users and smbldap-useradd
Michael,
Please email me your modified smbldap-tools.pm. I'd like to check this out and
will then follow up with Jerome Tournier (author and maintainer of the
smbldap-tools).
Thanks.
- John T.
On Monday 04 July 2005 08:01, Michael Gasch wrote:
FYI: i had to change smbldap-tools a little bit
function sub group_add_user in smbldap-tools.pm
i used the scripts to vampire a NT PDC
all users were added to the group Domain Users although it's there
default group - thus i had 300 users in a group, which unecesarily took
resources
if ($is_member == 1) {
print User \$userid\ already member of the group
\$group\.\n;
} else {
// new line
if ($dn ne cn=Domain Users,dc=) {
//go on
}
greez
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution
Deutscher Platz 6
D-04103 Leipzig
Germany
Phone: 49 (0)341 - 3550 137
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Machine accounts
I 'm trying to figure out why my samba box can 't get any information about trusted w2k ad domains. The linux samba server is a domain member of a w2k domain. Everything is fine with this domain, but I can 't get sequence numbers, nor users, nor groups from others domains in the active directory. The main error seems to be Server not found in kerberos database when it tries to connect to others domain controllers. As an example, for one of this domains, winbind.log shows this: [2005/07/04 12:18:26, 10] nsswitch/winbindd_util.c:add_trusted_domains(221) Found domain SIDOR [2005/07/04 12:18:26, 10] nsswitch/winbindd_cache.c:domain_sid(1407) domain_sid: [Cached] - doing backend query for info for domain SIDOR [2005/07/04 12:18:26, 3] nsswitch/winbindd_ads.c:domain_sid(900) ads: domain_sid [2005/07/04 12:18:26, 3] libads/ldap.c:ads_connect(285) Connected to LDAP server 10.50.180.51 [2005/07/04 12:18:26, 3] libads/ldap.c:ads_server_info(2469) got ldap server name [EMAIL PROTECTED], using bind path: dc=SIDOR,dc=TECHINT,dc=NET [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(211) ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED] [2005/07/04 12:18:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(389) ads_krb5_mk_req: krb5_get_credentials failed for [EMAIL PROTECTED] (Server not found in Kerberos database) [2005/07/04 12:18:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(389) ads_krb5_mk_req: krb5_get_credentials failed for [EMAIL PROTECTED] (Server not found in Kerberos database) [2005/07/04 12:18:27, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain SIDOR failed: Server not found in Kerberos database This is samba 3.0.14a, mit kerberos 1.3.6. The log shows it 's trying to connect with [EMAIL PROTECTED] But if I try manually: kinit [EMAIL PROTECTED] it gives client not found in kerberos database. It does work if I don 't put the dollar sign (ie. [EMAIL PROTECTED]). Can anyone give a clue how to solve this or what test i can do ? Thanks, Martin mail2web - Check your email from the web at http://mail2web.com/ . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba interface for administrative tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ilia Chipitsine wrote: I heard that libmsrpc is under heavy development now, am I right that such library also allows creating an opposite tool, such as unix command line utility for remote registry management ? if so, I'll take a closer look at it, I need such utility! :-) We've got someone working on a libmsrpc library in Samba 3 over the next few months. And several people have expressed interested in such a registry editing tool. Jelmer has already done some work on a tool named regshell in the Samba 4 branch. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyVd5IR7qMdg1EfYRAnFQAJ4rUtoruMLFkzLFgf0QygQHBRl6sgCfSVkm GWsxbh9sUoRKijDIDn9ZkuM= =BqNL -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba interface for administrative tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rhys Goodwin wrote: It seems to me that the very best place to store all samba conf options is in the ldap dir. I got all excited when I was taking a look at the samab3 schema and saw the sambaConfigOption objectclass, found out that is not implimented yet. Maybe Im being a bit narrow minded to assume that everyone is using an ldap back end? I like the idea of being able to whip up a very tidy windows based (MMC?) samba console and requiring only ldap connection to the server and be able to FULLY control samba. Perhaps smbd could be setup to be quite particular about when and how it would reaload options from the directory? Hope Im not on a different wave length to the rest of you! :) One of the things Beast and I were talking about is the separation needed between the access protocol and the data storage interface. I am in favor of using LDAP for sharing configuration data between servers. It doesn't make sense to me as the configuration repository for a single server though except in very specific circumstances. That said, I would expect to see more work in this area as time goes on. There's no definite design or timeline for integrating configuration data with an LDAP directory service, but there is interest. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyVjuIR7qMdg1EfYRAkj4AKCnx3Y0dVq/SjW7rUaHTe5F+dokuACgrR84 /iOGXVtS9DERRDnsxKurm9s= =5FCX -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Users and smbldap-useradd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John H Terpstra wrote: Michael, Please email me your modified smbldap-tools.pm. I'd like to check this out and will then follow up with Jerome Tournier (author and maintainer of the smbldap-tools). Or better yet, just file a bug at https://bugzilla.samba.org/ under the smbldap-tools component of Samba3. You can just attach the patch there. The idealx developers receive those bug reports directly. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyVmcIR7qMdg1EfYRAisYAJ4zHXQbPKxbGa3SUQqNngoCuIyFawCeI6BI sNs6rHmm4/3poFHuVtCmKLo= =1mcu -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3+LDAP: Can't join domain.
Hi everyone!! I'm having a bit of trouble join a Samba 3 PDC with LDAP authentication. First some tips on what system I'm using: - Debian Sarge - Samba 3.0.14a-Debian - OpenLDAP 2.2.24 : Protocol v.3 Well, Now I'll explain the problem and show you some log output. When ever I try to join the domain I get the following error: --begin- # net rpc join GICOMMNET Creation of workstation account failed Unable to join domain GICOMMNET. --end- So, I check my logs to see what's wrong and I see this in the Samba log: --begin- [2005/07/04 17:29:36, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244) get_md4pw: Workstation DAVIDSZANTO$: no account in domain Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1005, DATA line 283. [2005/07/04 17:29:39, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w davidszanto$' gave 1 --end So I check if everything alright with my smbldap-useradd command, and I try creating the account manually using exactly the same command. Everything works fine. The account is created and machine davidszanto$ is created. So then I scratch my head a bit, and while I'm loosing most of my hair I try something a bit easier. Let's see if I can recover the user list or the group list. I use the net user -I 192.168.xxx.xxx and it works fine. I get the whole list and smae with groups. So, if everything looks fine, where's the mistake? I try joining again and this time I check the slapd log as well and I get the biggest transaction log record in history!! : --begin-- Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35 Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): checking for input on id=35 Jul 4 17:38:49 localhost slapd[8515]: do_bind Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) Jul 4 17:38:49 localhost slapd[8515]: dnPrettyNormal: cn=admin,dc=gicomm,dc=iberica,dc=esp Jul 4 17:38:49 localhost slapd[8515]: dnPrettyNormal: cn=admin,dc=gicomm,dc=iberica,dc=esp, cn=admin,dc=gicomm,dc=i berica,dc=esp Jul 4 17:38:49 localhost slapd[8515]: do_bind: version=3 dn=cn=admin,dc=gicomm,dc=iberica,dc=esp method=128 Jul 4 17:38:49 localhost slapd[8515]: do_bind: v3 bind: cn=admin,dc=gicomm,dc=iberica,dc=esp to cn=admin,dc=gicomm,dc=i berica,dc=esp Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: conn=35 op=0 p=3 Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: msgid=1 tag=97 err=0 Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35 Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): checking for input on id=35 Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) Jul 4 17:38:49 localhost slapd[8515]: do_search Jul 4 17:38:49 localhost slapd[8515]: dnPrettyNormal: Jul 4 17:38:49 localhost slapd[8515]: dnPrettyNormal: , Jul 4 17:38:49 localhost slapd[8515]: = send_search_entry: dn= Jul 4 17:38:49 localhost slapd[8515]: = send_search_entry Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: conn=35 op=1 p=3 Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: msgid=2 tag=101 err=0 Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35 Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): checking for input on id=35 Jul 4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) Jul 4 17:38:50 localhost slapd[8515]: do_search Jul 4 17:38:50 localhost slapd[8515]: dnPrettyNormal: dc=gicomm,dc=iberica,dc=esp Jul 4 17:38:50 localhost slapd[8515]: dnPrettyNormal: dc=gicomm,dc=iberica,dc=esp, dc=gicomm,dc=iberica,dc=esp Jul 4 17:38:50 localhost slapd[8515]: = bdb_search Jul 4 17:38:50 localhost slapd[8515]: bdb_dn2entry(dc=gicomm,dc=iberica,dc=esp) Jul 4 17:38:50 localhost slapd[8515]: search_candidates: base=dc=gicomm,dc=iberica,dc=esp (0x0001) scope=2 Jul 4 17:38:50 localhost slapd[8515]: = bdb_dn2idl( dc=gicomm,dc=iberica,dc=esp ) Jul 4 17:38:50 localhost slapd[8515]: = bdb_equality_candidates (objectClass) Jul 4 17:38:50 localhost slapd[8515]: = key_read Jul 4 17:38:50 localhost slapd[8515]: = bdb_index_read: failed (-30990) Jul 4 17:38:50 localhost slapd[8515]: = bdb_equality_candidates: id=0, first=0, last=0 Jul 4 17:38:50 localhost slapd[8515]: = bdb_equality_candidates (uid) Jul 4 17:38:50 localhost slapd[8515]: = key_read Jul 4 17:38:50 localhost slapd[8515]: = bdb_index_read: failed (-30990) Jul 4 17:38:50 localhost slapd[8515]: = bdb_equality_candidates: id=0, first=0, last=0 Jul 4 17:38:50 localhost slapd[8515]: bdb_search_candidates: id=0 first=1 last=0 Jul 4 17:38:50 localhost slapd[8515]: bdb_search: no candidates Jul 4 17:38:50 localhost
[Samba] limit login to some domain workstations
Hi everybody, I'm interested in forcing users to login only to certain machines. I saw in the output of pdbedit -Lv the voice Workstations:, but i can't find a command to change this value I'm using Samba 3.14 on Debian Sarge - TLS LDAP. With many thanks. Regards, Sylvain MEDEOT ___ Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger Téléchargez cette version sur http://fr.messenger.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to get recycle to work
I have this one remaining issue before I can declare my Samba rollout to be successful. I have been trying to implement the recycle feature. My server is a Dell Intel, with Redhat Enterprise 3.0 Linux and Samba 3.0.14 (I believe I have all the string and the periods in the right place). Here is the recycle configuration I have for a share, as my test: [contractors] comment = Contractors database files path = /database/contractors writeable = yes guest ok = yes vfs object = /usr/lib/samba/vfs/recycle.so vfs options = /etc/samba/recycle.conf ;recycle:repository = .deleted ;recycle:keeptree = Yes ;recycle:touch = Yes ;recycle:versions = No create mask = 0777 directory mask = 0777 force group = everyone oplocks = no level2 oplocks = no blocking locks = no locking = no strict locking = no share modes = no veto oplock files = /*.mdb/*.ldb/*.mde/ I have also tried entering the options in the smb.conf instead of using the recycle.conf file, as you can see Errors I get are (snipped from log file): [2005/06/30 08:17:16, 0] smbd/nttrans.c:call_nt_transact_ioctl(1956) call_nt_transact_ioctl(0x9009c): Currently not implemented. [2005/06/30 09:09:50, 0] param/loadparm.c:map_parameter(2425) Unknown parameter encountered: vfs options [2005/06/30 09:09:50, 0] param/loadparm.c:lp_do_parameter(3159) Ignoring unknown parameter vfs options [2005/06/30 09:11:18, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:18, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:18, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:33, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:33, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:33, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:33, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:36, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:36, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:36, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:36, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:36, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:36, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:36, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:36, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:39, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:39, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:39, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:39, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:53, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:53, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:53, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:53, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:53, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:53, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:53, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:53, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 09:11:56, 0] smbd/vfs.c:smb_register_vfs(182) VFS module recycle already loaded! [2005/06/30 09:11:56, 0] smbd/vfs.c:vfs_init_custom(254) Can't find a vfs module [/usr/lib/samba/vfs/recycle.so] [2005/06/30 09:11:56, 0] smbd/vfs.c:smbd_vfs_init(317) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/recycle.so [2005/06/30 09:11:56, 0] smbd/service.c:make_connection_snum(581) vfs_init failed for service contractors [2005/06/30 16:06:29, 1] smbd/service.c:close_cnum(880) 001merit (192.168.0.25) closed connection to service liza [2005/06/30 16:06:29, 1]
Re: [Samba] change machine password
Hi Tilo Lutz schrieb: I use some programs to clone a windows workstation and duplicate it's image on other workstations. After cloning I change the workstation name and add a machine account on the samba pdc. Now I want to create a new password for the workstation account and store it. I use Suse Linux 9.3 as samba pdc. samba version is 3.0.13. How can I set the password for a workstation? Am Sonntag, 3. Juli 2005 17:24 schrieben Sie: It is set automatically when you join the domain. Just leave the domain and join it again, your problem will be solved. I don't want to rejoin the domain. This would require interaction from the administrator after cloning. I want a solution which works fully without interaction. Cheers, Tilo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to get recycle to work
On Monday 04 July 2005 10:27, Liz Ackerman wrote: I have this one remaining issue before I can declare my Samba rollout to be successful. I have been trying to implement the recycle feature. My server is a Dell Intel, with Redhat Enterprise 3.0 Linux and Samba 3.0.14 (I believe I have all the string and the periods in the right place). Here is the recycle configuration I have for a share, as my test: Validate the path to the location of the recycle.so file from your smbd binary as shown here: smbd -b | grep LIBDIR The output should be: LIBDIR: /usr/lib/samba Then locate the recycle.so file in the directory /usr/lib/samba/vfs/ i.e., in a subdirectory of the LIBDIR called 'vfs' The following modifications should make it work: [contractors] comment = Contractors database files path = /database/contractors writeable = yes guest ok = yes vfs object = /usr/lib/samba/vfs/recycle.so vfs options = /etc/samba/recycle.conf vfs object = recycle:recycle recycle:repository = .deleted recycle:keeptree = Yes recycle:touch = Yes recycle:versions = No ;recycle:repository = .deleted ;recycle:keeptree = Yes ;recycle:touch = Yes ;recycle:versions = No create mask = 0777 directory mask = 0777 force group = everyone oplocks = no level2 oplocks = no blocking locks = no locking = no strict locking = no share modes = no veto oplock files = /*.mdb/*.ldb/*.mde/ I have also tried entering the options in the smb.conf instead of using the recycle.conf file, as you can see Let me know if you still have a problem. Cheers, John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Update Rollup 1 for Windows 2000 SP4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oktay Akbal wrote: Hello. Anyone else experiencing Problems with this update ? We do have W2k AD. And Samba Member-Server. This is done via Winbind without using Kerberos. After installing the Update to our AD-Servers. It seems that winbind lost its connectivity. wbinfo -t worked. wbinfo -u showed errors. After removing the update from all our servers, winbind works again. Should I move our configuration to kerberos ? Can you send me a download link to the update rollup? I've a hunch this might be introducing similar behavior that we saw with Windows 2003 sp1. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCyXH1IR7qMdg1EfYRAnvmAJ95R2HQkyEBlatBrwGEFTs0uAtkiwCgnLjr 41eHQ5of5VbdBxT5by6IW4M= =Stxs -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba3+LDAP: Can't join domain.
El Lunes, 4 de Julio de 2005 18:33, escribió: Hi Fabio! Thanks for the quick response!! El Lunes, 4 de Julio de 2005 17:12, escribió: Hi! I manage a PDC with the same configuration. I suggest you to check SID in LDAP directory and smbldap configuration. net groupmap list shows errors? I've tried it again, just to make sure, and it doesn't show any errors... except that last time I so such a configuration samba groups maped correctly to their posix group name, and now I only get gidNumbers?? I've double checked my nsswitch.conf and libnss-ldap.conf files and I can't see what's wrong: -- begin # net groupmap list Gerencia (S-1-5-21-1243414039-471885888-144306045-21015) - 10007 Ventas y Comerciales (S-1-5-21-1243414039-471885888-144306045-21025) - 10012 Contabilidad (S-1-5-21-1243414039-471885888-144306045-5007) - 10005 Recambios (S-1-5-21-1243414039-471885888-144306045-21021) - 10010 Chapa y Pintura (S-1-5-21-1243414039-471885888-144306045-21009) - 10004 Administracion (S-1-5-21-2139989288-483860436-2398042574-21003) - 10001 Imperial de AutomBritFujiyama Motor (S-1-5-21-1243414039-471885888-144306045-21013) - 10006 Vook Rent a Car (S-1-5-21-1243414039-471885888-144306045-21027) - 10013 British Car (S-1-5-21-2139989288-483860436-2398042574-21007) - 10003 Talleres y Mecanicos (S-1-5-21-1243414039-471885888-144306045-21023) - 10011 Todos (S-1-5-21-2139989288-483860436-2398042574-21029) - 10014 London Taxi Company (S-1-5-21-1243414039-471885888-144306045-21019) - 10009 Informatica (S-1-5-21-2139989288-483860436-2398042574-21031) - 10015 Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) - 512 Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - 513 Domain Guests (S-1-5-21-2139989288-483860436-2398042574-514) - 514 Domain Computers (S-1-5-21-2139989288-483860436-2398042574-515) - 515 Administrators (S-1-5-32-544) - 544 Account Operators (S-1-5-32-548) - 548 Print Operators (S-1-5-32-550) - 550 Backup Operators (S-1-5-32-551) - 551 Replicators (S-1-5-32-552) - 552 -- end -- nsswitch.conf - passwd: files ldap group: files ldap shadow: files ldap ... -- end -- -- libnss-ldap.conf --- base dc=gicomm,dc=iberica,dc=esp uri ldap://127.0.0.1/ ldap_version 3 rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp scope sub -- end -- The SID I get from net getlocalsid is: SID for domain GICOMM is: S-1-5-21-2139989288-483860436-2398042574 And I've compared it to the entries in my LDAP directory and they seem correct. Examples: User XXX has : sambaPrimaryGroupSID: S-1-5-21-2139989288-483860436-2398042574-513 sambaSID: S-1-5-21-2139989288-483860436-2398042574-3204 Any ideas? THANX a LOT!!! David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Update Rollup 1 for Windows 2000 SP4
The Information is at: http://support.microsoft.com/?scid=kb%3Ben-us%3B891861 The Download: http://www.microsoft.com/downloads/details.aspx?amp;amp;displaylang=enfamilyid=c0a2ca36-1179-431c-80e6-60a494d3823ddisplaylang=en or via windowsupdate. Thanks. Oktay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Questions regarding ADS
I 've spent the last week troubleshooting a configuration issue regarding samba not being able to connect to other domains beside the domain of which it 's a member server (samba 3.0.14a, krb 1.3.6, w2k). I have some doubts perhaps someone can answer... Suppose this scenario: Samba name : SAMBA Main domain: DOMAINA (domain controller = DCA) Others domains : DOMAINB, DOMAINC (domain controllers DCB y DCC) 1) When samba tries to connect via kerberos to others domains, which principal is supposed to use? I 'd think it is [EMAIL PROTECTED] What I see is that it first connects via LDAP using this machine account but then tries to connect via kerberos with [EMAIL PROTECTED] or [EMAIL PROTECTED] Is this correct or I am not understanding the logfiles correctly? 2) Is wbinfo --set-auth-user still needed? I 'm not using it because I read somewhere that with 3.0+ is not needed anymore. 3) My krb5.conf doesn 't contain any references to servers. All it contains is dns_lookup_realm=true, dns_lookup_kdc=true and default_realm=X. Do I need anything specific or current krb5 can obtain everything it needs from the DNS? 4) Do I need to do the ktpass thing at the windows DC? Documentation doesn 't say I should, but I keep reading in the web examples of importing the data into the keytab. Thanks. I 've already posted some days my log files trying to find some specific help but probable my post was too unnecesary complicated. Perhaps if anyone can answer this more-generic questions I can advance a step in the resolution of the problem. Regards, Martin mail2web - Check your email from the web at http://mail2web.com/ . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Compile Error on 3.0.7 and 3.0.8 Pre 1 on X64 Fedora
Hi Exact same error occures on a dual AMD64 Fedora Core 3 64 bit with samba 3.0.20Pre1. However, I have discovered taht putting the compile option -m32 in the C compiler flags, which force 32 bit compilation, the error doesn't happen. The sad part of the story is that compilation crash later in the process. It may be a compilatotor/linker error when assembler code is created, but it may as well be some some 32/64 bit spesific code creating this odd stuff. The generated assemblercode is deleted before I could investigate it, and I haven't the knowledge of how to keep it. A medicine to this problem should be found, and I am sure it exists because a samba 3.10.x rpm compiled for Fedora Core 3 64 bit is in existence. Sadly, I havent' been able to find those settings. Maybe someone knows? with best regards Bent Vangli -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compromising security
Recently, I was thinking if my setup is secure. When the workstations start, they also start a script, which connects to a Samba share with username/password (and there is software in this share, with the registration keys etc. important data). On a workstation, this script can't be read by a normal user (I was considering some sort of simple pseudo-encrypting, which would turn plaintext usernames/passwords into a pseudo-encrypted file; in case the disk or one of workstations is stolen). But then I realised, that probably it's much easier to get all credentials, without stealing a disk or decrypting a file with passwords, so all efforts to protect the shares with usernames/passwords and encrypting the script are probably useless. All that should be done is to unplug the workstation from the network, then plug a laptop with a network sniffer into the workstation (connect the network cards), and watch the traffic... If the laptop acts with a name of a real server, and has encrypt passwords = no - would the workstation send the credentials in plaintext, and thus, all carefully crafted security would be compromised? Or is something fundamentally wrong in my thinking (hopefully)? -- Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba ADS member server confusion.
Hi all, I've been reading docs and am a little confused. I'm in an organization that uses ADS and I am in a remote location. I want to configure a member samba server that can authenticate with ADS, also have local accounts and see shares all the way around. So I want to configure a Samba server that will allow students with accounts on ADS which is remote from our location (we are a satellite campus) to be able to login from Windows workstations in our lab and have access to their shares. I also want to be able to create local student accounts on the Samba server and authenticate locally with local shares. Accounts should be reachable from a Linux as well as Windows workstations. It would be nice to be able to see our Samba server from the remote network that has the ADS server on it and access the shares. From reading I'm thinking samba should be configured with LDAP, Kerberos and windbind but there is **so* much documentation on the net and it all talks about various different scenarios, it's very confusing. All I nee is a top level view and then I should be able to configure the stuff lower down, I hope:-) All help appreciated. -- George Farris [EMAIL PROTECTED] Malaspina University-College -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] compromising security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: All that should be done is to unplug the workstation from the network, then plug a laptop with a network sniffer into the workstation (connect the network cards), and watch the traffic... If the laptop acts with a name of a real server, and has encrypt passwords = no - would the workstation send the credentials in plaintext, and thus, all carefully crafted security would be compromised? Or is something fundamentally wrong in my thinking (hopefully)? Current Windows clients will not send the clear text of a password unless you have configured a registry setting to tell them it is OK. Around Windows NT 4.0 SP3, MS had the same thought you did. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCybDYIR7qMdg1EfYRAqUiAKCEEPHvblUsrsPzhxGsD4JIWg18zACfXb/Y fjH0EUoQA0lEipFVYo5AZgM= =/Ftr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba3+LDAP: Can't join domain.
When you type getent group do you see a list of groups from the ldap directory? Please post your /etc/ldap.conf file. davidszanto [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] El Lunes, 4 de Julio de 2005 18:33, escribió: Hi Fabio! Thanks for the quick response!! El Lunes, 4 de Julio de 2005 17:12, escribió: Hi! I manage a PDC with the same configuration. I suggest you to check SID in LDAP directory and smbldap configuration. net groupmap list shows errors? I've tried it again, just to make sure, and it doesn't show any errors... except that last time I so such a configuration samba groups maped correctly to their posix group name, and now I only get gidNumbers?? I've double checked my nsswitch.conf and libnss-ldap.conf files and I can't see what's wrong: -- begin # net groupmap list Gerencia (S-1-5-21-1243414039-471885888-144306045-21015) - 10007 Ventas y Comerciales (S-1-5-21-1243414039-471885888-144306045-21025) - 10012 Contabilidad (S-1-5-21-1243414039-471885888-144306045-5007) - 10005 Recambios (S-1-5-21-1243414039-471885888-144306045-21021) - 10010 Chapa y Pintura (S-1-5-21-1243414039-471885888-144306045-21009) - 10004 Administracion (S-1-5-21-2139989288-483860436-2398042574-21003) - 10001 Imperial de AutomBritFujiyama Motor (S-1-5-21-1243414039-471885888-144306045-21013) - 10006 Vook Rent a Car (S-1-5-21-1243414039-471885888-144306045-21027) - 10013 British Car (S-1-5-21-2139989288-483860436-2398042574-21007) - 10003 Talleres y Mecanicos (S-1-5-21-1243414039-471885888-144306045-21023) - 10011 Todos (S-1-5-21-2139989288-483860436-2398042574-21029) - 10014 London Taxi Company (S-1-5-21-1243414039-471885888-144306045-21019) - 10009 Informatica (S-1-5-21-2139989288-483860436-2398042574-21031) - 10015 Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) - 512 Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - 513 Domain Guests (S-1-5-21-2139989288-483860436-2398042574-514) - 514 Domain Computers (S-1-5-21-2139989288-483860436-2398042574-515) - 515 Administrators (S-1-5-32-544) - 544 Account Operators (S-1-5-32-548) - 548 Print Operators (S-1-5-32-550) - 550 Backup Operators (S-1-5-32-551) - 551 Replicators (S-1-5-32-552) - 552 -- end -- nsswitch.conf - passwd: files ldap group: files ldap shadow: files ldap ... -- end -- -- libnss-ldap.conf --- base dc=gicomm,dc=iberica,dc=esp uri ldap://127.0.0.1/ ldap_version 3 rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp scope sub -- end -- The SID I get from net getlocalsid is: SID for domain GICOMM is: S-1-5-21-2139989288-483860436-2398042574 And I've compared it to the entries in my LDAP directory and they seem correct. Examples: User XXX has : sambaPrimaryGroupSID: S-1-5-21-2139989288-483860436-2398042574-513 sambaSID: S-1-5-21-2139989288-483860436-2398042574-3204 Any ideas? THANX a LOT!!! David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Possible Samba Memory Leak
On Wed, Jun 29, 2005 at 08:19:18AM -0400, Anthony Russello wrote: Hi Jeremy, The same issue occurs when running samba 3.0.14a fresh from samba.org. As you're doing this on an embedded system as I recall you might want to cut down on the stat cache (which can grow unlimited on normal systems). To turn it off set : stat cache = False To limit the size set : max stat cache size = XX (where XX is in 1k units). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ongoing Samba Errors
Ilia Thanks for your message - interestingly - yours was the only response I got from this. I understand the logwatch part but I am still very concerned about the rest of the invalid key and couldn't find service errors. Rgds Nigel. On Sat, 2005-07-02 at 22:03, Ilia Chipitsine wrote: Greetings We just updated two RH9 servers to 3.0.14a-1 and are still seeing a lot of errors in the logs. They're not stopping us working but I would _really_ like to understand what is causing them. those entries are not known to LogWatch. nothing is wrong with samba. it just says something to logs, which is not known for LogWatch. truth to be told, samba logs are rarely useful, I'd more like the way, apache httpd and sendmail logs work. Just few looks and everything is clear. On the first server, in the logwatch, we get a whole swag of: samba: Unknown Entries: session opened for user janicer by (uid=0): 6 Time(s) session opened for user sonjap by (uid=0): 8 Time(s) session opened for user heatherf by (uid=0): 1 Time(s) session closed for user georgev: 122 Time(s) session closed for user heatherf: 1 Time(s) session opened for user karens by (uid=0): 3 Time(s) session closed for user margaretn: 1 Time(s) session opened for user johnw by (uid=0): 1 Time(s) session opened for user connieg by (uid=0): 3 Time(s) session closed for user janicer: 6 Time(s) session closed for user lindaa: 1 Time(s) session opened for user yanal by (uid=0): 2 Time(s) session opened for user wendym by (uid=0): 3 Time(s) I don't understand why these should be Unknown Entries and would really like to . Then I see a whole load of: mbd/dir.c:dptr_close(271) Invalid key 256 given to dptr_close : 33 Time(s) smbd/dir.c:dptr_close(271) Invalid key 257 given to dptr_close : 32 Time(s) smbd/dir.c:dptr_close(271) Invalid key 258 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 259 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 260 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 261 given to dptr_close : 25 Time(s) smbd/dir.c:dptr_close(271) Invalid key 262 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 263 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 264 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 265 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 266 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 267 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 268 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 269 given to dptr_close : 26 Time(s) smbd/dir.c:dptr_close(271) Invalid key 270 given to dptr_close : 26 Time(s) And I _mean_ a whole load of them - this is just a quick extract And then finally I see a swag of: smbd/service.c:make_connection(794) pc001 (192.168.0.201) couldn't find service : 2676 Time(s) smbd/service.c:make_connection(794) pc002 (192.168.0.202) couldn't find service : 11011 Time(s) smbd/service.c:make_connection(794) pc003 (192.168.0.203) couldn't find service : 1948 Time(s) smbd/service.c:make_connection(794) pc004 (192.168.0.204) couldn't find service : 1918 Time(s) smbd/service.c:make_connection(794) pc005 (192.168.0.205) couldn't find service : 2 Time(s) smbd/service.c:make_connection(794) pc007 (192.168.0.207) couldn't find service : 1 Time(s) smbd/service.c:make_connection(794) pc008 (192.168.0.208) couldn't find service : 2598 Time(s) smbd/service.c:make_connection(794) pc012 (192.168.0.212) couldn't find service : 9503 Time(s) smbd/service.c:make_connection(794) pc013 (192.168.0.213) couldn't find service : 1154 Time(s) smbd/service.c:make_connection(794) pc014 (192.168.0.214) couldn't find service : 1190 Time(s) smbd/service.c:make_connection(794) pc015 (192.168.0.215) couldn't find service : 1782 Time(s) Okay - I admit to total confusion. We run Samba in our own office (this is on a customers site btw) and I have never had problems like this before. Should I also post my smb.conf? Whilst I don't expect a miracle, can someone please (gently) point me in the right direction and suggest where I might start to look for the answers? TIA Nigel. -- Nigel Allen, Snr Consultant, ProSmart Consulting Australia 48 Tiarri Avenue, Terrey Hills, NSW 2084, Australia Tel: +61 2 9450 2690 Fax: +61 2 9450 2691 Mob: +61 4 1494 5269 http://www.prosmart.com.au -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Nigel Allen, Snr Consultant, ProSmart Consulting Australia 48 Tiarri Avenue,
[Samba] newbie - samba as PDC
Hi all, I am very new with samba, I am trying to configure my samba as PDC, my samba is running on FC2, I have configured my /etc/samba/smb.conf as below: now,I cannot login to my samba .. I am very sure that I already missed something.. please advise what's am I missing? many thanks in advance Regards Winanjaya [global] workgroup = edp netbios name = portal server string = Samba PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 os level = 64 preferred master = yes local master = yes domain master = yes security = user encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 max log size = 50 #hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0 192.168.1.0/255.255.255.0 logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no write list = tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba Compile Error on 3.0.7 and 3.0.8 Pre 1 on X64 Fedora
-Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Bent Vangli Sent: Monday, July 04, 2005 22:49 It may be a compilatotor/linker error when assembler code is created, but it may as well be some some 32/64 bit spesific code creating this odd stuff. The generated assemblercode is deleted before I could investigate it, and I haven't the knowledge of how to keep it. gcc -S source.c source.S Guus -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 01/07/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] changing the primary group of a user
Im having a strange problem... I have a few users created (few = 100) with gid = to uid. Like this: dlanger:x:1229:1229::/home/dlanger:/bin/false jbranca:x:1230:1230::/home/jbranca:/bin/false cdobenau:x:1231:1231::/home/cdobenau:/bin/false sbarabani:x:1232:1232::/home/sbarabani:/bin/false And i have a the new ones like this: nharrington:x:1233:100::/home/nharrington:/bin/false stbrusco:x:1234:100::/home/stbrusco:/bin/false syahia:x:1235:100::/home/syahia:/bin/false Now the thing is if i change the old and bad ones to the primary gid of 100 (users) this users can't login anymore! Even more! if i delete the users from samba, i can't create them again!! With the following error: smbpasswd -a ppacheco -D 100 Netbios name list:- my_netbios_names[0]=SERVER Trying to load: tdbsam Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match tdbsam (tdbsam) Found pdb backend tdbsam pdb backend tdbsam has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init New SMB password: Retype new SMB password: pdb_getsampwnam (TDB): error fetching database. Error: Record does not exist Key: USER_ppacheco Finding user ppacheco Trying _Get_Pwnam(), username as lowercase is ppacheco Get_Pwnam_internals did find user [ppacheco]! pdb_set_username: setting username ppacheco, was element 12 - now SET pdb_set_full_name: setting full name Pachekin, was element 13 - now SET pdb_set_unix_homedir: setting home dir /home/ppacheco, was NULL element 22 - now SET pdb_set_domain: setting domain CYF, was element 14 - now DEFAULT pdb_set_user_sid: setting user sid S-1-5-21-1644118684-451077198-3181867690-2264 element 18 - now SET pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1644118684-451077198-3181867690-2264 from rid 2264 tdb_pack(ddff, 1024) - 24 tdb_pack(ddff, 1024) - 15 tdb_pack(ddff, 1024) - 16 tdb_pack(ddff, 1024) - 21 tdb_pack(ddff, 1024) - 27 tdb_pack(ddff, 1024) - 26 tdb_pack(ddff, 1024) - 25 tdb_pack(ddff, 1024) - 26 tdb_pack(ddff, 1024) - 21 tdb_pack(ddff, 1024) - 23 tdb_pack(ddff, 1024) - 22 tdb_pack(ddff, 1024) - 23 tdb_unpack(ddff, 26) - 26 tdb_unpack(ddff, 21) - 21 tdb_unpack(ddff, 16) - 16 tdb_unpack(ddff, 21) - 21 tdb_unpack(ddff, 25) - 25 tdb_unpack(ddff, 24) - 24 tdb_unpack(ddff, 27) - 27 tdb_unpack(ddff, 23) - 23 tdb_unpack(ddff, 23) - 23 tdb_unpack(ddff, 26) - 26 tdb_unpack(ddff, 15) - 15 pdb_set_group_sid: setting group sid S-1-5-32-545 element 19 - now SET Home server: server pdb_set_profile_path: setting profile path \\server\profiles\ppacheco, was element 2 - now DEFAULT Home server: server pdb_set_homedir: setting home dir \\server\profiles\ppacheco, was element 1 - now DEFAULT pdb_set_dir_drive: setting dir drive c:, was NULL element 3 - now DEFAULT pdb_set_logon_script: setting logon script netlogon.ppacheco.bat, was element 4 - now DEFAULT element 20 - now DEFAULT pdb_init_sam_new: no RID specified. Generating one via old algorithm pdb_set_user_sid: setting user sid S-1-5-21-1644118684-451077198-3181867690-2264 element 18 - now SET pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1644118684-451077198-3181867690-2264 from rid 2264 element 20 - now CHANGED element 20 - now CHANGED element 33 - now CHANGED element 32 - now CHANGED element 11 - now CHANGED element 21 - now CHANGED grant_privilege: S-1-1-0 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-544 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-548 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-549 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-550 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-551 original privilege mask: SE_PRIV 0x8275580 0x8275d58 0x817f50d 0xd new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 account_policy_get: maximum password age:15552000 element 10 - now CHANGED account_policy_get: minimum password age:0 element 9 - now
[Samba] migrating from nt4 to samba3
Im starting to read about this becouse i have to migrate a PDC nt4 to samba3. Do anyone have done this before? I have 300 users + 300 machines NT4 like domain members. I have to migrate all the users, all the machine accounts and obviusly, the passwords. Any how to or docs to read? Experiencies? Tnxs in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] migrating from nt4 to samba3
On Monday 04 July 2005 22:05, Guido Lorenzutti wrote: Im starting to read about this becouse i have to migrate a PDC nt4 to samba3. Do anyone have done this before? I have 300 users + 300 machines NT4 like domain members. I have to migrate all the users, all the machine accounts and obviusly, the passwords. Any how to or docs to read? Experiencies? Tnxs in advance. I wrote chapter 9 of the book Samba3 by Example specifically for your situation. It was documented from a 4300 user migration I did. Your specially reserved copy of this wonderful book is waiting for you at: http://www.samba.org/samba/docs/Samba3-ByExample.pdf Please let me know if I have missed something, or if the documentations is not good enough. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] newbie - samba as PDC
Have you been able to add machine accounts (join the domain). It looks like you are missing that part, also missing is the path to the password file . - Original Message - From: Winanjaya - PBXSoftwares [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, July 04, 2005 8:10 PM Subject: [Samba] newbie - samba as PDC Hi all, I am very new with samba, I am trying to configure my samba as PDC, my samba is running on FC2, I have configured my /etc/samba/smb.conf as below: now,I cannot login to my samba .. I am very sure that I already missed something.. please advise what's am I missing? many thanks in advance Regards Winanjaya [global] workgroup = edp netbios name = portal server string = Samba PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 os level = 64 preferred master = yes local master = yes domain master = yes security = user encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 max log size = 50 #hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0 192.168.1.0/255.255.255.0 logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no write list = tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file permission / ACL problems with Office files
On Thu, Jun 30, 2005 at 06:47:33PM +0200, Eduard Panaset wrote: Hello, I`m experiencing major problems after having migrated from Novell to SLES 9. My server configuration: - SLES 9.0, running on an Intel XEON machine - Samba 3.0.14a, standard bin package with ACL support - XFS as filesystem, with ACL support - Users are members of max. 40 Groups My client configuration: - running Windows 98 up to Windows XP SP2, everything included - Office 97 up to 2003 The problem itself: Everything is working fine, except for one thing: After having copied all the files from Novell to SLES and setting all the permissions using a Windows XP client, everything is fine. But as soon as an Office user changes one of the files, the file permissions are changed, and the ACL flags are lost. It happens only if the users are creating new or saving previously created Office documents. And only with Office docs, meaning XLS and DOC and PPT and so on files. As soon as the user creates a file using notepad or something similar, the problem does not appear. If the user copies one of the files with wrong permissions, the permissions of the copied file are set right. So it is obviously a problem concerning Office and samba, but I don't have a clue where to start. I think this is something we've fixed for the 3.0.20 pre releases. I'd appreciate it if you could test this in your environment (although I appreciate that you probably won't want to put this into production). Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r8126 - in branches/SAMBA_4_0/source/lib/talloc: .
Author: tridge Date: 2005-07-04 07:10:21 + (Mon, 04 Jul 2005) New Revision: 8126 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8126 Log: - moved to 16 byte alignment for talloc. This is in response to a bug report from robert collins. - updated talloc guide to reflect the fact that over the last few months talloc overhead compared to malloc has dropped, probably due to a bunch of small changes. It now costs about 4% more than malloc on my box Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.c branches/SAMBA_4_0/source/lib/talloc/talloc_guide.txt Changeset: Sorry, the patch is too large (309 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8126
svn commit: samba r8127 - in branches/SAMBA_4_0/source/lib/talloc: .
Author: tridge
Date: 2005-07-04 07:26:27 + (Mon, 04 Jul 2005)
New Revision: 8127
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8127
Log:
fixed code in function error
Modified:
branches/SAMBA_4_0/source/lib/talloc/talloc.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.c
===
--- branches/SAMBA_4_0/source/lib/talloc/talloc.c 2005-07-04 07:10:21 UTC
(rev 8126)
+++ branches/SAMBA_4_0/source/lib/talloc/talloc.c 2005-07-04 07:26:27 UTC
(rev 8127)
@@ -111,8 +111,7 @@
static struct talloc_chunk *talloc_chunk_from_ptr(const void *ptr)
{
const char *pp = ptr;
- pp -= TC_HDR_SIZE;
- struct talloc_chunk *tc = discard_const_p(struct talloc_chunk, pp);
+ struct talloc_chunk *tc = discard_const_p(struct talloc_chunk, pp -
TC_HDR_SIZE);
if ((tc-flags ~0xF) != TALLOC_MAGIC) {
TALLOC_ABORT(Bad talloc magic value - unknown value);
}
svn commit: samba r8128 - in branches/SAMBA_4_0/source/include: .
Author: mimir Date: 2005-07-04 07:32:48 + (Mon, 04 Jul 2005) New Revision: 8128 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8128 Log: Janitor work... rafal Modified: branches/SAMBA_4_0/source/include/structs.h Changeset: Modified: branches/SAMBA_4_0/source/include/structs.h === --- branches/SAMBA_4_0/source/include/structs.h 2005-07-04 07:26:27 UTC (rev 8127) +++ branches/SAMBA_4_0/source/include/structs.h 2005-07-04 07:32:48 UTC (rev 8128) @@ -167,7 +167,6 @@ union libnet_JoinDomain; union libnet_ChangePassword; union libnet_SetPassword; -union libnet_find_pdc; union libnet_RemoteTOD; union libnet_JoinDomain; struct libnet_RpcConnect;
svn commit: samba r8129 - in trunk/source/smbd: .
Author: jra
Date: 2005-07-04 07:38:51 + (Mon, 04 Jul 2005)
New Revision: 8129
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8129
Log:
Pass both Samba4 DELETE test and Samba4 BASE-DELETE (fixed error code).
Jeremy.
Modified:
trunk/source/smbd/nttrans.c
Changeset:
Modified: trunk/source/smbd/nttrans.c
===
--- trunk/source/smbd/nttrans.c 2005-07-04 07:32:48 UTC (rev 8128)
+++ trunk/source/smbd/nttrans.c 2005-07-04 07:38:51 UTC (rev 8129)
@@ -677,7 +677,7 @@
NT_STATUS_EQUAL(status,NT_STATUS_CANNOT_DELETE))) {
restore_case_semantics(conn, file_attributes);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return ERROR_NT(NT_STATUS_ACCESS_DENIED);
}
}
svn commit: samba r8130 - in trunk/source: include smbd
Author: jra
Date: 2005-07-04 07:48:15 + (Mon, 04 Jul 2005)
New Revision: 8130
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8130
Log:
Add in the new lock codes discovered by tridge. We don't yet
cancel locks so just use ERRnoatomiclocks at the moment.
Jeremy
Modified:
trunk/source/include/doserr.h
trunk/source/smbd/reply.c
Changeset:
Modified: trunk/source/include/doserr.h
===
--- trunk/source/include/doserr.h 2005-07-04 07:38:51 UTC (rev 8129)
+++ trunk/source/include/doserr.h 2005-07-04 07:48:15 UTC (rev 8130)
@@ -63,6 +63,8 @@
#define ERRinvalidname 123 /* Invalid name */
#define ERRunknownlevel 124
#define ERRnotlocked 158 /* This region is not locked by this locking context.
*/
+#define ERRcancelviolation 173
+#define ERRnoatomiclocks 174
#define ERRrename 183
#define ERRbadpipe 230 /* Named pipe invalid */
#define ERRpipebusy 231 /* All instances of pipe are busy */
Modified: trunk/source/smbd/reply.c
===
--- trunk/source/smbd/reply.c 2005-07-04 07:38:51 UTC (rev 8129)
+++ trunk/source/smbd/reply.c 2005-07-04 07:48:15 UTC (rev 8130)
@@ -5071,7 +5071,7 @@
/* we don't support these - and CANCEL_LOCK makes w2k
and XP reboot so I don't really want to be
compatible! (tridge) */
- return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ return ERROR_DOS(ERRDOS, ERRnoatomiclocks);
}
if (locktype LOCKING_ANDX_CANCEL_LOCK) {
svn commit: samba r8132 - in trunk/source/locking: .
Author: vlendec Date: 2005-07-04 09:56:09 + (Mon, 04 Jul 2005) New Revision: 8132 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8132 Log: Fix to valgrind uninitialized write errors. Jeremy, I hope we can affort to zero out the data here. Volker Modified: trunk/source/locking/locking.c Changeset: Modified: trunk/source/locking/locking.c === --- trunk/source/locking/locking.c 2005-07-04 09:11:25 UTC (rev 8131) +++ trunk/source/locking/locking.c 2005-07-04 09:56:09 UTC (rev 8132) @@ -719,7 +719,7 @@ pstrcat(fname, fsp-fsp_name); size = sizeof(*data) + sizeof(share_mode_entry) + strlen(fname) + 1; - p = (char *)SMB_MALLOC(size); + p = SMB_CALLOC_ARRAY(char, size); if (!p) return False; data = (struct locking_data *)p; @@ -1202,7 +1202,7 @@ /* we'll need to create a new record */ size = sizeof(*data) + sizeof(deferred_open_entry) + strlen(fname) + 1; - p = (char *)SMB_MALLOC(size); + p = SMB_CALLOC_ARRAY(char, size); if (!p) return False; data = (struct deferred_open_data *)p;
svn commit: samba r8133 - branches/SAMBA_3_0/source/sam trunk/source/sam
Author: gd Date: 2005-07-04 09:56:27 + (Mon, 04 Jul 2005) New Revision: 8133 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8133 Log: Got approval from Luke Howard (PADL) to change the company copyright to to a personal one. Thanks Luke! Guenther Modified: branches/SAMBA_3_0/source/sam/idmap_ad.c trunk/source/sam/idmap_ad.c Changeset: Modified: branches/SAMBA_3_0/source/sam/idmap_ad.c === --- branches/SAMBA_3_0/source/sam/idmap_ad.c2005-07-04 09:56:09 UTC (rev 8132) +++ branches/SAMBA_3_0/source/sam/idmap_ad.c2005-07-04 09:56:27 UTC (rev 8133) @@ -1,13 +1,6 @@ /* * idmap_ad: map between Active Directory and RFC 2307 or Services for Unix (SFU) Accounts - * Copyright (C) 2001-2004 PADL Software Pty Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - */ -/* * Unix SMB/CIFS implementation. * * Winbind ADS backend functions @@ -15,6 +8,7 @@ * Copyright (C) Andrew Tridgell 2001 * Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2003 * Copyright (C) Gerald (Jerry) Carter 2004 + * Copyright (C) Luke Howard 2001-2004 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Modified: trunk/source/sam/idmap_ad.c === --- trunk/source/sam/idmap_ad.c 2005-07-04 09:56:09 UTC (rev 8132) +++ trunk/source/sam/idmap_ad.c 2005-07-04 09:56:27 UTC (rev 8133) @@ -1,13 +1,6 @@ /* * idmap_ad: map between Active Directory and RFC 2307 or Services for Unix (SFU) Accounts - * Copyright (C) 2001-2004 PADL Software Pty Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - */ -/* * Unix SMB/CIFS implementation. * * Winbind ADS backend functions @@ -15,6 +8,7 @@ * Copyright (C) Andrew Tridgell 2001 * Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2003 * Copyright (C) Gerald (Jerry) Carter 2004 + * Copyright (C) Luke Howard 2001-2004 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by
svn commit: samba r8134 - in branches/SAMBA_4_0/source/libcli/raw: .
Author: metze
Date: 2005-07-04 10:26:25 + (Mon, 04 Jul 2005)
New Revision: 8134
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8134
Log:
remove unused var
metze
Modified:
branches/SAMBA_4_0/source/libcli/raw/smb_signing.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/raw/smb_signing.c
===
--- branches/SAMBA_4_0/source/libcli/raw/smb_signing.c 2005-07-04 09:56:27 UTC
(rev 8133)
+++ branches/SAMBA_4_0/source/libcli/raw/smb_signing.c 2005-07-04 10:26:25 UTC
(rev 8134)
@@ -104,7 +104,6 @@
{
uint8_t calc_md5_mac[16];
struct MD5Context md5_ctx;
- uint8_t key_buf[16];
/*
* Firstly put the sequence number into the first 4 bytes.
svn commit: samba r8135 - in branches/SAMBA_4_0/source/heimdal_build: .
Author: metze Date: 2005-07-04 10:37:05 + (Mon, 04 Jul 2005) New Revision: 8135 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8135 Log: fix the linking on my SuSE 7.3 box metze Modified: branches/SAMBA_4_0/source/heimdal_build/config.mk Changeset: Modified: branches/SAMBA_4_0/source/heimdal_build/config.mk === --- branches/SAMBA_4_0/source/heimdal_build/config.mk 2005-07-04 10:26:25 UTC (rev 8134) +++ branches/SAMBA_4_0/source/heimdal_build/config.mk 2005-07-04 10:37:05 UTC (rev 8135) @@ -284,7 +284,8 @@ heimdal/lib/roken/vis.o \ heimdal/lib/roken/strlwr.o \ heimdal/lib/roken/strsep_copy.o \ - heimdal/lib/roken/strupr.o + heimdal/lib/roken/strupr.o \ + heimdal/lib/roken/getifaddrs.o NOPROTO = YES # End SUBSYSTEM HEIMDAL_ROKEN ###
svn commit: samba r8136 - in branches/SAMBA_4_0/source/libnet: .
Author: metze
Date: 2005-07-04 10:38:35 + (Mon, 04 Jul 2005)
New Revision: 8136
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8136
Log:
remove unused var
metze
Modified:
branches/SAMBA_4_0/source/libnet/libnet_rpc.c
Changeset:
Modified: branches/SAMBA_4_0/source/libnet/libnet_rpc.c
===
--- branches/SAMBA_4_0/source/libnet/libnet_rpc.c 2005-07-04 10:37:05 UTC
(rev 8135)
+++ branches/SAMBA_4_0/source/libnet/libnet_rpc.c 2005-07-04 10:38:35 UTC
(rev 8136)
@@ -112,8 +112,6 @@
NTSTATUS libnet_RpcConnect(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
struct libnet_RpcConnect *r)
{
- NTSTATUS status;
-
switch (r-level) {
case LIBNET_RPC_CONNECT_SERVER:
return libnet_RpcConnectSrv(ctx, mem_ctx, r);
svn commit: samba r8137 - in trunk/source/smbd: .
Author: vlendec
Date: 2005-07-04 11:38:43 + (Mon, 04 Jul 2005)
New Revision: 8137
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8137
Log:
Pure reformatting of smbd/open.c. Now open_mode_check almost fits into a
95-char xterm...
Volker
Modified:
trunk/source/smbd/open.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-07-04 10:38:35 UTC (rev 8136)
+++ trunk/source/smbd/open.c2005-07-04 11:38:43 UTC (rev 8137)
@@ -394,19 +394,26 @@
return False;
}
- DEBUG(10,(share_conflict: entry-access_mask = 0x%x,
entry-share_access = 0x%x, entry-create_options = 0x%x\n,
- (unsigned int)entry-access_mask, (unsigned
int)entry-share_access, (unsigned int)entry-create_options));
+ DEBUG(10,(share_conflict: entry-access_mask = 0x%x,
+ entry-share_access = 0x%x, entry-create_options = 0x%x\n,
+ (unsigned int)entry-access_mask,
+ (unsigned int)entry-share_access,
+ (unsigned int)entry-create_options));
- DEBUG(10,(share_conflict: access_mask = 0x%x, share_access = 0x%x,
create_options = 0x%x\n,
- (unsigned int)access_mask, (unsigned int)share_access,
(unsigned int)create_options));
+ DEBUG(10,(share_conflict: access_mask = 0x%x, share_access = 0x%x,
+ create_options = 0x%x\n,
+ (unsigned int)access_mask,
+ (unsigned int)share_access,
+ (unsigned int)create_options));
if ((entry-access_mask (FILE_WRITE_DATA|
FILE_APPEND_DATA|
FILE_READ_DATA|
FILE_EXECUTE|
DELETE_ACCESS)) == 0) {
- DEBUG(10,(share_conflict: No conflict due to
entry-access_mask = 0x%x\n,
- (unsigned int)entry-access_mask ));
+ DEBUG(10,(share_conflict: No conflict due to
+ entry-access_mask = 0x%x\n,
+ (unsigned int)entry-access_mask ));
return False;
}
@@ -415,17 +422,20 @@
FILE_READ_DATA|
FILE_EXECUTE|
DELETE_ACCESS)) == 0) {
- DEBUG(10,(share_conflict: No conflict due to access_mask =
0x%x\n,
- (unsigned int)access_mask ));
+ DEBUG(10,(share_conflict: No conflict due to
+ access_mask = 0x%x\n,
+ (unsigned int)access_mask ));
return False;
}
#if 1 /* JRA TEST - Superdebug. */
#define CHECK_MASK(num, am, right, sa, share) \
DEBUG(10,(share_conflict: [%d] am (0x%x) right (0x%x) = 0x%x\n, \
- (unsigned int)(num), (unsigned int)(am), (unsigned int)(right),
(unsigned int)(am)(right) )); \
+ (unsigned int)(num), (unsigned int)(am), \
+ (unsigned int)(right), (unsigned int)(am)(right) )); \
DEBUG(10,(share_conflict: [%d] sa (0x%x) share (0x%x) = 0x%x\n, \
- (unsigned int)(num), (unsigned int)(sa), (unsigned int)(share),
(unsigned int)(sa)(share) )); \
+ (unsigned int)(num), (unsigned int)(sa), \
+ (unsigned int)(share), (unsigned int)(sa)(share) )); \
if (((am) (right)) !((sa) (share))) { \
DEBUG(10,(share_conflict: check %d conflict am = 0x%x, right =
0x%x, \
sa = 0x%x, share = 0x%x\n, (num), (unsigned int)(am), (unsigned int)(right),
(unsigned int)(sa), \
@@ -462,10 +472,13 @@
/* if a delete is pending then a second open is not allowed */
if ((entry-create_options FILE_DELETE_ON_CLOSE) ||
(create_options FILE_DELETE_ON_CLOSE)) {
- DEBUG(10,(share_conflict: conflict due to delete on close
(entry options = 0x%x \
-create options = 0x%x\n, (unsigned int)entry-create_options, (unsigned
int)create_options ));
+ DEBUG(10,(share_conflict: conflict due to delete on close
+ (entry options = 0x%x create options = 0x%x\n,
+ (unsigned int)entry-create_options,
+ (unsigned int)create_options ));
/* Is this the right error ? */
- set_saved_error_triple(ERRDOS, ERRbadshare,
NT_STATUS_SHARING_VIOLATION);
+ set_saved_error_triple(ERRDOS, ERRbadshare,
+ NT_STATUS_SHARING_VIOLATION);
return True;
}
@@ -544,11 +557,12 @@
}
if (access_mask
- ((access_mask ~(SYNCHRONIZE_ACCESS|
FILE_READ_ATTRIBUTES|
- FILE_WRITE_ATTRIBUTES))==0)
- ((access_mask
svn commit: samba r8138 - in trunk/source/smbd: .
Author: vlendec Date: 2005-07-04 12:15:18 + (Mon, 04 Jul 2005) New Revision: 8138 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8138 Log: Don't panic Just reformatting! I just could not stand these long lines... :-) Volker Modified: trunk/source/smbd/open.c Changeset: Sorry, the patch is too large (1055 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8138
svn commit: samba r8139 - in trunk/source/smbd: .
Author: vlendec
Date: 2005-07-04 12:40:28 + (Mon, 04 Jul 2005)
New Revision: 8139
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8139
Log:
Introduce BOOL file_existed to open_file()
Modified:
trunk/source/smbd/open.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-07-04 12:15:18 UTC (rev 8138)
+++ trunk/source/smbd/open.c2005-07-04 12:40:28 UTC (rev 8139)
@@ -204,6 +204,7 @@
{
int accmode = (flags O_ACCMODE);
int local_flags = flags;
+ BOOL file_existed = VALID_STAT(*psbuf);
fsp-fh-fd = -1;
fsp-oplock_type = NO_OPLOCK;
@@ -273,14 +274,13 @@
* open flags. JRA.
*/
- if (VALID_STAT(*psbuf) S_ISFIFO(psbuf-st_mode)) {
+ if (file_existed S_ISFIFO(psbuf-st_mode)) {
local_flags |= O_NONBLOCK;
}
#endif
/* Don't create files with Microsoft wildcard characters. */
- if ((local_flags O_CREAT)
- !VALID_STAT(*psbuf)
+ if ((local_flags O_CREAT) !file_existed
ms_has_wild(fname)) {
set_saved_error_triple(ERRDOS, ERRinvalidname,
NT_STATUS_OBJECT_NAME_INVALID);
@@ -298,7 +298,7 @@
}
/* Inherit the ACL if the file was created. */
- if ((local_flags O_CREAT) !VALID_STAT(*psbuf)) {
+ if ((local_flags O_CREAT) !file_existed) {
inherit_access_acl(conn, fname, unx_mode);
}
@@ -306,7 +306,7 @@
fsp-fh-fd = -1; /* What we used to call a stat open. */
}
- if (!VALID_STAT(*psbuf)) {
+ if (!file_existed) {
int ret;
if (fsp-fh-fd == -1) {
svn commit: samba r8140 - in branches/SAMBA_3_0/examples/scripts/python: .
Author: jerry Date: 2005-07-04 12:43:05 + (Mon, 04 Jul 2005) New Revision: 8140 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8140 Log: adding missing module Added: branches/SAMBA_3_0/examples/scripts/python/SambaParm.py Changeset: Added: branches/SAMBA_3_0/examples/scripts/python/SambaParm.py === --- branches/SAMBA_3_0/examples/scripts/python/SambaParm.py 2005-07-04 12:40:28 UTC (rev 8139) +++ branches/SAMBA_3_0/examples/scripts/python/SambaParm.py 2005-07-04 12:43:05 UTC (rev 8140) @@ -0,0 +1,84 @@ +## +## +## smb.conf parameter classes +## +## Copyright (C) Gerald Carter 2004. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +## +## + +import string + +# +## Base class for Samba smb.conf parameters +class SambaParm : + def __init__( self ) : + pass + + def StringValue( self ) : + return self.value + +# +## Boolean smb,conf parm +class SambaParmBool( SambaParm ): + def __init__( self, value ) : + x = string.upper(value) + self.valid = True + + if x==YES or x==TRUE or x==1: + self.value = True + elif x==NO or x==FALSE or x==0: + self.value = False + else: + self.valid = False + return self + + def SetValue( self, value ) : + x = string.upper(value) + self.valid = True + + if x==YES or x==TRUE or x==1: + self.value = True + elif x==NO or x==FALSE or x==0: + self.value = False + else: + self.valid = False + return + + def StringValue( self ) : + if self.value : + return yes + else: + return no + +# +## Boolean smb,conf parm (inverts) +class SambaParmBoolRev( SambaParmBool ) : + def __init__( self, value ): + SambaParmBool.__init__( self, value ) + if self.valid : + self.value = not self.value + + +# +## string smb.conf parms +class SambaParmString( SambaParm ): + def __init__( self, value ): + self.value = value + self.valid = True + + +
svn commit: lorikeet r365 - in trunk/sangria/src: .
Author: jerry Date: 2005-07-04 12:43:30 + (Mon, 04 Jul 2005) New Revision: 365 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=365 Log: add missing module Added: trunk/sangria/src/SambaParm.py Changeset: Added: trunk/sangria/src/SambaParm.py === --- trunk/sangria/src/SambaParm.py 2005-06-30 13:21:29 UTC (rev 364) +++ trunk/sangria/src/SambaParm.py 2005-07-04 12:43:30 UTC (rev 365) @@ -0,0 +1,84 @@ +## +## +## smb.conf parameter classes +## +## Copyright (C) Gerald Carter 2004. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +## +## + +import string + +# +## Base class for Samba smb.conf parameters +class SambaParm : + def __init__( self ) : + pass + + def StringValue( self ) : + return self.value + +# +## Boolean smb,conf parm +class SambaParmBool( SambaParm ): + def __init__( self, value ) : + x = string.upper(value) + self.valid = True + + if x==YES or x==TRUE or x==1: + self.value = True + elif x==NO or x==FALSE or x==0: + self.value = False + else: + self.valid = False + return self + + def SetValue( self, value ) : + x = string.upper(value) + self.valid = True + + if x==YES or x==TRUE or x==1: + self.value = True + elif x==NO or x==FALSE or x==0: + self.value = False + else: + self.valid = False + return + + def StringValue( self ) : + if self.value : + return yes + else: + return no + +# +## Boolean smb,conf parm (inverts) +class SambaParmBoolRev( SambaParmBool ) : + def __init__( self, value ): + SambaParmBool.__init__( self, value ) + if self.valid : + self.value = not self.value + + +# +## string smb.conf parms +class SambaParmString( SambaParm ): + def __init__( self, value ): + self.value = value + self.valid = True + + +
svn commit: samba r8141 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jerry
Date: 2005-07-04 13:19:05 + (Mon, 04 Jul 2005)
New Revision: 8141
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8141
Log:
Update volker's valgrind fix in r8097. Same effect, just helps me
to remember what is going on here better.
Modified:
branches/SAMBA_3_0/source/lib/privileges.c
trunk/source/lib/privileges.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/privileges.c
===
--- branches/SAMBA_3_0/source/lib/privileges.c 2005-07-04 12:43:05 UTC (rev
8140)
+++ branches/SAMBA_3_0/source/lib/privileges.c 2005-07-04 13:19:05 UTC (rev
8141)
@@ -539,6 +539,9 @@
{
SE_PRIV old_mask, new_mask;
+ ZERO_STRUCT( old_mask );
+ ZERO_STRUCT( new_mask );
+
if ( get_privileges( sid, old_mask ) )
se_priv_copy( new_mask, old_mask );
else
Modified: trunk/source/lib/privileges.c
===
--- trunk/source/lib/privileges.c 2005-07-04 12:43:05 UTC (rev 8140)
+++ trunk/source/lib/privileges.c 2005-07-04 13:19:05 UTC (rev 8141)
@@ -539,12 +539,13 @@
{
SE_PRIV old_mask, new_mask;
+ ZERO_STRUCT( old_mask );
+ ZERO_STRUCT( new_mask );
+
if ( get_privileges( sid, old_mask ) )
se_priv_copy( new_mask, old_mask );
- else {
- se_priv_copy( old_mask, se_priv_none );
+ else
se_priv_copy( new_mask, se_priv_none );
- }
se_priv_add( new_mask, priv_mask );
svn commit: samba r8142 - in trunk/source/smbd: .
Author: vlendec
Date: 2005-07-04 13:20:37 + (Mon, 04 Jul 2005)
New Revision: 8142
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8142
Log:
Get rid of an indentation level... This for loop just consists of a single if
statement. Negate the if condition and continue.
Volker
Modified:
trunk/source/smbd/open.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-07-04 13:19:05 UTC (rev 8141)
+++ trunk/source/smbd/open.c2005-07-04 13:20:37 UTC (rev 8142)
@@ -712,47 +712,48 @@
for(i = 0; i num_share_modes; i++) {
share_mode_entry *share_entry = old_shares[i];
- if (share_modes_identical(broken_entry-entry,
- share_entry)
- EXCLUSIVE_OPLOCK_TYPE(share_entry-op_type)
) {
+ if
(!(share_modes_identical(broken_entry-entry,
+ share_entry)
+
EXCLUSIVE_OPLOCK_TYPE(share_entry-op_type))) {
+ continue;
+ }
- /*
-* This should not happen. The target
left this oplock
-* as exlusive The process *must*
be dead
-*/
+ /*
+* This should not happen. The target left this
oplock
+* as exlusive The process *must* be
dead
+*/
- DEBUG(0,(open_mode_check: exlusive
oplock left by
-process %d after break ! For
file %s,
-dev = %x, inode = %.0f.
Deleting it to
-continue...\n,
- (int)broken_entry-entry.pid,
fname,
-(unsigned int)dev,
(double)inode));
+ DEBUG(0,(open_mode_check: exlusive oplock left
by
+process %d after break ! For file %s,
+dev = %x, inode = %.0f. Deleting it
to
+continue...\n,
+(int)broken_entry-entry.pid, fname,
+(unsigned int)dev, (double)inode));
- if
(process_exists(broken_entry-entry.pid)) {
- DEBUG(0,(open_mode_check:
Existent process
-%lu left active
oplock.\n,
-(unsigned
long)broken_entry-entry.pid ));
- }
+ if (process_exists(broken_entry-entry.pid)) {
+ DEBUG(0,(open_mode_check: Existent
process
+%lu left active oplock.\n,
+(unsigned
long)broken_entry-entry.pid ));
+ }
- if (del_share_entry(dev, inode,
broken_entry-entry,
- NULL) == -1) {
-
free_broken_entry_list(broken_entry_list);
- errno = EACCES;
- set_saved_error_triple(ERRDOS,
ERRbadshare,
-
NT_STATUS_SHARING_VIOLATION);
- return -1;
- }
+ if (del_share_entry(dev, inode,
broken_entry-entry,
+ NULL) == -1) {
+
free_broken_entry_list(broken_entry_list);
+ errno = EACCES;
+ set_saved_error_triple(ERRDOS,
ERRbadshare,
+
NT_STATUS_SHARING_VIOLATION);
+ return -1;
+ }
-
svn commit: samba r8143 - branches/SAMBA_3_0/examples/scripts/python trunk/examples/scripts/python
Author: gd
Date: 2005-07-04 13:36:41 + (Mon, 04 Jul 2005)
New Revision: 8143
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8143
Log:
Fix generate_parm_table.py:
* Correctly substitute \ as default winbind separator.
* Use default testparm-location.
Guenther
Modified:
branches/SAMBA_3_0/examples/scripts/python/generate_parm_table.py
trunk/examples/scripts/python/generate_parm_table.py
Changeset:
Modified: branches/SAMBA_3_0/examples/scripts/python/generate_parm_table.py
===
--- branches/SAMBA_3_0/examples/scripts/python/generate_parm_table.py
2005-07-04 13:20:37 UTC (rev 8142)
+++ branches/SAMBA_3_0/examples/scripts/python/generate_parm_table.py
2005-07-04 13:36:41 UTC (rev 8143)
@@ -57,7 +57,7 @@
FOOTER = # end of smbparm.y ##
#
-TESTPARM = /opt/src/samba-cvs/samba-3.0/source/bin/testparm
+TESTPARM = /usr/bin/testparm
## fields in Samba's parameter table
displayName = 0
@@ -89,7 +89,7 @@
## First thing is to build the dictionary of parmeter names ##
## based on the output from testparm ##
-cmd = /opt/samba/bin/testparm -s -v /dev/null
+cmd = /usr/bin/testparm -s -v /dev/null
( status, testparm_output ) = commands.getstatusoutput( cmd )
if status:
sys.stderr.write( Failed to execute testparm!\n%s\n % testparm_output
)
@@ -111,7 +111,8 @@
parts[0] = string.strip( parts[0] )
parts[1] = string.strip( parts[1] )
key = string.upper( string.join(string.split(parts[0]), ) )
- def_values[key] = parts[1]
+ new = parts[1].replace('\\', '')
+ def_values[key] = new
## open loadparm.c and get the entire list of parameters ##
## including synonums##
@@ -153,6 +154,7 @@
key = string.upper( string.join(string.split(name), ) )
var_name = string.strip( parm[variable] )
+
## try to catch synonyms -- if the parameter was not reported ##
## by testparm, then save it and come back after we will out ##
## the variable list ##
Modified: trunk/examples/scripts/python/generate_parm_table.py
===
--- trunk/examples/scripts/python/generate_parm_table.py2005-07-04
13:20:37 UTC (rev 8142)
+++ trunk/examples/scripts/python/generate_parm_table.py2005-07-04
13:36:41 UTC (rev 8143)
@@ -57,7 +57,7 @@
FOOTER = # end of smbparm.y ##
#
-TESTPARM = /opt/src/samba-cvs/samba-3.0/source/bin/testparm
+TESTPARM = /usr/bin/testparm
## fields in Samba's parameter table
displayName = 0
@@ -89,7 +89,7 @@
## First thing is to build the dictionary of parmeter names ##
## based on the output from testparm ##
-cmd = /opt/samba/bin/testparm -s -v /dev/null
+cmd = /usr/bin/testparm -s -v /dev/null
( status, testparm_output ) = commands.getstatusoutput( cmd )
if status:
sys.stderr.write( Failed to execute testparm!\n%s\n % testparm_output
)
@@ -111,7 +111,8 @@
parts[0] = string.strip( parts[0] )
parts[1] = string.strip( parts[1] )
key = string.upper( string.join(string.split(parts[0]), ) )
- def_values[key] = parts[1]
+ new = parts[1].replace('\\', '')
+ def_values[key] = new
## open loadparm.c and get the entire list of parameters ##
## including synonums##
@@ -153,6 +154,7 @@
key = string.upper( string.join(string.split(name), ) )
var_name = string.strip( parm[variable] )
+
## try to catch synonyms -- if the parameter was not reported ##
## by testparm, then save it and come back after we will out ##
## the variable list ##
svn commit: samba r8144 - branches/SAMBA_3_0/source/param trunk/source/param
Author: gd Date: 2005-07-04 13:51:17 + (Mon, 04 Jul 2005) New Revision: 8144 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8144 Log: remove unused parameter leftover. Guenther Modified: branches/SAMBA_3_0/source/param/loadparm.c trunk/source/param/loadparm.c Changeset: Modified: branches/SAMBA_3_0/source/param/loadparm.c === --- branches/SAMBA_3_0/source/param/loadparm.c 2005-07-04 13:36:41 UTC (rev 8143) +++ branches/SAMBA_3_0/source/param/loadparm.c 2005-07-04 13:51:17 UTC (rev 8144) @@ -177,7 +177,6 @@ BOOL bWinbindUseDefaultDomain; BOOL bWinbindTrustedDomainsOnly; BOOL bWinbindNestedGroups; - char *szWinbindBackend; char **szIdmapBackend; char *szAddShareCommand; char *szChangeShareCommand; Modified: trunk/source/param/loadparm.c === --- trunk/source/param/loadparm.c 2005-07-04 13:36:41 UTC (rev 8143) +++ trunk/source/param/loadparm.c 2005-07-04 13:51:17 UTC (rev 8144) @@ -178,7 +178,6 @@ BOOL bWinbindUseDefaultDomain; BOOL bWinbindTrustedDomainsOnly; BOOL bWinbindNestedGroups; - char *szWinbindBackend; char **szIdmapBackend; char **szPrinterDBBackend; char *szAddShareCommand;
svn commit: samba r8145 - branches/SAMBA_3_0/source/nsswitch branches/SAMBA_3_0/source/param branches/SAMBA_3_0/source/sam trunk/source/nsswitch trunk/source/param trunk/source/sam
Author: gd
Date: 2005-07-04 13:57:54 + (Mon, 04 Jul 2005)
New Revision: 8145
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8145
Log:
When inventing a new parameter for SFU-support, be aware of Volker's
upcoming changes for unixinfo-pipe.
Therefor (after speaking with Volker) replace winbind sfu support with
the list-parameter winbind nss info which defaults to template. For
SFU-support set it to winbind nss info = template sfu.
Note that nss_info_use() is just a dummy function at the moment.
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
branches/SAMBA_3_0/source/nsswitch/winbindd_user.c
branches/SAMBA_3_0/source/param/loadparm.c
branches/SAMBA_3_0/source/sam/idmap_ad.c
trunk/source/nsswitch/winbindd_ads.c
trunk/source/nsswitch/winbindd_user.c
trunk/source/param/loadparm.c
trunk/source/sam/idmap_ad.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c 2005-07-04 13:51:17 UTC
(rev 8144)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c 2005-07-04 13:57:54 UTC
(rev 8145)
@@ -95,7 +95,7 @@
return NULL;
}
- if (lp_winbind_sfu_support() (!ads_check_sfu_mapping(ads))) {
+ if (use_nss_info(sfu) (!ads_check_sfu_mapping(ads))) {
DEBUG(0,(ads_cached_connection: failed to check sfu
attributes\n));
return NULL;
}
@@ -163,7 +163,9 @@
i = 0;
for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads,
msg)) {
- char *name, *gecos, *homedir, *shell;
+ char *name, *gecos;
+ char *homedir = NULL;
+ char *shell = NULL;
uint32 group;
uint32 atype;
@@ -175,9 +177,11 @@
name = ads_pull_username(ads, mem_ctx, msg);
gecos = ads_pull_string(ads, mem_ctx, msg, name);
- homedir = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_homedir_attr);
- shell = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_shell_attr);
-
+ if (use_nss_info(sfu)) {
+ homedir = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_homedir_attr);
+ shell = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_shell_attr);
+ }
+
if (!ads_pull_sid(ads, msg, objectSid,
(*info)[i].user_sid)) {
DEBUG(1,(No sid for %s !?\n, name));
@@ -418,9 +422,12 @@
info-acct_name = ads_pull_username(ads, mem_ctx, msg);
info-full_name = ads_pull_string(ads, mem_ctx, msg, name);
- info-homedir = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_homedir_attr);
- info-shell = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_shell_attr);
+ if (use_nss_info(sfu)) {
+ info-homedir = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_homedir_attr);
+ info-shell = ads_pull_string(ads, mem_ctx, msg,
ads-schema.sfu_shell_attr);
+ }
+
if (!ads_pull_uint32(ads, msg, primaryGroupID, group_rid)) {
DEBUG(1,(No primary group for %s !?\n,
sid_string_static(sid)));
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_user.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_user.c 2005-07-04 13:51:17 UTC
(rev 8144)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_user.c 2005-07-04 13:57:54 UTC
(rev 8145)
@@ -43,7 +43,7 @@
if (out == NULL)
return False;
- if (in !strequal(in,) lp_security() == SEC_ADS
lp_winbind_sfu_support()) {
+ if (in !strequal(in,) lp_security() == SEC_ADS
use_nss_info(sfu)) {
safe_strcpy(out, in, sizeof(fstring) - 1);
return True;
}
Modified: branches/SAMBA_3_0/source/param/loadparm.c
===
--- branches/SAMBA_3_0/source/param/loadparm.c 2005-07-04 13:51:17 UTC (rev
8144)
+++ branches/SAMBA_3_0/source/param/loadparm.c 2005-07-04 13:57:54 UTC (rev
8145)
@@ -225,7 +225,7 @@
int oplock_break_wait_time;
int winbind_cache_time;
int winbind_max_idle_children;
- BOOL bWinbindSFUSupport;
+ char **szWinbindNssInfo;
int iLockSpinCount;
int iLockSpinTime;
char *szLdapMachineSuffix;
@@ -1237,7 +1237,7 @@
{winbind trusted domains only, P_BOOL, P_GLOBAL,
Globals.bWinbindTrustedDomainsOnly, NULL, NULL, FLAG_ADVANCED},
{winbind nested groups, P_BOOL, P_GLOBAL,
Globals.bWinbindNestedGroups, NULL, NULL, FLAG_ADVANCED},
{winbind max idle children, P_INTEGER, P_GLOBAL,
Globals.winbind_max_idle_children, NULL, NULL,
svn commit: lorikeet r366 - in trunk/sangria/src: .
Author: jerry
Date: 2005-07-04 14:59:48 + (Mon, 04 Jul 2005)
New Revision: 366
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=366
Log:
merge gd's fixes from SAMBA_3_0
Modified:
trunk/sangria/src/generate_parm_table.py
Changeset:
Modified: trunk/sangria/src/generate_parm_table.py
===
--- trunk/sangria/src/generate_parm_table.py2005-07-04 12:43:30 UTC (rev
365)
+++ trunk/sangria/src/generate_parm_table.py2005-07-04 14:59:48 UTC (rev
366)
@@ -57,7 +57,7 @@
FOOTER = # end of smbparm.y ##
#
-TESTPARM = /opt/src/samba-cvs/samba-3.0/source/bin/testparm
+TESTPARM = /usr/bin/testparm
## fields in Samba's parameter table
displayName = 0
@@ -89,7 +89,7 @@
## First thing is to build the dictionary of parmeter names ##
## based on the output from testparm ##
-cmd = /opt/samba/bin/testparm -s -v /dev/null
+cmd = /usr/bin/testparm -s -v /dev/null
( status, testparm_output ) = commands.getstatusoutput( cmd )
if status:
sys.stderr.write( Failed to execute testparm!\n%s\n % testparm_output
)
@@ -111,7 +111,8 @@
parts[0] = string.strip( parts[0] )
parts[1] = string.strip( parts[1] )
key = string.upper( string.join(string.split(parts[0]), ) )
- def_values[key] = parts[1]
+ new = parts[1].replace('\\', '')
+ def_values[key] = new
## open loadparm.c and get the entire list of parameters ##
## including synonums##
@@ -153,6 +154,7 @@
key = string.upper( string.join(string.split(name), ) )
var_name = string.strip( parm[variable] )
+
## try to catch synonyms -- if the parameter was not reported ##
## by testparm, then save it and come back after we will out ##
## the variable list ##
svn commit: samba r8146 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: metze
Date: 2005-07-04 15:06:05 + (Mon, 04 Jul 2005)
New Revision: 8146
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8146
Log:
fix compiler warning
metze
Modified:
branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c
===
--- branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-07-04 13:57:54 UTC
(rev 8145)
+++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_dn.c 2005-07-04 15:06:05 UTC
(rev 8146)
@@ -361,22 +361,20 @@
char *ldb_dn_linearize(void *mem_ctx, const struct ldb_dn *edn)
{
char *dn, *value;
- const char *format = %s=%s;
int i;
dn = talloc_strdup(mem_ctx, );
LDB_DN_NULL_FAILED(dn);
for (i = 0; i edn-comp_num; i++) {
-
- if (i != 0) {
- format = ,%s=%s;
- }
-
value = ldb_dn_escape_value(dn, edn-components[i].value);
LDB_DN_NULL_FAILED(value);
- dn = talloc_asprintf_append(dn, format,
edn-components[i].name, value);
+ if (i == 0) {
+ dn = talloc_asprintf_append(dn, %s=%s,
edn-components[i].name, value);
+ } else {
+ dn = talloc_asprintf_append(dn, ,%s=%s,
edn-components[i].name, value);
+ }
LDB_DN_NULL_FAILED(dn);
talloc_free(value);
svn commit: samba r8147 - in trunk/source/smbd: .
Author: vlendec
Date: 2005-07-04 15:28:58 + (Mon, 04 Jul 2005)
New Revision: 8147
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8147
Log:
H. This is probably freak out time for Jeremy, but this is what version
control is for :-)
A micro-refactoring trying to understand open.c. Stared at this *really* long
and I think I got it right, at least it should do the same as before.
Volker
Modified:
trunk/source/smbd/open.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-07-04 15:06:05 UTC (rev 8146)
+++ trunk/source/smbd/open.c2005-07-04 15:28:58 UTC (rev 8147)
@@ -552,6 +552,25 @@
}
}
+static BOOL cause_oplock_break(int request, int existing, uint32 access_mask)
+{
+ if ((access_mask == DELETE_ACCESS)
+ (request == NO_OPLOCK)) {
+ /* This is a delete request */
+ return (BATCH_OPLOCK_TYPE(existing) != 0);
+ }
+
+ if (EXCLUSIVE_OPLOCK_TYPE(existing) (request != NO_OPLOCK)) {
+ return True;
+ }
+
+ if ((existing != NO_OPLOCK) (request == NO_OPLOCK)) {
+ return True;
+ }
+
+ return False;
+}
+
/
Deal with open deny mode and oplock break processing.
Invarient: Share mode must be locked on entry and exit.
@@ -605,7 +624,6 @@
*p_all_current_opens_are_level_II = True;
for(i = 0; i num_share_modes; i++) {
- BOOL cause_oplock_break = False;
share_mode_entry *share_entry = old_shares[i];
#if defined(DEVELOPER)
@@ -620,20 +638,10 @@
* Check if someone has an oplock on this file. If so
* we must break it before continuing.
*/
-
- /* Was this a delete this file request ? */
- if (!*p_oplock_request access_mask == DELETE_ACCESS
- !BATCH_OPLOCK_TYPE(share_entry-op_type)) {
- /* Don't break the oplock in this case. */
- cause_oplock_break = False;
- } else if((*p_oplock_request
- EXCLUSIVE_OPLOCK_TYPE(share_entry-op_type))
||
- (!*p_oplock_request
- (share_entry-op_type != NO_OPLOCK))) {
- cause_oplock_break = True;
- }
- if(cause_oplock_break) {
+ if (cause_oplock_break(*p_oplock_request,
+ share_entry-op_type,
+ access_mask)) {
BOOL opb_ret;
DEBUG(5,(open_mode_check: oplock_request =
svn commit: samba r8148 - in branches/SAMBA_4_0/source: auth/kerberos include librpc librpc/idl librpc/ndr torture/auth
Author: metze Date: 2005-07-04 15:42:08 + (Mon, 04 Jul 2005) New Revision: 8148 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8148 Log: - make the PAC generation code a bit more readable and add some outof memory checks - move to handmodified pull/push code for PAC_BUFFER to get the _ndr_size field and the subcontext size right - after looking closely to the sample w2k3 PAC in our torture test (and some more in my archive) I found out that the first uint32 before the netr_SamInfo3 was also a pointer, (and we passed a NULL pointer there before, so I think that was the reason why the windows clients doesn't want our PAC) w2k3 uses this for unique pointers: ptr = ndr-ptr_count * 4; ptr |= 0x0002; ndr-ptr_count; - do one more pull/push round with the sample PAC metze Added: branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/librpc/config.mk branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl branches/SAMBA_4_0/source/librpc/ndr/libndr.h branches/SAMBA_4_0/source/torture/auth/pac.c Changeset: Sorry, the patch is too large (536 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8148
svn commit: samba r8149 - in trunk/source/smbd: .
Author: vlendec
Date: 2005-07-04 15:48:55 + (Mon, 04 Jul 2005)
New Revision: 8149
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8149
Log:
More micro-refactoring.
Volker
Modified:
trunk/source/smbd/open.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-07-04 15:42:08 UTC (rev 8148)
+++ trunk/source/smbd/open.c2005-07-04 15:48:55 UTC (rev 8149)
@@ -625,6 +625,7 @@
for(i = 0; i num_share_modes; i++) {
share_mode_entry *share_entry = old_shares[i];
+ BOOL opb_ret;
#if defined(DEVELOPER)
validate_my_share_entries(i, share_entry);
@@ -639,56 +640,58 @@
* we must break it before continuing.
*/
- if (cause_oplock_break(*p_oplock_request,
- share_entry-op_type,
- access_mask)) {
- BOOL opb_ret;
+ if (!cause_oplock_break(*p_oplock_request,
+ share_entry-op_type,
+ access_mask)) {
+ if
(!LEVEL_II_OPLOCK_TYPE(share_entry-op_type)) {
+ *p_all_current_opens_are_level_II =
False;
+ }
+ continue;
+ }
- DEBUG(5,(open_mode_check: oplock_request =
-%d, breaking oplock (%x) on file
-%s, dev = %x, inode = %.0f\n,
-*p_oplock_request,
-share_entry-op_type, fname,
-(unsigned int)dev, (double)inode));
+ /* This is an oplock break */
+
+ DEBUG(5,(open_mode_check: oplock_request = %d,
+breaking oplock (%x) on file %s,
+dev = %x, inode = %.0f\n,
+*p_oplock_request, share_entry-op_type,
+fname, (unsigned int)dev, (double)inode));
- /* Ensure the reply for the open uses the
-* correct sequence number. */
- /* This isn't a real deferred packet as it's
-* response will also increment the sequence.
-*/
- srv_defer_sign_response(get_current_mid());
+ /* Ensure the reply for the open uses the correct
+* sequence number. */
+ /* This isn't a real deferred packet as it's response
+* will also increment the sequence.
+*/
+ srv_defer_sign_response(get_current_mid());
- /* Oplock break - unlock to request it. */
- unlock_share_entry(conn, dev, inode);
+ /* Oplock break - unlock to request it. */
+ unlock_share_entry(conn, dev, inode);
- opb_ret = request_oplock_break(share_entry);
+ opb_ret = request_oplock_break(share_entry);
- /* Now relock. */
- lock_share_entry(conn, dev, inode);
+ /* Now relock. */
+ lock_share_entry(conn, dev, inode);
- if(opb_ret == False) {
- DEBUG(0,(open_mode_check: FAILED when
breaking
-oplock (%x) on file %s, dev =
%x,
-inode = %.0f\n,
-old_shares[i].op_type, fname,
-(unsigned int)dev,
(double)inode));
- SAFE_FREE(old_shares);
- set_saved_error_triple(ERRDOS,
ERRbadshare,
-
NT_STATUS_SHARING_VIOLATION);
- return -1;
- }
+ if (!opb_ret) {
+ DEBUG(0,(open_mode_check: FAILED when breaking
+oplock (%x) on file %s, dev = %x,
+
svn commit: samba r8150 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze
Date: 2005-07-04 16:16:22 + (Mon, 04 Jul 2005)
New Revision: 8150
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8150
Log:
these should be static
metze
Modified:
branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c
===
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c 2005-07-04 15:48:55 UTC
(rev 8149)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_krb5pac.c 2005-07-04 16:16:22 UTC
(rev 8150)
@@ -24,7 +24,7 @@
#include includes.h
#include librpc/gen_ndr/ndr_krb5pac.h
-size_t _ndr_size_PAC_INFO(const union PAC_INFO *r, uint32_t level, int flags)
+static size_t _ndr_size_PAC_INFO(const union PAC_INFO *r, uint32_t level, int
flags)
{
size_t s = ndr_size_PAC_INFO(r, level, flags);
switch (level) {
@@ -35,7 +35,7 @@
}
}
-size_t _subcontext_size_PAC_INFO(const union PAC_INFO *r, uint32_t level, int
flags)
+static size_t _subcontext_size_PAC_INFO(const union PAC_INFO *r, uint32_t
level, int flags)
{
size_t s = ndr_size_PAC_INFO(r, level, flags);
return NDR_ROUND(s,8);
svn commit: samba r8151 - branches/SAMBA_3_0/source trunk/source
Author: lmuelle Date: 2005-07-04 16:39:11 + (Mon, 04 Jul 2005) New Revision: 8151 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8151 Log: Add support to create position independent executable (PIE) code if the compiler supports it. We have to compile with -fPIE and not -fpie. Else ppc and s390(x) will fail (to small GOT). It's possible to disable configure's PIE detection with --disable-pie Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in trunk/source/Makefile.in trunk/source/configure.in Changeset: Sorry, the patch is too large (744 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8151
svn commit: samba r8152 - in branches/SAMBA_3_0/source: include registry
Author: jerry
Date: 2005-07-04 16:52:29 + (Mon, 04 Jul 2005)
New Revision: 8152
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8152
Log:
* remove commented out structure
* use SAMBA_PRINTER_PORT_NAME in registry values for builtin printer
port
Modified:
branches/SAMBA_3_0/source/include/nt_printing.h
branches/SAMBA_3_0/source/registry/reg_db.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/nt_printing.h
===
--- branches/SAMBA_3_0/source/include/nt_printing.h 2005-07-04 16:39:11 UTC
(rev 8151)
+++ branches/SAMBA_3_0/source/include/nt_printing.h 2005-07-04 16:52:29 UTC
(rev 8152)
@@ -344,21 +344,6 @@
uint32 bottom;
} nt_forms_struct;
-/*
-typedef struct _form
-{
- uint32 flags;
- uint32 name_ptr;
- uint32 size_x;
- uint32 size_y;
- uint32 left;
- uint32 top;
- uint32 right;
- uint32 bottom;
- UNISTR2 name;
-} FORM;
-*/
-
#ifndef SAMBA_PRINTER_PORT_NAME
#define SAMBA_PRINTER_PORT_NAME Samba Printer Port
#endif
Modified: branches/SAMBA_3_0/source/registry/reg_db.c
===
--- branches/SAMBA_3_0/source/registry/reg_db.c 2005-07-04 16:39:11 UTC (rev
8151)
+++ branches/SAMBA_3_0/source/registry/reg_db.c 2005-07-04 16:52:29 UTC (rev
8152)
@@ -67,9 +67,9 @@
{ HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion,
SystemRoot, REG_SZ, { c:\\Windows } },
{ HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Ports,
- Samba Printer Port, REG_SZ, { } },
+ SAMBA_PRINTER_PORT_NAME, REG_SZ, { } },
{ HKLM\\SOFTWARE\\Microsoft\\Windows
NT\\CurrentVersion\\Print\\Printers,
- DefaultSpoolDirectory, REG_SZ, {
c:\\windows\\system32\\spool\\printers } },
+ DefaultSpoolDirectory, REG_SZ, {
C:\\Windows\\System32\\Spool\\Printers } },
{ NULL, NULL, 0, { NULL } }
};
svn commit: samba r8153 - in branches/SAMBA_3_0/examples/scripts/python: .
Author: jerry Date: 2005-07-04 16:53:28 + (Mon, 04 Jul 2005) New Revision: 8153 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8153 Log: add *.pyc to ignore list Modified: branches/SAMBA_3_0/examples/scripts/python/ Changeset: Property changes on: branches/SAMBA_3_0/examples/scripts/python ___ Name: svn:ignore + *.pyc
svn commit: samba r8154 - in branches/SAMBA_4_0/source/torture/auth: .
Author: metze
Date: 2005-07-04 17:04:36 + (Mon, 04 Jul 2005)
New Revision: 8154
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8154
Log:
- fix some mem_leals
- check if the buffer length of the original and created buffer are equal
metze
Modified:
branches/SAMBA_4_0/source/torture/auth/pac.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/auth/pac.c
===
--- branches/SAMBA_4_0/source/torture/auth/pac.c2005-07-04 16:53:28 UTC
(rev 8153)
+++ branches/SAMBA_4_0/source/torture/auth/pac.c2005-07-04 17:04:36 UTC
(rev 8154)
@@ -251,6 +251,7 @@
(ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,(can't parse the PAC\n));
+ talloc_free(mem_ctx);
return False;
}
@@ -258,11 +259,24 @@
(ndr_push_flags_fn_t)ndr_push_PAC_DATA);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, (PAC push failed: %s\n, nt_errstr(nt_status)));
+ talloc_free(mem_ctx);
return False;
}
/* dump_data(0,validate_blob.data,validate_blob.length); */
+ /* all we can check is the length of the buffers,
+* to check that the alignment and padding is ok,
+* we can't compare the bytes, because we use a different algorithm
+* to create the pointer values
+*/
+ if (tmp_blob.length != validate_blob.length) {
+ DEBUG(0, (PAC push failed orignial buffer length[%u] !=
created buffer length[%u]\n,
+ tmp_blob.length, validate_blob.length));
+ talloc_free(mem_ctx);
+ return False;
+ }
+
talloc_free(mem_ctx);
return True;
}
svn commit: samba-docs r738 - in trunk/Samba3-ByExample: .
Author: jht
Date: 2005-07-04 17:31:44 + (Mon, 04 Jul 2005)
New Revision: 738
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=738
Log:
Fix typo.
Modified:
trunk/Samba3-ByExample/SBE-SecureOfficeServer.xml
Changeset:
Modified: trunk/Samba3-ByExample/SBE-SecureOfficeServer.xml
===
--- trunk/Samba3-ByExample/SBE-SecureOfficeServer.xml 2005-07-02 16:02:22 UTC
(rev 737)
+++ trunk/Samba3-ByExample/SBE-SecureOfficeServer.xml 2005-07-04 17:31:44 UTC
(rev 738)
@@ -1310,7 +1310,7 @@
acl seconddns {
123.45.54.32;
-}
+};
/screen
/example
svn commit: samba-docs r739 - in trunk/Samba3-ByExample: .
Author: jht
Date: 2005-07-04 17:33:33 + (Mon, 04 Jul 2005)
New Revision: 739
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=739
Log:
Fix typo.
Modified:
trunk/Samba3-ByExample/SBE-500UserNetwork.xml
Changeset:
Modified: trunk/Samba3-ByExample/SBE-500UserNetwork.xml
===
--- trunk/Samba3-ByExample/SBE-500UserNetwork.xml 2005-07-04 17:31:44 UTC
(rev 738)
+++ trunk/Samba3-ByExample/SBE-500UserNetwork.xml 2005-07-04 17:33:33 UTC
(rev 739)
@@ -1259,7 +1259,7 @@
acl seconddns {
123.45.54.32;
-}
+};
/screen
/example
svn commit: samba-docs r740 - in trunk/Samba3-ByExample: .
Author: jht
Date: 2005-07-04 17:34:15 + (Mon, 04 Jul 2005)
New Revision: 740
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=740
Log:
Fix typo.
Modified:
trunk/Samba3-ByExample/SBE-500UserNetwork.xml
Changeset:
Modified: trunk/Samba3-ByExample/SBE-500UserNetwork.xml
===
--- trunk/Samba3-ByExample/SBE-500UserNetwork.xml 2005-07-04 17:33:33 UTC
(rev 739)
+++ trunk/Samba3-ByExample/SBE-500UserNetwork.xml 2005-07-04 17:34:15 UTC
(rev 740)
@@ -1442,7 +1442,7 @@
acl seconddns {
123.45.54.32;
-}
+};
/screen
/example
svn commit: samba-docs r741 - in trunk/Samba3-ByExample: .
Author: jht Date: 2005-07-04 18:04:04 + (Mon, 04 Jul 2005) New Revision: 741 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=741 Log: Fix line lengths. Modified: trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml Changeset: Modified: trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml === --- trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 17:34:15 UTC (rev 740) +++ trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 18:04:04 UTC (rev 741) @@ -1086,9 +1086,9 @@ para itemizedlist - listitemparaAll user accounts are stored under the DIT: ou=Users,dc=abmas,dc=biz/para/listitem - listitemparaAll user login accounts are under the DIT: ou=People,ou-Users,dc=abmas,dc=biz/para/listitem - listitemparaAll computer accounts are under the DIT: ou=Computers,ou=Users,dc=abmas,dc=biz/para/listitem + listitemparaUser accounts are stored under the DIT: ou=Users,dc=abmas,dc=biz/para/listitem + listitemparaUser login accounts are under the DIT: ou=People,ou-Users,dc=abmas,dc=biz/para/listitem + listitemparaComputer accounts are under the DIT: ou=Computers,ou=Users,dc=abmas,dc=biz/para/listitem /itemizedlist /para @@ -2111,23 +2111,24 @@ screen rootprompt; /opt/IDEALX/sbin/configure.pl merlin:/opt/IDEALX/sbin # ./configure.pl --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= smbldap-tools script configuration -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Before starting, check . if your samba controller is up and running. - . if the domain SID is defined (you can get it with the 'net getlocalsid') + . if the domain SID is defined (you can get it with the +'net getlocalsid') . you can leave the configuration using the Crtl-c key combination . empty value can be set with the . character --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Looking for configuration files... Samba Config File Location [/etc/samba/smb.conf] smbldap-tools configuration file Location (global parameters) - [/etc/opt/IDEALX/smbldap-tools/smbldap.conf] +[/etc/opt/IDEALX/smbldap-tools/smbldap.conf] smbldap Config file Location (bind parameters) -[/etc/opt/IDEALX/smbldap-tools/smbldap_bind.conf] + [/etc/opt/IDEALX/smbldap-tools/smbldap_bind.conf] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Let's start configuring the smbldap-tools scripts ... @@ -2136,19 +2137,21 @@ . netbios name: netbios name of the samba controler netbios name [MASSIVE] . logon drive: local path to which the home directory - will be connected (for NT Workstations). Ex: 'H:' +will be connected (for NT Workstations). Ex: 'H:' logon drive [H:] -. logon home: home directory location (for Win95/98 or NT Workstation). +. logon home: home directory location (for Win95/98 or NT Workstation) (use %U as username) Ex:'\\MASSIVE\%U' - logon home (press the . character if you don't want homeDirectory) - [\\MASSIVE\%U] + logon home (press the . character if you don't want homeDirectory) + [\\MASSIVE\%U] . logon path: directory where roaming profiles are stored. - Ex:'\\MASSIVE\profiles\%U' - logon path (press the . character if you don't want roaming profile) - [\\%L\profiles\%U] -. home directory prefix (use %U as username) [/home/%U] /data/users/%U +Ex:'\\MASSIVE\profiles\%U' + logon path (press the . character + if you don't want roaming profile) [\\%L\profiles\%U] +. home directory prefix (use %U as username) + [/home/%U] /data/users/%U . default users' homeDirectory mode [700] -. default user netlogon script (use %U as username) [scripts\logon.bat] +. default user netlogon script (use %U as username) + [scripts\logon.bat] default password validation time (time in days) [45] 900 . ldap suffix [dc=abmas,dc=biz] . ldap group suffix [ou=Groups] @@ -2158,23 +2161,24 @@ . sambaUnixIdPooldn: object where you want to store the next uidNumber and gidNumber available for new users and groups
svn commit: samba-docs r742 - in trunk/Samba3-ByExample: .
Author: jht Date: 2005-07-04 18:16:56 + (Mon, 04 Jul 2005) New Revision: 742 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=742 Log: Fix line lengths. Modified: trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml Changeset: Modified: trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml === --- trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 18:04:04 UTC (rev 741) +++ trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 18:16:56 UTC (rev 742) @@ -3099,10 +3099,13 @@ bldg1$:1006:bldg1$ rootprompt; net groupmap list -Domain Admins (S-1-5-21-3504140859-...-2431957765-512) - Domain Admins +Domain Admins (S-1-5-21-3504140859-...-2431957765-512) - +Domain Admins Domain Users (S-1-5-21-3504140859-...-2431957765-513) - Domain Users -Domain Guests (S-1-5-21-3504140859-...-2431957765-514) - Domain Guests -Administrators (S-1-5-21-3504140859-...-2431957765-544) - Administrators +Domain Guests (S-1-5-21-3504140859-...-2431957765-514) - +Domain Guests +Administrators (S-1-5-21-3504140859-...-2431957765-544) - + Administrators ... Accounts (S-1-5-21-3504140859-1010554828-2431957765-3001) - Accounts Finances (S-1-5-21-3504140859-1010554828-2431957765-3003) - Finances
svn commit: samba r8155 - branches/SAMBA_3_0/source/sam trunk/source/sam
Author: gd
Date: 2005-07-04 19:16:34 + (Mon, 04 Jul 2005)
New Revision: 8155
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8155
Log:
ops, add missing function.
Guenther
Modified:
branches/SAMBA_3_0/source/sam/idmap_util.c
trunk/source/sam/idmap_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/sam/idmap_util.c
===
--- branches/SAMBA_3_0/source/sam/idmap_util.c 2005-07-04 17:04:36 UTC (rev
8154)
+++ branches/SAMBA_3_0/source/sam/idmap_util.c 2005-07-04 19:16:34 UTC (rev
8155)
@@ -184,3 +184,17 @@
return ret;
}
+
+/* placeholder for checking lp_winbind_nss_info() */
+BOOL use_nss_info(const char *info)
+{
+ int i;
+ const char **list = lp_winbind_nss_info();
+
+ for (i=0; list[i]; i++) {
+ if (strequal(list[i], info))
+ return True;
+ }
+
+ return False;
+}
Modified: trunk/source/sam/idmap_util.c
===
--- trunk/source/sam/idmap_util.c 2005-07-04 17:04:36 UTC (rev 8154)
+++ trunk/source/sam/idmap_util.c 2005-07-04 19:16:34 UTC (rev 8155)
@@ -184,3 +184,17 @@
return ret;
}
+
+/* placeholder for checking lp_winbind_nss_info() */
+BOOL use_nss_info(const char *info)
+{
+ int i;
+ const char **list = lp_winbind_nss_info();
+
+ for (i=0; list[i]; i++) {
+ if (strequal(list[i], info))
+ return True;
+ }
+
+ return False;
+}
svn commit: samba-docs r743 - in trunk/Samba3-ByExample: .
Author: jht Date: 2005-07-04 19:20:02 + (Mon, 04 Jul 2005) New Revision: 743 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=743 Log: Fix line lengths and other formatting issues. Modified: trunk/Samba3-ByExample/SBE-2000UserNetwork.xml trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml Changeset: Modified: trunk/Samba3-ByExample/SBE-2000UserNetwork.xml === --- trunk/Samba3-ByExample/SBE-2000UserNetwork.xml 2005-07-04 18:16:56 UTC (rev 742) +++ trunk/Samba3-ByExample/SBE-2000UserNetwork.xml 2005-07-04 19:20:02 UTC (rev 743) @@ -628,16 +628,6 @@ inconsistent directory information can be exceedingly difficult. /para - figure id=chap7net - titleNetwork Topology smbmdash; 2000 User Complex Design A/title - imagefile scale=70chap7-net-Ar/imagefile - /figure - - figure id=chap7net2 - titleNetwork Topology smbmdash; 2000 User Complex Design B/title - imagefile scale=70chap7-net2-Br/imagefile - /figure - /sect3 /sect2 @@ -1308,6 +1298,16 @@ /sect2 + figure id=chap7net + titleNetwork Topology smbmdash; 2000 User Complex Design A/title + imagefile scale=80chap7-net-Ar/imagefile + /figure + + figure id=chap7net2 + titleNetwork Topology smbmdash; 2000 User Complex Design B/title + imagefile scale=80chap7-net2-Br/imagefile + /figure + /sect1 sect1 Modified: trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml === --- trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 18:16:56 UTC (rev 742) +++ trunk/Samba3-ByExample/SBE-MakingHappyUsers.xml 2005-07-04 19:20:02 UTC (rev 743) @@ -1086,9 +1086,9 @@ para itemizedlist - listitemparaUser accounts are stored under the DIT: ou=Users,dc=abmas,dc=biz/para/listitem - listitemparaUser login accounts are under the DIT: ou=People,ou-Users,dc=abmas,dc=biz/para/listitem - listitemparaComputer accounts are under the DIT: ou=Computers,ou=Users,dc=abmas,dc=biz/para/listitem + listitemparaUser accounts are stored under the DIT: ou=Users, dc=abmas, dc=biz/para/listitem + listitemparaUser login accounts are under the DIT: ou=People, ou-Users, dc=abmas, dc=biz/para/listitem + listitemparaComputer accounts are under the DIT: ou=Computers, ou=Users, dc=abmas, dc=biz/para/listitem /itemizedlist /para @@ -2110,7 +2110,6 @@ The interactive use of this script for the PDC is demonstrated here: screen rootprompt; /opt/IDEALX/sbin/configure.pl -merlin:/opt/IDEALX/sbin # ./configure.pl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= smbldap-tools script configuration -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Modified: trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml === --- trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml 2005-07-04 18:16:56 UTC (rev 742) +++ trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml 2005-07-04 19:20:02 UTC (rev 743) @@ -484,7 +484,8 @@ write by * read -## This is used to quickly deactivate any LDAP object only Admins have access. +## This is used to quickly deactivate any LDAP object only +## Admins have access. access to dn.sub=ou=inactive,dc=abmas,dc=biz by * none @@ -1664,8 +1665,8 @@ steppara In the next dialog, copy it directly to the profiles share on the - Samba server (\\PDCname\profiles\user\lt;architecturegt; in my - case). You will have had to make a connection to the share as that + Samba server (in my case \\PDCname\profiles\user\lt;architecturegt;. + You will have had to make a connection to the share as that user (e.g., Windows Explorer type \\PDCname\profiles\username). /para/step
svn commit: samba-docs r744 - in trunk/xslt/latex: .
Author: jelmer
Date: 2005-07-04 19:21:14 + (Mon, 04 Jul 2005)
New Revision: 744
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=744
Log:
Get rid of crop marks.
Modified:
trunk/xslt/latex/sambadoc.cls
Changeset:
Modified: trunk/xslt/latex/sambadoc.cls
===
--- trunk/xslt/latex/sambadoc.cls 2005-07-04 19:20:02 UTC (rev 743)
+++ trunk/xslt/latex/sambadoc.cls 2005-07-04 19:21:14 UTC (rev 744)
@@ -50,7 +50,7 @@
textwidth=5in,
headsep=.25in,
footskip=.025in}
- \usepackage[letter,cam,cross,center]{crop}
+ %\usepackage[letter,cam,cross,center]{crop}
\fi
%== Define special fonts
svn commit: samba-docs r745 - in trunk/xslt/latex: .
Author: jelmer
Date: 2005-07-04 19:25:07 + (Mon, 04 Jul 2005)
New Revision: 745
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=745
Log:
Add openright
Modified:
trunk/xslt/latex/sambadoc.cls
Changeset:
Modified: trunk/xslt/latex/sambadoc.cls
===
--- trunk/xslt/latex/sambadoc.cls 2005-07-04 19:21:14 UTC (rev 744)
+++ trunk/xslt/latex/sambadoc.cls 2005-07-04 19:25:07 UTC (rev 745)
@@ -38,6 +38,7 @@
\RequirePackage{geometry}
\geometry{
twoside,
+ openright,
papersize={7in,9.25in},
lmargin=.75in,
rmargin=.75in,
svn commit: samba-docs r746 - in trunk/Samba3-ByExample: .
Author: jht
Date: 2005-07-04 19:30:40 + (Mon, 04 Jul 2005)
New Revision: 746
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=746
Log:
Fixing smbldap-tools info.
Modified:
trunk/Samba3-ByExample/SBE-MigrateNT4Samba3.xml
Changeset:
Modified: trunk/Samba3-ByExample/SBE-MigrateNT4Samba3.xml
===
--- trunk/Samba3-ByExample/SBE-MigrateNT4Samba3.xml 2005-07-04 19:25:07 UTC
(rev 745)
+++ trunk/Samba3-ByExample/SBE-MigrateNT4Samba3.xml 2005-07-04 19:30:40 UTC
(rev 746)
@@ -688,17 +688,18 @@
Note: Use the domain SID obtained from the step above. The
following is
an example configuration session:
screen
-merlin:/opt/IDEALX/sbin # ./configure.pl
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+rootprompt; ./configure.pl
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
smbldap-tools script configuration
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Before starting, check
. if your samba controller is up and running.
- . if the domain SID is defined (you can get it with the 'net getlocalsid')
+ . if the domain SID is defined
+ (you can get it with the 'net getlocalsid')
. you can leave the configuration using the Crtl-c key combination
. empty value can be set with the . character
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Looking for configuration files...
Samba Config File Location [/etc/samba/smb.conf] gt;
@@ -716,15 +717,16 @@
. logon drive: local path to which the home directory
will be connected (for NT Workstations). Ex: 'H:'
logon drive [X:] gt; H:
-. logon home: home directory location (for Win95/98 or NT Workstation).
+. logon home: home directory location (for Win95/98 or NT Workstation)
(use %U as username) Ex:'\\MERLIN\home\%U'
logon home (leave blank if you don't want homeDirectory)
- [\\MERLIN\home\%U] gt; \\%L\%U
+ [\\MERLIN\home\%U] gt; \\%L\%U
. logon path: directory where roaming profiles are stored.
Ex:'\\MERLIN\profiles\%U'
logon path (leave blank if you don't want roaming profile)
-[\\MERLIN\profiles\%U] gt; \\%L\profiles\%U
-. home directory prefix (use %U as username) [/home/%U] /home/users/%U
+ [\\MERLIN\profiles\%U] gt; \\%L\profiles\%U
+. home directory prefix (use %U as username) [/home/%U]
+/home/users/%U
. default user netlogon script (use %U as username)
[%U.cmd] gt; scripts\logon.cmd
default password validation time (time in days) [45] 180
@@ -736,9 +738,9 @@
. sambaUnixIdPooldn: object where you want to store the next uidNumber
and gidNumber available for new users and groups
sambaUnixIdPooldn object (relative to ${suffix})
- [cn=NextFreeUnixId] gt; sambaDomainName=DAMNATION
+ [sambaDomainName=DAMNATION]
. ldap master server:
- IP address or DNS name of the master (writable) ldap server
+ IP address or DNS name of the master (writable) ldap server
ldap master server [] gt; 127.0.0.1
. ldap master port [389] gt;
. ldap master bind dn [cn=Manager,dc=terpstra-world,dc=org] gt;
@@ -751,15 +753,16 @@
. ldap slave bind password [] gt;
. ldap tls support (1/0) [0] gt;
. SID for domain DAMNATION: SID of the domain
- (can be obtained with 'net getlocalsid MERLIN')
+ (can be obtained with 'net getlocalsid MERLIN')
SID for domain DAMNATION []
gt; S-1-5-21-1385457007-882775198-1210191635
. unix password encryption: encryption used for unix passwords
- unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) [SSHA] gt; MD5
+unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) [SSHA] gt; MD5
. default user gidNumber [513] gt;
. default computer gidNumber [515] gt;
. default login shell [/bin/bash] gt;
-. default domain name to append to mail address [] gt; terpstra-world.org
+. default domain name to append to mail address [] gt;
+terpstra-world.org
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
backup old configuration files:
/etc/smbldap-tools/smbldap.conf-gt;
@@ -771,11 +774,17 @@
/etc/smbldap-tools/smbldap_bind.conf done.
/screen
indextermprimarysambaDomainName/primary/indexterm
+ indextermprimaryNextFreeUnixId/primary/indexterm
+ indextermprimaryupdating smbldap-tools/primary/indexterm
+ indextermprimarysmbldap-tools updating/primary/indexterm
Note that
svn commit: samba-docs r747 - in trunk/Samba3-ByExample: .
Author: jht
Date: 2005-07-04 19:37:04 + (Mon, 04 Jul 2005)
New Revision: 747
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=747
Log:
More fixes.
Modified:
trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml
Changeset:
Modified: trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml
===
--- trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml 2005-07-04 19:30:40 UTC
(rev 746)
+++ trunk/Samba3-ByExample/SBE-MigrateNW4Samba3.xml 2005-07-04 19:37:04 UTC
(rev 747)
@@ -989,21 +989,21 @@
#
# located in /etc/smbldap-tools/smbldap.conf
#
-##
+##
#
# General Configuration
#
-##
+##
# Put your own SID
# to obtain this number do: net getlocalsid
SID=S-1-5-21-725326080-1709766072-2910717368
-##
+##
#
# LDAP Configuration
#
-##
+##
# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
@@ -1063,12 +1063,13 @@
# Ex groupsdn=ou=Groups,dc=IDEALX,dc=ORG
groupsdn=ou=Groups,${suffix}
-# Where are stored Idmap entries (used if samba is a domain member server)
+# Where are stored Idmap entries
+# (used if samba is a domain member server)
# Ex groupsdn=ou=Idmap,dc=IDEALX,dc=ORG
idmapdn=ou=Idmap,${suffix}
# Where to store next uidNumber and gidNumber available
-sambaUnixIdPooldn=sambaDomainName=MEGANET2,dc=abmas,dc=biz
+sambaUnixIdPooldn=sambaDomainName=MEGANET2,${suffix}
# Default scope Used
scope=sub
@@ -1086,11 +1087,11 @@
# passwords if you use $1$%.8s. This parameter is optional!
crypt_salt_format=%s
-##
+##
#
# Unix Accounts Configuration
#
-##
+##
# Login defs
# Default Login Shell
@@ -1113,9 +1114,10 @@
# Skel dir
skeletonDir=/etc/skel
-# Default password validation time (time in days) Comment the next line if
-# you don't want password to be enable for defaultMaxPasswordAge days (be
-# careful to the sambaPwdMustChange attribute's value)
+# Default password validation time (time in days) Comment the next
+# line if you don't want password to be enable for
+# defaultMaxPasswordAge days (be careful to the sambaPwdMustChange
+# attribute's value)
defaultMaxPasswordAge=45
/screen
/example
@@ -1123,22 +1125,22 @@
example id=ch8ideal4
titleIdealx smbldap-tools Control File smbmdash; Part D/title
screen
-##
+##
#
# SAMBA Configuration
#
-##
+##
# The UNC path to home drives location (%U username substitution)
# Ex: \\My-PDC-netbios-name\homes\%U
-# Just set it to a null string if you want to use the smb.conf 'logon home'
-# directive and/or disable roaming profiles
+# Just set it to a null string if you want to use the smb.conf
+# 'logon home' directive and/or disable roaming profiles
userSmbHome=
# The UNC path to profiles locations (%U username substitution)
# Ex: \\My-PDC-netbios-name\profiles\%U
-# Just set it to a null string if you want to use the smb.conf 'logon path'
-# directive and/or disable roaming profiles
+# Just set it to a null string if you want to use the smb.conf
+# 'logon path' directive and/or disable roaming profiles
userProfile=
# The default Home Drive Letter mapping
@@ -1157,12 +1159,13 @@
# when smbldap-useradd -M is used
mailDomain=abmas.org
-##
+##
#
# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
-##
-# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
+##
+# Allows not to use smbpasswd
+# (if with_smbpasswd == 0 in smbldap_conf.pm) but
# prefer Crypt::SmbHash library
with_smbpasswd=0
svn commit: samba-docs r748 - in trunk: . Samba3-HOWTO smbdotconf/base smbdotconf/browse smbdotconf/domain smbdotconf/filename smbdotconf/ldap smbdotconf/locking smbdotconf/security xslt xslt/latex
Author: jelmer Date: 2005-07-04 21:36:46 + (Mon, 04 Jul 2005) New Revision: 748 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=748 Log: Some random updates. Modified: trunk/Makefile trunk/Samba3-HOWTO/index.xml trunk/Samba3-HOWTO/manpages.xml trunk/configure.in trunk/smbdotconf/base/bindinterfacesonly.xml trunk/smbdotconf/base/comment.xml trunk/smbdotconf/base/displaycharset.xml trunk/smbdotconf/base/path.xml trunk/smbdotconf/base/workgroup.xml trunk/smbdotconf/browse/domainmaster.xml trunk/smbdotconf/browse/lmannounce.xml trunk/smbdotconf/browse/lminterval.xml trunk/smbdotconf/browse/oslevel.xml trunk/smbdotconf/browse/preferredmaster.xml trunk/smbdotconf/domain/machinepasswordtimeout.xml trunk/smbdotconf/filename/casesensitive.xml trunk/smbdotconf/filename/defaultcase.xml trunk/smbdotconf/filename/deletevetofiles.xml trunk/smbdotconf/filename/mangledmap.xml trunk/smbdotconf/filename/manglednames.xml trunk/smbdotconf/filename/maparchive.xml trunk/smbdotconf/filename/maphidden.xml trunk/smbdotconf/filename/mapsystem.xml trunk/smbdotconf/filename/preservecase.xml trunk/smbdotconf/filename/shortpreservecase.xml trunk/smbdotconf/filename/storedosattributes.xml trunk/smbdotconf/filename/vetofiles.xml trunk/smbdotconf/filename/vetooplockfiles.xml trunk/smbdotconf/ldap/ldapadmindn.xml trunk/smbdotconf/ldap/ldapgroupsuffix.xml trunk/smbdotconf/ldap/ldapidmapsuffix.xml trunk/smbdotconf/ldap/ldappasswdsync.xml trunk/smbdotconf/ldap/ldapport.xml trunk/smbdotconf/ldap/ldapssl.xml trunk/smbdotconf/ldap/ldapsuffix.xml trunk/smbdotconf/ldap/ldapusersuffix.xml trunk/smbdotconf/locking/cscpolicy.xml trunk/smbdotconf/security/writelist.xml trunk/xslt/latex.xsl trunk/xslt/latex/sambadoc.cls Changeset: Sorry, the patch is too large (824 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=748
svn commit: samba-docs r749 - in trunk: Samba3-HOWTO xslt
Author: jelmer Date: 2005-07-04 22:04:07 + (Mon, 04 Jul 2005) New Revision: 749 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=749 Log: Don't show obvious sections from manpages. Modified: trunk/Samba3-HOWTO/manpages.xml trunk/xslt/latex.xsl Changeset: Modified: trunk/Samba3-HOWTO/manpages.xml === --- trunk/Samba3-HOWTO/manpages.xml 2005-07-04 21:36:46 UTC (rev 748) +++ trunk/Samba3-HOWTO/manpages.xml 2005-07-04 22:04:07 UTC (rev 749) @@ -1,6 +1,6 @@ ?xml version=1.0 encoding=iso-8859-1? !DOCTYPE reference PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; -appendix id=manuals xmlns:xi=http://www.w3.org/2003/XInclude; +reference xmlns:xi=http://www.w3.org/2003/XInclude; titleManual pages/title paraThis appendix contains most of the manual pages from the official Samba distribution. All manual pages have been written by members of @@ -27,4 +27,4 @@ xi:include href=../manpages-3/wbinfo.1.xml/ xi:include href=../manpages-3/winbindd.8.xml/ -/appendix +/reference Modified: trunk/xslt/latex.xsl === --- trunk/xslt/latex.xsl2005-07-04 21:36:46 UTC (rev 748) +++ trunk/xslt/latex.xsl2005-07-04 22:04:07 UTC (rev 749) @@ -219,4 +219,7 @@ xsl:apply-templates select=description/ /xsl:template +xsl:template match=refsect1[title='VERSION']/ +xsl:template match=refsect1[title='AUTHOR']/ + /xsl:stylesheet
svn commit: lorikeet r367 - in trunk/heimdal/kadmin: .
Author: abartlet
Date: 2005-07-04 23:14:49 + (Mon, 04 Jul 2005)
New Revision: 367
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=367
Log:
The entry is disabled all the time, but fixed passwords give me the willies.
Just use a random one, just for the heck of it.
Andrew Bartlett
Modified:
trunk/heimdal/kadmin/init.c
Changeset:
Modified: trunk/heimdal/kadmin/init.c
===
--- trunk/heimdal/kadmin/init.c 2005-07-04 14:59:48 UTC (rev 366)
+++ trunk/heimdal/kadmin/init.c 2005-07-04 23:14:49 UTC (rev 367)
@@ -50,6 +50,11 @@
int n_keys, i;
char *name;
+const char *password;
+char pwbuf[1024];
+random_password (pwbuf, sizeof(pwbuf));
+password = pwbuf;
+
ret = krb5_unparse_name(context, princ, name);
if (ret) {
krb5_warn(context, ret, failed to unparse principal name);
@@ -70,12 +75,15 @@
ent.attributes |= attributes | KRB5_KDB_DISALLOW_ALL_TIX;
mask |= KADM5_ATTRIBUTES;
-ret = kadm5_create_principal(kadm_handle, ent, mask, hemlig);
+/* Create the entry with a random password */
+ret = kadm5_create_principal(kadm_handle, ent, mask, password);
if(ret) {
krb5_warn(context, ret, create_random_entry(%s): randkey failed,
name);
goto out;
}
+
+/* Replace the string2key based keys with real random bytes */
ret = kadm5_randkey_principal(kadm_handle, princ, keys, n_keys);
if(ret) {
krb5_warn(context, ret, create_random_entry*%s): randkey failed,
Build status as of Tue Jul 5 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-07-04 00:00:08.0 + +++ /home/build/master/cache/broken_results.txt 2005-07-05 00:00:09.0 + @@ -1,16 +1,16 @@ -Build status as of Mon Jul 4 00:00:02 2005 +Build status as of Tue Jul 5 00:00:02 2005 Build counts: Tree Total Broken Panic -ccache 10 5 0 -distcc 13 2 0 -lorikeet-heimdal 38 15 0 -ppp 18 0 0 -rsync40 2 0 +ccache 7 4 0 +distcc 11 2 0 +lorikeet-heimdal 29 11 0 +ppp 18 1 0 +rsync13 2 0 samba-docs 0 0 0 -samba4 41 29 2 -samba_3_041 12 0 -smb-build30 0 0 -talloc 37 21 0 -tdb 36 36 0 +samba4 40 29 2 +samba_3_040 12 0 +smb-build29 0 0 +talloc 37 20 0 +tdb 34 34 0
svn commit: samba-docs r750 - in trunk: manpages-3 xslt
Author: jelmer
Date: 2005-07-05 00:19:04 + (Tue, 05 Jul 2005)
New Revision: 750
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=750
Log:
Bunch of smaller fixes.
Modified:
trunk/manpages-3/smb.conf.5.xml
trunk/xslt/latex.xsl
trunk/xslt/strip-references.xsl
Changeset:
Modified: trunk/manpages-3/smb.conf.5.xml
===
--- trunk/manpages-3/smb.conf.5.xml 2005-07-04 22:04:07 UTC (rev 749)
+++ trunk/manpages-3/smb.conf.5.xml 2005-07-05 00:19:04 UTC (rev 750)
@@ -1,4 +1,5 @@
-refentry id=smb.conf.5 xmlns:xi=http://www.w3.org/2003/XInclude;
+refentry id=smb.conf.5 xmlns:xi=http://www.w3.org/2003/XInclude;
+xmlns:samba=http://www.samba.org/samba/DTD/samba-doc;
refmeta
refentrytitlesmb.conf/refentrytitle
@@ -607,7 +608,9 @@
refsect1
titleEXPLANATION OF EACH PARAMETER/title
- xi:include href=../smbdotconf/parameters.all.xml parse=xml/
+ samba:parameterlist
+ xi:include href=../smbdotconf/parameters.all.xml
parse=xml/
+ /samba:parameterlist
/refsect1
Modified: trunk/xslt/latex.xsl
===
--- trunk/xslt/latex.xsl2005-07-04 22:04:07 UTC (rev 749)
+++ trunk/xslt/latex.xsl2005-07-05 00:19:04 UTC (rev 750)
@@ -170,12 +170,17 @@
xsl:apply-templates/
/xsl:template
+xsl:template match=refentry
+ xsl:text\section{/xsl:textxsl:value-of
select=refmeta/refentrytitle/xsl:text}#10;/xsl:text
+ xsl:apply-templates/
+/xsl:template
+
xsl:template match=//samba:parameter
- xsl:text\item[{/xsl:textxsl:value-of
select=@name/xsl:text}]#10;/xsl:text
+ xsl:text\item[{/xsl:textxsl:value-of
select=@name/xsl:text}]\null{}#10;/xsl:text
xsl:text\index{/xsl:textxsl:value-of
select=@name/xsl:text|it}#10;/xsl:text
xsl:for-each select=synonym
- xsl:text\item[{/xsl:textxsl:value-of
select=./xsl:text}]#10;/xsl:text
+ xsl:text\item[{/xsl:textxsl:value-of
select=./xsl:text}]\null{}#10;/xsl:text
xsl:text\index{/xsl:textxsl:value-of
select=./xsl:text|it}#10;/xsl:text
xsl:textThis parameter is a synonym for
\smbconfoption{/xsl:textxsl:value-of
select=../@name/xsl:text}./xsl:text
/xsl:for-each
@@ -219,7 +224,4 @@
xsl:apply-templates select=description/
/xsl:template
-xsl:template match=refsect1[title='VERSION']/
-xsl:template match=refsect1[title='AUTHOR']/
-
/xsl:stylesheet
Modified: trunk/xslt/strip-references.xsl
===
--- trunk/xslt/strip-references.xsl 2005-07-04 22:04:07 UTC (rev 749)
+++ trunk/xslt/strip-references.xsl 2005-07-05 00:19:04 UTC (rev 750)
@@ -2,41 +2,9 @@
!-- Removes particular (unuseful for the book) elements from references --
xsl:stylesheet xmlns:xsl=http://www.w3.org/1999/XSL/Transform;
version=1.1
- xsl:template match=reference/refentry/refsect1
- xsl:if test=title!='VERSION' and title!='AUTHOR'
- xsl:element name=refsect1
- xsl:if test=@id!=''
- xsl:attribute name=id
- xsl:value-of select=@id/
- /xsl:attribute
- /xsl:if
- xsl:apply-templates/
- /xsl:element
- /xsl:if
- /xsl:template
+ xsl:template match=reference/refentry/refsect1[title='VERSION' or
title='AUTHOR']/
- xsl:template match=reference/refentry
- xsl:element name=section
- xsl:attribute name=id
- xsl:value-of select=@id/
- /xsl:attribute
- xsl:element name=title
- xsl:value-of select=refmeta/refentrytitle/
- /xsl:element
- xsl:apply-templates/
- /xsl:element
- /xsl:template
-
xsl:template match=reference/refentry/refmeta/
xsl:template match=reference/refentry/refnamediv/
-
- xsl:template match=reference
- xsl:element name=appendix
- xsl:attribute name=id
- xsl:value-of select=@id/
- /xsl:attribute
- xsl:apply-templates/
- /xsl:element
- /xsl:template
/xsl:stylesheet
svn commit: samba-docs r751 - in trunk/xslt: .
Author: jelmer
Date: 2005-07-05 00:26:26 + (Tue, 05 Jul 2005)
New Revision: 751
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=751
Log:
Fix line issues.
Modified:
trunk/xslt/latex.xsl
Changeset:
Modified: trunk/xslt/latex.xsl
===
--- trunk/xslt/latex.xsl2005-07-05 00:19:04 UTC (rev 750)
+++ trunk/xslt/latex.xsl2005-07-05 00:26:26 UTC (rev 751)
@@ -176,20 +176,18 @@
/xsl:template
xsl:template match=//samba:parameter
- xsl:text\item[{/xsl:textxsl:value-of
select=@name/xsl:text}]\null{}#10;/xsl:text
- xsl:text\index{/xsl:textxsl:value-of
select=@name/xsl:text|it}#10;/xsl:text
-
xsl:for-each select=synonym
xsl:text\item[{/xsl:textxsl:value-of
select=./xsl:text}]\null{}#10;/xsl:text
xsl:text\index{/xsl:textxsl:value-of
select=./xsl:text|it}#10;/xsl:text
xsl:textThis parameter is a synonym for
\smbconfoption{/xsl:textxsl:value-of
select=../@name/xsl:text}./xsl:text
/xsl:for-each
- xsl:variable name=context
- xsl:text (/xsl:text
- xsl:value-of select=@context/
- xsl:text)/xsl:text
- /xsl:variable
+ xsl:text\item[{/xsl:textxsl:value-of select=@name/
+ xsl:text (/xsl:text
+ xsl:value-of select=@context/
+ xsl:text)/xsl:text
+ xsl:text}]\null{}#10;#10;/xsl:text
+ xsl:text\index{/xsl:textxsl:value-of
select=@name/xsl:text|it}#10;/xsl:text
!-- Print default value--
xsl:text#10;/xsl:text
svn commit: samba-web r737 - in trunk/news/js: .
Author: deryck Date: 2005-07-05 00:58:59 + (Tue, 05 Jul 2005) New Revision: 737 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=737 Log: Get the svn:ignore correct. deryck Modified: trunk/news/js/ Changeset: Property changes on: trunk/news/js ___ Name: svn:ignore - searchIndex* + searchIndex.js
