[Samba] unix password sync = yes, did not sync unix passwd
I'm not sure when the last time I run smbpasswd to change the user password, however when I run it only change NT and LM hash attribute, not the unix passwd attributes. smb.conf: ... passdb backend = ldapsam:ldap://127.0.0.1; unix password sync = yes passwd program = /usr/local/sbin/passwd.pl %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* However it was working find (able to change unix as well as NT password) when I run from Windows client, such as: c:\ net user example testonly /domain This is incorrect, at least per (surprise) pdbedit documentation: Note pdbedit does not call the unix password syncronisation script if unix password sync has been set. It only updates the data in the Samba user database. If you wish to add a user and synchronise the password that im- mediately, use smbpasswd's -a option. Ver: samba-3.0.20b --beast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Group checking using ntlm_auth
Hi, We are running Squid version: 2.5.STABLE13 and Samba version: Version 3.0.21b We have it setup to use NTLM to check that the user belongs to a group within the domain. The need has arrisen to be able to support multiple groups. Is this possible? Our squid.conf section: auth_param ntlm program /ntlm_auth.sh ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 20 auth_param ntlm use_ntlm_negotiate on auth_param basic program /ntlm_auth.sh basic auth_param basic children 20 auth_param basic realm SERVER.DOMAIN.CO.ZA Cache NTLM Authentication auth_param basic credentialsttl 2 hours Our smb.conf: [global] winbind separator = + winbind cache time = 10 workgroup=DOMAIN security=ads winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes realm=SERVER.DOMAIN.CO.ZA client ntlmv2 auth=yes Our ntlm auth line ($W will be either basic or ntlmssp per the squid config file): /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-$W--require-membership-of='DOMAIN+webusers' Now, I have a second group DOMAIN+managers that also needs to be allowed out and AD wont change it to have the same security group. Thanks, Ian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Michael Rignaz schrieb: Hi, is it possible to share write locks amongst two samba servers? We are experiencing performance issues all the time, because one location (location A) is connected via VPN to the main location (location B) and needs to access files hosted there on some samba shares. Now loc A gets its own server, but still files hosted in B need to be read/write accessed from A and vice versa. It would be really nice to have all files and shares on both servers. And when a file is locked on srv1 it's also locked on srv2. Is something like that possible? Thnx in advance, Michael Hello, what type of files do you have to share ? Doc type files or database files ? Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ads_kinit_password failed: Preauthentication failed
SOLVED IT !!! Thank you for all help. Special thanks for Joseph Garret. I had to resort to version 3.0.20. I also may have had some problems with the native samba and kerberos libraries and tidied up the environment paths for the build. (and clean out all installation paths) Cheers Lachlan Aaron Kincer wrote: Lachlan, Try these settings to help: client use spnego = no server signing = auto client signing = auto Let me know if it works. Aaron Kincer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- View this message in context: http://www.nabble.com/ads_kinit_password-failed%3A-Preauthentication-failed-tf2202561.html#a6260931 Sent from the Samba - General forum at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'username = @group' not working correctly
Hi Gerald (Jerry) Carter wrote: First question: In the manpage for smb.conf, it is mentioned that '+group' expands to the Unix group named 'group'. But that does not work for me. Using the '@group' syntax works. Is this an error in the documentation? That makes no sense unless you are using NIS netgroups. I do not use NIS (or at least, I did not install or configure any NIS stuff on the network at all). The documentation for smb.conf sais that @group will check both the NIS group and the Unix group (the NIS group first), and that +group will check the Unix group only. Still, +group does not work for me at all, while @group works for the first two users in the Unix group. I'd suggest moving to security = user unless you can explain exactly why you need security = share. Security = share is just not well suited for cases where you want to provide authorization based on username/password pairs. The problem I have with security = user is that Windows does not allow to simultaneously have two or more connections using different usernames to a given server. On my network, the following scenario is very common: A user logs into a Windows machine and accesses a Samba share for which the username and password match with the username and password he used to login to the Windows box (a general staff account). Some time later, he needs access to another share requiring another username and password (his personal share). With security = user, this is not possible. Windows will complain about conflicting login information. -- René OpenPGP key id: 0x63B1F5DB JID: [EMAIL PROTECTED] signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with Security=ADS and domain users afer upgrading to 3.0.23c
Hello all, I am not sure if this is a bug or a feature of the newly released Samba 3.0.23c. I had this samba.conf working fully ok for smbd 3.0.23b : [global] map to guest = Bad User guest account = nobody disable netbios = Yes lanman auth = No unix charset = ISO8859-15 display charset = ISO8859-15 printing = bsd workgroup = OAAD realm = OA.PNRAD.NET security = ADS [public] path = /srv/www/htdocs/public valid users = nazaand, orloale write list = nazaand, orloale force group = public create mask = 0660 directory mask = 0770 browseable = No As soon as I upgraded to 3.0.23c I encountered the following problem. If I try to map the [public] share from a simple standalone PC, which does not belong to a domain, everything works fine (I am being asked for a username and password and I enter nazaand as the username and the corresponding password. However, if I try to map the same share from the PC which belongs to the domain OA.PNRAD.NET the authentication fails, unless I enter localhost\nazaand as the username. With 3.0.23b I did not need to enter any username/password when mapping the share from the domain PC, because I was already logged in with the right account in the domain. I have studied level 3 log file, and see that the authentication is performed differently now when the domain PC is used. For the PC that is not in the domain I have this in the log: Got user=[nazaand] domain=[PC35355] workstation=[PC35355] len1=24 len2=24 check_ntlm_password: mapped user is: [EMAIL PROTECTED] check_ntlm_password: winbind authentication for user [nazaand] succeeded For the domain PC nothing like that is present. Instead I get this: Ticket name is [EMAIL PROTECTED] Username OAAD\PC35355$ is invalid on this system error packet at smbd/sesssetup.c(315) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE ... Ticket name is [EMAIL PROTECTED] make_server_info_info3 failed: NT_STATUS_NO_SUCH_USER! error packet at smbd/sesssetup.c(339) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE Finally, if on the domain PC I enter localhost\nazaand as my username, then the share does get mapped and the following is in the log: Got user=[nazaand] domain=[localhost] workstation=[PC3535] len1=24 len2=24 check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface check_ntlm_password: mapped user is: [EMAIL PROTECTED] check_ntlm_password: winbind authentication for user [nazaand] succeeded It is obvious that the authentication breaks at the Ticket name is [EMAIL PROTECTED] - NO SUCH USER part (in the domain). So my question is basically, is this the intended behaviour? If so, how can I make it work again the same way 3.0.23b did? Regards, Andrei Nazarenko -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, winbind, krb5 Auth problem
Hi all I'm actually trying to setup an AD authentication on linux workstations. - I've setup an windows AD 2003 server, which work fine. - I've setup linux redhat 4 enterprise server (used as a workstation for the moment) - On the redhat, I already have setup smb.conf, krb5.conf, nsswitch.conf, pam.d/login, pam.d/system_auth. I have pasted all these files below. == I get successful result using wbinfo -u and wbinfo -g == kinit user2 works fine (user2 is one of my AD users) == net join works, i get a nes computer on my windows AD console but getent password doesn't works, and, of course, I cannot authenticate on Linux using AD account. Any help would be welcome, I have to make this working by the end of the week. Regards === SMB.CONF [global] security = domain realm = SD1.COM password server = winsd1.sd1.com workgroup = SD1 winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes domain master = no server string = log file = /var/log/samba/%m.log max log size = 50 domain logons = yes dns proxy = no winbind use default domain = yes [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes === nssswitch.conf passwd: compat winbind shadow: compat winbind group:compat winbind #passwd: files winbind krb5 ldap #shadow: files winbind krb5 ldap #group: files winbind krb5 ldap #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc:nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files winbind ldap rpc:files winbind services: files winbind ldap netgroup: files winbind ldap publickey: nisplus automount: files winbind ldap aliases:files nisplus === krb.conf [logging] default = FILE:/var/log/krb5libs.log # kdc = FILE:/var/log/krb5kdc.log # admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = SD1.COM ticket_lifetime = 24000 #dns_lookup_realm = true # dns_lookup_kdc = true default_tkt-enctypes = 3des-hmac-sha1 des-cbc-crc des-cbc-md5 aes256-ctsarcfour-hmac-md5 default_tgs-enctypes = 3des-hmac-sha1 des-cbc-crc des-cbc-md5 aes256-ctsarcfour-hmac-md5 dns_lookup_realm = true dns_lookup_kdc = true [realms] SD1.COM = { # kdc = winsd1.sd1.com kdc = winsd1.sd1.com:88 admin_server = winsd1.sd1.com:749 default_domain = SD1.COM kdc = winsd1.sd1.com } # sd1.com = { # kdc = winsd1.sd1.com:88 # admin_server = winsd1.sd1.com:749 # } [domain_realm] .sd1.com = SD1.COM sd1.com = SD1.COM #SD1.COM = sd1.com .#SD1.COM = sd1.com [kdc] profile = /var/kerberos/krb5kdc/kdc.conf #[appdefaults] # pam = { # debug = false # ticket_lifetime = 36000 # renew_lifetime = 36000 # forwardable = true # krb4_convert = false # } === in pam:d : auth-config #%PAM-1.0 auth sufficient /lib/security/$ISA/pam_rootok.so auth required /lib/security/$ISA/pam_stack.so service=system-auth service=system-auth #auth required /lib/security/pam_securetty.so #auth required /lib/security/pam_nologin.so #auth sufficient/lib/security/pam_winbind.so #auth required /lib/security/pam_pwdb.so #use_first_pass shadow nullok #accountrequired /lib/security/pam_winbind.so accountrequired /lib/security/$ISA/pam_permit.so sessionrequired /lib/security/$ISA/pam_permit.so === in pam.d gdm #%PAM-1.0 auth required pam_env.so auth required pam_stack.so service=system-auth auth required pam_nologin.so ### auth sufficient pam_winbind.so authsufficient /lib/security/pam_unix.so use_first_pass accountrequired pam_stack.so service=system-auth ### accountsufficient pam_winbind.so password required pam_stack.so service=system-auth session required/lib/security/pam_mkhomedir.so umask=0022 skel=/etc/skel sessionrequired
[Samba] Samba Winbind Error
I am attempting to setup a RHEL4 client to authenticate against a Windows 2003 R2 Active Directory Domain Controller. I am following the Samba HowTo Chapter 24 on Winbind, and everything works until I try to list out users from the AD. Here's what I get: # /usr/bin/wbinfo -u Error looking up domain users I can, however list out groups in this fashion: # /usr/bin/wbinfo -g BUILTIN\System Operators BUILTIN\Replicators . . . What I'm trying to accomplish is to have a Linux client authenticate to a Windows Server 2003 R2 Active Directory Domain Controller (not using a scout account for anonymous lookups) so that this user can access shared files on the Windows server. The user is then identified as himself for the purposes of file access auditing in the Security Event Log. I don't want to make any changes to the AD, although modifying the AD schema for Unix attributes using the new R2 tools would be ok (if needed). Thanks, Ned Skaggs Consulting, Inc. St. Charles, MO 63301 636-940-9478 - Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] FW: RE Help config. VPN to Samba server - UK Charity
Please can you help with this? I work at a charity and need help to find a solution urgently or Samba / Linux, might be superseded my 'MS' - Oh my GOD Thanks in advance, Nick : ) -Original Message- From: Nick Gorman [mailto:[EMAIL PROTECTED] Sent: 04 September 2006 21:47 To: Nick Gorman Subject: FW: RE Help config. VPN to Samba server - UK Charity -Original Message- From: David Collier-Brown [mailto:[EMAIL PROTECTED] Sent: 01 September 2006 6:05 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: RE Help config. VPN to Samba server - UK Charity You accidentally sent this to the development list: you probably want to discuss it at [EMAIL PROTECTED] You need the appropriate ports open, which you probably have done if Red Hat can mount the drives, and you now need to get the Windows versions of mount and browsing working. Go to the Troubleshooting chapter of the copy of Using Samba that came with your distribution (or to http://us2.samba.org/samba/docs/using_samba/ch12.html) and go to the Fault Tree. This will step you through all the prerequisites in the appropriate order, in about five minutes, until you find your problem. --dave Nick Gorman wrote: Hello, I have access from a XP pc through VPN and through a Billion ADSL router on to network. I can see the samba file server and log onto it using ssh. However I can't see the drives / files etc. in windows? I have logged onto windows servers in the same network, which use the samba network (Linux O/s Redhat 8). What I want to do is put a dial-in connection on my laptop which I have done, then dial-in via VPN PPTP but I can see the file / network Samba server or login in to my account. I have a IP allocated by the router on the internal network. I know I must be close but I am not a Samba expert and my background is in mostly in UNIX (HP). Can you help or point me in the right direction, so I can set-up a dial-in connection for home users? Kind regards, Nick Gorman ? Email: [EMAIL PROTECTED] *** Optimism is an intellectual choice. This e-mail and any attachments may contain confidential and/or privileged material; it is for the intended addressee's only. This e-mail has been scanned for viruses but there no guarantee's that the e-mail or any attachments are free from viruses. = -- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest [EMAIL PROTECTED] | -- Mark Twain (416) 223-5943 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Network Name error
Can anyone help me debug the following error: bozo:/etc/samba # smbclient //suse1/printers Password: Domain=[SUSE1] OS=[Unix] Server=[Samba 3.0.22-13.18-SUSE-CODE10] tree connect failed: NT_STATUS_BAD_NETWORK_NAME Samba has been installed on a 10.1 Suse box. The command is being run from the same Suse server. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.22 bug?
Sep 7 04:15:20 server smbd[2341]: [2006/09/07 04:15:20, 0] tdb/tdbutil.c:tdb_log(772) Sep 7 04:15:20 server smbd[2341]: [2006/09/07 04:15:20, 0] tdb/tdbutil.c:tdb_log(772) Sep 7 04:15:20 server smbd[2341]: tdb(/var/cache/samba/printing/hp.tdb): rec_read bad magic 0x44fc2015 at offset=22596 Sep 7 04:15:20 server smbd[2341]: tdb(/var/cache/samba/printing/hp.tdb): rec_read bad magic 0x44fc2015 at offset=22596 Sep 7 04:17:56 server smbd[2341]: [2006/09/07 04:17:56, 0] tdb/tdbutil.c:tdb_log(772) Sep 7 04:17:56 server smbd[2341]: [2006/09/07 04:17:56, 0] tdb/tdbutil.c:tdb_log(772) Sep 7 04:17:56 server smbd[2341]: tdb(/var/cache/samba/printing/hp.tdb): rec_read bad magic 0x44fc2015 at offset=22596 Sep 7 04:17:56 server smbd[2341]: tdb(/var/cache/samba/printing/hp.tdb): rec_read bad magic 0x44fc2015 at offset=22596 What causes this? The printing via Samba works fine. Any idea? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] did you create a program called Banner for Palm OS?
I'm trying to get it for my new palm but I cant seem to find it anywhere. If I have reached the right person could you please link me or send a copy as an attachment? Thanks, Dennis Daigneault Sales McGregor Hardware Distribution 604-253-7785 1-800-663-5625 Fax 604-253-7785 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba with ldapsam: first net join always fails, second succeeds
Created an add machine script that basically looks for an unused uid/rid, and then creates a stub LDAP entry for the machine; the first time I issue net join, the script is invoked and creates the LDAP entry correctly, but the join operation fails nevertheless: f1sa:~# net -U winadmin join winadmin's password: [2006/09/08 10:19:40, 0] utils/net_ads.c:ads_startup(191) ads_connect: No results returned Creation of workstation account failed Unable to join domain FAK1. The following log file entries are generated for this operation: SASL/GSSAPI authentication started SASL username: samba/[EMAIL PROTECTED] SASL SSF: 56 SASL installing layers [2006/09/08 09:53:15, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1781) ldapsam_add_sam_account: User 'f1sa$' already in the base, with samba attribut es [2006/09/08 09:53:15, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350) could not add user/computer f1sa$ to passdb. Check permissions? (the SASL/GSSAPI part is the output from my add machine script; basically I see here that it is working correctly) However when I call net join a second time: f1sa:~# net -U winadmin join winadmin's password: [2006/09/08 10:22:16, 0] utils/net_ads.c:ads_startup(191) ads_connect: No results returned Joined domain FAK1. It succeeds, the LDAP entry is updated accordingly and nothing is logged Can someone tell me what is wrong here, or where I should have done something differently? (Samba version is 3.0.14a from debian sarge) Best regards -- Helge Bahmann [EMAIL PROTECTED] /| \__ The past: Smart users in front of dumb terminals /_|\ _/\ | __) Wer im finally-Block sitzt, sollte nicht \\ \|__/__| mit exceptions werfen.\\/___/ | | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to locate Domain Controller
he clients are Windows 2000, Windows XP service pack 1 and Windows XP service pack 2... However, the problem started when I upgraded to the latest samba edition please open your smbpasswd file (/etc/samba/smbpasswd) and edit the name of the machine you have added to change case from all capitals to lowercase. If you now go back and reboot the windows PC you will find it has joined the domain! This suggestion was made on the list a couple of weeks ago and I find it works very well for me. For some reason from 3.022 on at the time of joining, the name gets set as all caps. regards Dilip -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] server linux
Hello I am the administrator of a server linux with 25 clients. Lasdt year : no problem. Each children saves files in the same directory on the server. But now, the teachers want that the children have different directories. Then 600 children have a directory on the server and each directory is secured by a password. When they want to save a file on the server, a lot of them may not open their directory. How can I solve this problem. Thank you very much for an answer Dominique FONTAINE [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] More on the archive bit saga
Thanks to all that have helped so far. I now have a test server running on Ubuntu 6.06 and Samba 3.0.22. I also configured ACL and user_xattr on the filesystem running the shares. But now I have very strange behavior that I hope someone has a clue about. User smith can open two files (foo.txt and faa.txt) with Notepad, Wordpad and Microsoft Word. The behavior for all three is different: foo.txt Notepad: Can open and modify the file. Correctly sets the archive bit. Wordpad before Word mod: Can open and modify the file. Correctly sets the archive bit. Wordpad after Word mod: Can open but cannot modify the file (access denied error). Cannot set the archive bit since access denied. Word: Can open and modify the file. Does not correctly set the archive bit. Using word created an ACL where none existed before (ACL was enabled AFTER file was initially created) faa.txt Notepad: Can open and modify the file. Correctly sets the archive bit. Wordpad: Can open and modify the file. Correctly sets the archive bit. Word: Never used to modify. -rw-rwx---+ 1 DOMAIN+smith DOMAIN+domain users 219600 2006-09-10 00:54 foo.txt -rwxrwx--- 1 DOMAIN+smith DOMAIN+domain users 93242 2006-09-11 14:43 faa.txt getfacl foo.txt [EMAIL PROTECTED]:/share/personal/smith# getfacl foo.txt # file: foo.txt # owner: DOMAIN+smith # group: DOMAIN+domain\040users user::rw- user:DOMAIN+johnson:rw- group::rwx group::rwx mask::rwx other::--- # Settings kernel oplocks = no #this has been toggled back and forth with same behavior both ways client use spnego = yes server signing = auto client signing = auto nt acl support = yes # Share Behavior inherit permissions = yes store dos attributes = yes dos filemode = yes dos filetimes = yes dos filetime resolution = yes acl compatibility = auto # Logging log file = /var/log/samba/%m.log log level = 3 max log size = 50 # Network Settings socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote announce = 192.168.2.255 disable netbios = no netbios name = server [personal] comment = personal drive path = /share/personal guest ok = no read only = no writeable = yes #write list = +DOMAIN+Domain Users #read list = +DOMAIN+Domain Users create mask = 0770 directory mask = 0770 dos filemode = yes acl group control = yes workgroup = DOMAIN server string = server os level = 0 preferred master = no announce as = NT Server announce version = 4.9 browse list = yes domain master = no local master = no enhanced browsing = yes idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind use default domain = no winbind enum groups = yes winbind enum users = yes winbind separator = + realm = DOMAIN.LOCAL # Security hosts allow = 192.168.1. 192.168.2. 127. security = ads password server = * encrypt passwords = yes Any help is much appreciated. -- Aaron Kincer IT Manager Foam Design, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User settings after migration
Hi All, We have an NT4 machine which is our PDC. I'm looking to replace this with one of our linux servers. I joined the linux server to the domain ok. Then I vampired all the accounts across which worked ok. I then switched off NT PDC, made samba the master and start samba service. Problem is we are loosing all our settings. After a quick hunt around I noticed a new profiles directory was created on my machine. To elaborate: Say we have a domain called MORGAN and a user called jbarnes: when using the NT4 PDC he had a directory under Documents and Settings called jbarnes. When he logged on to the linux PDC a new folder was created called jbarnes.MORGAN. Users loose all their settings :( Can we make windows use the same profiles directory after migration? Why is windows creating a new profile folder? Thanks in advance. Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] join domain error
hello. unable join w2k workstation a325s02 in samba domain freedom with error (translated from russian) - procedure number out of range. only one host a325s02 have this trouble. why? $ ldapsearch -ZZ uid=a325s02$ ... # a325s02$, people, bspu dn: uid=a325s02$,ou=people,o=bspu objectClass: top objectClass: account objectClass: posixAccount objectClass: sambaSamAccount uid: a325s02$ cn: a325s02$ loginShell: /sbin/nologin uidNumber: 50042 gidNumber: 515 homeDirectory: /nonexistent sambaSID: S-1-5-21-1736377067-2638575246-975308661-101084 sambaPwdCanChange: 1158046057 sambaPwdMustChange: 2147483647 sambaLMPassword: 3B42A3223428A6CCAAD3B435B51404EE sambaNTPassword: 7B4A88D24BDA6BC69D325C8829D66A3F sambaPwdLastSet: 1158046057 sambaAcctFlags: [W ] ... log.a325s02 [2006/09/12 13:33:19, 0, pid=79194, effective(0, 0), real(0, 0)] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 10.4.2.11. Error = Connection reset by peer [2006/09/12 13:33:20, 0, pid=79195, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_mem_get(559) prs_mem_get: reading data of size 2 would overrun buffer by 1 bytes. [2006/09/12 13:33:20, 0, pid=79195, effective(1001, 0), real(1001, 0)] rpc_server/srv_samr.c:api_samr_set_userinfo(848) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2006/09/12 13:33:20, 0, pid=79195, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe.c:api_rpcTNP(2287) api_rpcTNP: samr: SAMR_SET_USERINFO failed. with log level = 10 (fragment) ... [2006/09/12 14:36:48, 10, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:unmarshall_rpc_header(511) unmarshall_rpc_header: type = 0, flags = 3 [2006/09/12 14:36:48, 10, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(963) write_to_pipe: data_used = 0 [2006/09/12 14:36:48, 10, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(959) write_to_pipe: data_left = 549 [2006/09/12 14:36:48, 10, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:process_incoming_data(852) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 549, incoming data = 549 [2006/09/12 14:36:48, 10, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:process_complete_pdu(719) process_complete_pdu: processing packet type 0 [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_debug(84) 00 smb_io_rpc_hdr_req req [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint32(704) alloc_hint: 021d [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint16(675) 0004 context_id: [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint16(675) 0006 opnum : 003a [2006/09/12 14:36:48, 3, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe_hnd.c:free_pipe_context(529) free_pipe_context: destroying talloc pool of size 0 [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe.c:api_pipe_request(2223) Requested \PIPE\samr [2006/09/12 14:36:48, 4, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe.c:api_rpcTNP(2258) api_rpcTNP: samr op 0x3a - api_rpcTNP: rpc command: SAMR_SET_USERINFO [2006/09/12 14:36:48, 6, pid=80595, effective(1001, 0), real(1001, 0)] rpc_server/srv_pipe.c:api_rpcTNP(2284) api_rpc_cmds[22].fn == 0x8184cc0 [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_debug(84) 00 samr_io_q_set_userinfo [2006/09/12 14:36:48, 6, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_debug(84) 00 smb_io_pol_hnd pol [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint32(704) data1: [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint32(704) 0004 data2: 0008 [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint16(675) 0008 data3: [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint16(675) 000a data4: [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint8s(851) 000c data5: 90 63 06 45 d3 3a 01 00 [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_uint16(675) 0014 switch_value: 0018 [2006/09/12 14:36:48, 6, pid=80595, effective(1001, 0), real(1001, 0)] rpc_parse/parse_prs.c:prs_debug(84) 16 samr_io_userinfo_ctr ctr [2006/09/12 14:36:48, 5, pid=80595, effective(1001, 0), real(1001, 0)]
Re: [Samba] join domain error
On Tue, Sep 12, 2006 at 03:21:03PM +0700, mitrohin a.s. wrote: unable join w2k workstation a325s02 in samba domain freedom with error (translated from russian) - procedure number out of range. only one host a325s02 have this trouble. why? This has been fixed with SVN r18369. Depending on your Samba version the attached patch may or may not apply. This will be fixed with the next Samba release. Volker pgp3Uo1G5eCyl.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] allow creating files but not deleting
I need to create a directory where a user can create and work with files but not delete them. Other users can do anything in that directory. I have a recycle bin set up but I must make it impossible to delete the files. I have tried setting the sticky bit on the directory, and the delete readonly option of smb.conf to no, but the user can always delete the files ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba domain member server does not see list of users from PDC
Hi, I have some problems with the following setup: DOM1 (PDC) - DOM2 (PDC) -DOM2(Member server) The users and groups from DOM1 (MS WinNT4 domain) are nicely visible on Samba PDC (DOM2) with established trust, but domain member server in DOM2 domain does not show any users from the DOM1 domain (only users from DOM2 are visible), BUT!! users from DOM1 can login to it and access shares upload/download files. Member server is running winbind and it can see all of the DOM2 users and groups with wbinfo and with getent commands, but NONE of DOM1 users or groups can be listed on it. The problem is, that I cannot set any rights/ACL's on files because of that. Can anyone please advise me as to what I can do to make users and groups from trusted domain visible also on the member server? Thank you in advance, Regards, Bostjan -- buhdej evridej -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.23b - 3.0.23c
Dear Timur, Thanks for your reply. It works after I move *.tdb files to the new directory. I did not read the pkg-message file when portupgrading samba3. Regards. Adam - Original Message - From: Timur I. Bakeyev [EMAIL PROTECTED] To: dovecot auth [EMAIL PROTECTED] Sent: Tuesday, September 12, 2006 7:08 AM Subject: Re: [Samba] 3.0.23b - 3.0.23c Hi Adam! My guess is that you missed this message both from UPDATING and during reinstallation of the port: 20060904: AFFECTS: users of net/samba3 AUTHOR: [EMAIL PROTECTED] Reviosion of Samba 3.0.23c port had changed location of the directory, where Samba stores it's smbpasswd files from $PREFIX/private to a more common $PREFIX/etc/samba. You need to move *.tdb files from an old to new location and remove old directory if you use tdbsam backend for Samba user authentication. Usually, $PREFIX is /usr/local. So you have to move files from /usr/local/private into /usr/local/etc/samba. I HOPE, that's the problem you faced with, i.e. easy to fix. Otherwise I have no idea, really... With regards, Timur. On Tue, Sep 12, 2006 at 12:13:15AM +0800, dovecot auth wrote: Dear timur, please help. adam - Original Message - From: Gerald (Jerry) Carter [EMAIL PROTECTED] To: dovecot auth [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Monday, September 11, 2006 11:59 PM Subject: Re: [Samba] 3.0.23b - 3.0.23c -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam, I portupgraded my working 3.0.23b PDC on FreeBSD 5.5 to 3.0.23c and found that all workstations could not login. The log file reads: get_md4pw: Workstation PC01$: no account in domain I ran pdbedit -L, and it returned nothing. I use tdbsam backend; all user accounts show up fine with 3.0.23b. Now they are missing. I deinstalled 3.0.23c and switched back to 3.0.23b. Everything is then back to normal. What's wrong with the .23c version? Sounds more like a portage issue than a generic issue with Samba 3.0.23c. I check that the new version was compiled with the same directory locations as the old one. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFBYfGIR7qMdg1EfYRAvByAJwMcs8HthjITW2ka4VHJBNLA+RaTQCdFwEA dNPziaqpdGLgGUgg22Xx5M0= =Xacq -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allow creating files but not deleting
Hi` Do you have acl enabled? Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen The paradox is now fully established that the utmost abstractions are the true weapons with which to control our thought of concrete facts. -A.N. Whitehead On Sep 12, 2006 11:47 AM, Toni Casueps [EMAIL PROTECTED] wrote: I need to create a directory where a user can create and work with files but not delete them. Other users can do anything in that directory. I have a recycle bin set up but I must make it impossible to delete the files. I have tried setting the sticky bit on the directory, and the delete readonly option of smb.conf to no, but the user can always delete the files ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba with ldapsam: first net join always fails, second succeeds
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/08/2006 05:26 AM, Helge Bahmann escreveu: Created an add machine script that basically looks for an unused uid/rid, and then creates a stub LDAP entry for the machine; the first time I issue net join, the script is invoked and creates the LDAP entry correctly, but the join operation fails nevertheless: f1sa:~# net -U winadmin join winadmin's password: [2006/09/08 10:19:40, 0] utils/net_ads.c:ads_startup(191) ads_connect: No results returned Creation of workstation account failed Unable to join domain FAK1. The following log file entries are generated for this operation: SASL/GSSAPI authentication started SASL username: samba/[EMAIL PROTECTED] SASL SSF: 56 SASL installing layers [2006/09/08 09:53:15, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1781) ldapsam_add_sam_account: User 'f1sa$' already in the base, with samba attribut es [2006/09/08 09:53:15, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350) could not add user/computer f1sa$ to passdb. Check permissions? (the SASL/GSSAPI part is the output from my add machine script; basically I see here that it is working correctly) Ok, AIUI, you are adding machine information to an account that already exists? However when I call net join a second time: f1sa:~# net -U winadmin join winadmin's password: [2006/09/08 10:22:16, 0] utils/net_ads.c:ads_startup(191) ads_connect: No results returned Joined domain FAK1. It succeeds, the LDAP entry is updated accordingly and nothing is logged Can someone tell me what is wrong here, or where I should have done something differently? If the answer to the question I made above is yes, then the second try to join the domain will find the correct fields and will be able to join the machine, I'm not sure why the first try didn't suceed but I have a strong feeling that it is related with the fact of messing with already existing accounts. (Samba version is 3.0.14a from debian sarge) Best regards Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqFcCj65ZxU4gPQRAgLAAKDHH+rAWRqPkx8AMBvE0J4yodPrdgCfcmvi xpJrCJKFECs25Yn7Yexy8DI= =b7Pg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] server linux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/11/2006 06:57 AM, fondomi escreveu: Hello I am the administrator of a server linux with 25 clients. Lasdt year : no problem. Each children saves files in the same directory on the server. But now, the teachers want that the children have different directories. Then 600 children have a directory on the server and each directory is secured by a password. When they want to save a file on the server, a lot of them may not open their directory. How can I solve this problem. Are you using $HOME directories? Did you think about that? It could easily solve the problem. If using $HOME directories is not an option, you should think about using ACL on the FileSystem, something like: /pubroot- Everyone can read - children0001 - ACL to children0001 rw ... You do only one share, everybody will be able to see the top directories, but the ACLs will only allow the right person to access the directory. It has the advatange that you can create script to manage it and the ACL will the applied with inheritance fro the top folder. You can also use some variable in smb.conf to have a similar [homes] share, but I don't like the idea of reinventing the wheel. :-) Thank you very much for an answer You are very welcome. Dominique FONTAINE [EMAIL PROTECTED] Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqCYCj65ZxU4gPQRAvtJAJsHi9QLV/n/upGaq8m/1v7V/KLJOwCdF5TI V8clbnxKJOB6WKeTfVpbBHQ= =BEm2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] did you create a program called Banner for Palm OS?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/07/2006 04:58 PM, Dennis Daigneault escreveu: I'm trying to get it for my new palm but I cant seem to find it anywhere. If I have reached the right person could you please link me or send a copy as an attachment? H... not quite sure, samba.at.lists.samba.org is a mail list where Samba users (and developers and curious people and interested and ...) help each other. :-) Thanks, Dennis Daigneault Sales McGregor Hardware Distribution Good luck. - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqJTCj65ZxU4gPQRAtidAJ4mihrnHdkCWb+zaVp7Oo+KfZfvxwCeO5gI 47MSu2eKZYybaIZnftFqAq4= =A2zo -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient mget and compression
Hi, I'm using smbclient to replicate a samba share from one Linux machine to another one. Unluckily, the amount of data is quite large, thus I'd like to transfer it with a compression, but I didn't find such as asny option in smbclient. Is it possible? Thanks, Luca P.S. I cannot use, in this case, other tools like rsync, just only smb! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Authentication problems after upgrading to 3.0.23c
Hi there, Since upgrading our debian sarge boxes to 3.0.23c, we have found that we are unable to connect to shares using the official hostname of the servers (short or fully qualified) but can still use its netbios aliases (again, short or fully qualified). As nothing else has changed in our configuration, I think that the change of behaviour is down to the newer release and can find nothing in the release notes that would indicate that we have to add any new settings into smb.conf. Anyone else seen this and have any solutions? Configuration is Debian Sarge with samba supplied samba. Everything fully patched. smb.conf (with names changed to protect the innocent) [global] workgroup = MYWORKGROUP realm = MY.DOMAIN netbios aliases = list, of, aliases security = ADS log level = 2 max log size = 1 deadtime = 15 preferred master = No wins server = wins0 [homes] read only = No (unspecified values are set to defaults). log.smbd for simple 'net use * \\server\share' [2006/09/12 12:48:01, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2006/09/12 12:48:01, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2006/09/12 12:48:01, 0] lib/access.c:check_access(327) [2006/09/12 12:48:01, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2006/09/12 12:48:01, 1] smbd/process.c:process_smb(1103) [2006/09/12 12:48:01, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2006/09/12 12:48:01, 2] lib/access.c:check_access(323) Allowed connection from (155.245.49.154) [2006/09/12 12:48:01, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 155.245.49.154. Error Connection reset by peer [2006/09/12 12:48:01, 0] lib/util_sock.c:send_smb(769) Error writing 5 bytes to client. -1. (Connection reset by peer) [2006/09/12 12:48:01, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/09/12 12:48:01, 1] smbd/sesssetup.c:reply_spnego_kerberos(310) Username CAMPUS\S5037XP$ is invalid on this system [2006/09/12 12:48:01, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/09/12 12:48:01, 1] smbd/sesssetup.c:reply_spnego_kerberos(334) make_server_info_info3 failed: NT_STATUS_NO_SUCH_USER! log.smbd for 'net use \\alias\share' [2006/09/12 12:49:14, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2006/09/12 12:49:14, 0] lib/access.c:check_access(327) [2006/09/12 12:49:14, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2006/09/12 12:49:14, 1] smbd/process.c:process_smb(1103) [2006/09/12 12:49:14, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2006/09/12 12:49:14, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 155.245.49.154. Error Connection reset by peer [2006/09/12 12:49:14, 2] lib/access.c:check_access(323) Allowed connection from (155.245.49.154) [2006/09/12 12:49:14, 0] lib/util_sock.c:send_smb(769) Error writing 5 bytes to client. -1. (Connection reset by peer) [2006/09/12 12:49:14, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/09/12 12:49:14, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/09/12 12:49:14, 2] lib/access.c:check_access(323) Allowed connection from (155.245.49.154) [2006/09/12 12:49:14, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2006/09/12 12:49:14, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [bret] - [bret] - [bret] succeeded [2006/09/12 12:49:14, 2] lib/access.c:check_access(323) Allowed connection from (155.245.49.154) [2006/09/12 12:49:14, 1] smbd/service.c:make_connection_snum(941) s5037xp (155.245.49.154) connect to service share initially as user bret (uid=16661, gid=1001) (pid 21647) [2006/09/12 12:49:14, 2] smbd/reply.c:reply_tcon_and_X(711) Serving share as a Dfs root [2006/09/12 12:49:15, 2] smbd/open.c:open_file(352) bret opened file desktop.ini read=Yes write=No (numopen=1) [2006/09/12 12:49:15, 2] smbd/close.c:close_normal_file(344) bret closed file desktop.ini (numopen=0) [2006/09/12 12:49:15, 2] smbd/open.c:open_file(352) bret opened file
[Samba] Windows XP Machine,
Hello List, I have a odd problem and I should perhaps ask this on msn or something like that :) but I am running a ldc with ldap, everything works like a charm but on one of the machine a newly installed one which is joined to the domain can't for some reason see the files on one machine, now both machines can see shares on other machines but not between each other, does anyone has any idea of what could be causing this? by the way both machines are getting their ips from the same dhcp server so there should not be any conflict there. Kind regards Per -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Network Name error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/06/2006 05:28 PM, Tony Nelson escreveu: Can anyone help me debug the following error: bozo:/etc/samba # smbclient //suse1/printers Password: Domain=[SUSE1] OS=[Unix] Server=[Samba 3.0.22-13.18-SUSE-CODE10] tree connect failed: NT_STATUS_BAD_NETWORK_NAME Googling around there are a couple of answers: http://lists.samba.org/archive/samba/2004-March/083203.html http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Administration/Q_21711901.html http://www.linuxquestions.org/questions/showthread.php?postid=1709437 Samba has been installed on a 10.1 Suse box. The command is being run from the same Suse server. For the record, for some reason, a problem with names exist, either the name of the directory or the name of your server. Test it with testparm, and try to add the relevant log parts and smb.conf, it could make even easier to help you. :) Thanks! You are welcome. - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqQ3Cj65ZxU4gPQRAhmsAKC9NGu3Sou0XoLjme/dOa9eNWWFSwCeJ23S /Uwy2x/KbIoUdSnZ2VPO9bo= =p7o/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] FW: RE Help config. VPN to Samba server - UK Charity
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Try to not top-post, it makes a little bit hard to read ] [ the question/answers because it brokens the text flow. ] On 09/06/2006 06:53 AM, Nick Gorman escreveu: Please can you help with this? I work at a charity and need help to find a solution urgently or Samba / Linux, might be superseded my 'MS' - Oh my GOD Thanks in advance, Nick : ) [...] You need the appropriate ports open, which you probably have done if Red Hat can mount the drives, and you now need to get the Windows versions of mount and browsing working. Go to the Troubleshooting chapter of the copy of Using Samba that came with your distribution (or to http://us2.samba.org/samba/docs/using_samba/ch12.html) and go to the Fault Tree. This will step you through all the prerequisites in the appropriate order, in about five minutes, until you find your problem. --dave Dave sent you an answer. Could outline where exactly do you need help? Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqXuCj65ZxU4gPQRAoYpAJ9ZI3igC/DPnbvDyQx0FdvCcoup7wCdFjFW 14dzuuaZ3Tz1bgAPiKYdVgs= =Ov+0 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Winbind Error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/05/2006 06:28 PM, Randy Skaggs escreveu: I am attempting to setup a RHEL4 client to authenticate against a Windows 2003 R2 Active Directory Domain Controller. I am following the Samba HowTo Chapter 24 on Winbind, and everything works until I try to list out users from the AD. Here's what I get: # /usr/bin/wbinfo -u Error looking up domain users I can, however list out groups in this fashion: # /usr/bin/wbinfo -g BUILTIN\System Operators BUILTIN\Replicators . . . What I'm trying to accomplish is to have a Linux client authenticate to a Windows Server 2003 R2 Active Directory Domain Controller (not using a scout account for anonymous lookups) so that this user can access shared files on the Windows server. The user is then identified as himself for the purposes of file access auditing in the Security Event Log. I don't want to make any changes to the AD, although modifying the AD schema for Unix attributes using the new R2 tools would be ok (if needed). Thanks, Ned Can you run testparm to check what happens? And can you send the smb.conf so we could have a look to it? If there are any logs, they would be *very* useful, try to increase the loglevel/debuglevel. Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBqb9Cj65ZxU4gPQRAm+5AJ0Qw5NKr2UZF4tkvMZwatNRrSqqOwCgjZnz eE6IOv/zjBhursfznlQWZwk= =39gQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Several samba / ldap for a pdc/bdc setup/transition questions
On Wed, 2006-09-06 at 17:05 -0400, Bob Hetzel wrote: Greetings all, I've been researching migrating my NT4 PDC and BDC services to samba to get around the concerns we have here with NT4 no longer being patched when security holes are found. Details of my current NT4 domain... approx 300 computers, most of which can be migrated out soon either to be in no-domain or in an active directory domain approx 3000 user accounts, which need to be maintained until we can transition servers and custom built webapps to an active directory domain. I have no interest in doing shares, printers, or roaming profiles on these domain controllers. Server 2003 licenses are extremely cheap for us here in the university environment and we have to have windows to run the current commercial apps we have anyway. We're working on transitioning everything into MS Active Directory but cannot migrate using the standard MS methods for a variety of reasons and are likely to be stuck with the old NT4 domain for at least the next 6-12 months. Additionally that hardware is pretty old and I have reliability concerns with it. Conclusions and questions I've come to so far... correct these if you think there is a superior way. I've been reading lots of docs and how-tos mostly from www.samba.org 1) an LDAP backend is really required for proper operation of replication between the two domain controllers while maintaining complete redundancy 2) users and machines must be in both the LDAP and in the /etc/password files. I'd rather not have this as I do not want these users signing into my unix box under other protocols. 3) I'll enable the software firewall on the unix box to prevent unauthorized access into the LDAP servers. How should I secure the LDAP servers beyond that? I assume I need encryption on the replication traffic between the master and slave LDAP. I want to make sure anybody can't just use their own account to query the LDAP and get out other people's password hashes (or even their own if I can prevent that while still allowing them to change their own password). 4) The most common database back-end seems to be BDB which I'm not familiar with. Are there any common tools to query that directly beyond querying it through the ldap server? This is not a requirement but I'd like to know the details of what's in the database and how it's laid out for my own info. 5) Am I likely to run into any problems importing the accounts and groups from the NT4 domain? We have all of our servers set to use only NTLMv2. My goal is to make this happen in a way that end-users shouldn't notice any difference, so if their passwords change it'll be a disaster. Additionally we have automated jobs kicking off all hours of the day and night which will depend on users, passwords, and group memberships not changing. Any additional details you can provide would be wonderful. users need only be in LDAP and not in both LDAP and /etc/passwd files as you state in #2 be prepared to perform the vampire (import from NT4) many times until you get everything right. Lastly, some amount of mastery of LDAP is going to make this a whole lot easier. Learn to use LDAP command line clients such as ldapadd/ldapmodify/ldapsearch and TLS/SSL with LDAP prior to samba integration. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] printer UNC
hello folks, i'm running 3.0.23b and i've noticed something that has changed. before, i could give my users (on xp) links to the printers via \\servername\printername these days, clicking on such links would result in an error message about how they might not have permissions to use the resource, ending with Incorrect function. however, if i ask them to connect to the server via \\servername and double-click on the printer they need, they are able to connect without any problems. any hints? thanks, franz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Andreas Moroder schrieb: Hello, what type of files do you have to share ? Doc type files or database files ? Bye Andreas Hi Andreas, We just share doc type files, but some are up to 1MB Excel files. Thnx for your answers! I've instaled debian @ home now and will experiement a bit. Regards, Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] AIX Testers Needed.
Hello AIX folks, I am changing the packaging of Samba for AIX. Presently Samba is built with a truckload of static libs and bound up in a package that has no other support for the supporting infrastructure. What I'd like to do instead is make as much of the package dependant upon shared libs and to allow for completeness of the package. In other words, BDB, OpenSSL, OpenLDAP, SASL, KRB5, libiconv and gcc shared libs are all included as *complete* packages; you'll have an LDAP server, Kerberos support, SSL and Berkeley tools for hot backups and recovery. You (should) need nothing else to make this work. The packages are unconfigured; that's where you come in. Use the included example configs and the mass of online documentation to setup your environment to your needs. These packages are in BFF format and as such are installed using installp. This will allow me to upgrade certain libraries along the way as the technology and requirements change. The binary release notes will indicate what is changing. My plans are to only change the shared libs about every 6 months or so and only when they are truly needed. (This is actually part of a larger project to BFF many packages, which include PHP, Apache, FreeRADIUS, the list grows a little each day, but is about 43 a the moment. I've called the project PWare for pSeries. I know there are other sites doing this with Open Source Software, but this is dependency responsive, driven by installp, more cohesive and is designed to not interfere with, but also offer a replacement to, sites that already have a /usr/local software repository.) Anyway, a preliminary package is available at: ftp://ftp.hvcc.edu/pub/pware This includes Samba-3.0.23c with a temporary fix for an AIX panic confirmed late last week with strptime (originally reported in Samba4) that is still being worked on. All software will install in /opt/pware. Be sure to examine the tree for an understanding of where things are placed. One path in particular /opt/pware/samba is special. This is designed to allow several versions of Samba to be installed simultaneously for version testing and debugging. The installp command will automatically increase the size of the filesystems as needed. You should look to have at leat 100MB free on /opt after install to make room for logs if you need to collect debug information. This may require an adjustment by you. Another thing to note is all packages were built with gcc on AIX 5.2 and should work fine on AIX 5.3. (I'm already working on an AIX 5.3 only version to take advantage of compiling on the native OS.) You should, wherever possible and appropriate, upgrade AIX to recent levels: http://www-03.ibm.com/servers/eserver/support/unixservers/aixfixes.html You must agree to a license agreement that basically is a disclaimer that I and my institution will not be held responsible, that they may adhere to GPL, LGPL and other appropriate licensing agreements (where applicable) and that copyrights are held by their respective owners. When the package is extracted use the following commands that assume you are cd'd to the extraction directory. To view the license agreement: installp -lE -d. To preview the install: installp -agpYX -d. all To install all packages: installp -agYX -d. all To remove all packages: installp -u pware.* To create a new table of contents: inutoc . You can also use smitty install to manage installp packages. It is recommended that this software not be used immediately in production and be tested first in your environment with non-production data. We *are* using this style (in AIX 5.3 compiled form) in a production environment and it is working wonderfully. Please provide any feedback regarding operation, packaging or basic AIX support to me off-list unless it will benefit many. Be sure to look at the README for some basic known AIX issues. Cheers, Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Copying file failed
Hello, I have a Debian Stable (Sarge) with a samba to share file with windows client. All is working fine but 2 files generates errors when i try to copy it. The transfer begins, but stops in the middle of the file, and freeze. The error message is (French translation): Unable to copy file_name.psd : Network name is no more available I do not understand why I cannot copy those files from Samba. All other file in this folder are downloadable, I can copy it using the Linux command cp, ect... I also shared bigger file without problems. To obtain it I have upload it on an FTP (from the server) and then download on my windows, and the file come without error. Does anybody help me? I can't found any valid raison for the problem. I join the smb.conf. Thank _ Important: This e-mail may contain confidential information. If you are not the intended recipient it may be unlawful for you to read, copy, distribute, disclose or otherwise use information contained in it. If this is the case, please contact us immediately by e-mail : Reply to sender. Errors and omissions may occur in the contents of this e-mail. The sender accepts no responsibility for any such errors or omissions, and you are advised to confirm the accuracy of its contents before relying on it for any purpose. To the extent that this e-mail is not an official communication of the Company, the sender is acting neither as an agent, representative nor in any other capacity for or on behalf of the Company. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.23c and CUPS
After upgrading to 3.0.23c, only 3 of 12 installed printers reappeared. Which tdb or other file got corrupted? Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: smbusers and root privs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/11/2006 12:31 PM, [EMAIL PROTECTED] escreveu: Felipe Augusto van de Wiel [EMAIL PROTECTED] writes: On 09/08/2006 08:26 PM, [EMAIL PROTECTED] escreveu: Running samba-3.0.23c on Genoo linux Is it possible with smbusers to allow a windows user to have root privleges on a linux share? A stock install of samba on Gentoo ends up with an /etc/samba/smbusers file that contains this mapping: root = administrator admin It appears then that other windows users could as well be mapped to root like: root = administrator admin harry and since I am the only user on either linux or windows on this home network I'd like to map windows user harry to root but the above example does not accomplish that. Is there something else required? Did you tried to add harry to the Domain Administrators Group? (And you need netgroupmap configured to use that). Harry is a member of the Administrators group and user accounts on the windows xp pro machine. I see nothing called `Domain Administrators' in the windows dialog for users and groups. Domain Adminitrators is a group on networks that has a domain properly configured. Harry has no account on the linux machine. Hence the need to map to a unix user account. admin users and root (usermap) parameters has a special combination according to your security parameter, it is documented in the smb.conf the different situations. It is not at all clear what I would need to do with `net groupmap'. 'net groupmap' is the recommended way to have Domain Administrators working on a Domain Network, but looks like it is not your case. Can you be a bit more specific? It is not clear why do you want a root/Admin user in a network that looks like to have share as security parameter. Anyway, we probably need your smb.conf and a relevant part of the log with loglevel/debuglevel increased. Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBrzKCj65ZxU4gPQRAioBAJwJgLwv/cWaZlc0yjwqfJlHIHxoKQCdGebT MFJ3VhOqOOriEFs+bU8X3/E= =+02h -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SambaPWD Ldap options
Hi! I want to set the password options in my LDAP Database, but I am not sure how to use it. SambaPWDLastSet ... is quite clear - the unix timestamp of the last pwd change SambaPWDCanChange . SambaPWDMustChange what to enter here - the unixtime between the SambaPWDLastSet and the date I want to have the user change his password OR the unixtime of the concrete date when the user has to change the password? ... The second options is somewhat ridiculous because If I enter a concrete date when the user has to change the password, then I have to change that entry it every time the user has done so. Can anybody give me a hint please? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba ldap pdc w/unix accounts: local unix and ldap unix users can't resolve uids to names on the server
On 9/11/06, Cleber P. de Souza [EMAIL PROTECTED] wrote: You'll need setup and start the nscd service on your machine. This solve your problem. well, windbind and nscd don't get along together, as winbind does it's own caching. reference: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#id2544165 On 9/11/06, Noah Dain [EMAIL PROTECTED] wrote: * distro: ubuntu breezy ( 6.06 ) * samba version: shipped version with updates ( 3.0.22-1ubuntu3.1 ) * no ssl * openLDAP is running on the same machine as samba, and referenced as localhost/127.0.0.1 where applicable ( 2.2.26-5ubuntu2.1 ) * nscd is not installed, much less running I've set up a samba pdc with ldap by following the Samba Guide very closely, adapting it to Ubuntu/Debian where it seemed applicable, and I've had mostly success. Windows clients work fine: they can join the domain, roaming profiles work, read/write to their respective shares. However, when logged into the samba/ldap server, local users other than root cannot resolve names in ldap. No ldap accounts show up for 'getent passwd' or 'getent group'. I can login to the system with an ldap user account, but when I do so I get: NOTE: 'ndain' is a local account. 'dainn' is an ldap account. [EMAIL PROTECTED]:~$ su dainn Password: id: cannot find name for group ID 513 id: cannot find name for group ID 512 I have no [EMAIL PROTECTED]:/home/ndain$ /var/log/syslog records: Sep 11 11:32:49 sambapdc bash: nss_ldap: could not search LDAP server - Operations error Sep 11 11:32:49 sambapdc id: nss_ldap: could not search LDAP server - Operations error However, if I set /etc/libnss-ldap.conf permissions to 644, everything works. Obviously, this is less than optimal as it has the root ldap account password in plaintext. ### nothing below but config files ### ## file: /etc/nsswitch.conf ## edited to incorporate changes from #3: ##http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss02 passwd: files ldap group: files ldap shadow: files ldap #hosts: files dns hosts: files dns wins networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis # end /etc/nsswitch.conf ## file: /etc/libnss-ldap.conf ## ripped from: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss01 host 127.0.0.1 #base dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?one nss_base_group ou=Groups,dc=sysgenmedia,dc=com?one ssl off ## end file: /etc/nsswitch.conf -- Noah Dain I don't want to make toys, I want to be a dentist! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- *** Cleber P. de Souza -- Noah Dain I don't want to make toys, I want to be a dentist! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SELinux
From: Matt Herzog [EMAIL PROTECTED] I have been struggling with getting my Fedora Linux clients to be able to authenticate to a Microsoft AD in the past week and wonder how much of the problem was due to SELinux. My Debian machines can accept AD logins and even create home directories and dot files from /etc/skel. I know FC5 does PAM differently than Debian, but I'm wondering, does anyone on this list have winbind logins to FC5 or FC4 working? Even with SELinux disabled I'm starting to wonder if it's possible. Please see my post on 09/06, reposted also on 09/08. It was working for me with 3.0.14a and stopped working with 3.0.23a; can you specify your version and send some debugging output to see if our problems are similar? BTW, I have SELinux disabled. Elio -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Michael Rignaz schrieb: Hi Andreas, We just share doc type files, but some are up to 1MB Excel files. Thnx for your answers! I've instaled debian @ home now and will experiement a bit. Regards, Michael Hello Michael, one solution would be to use Openoffice. The files become smaller because they are compressed. I have tested with a xls that is 1580 KB, the .ODS is 275 KB Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Michael Rignaz schrieb: Hi Andreas, We just share doc type files, but some are up to 1MB Excel files. Thnx for your answers! I've instaled debian @ home now and will experiement a bit. Regards, Michael Hello Michael, whynot change to openoffice. I made a test with a 1580 KB xls. In openoffice format the file is 275 KB. Bye Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [fixed?] winbind authentication issue
I think I may have found the fix for this issue (it has been running for 3 days without an error.) I went through and manually checked each user and group on Windows NT4. There was one group I could not access: MTS Trusted Impersonators Searching I found this: http://ask.support.microsoft.com/kb/181775/ Basically, the group is invalid because the name is over the max length (which is 20 characters long). The account was created by Microsoft. The fix supposedly came with NT4 SP6, but that was installed on all of my NT4 servers all ready, yet the account still existed. I could not delete or modify the account with the default tools. Luckily, I had previously installed the NT4 resource kit on one of the servers, and a text utility called addusers (addusers /?) was able to remove that account. [addusers /d file.txt write all users and groups to file.txt then edit file to delete all the users and groups you do not wish to delete (leave headers intact) (i.e. remove all lines except for the ones in [] and the one beginning with MTS Trusted Impersonators) then addusers /e file.txt will erase all users and groups in file.txt. The program only returns an answer on success - if it fails to do anything it is silent. (wonder how you samba guys keep any hair) Hope this helps someone, -Keith -- Forwarded message -- Date: Thu, 7 Sep 2006 08:43:30 -0500 (CDT) From: Keith Howanitz [EMAIL PROTECTED] To: samba@lists.samba.org Subject: winbind authentication issue [SNIP] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Difference between samba 3.0.10 and 3.0.9 - resolution
The problem was in the version of 3.0.10 that I was running. An upgrade to 3.0.10-1.4E.9 solved the problem. I was originally running E2. On Sep 12, 2006, at 10:21 AM, Margaret Doll wrote: Another indication of the problem is that when I use smbclient -L SERVERNAME -N -d 3 on the 3.0.9 system, I get a line resolve_hosts: Attempting host lookup for name SERVERNAME0x20 prior to the login. I do not get this line in 3.0.10 Why is 3.0.10 not attempting to resolve hosts? On Sep 11, 2006, at 4:02 PM, Margaret Doll wrote: I upgraded one of my samba servers. I am using the same smb.conf file that work on samba 3.0.9, but the new server is not announcing itself. From the network neighborhood, across a subnet, I do not see SERVERNAME listed under the workgroup DEPT. I have disabled selinux. I have the same iptables enabled on this system as on the prior system and another system still running samba 3.0.9. smbclient -L SERVERNAME -N ... ... Server Comment -- SERVERNAME Server for the dept. Workgroup Master --- DEPT In /var/samba/nmbd.log there is a line after SERVERNAME has become the logon server nmbd/nmbd_logonames.c:become_logon_server_success(124) become_logon_server_success: Samba is now a logon server for workgroup DEPT on subnet 128.148.nnn.nnn ***glibc detected *** free(): invalid next size (fast): 0x090874c8 *** Port 515 is open on the 3.0.9 system although it is not listed in iptables. Port 515 is not open on the 3.0.10 system. Any ideas on how to debug the problem? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: smbusers and root privs
Felipe Augusto van de Wiel [EMAIL PROTECTED] writes: Harry is a member of the Administrators group and user accounts on the windows xp pro machine. I see nothing called `Domain Administrators' in the windows dialog for users and groups. Domain Adminitrators is a group on networks that has a domain properly configured. Harry has no account on the linux machine. Hence the need to map to a unix user account. admin users and root (usermap) parameters has a special combination according to your security parameter, it is documented in the smb.conf the different situations. The only mentions so `root' in my smb.conf.example are in regards to setting up some kind of ldap situtaion or in regards to printing. Neither is what I'm attempting to do. What do you mean by `your security parameter' above? It is not at all clear what I would need to do with `net groupmap'. 'net groupmap' is the recommended way to have Domain Administrators working on a Domain Network, but looks like it is not your case. Can you be a bit more specific? It is not clear why do you want a root/Admin user in a network that looks like to have share as security parameter. Anyway, we probably need your smb.conf and a relevant part of the log with loglevel/debuglevel increased. What do you mean by `have share as security parameter' here? As posted in OP, security is not much of a factor here since I am the only user of either windows or unix machines on the network. It is a home network where I am the sole user and environmental security factors are nearly non-existent. I want my windows user to have root access to anything on the linux machine. The whole machine is shared thru samba, starting at `/'. The whole of the windows machines are shared on the hard drive level. My linux user has complete access to the windows machines. I want my windows user to have complete access to linux machines. = Partial smb.conf: [global] workgroup = HOME server string = printcap name = cups load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 log level = 7 map to guest = bad user security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. [print$] path = /var/lib/samba/printers browseable = yes read only = yes write list = @adm root guest ok = yes [smWinBk] comment = valid users = reader Harry path = /anex2/win_bk/ writeable = yes guest ok = yes [smUsrLocal] comment = valid users = reader Harry path = /usr/local writeable = yes guest ok = yes [smRootHome] comment = valid users = reader Harry path = /root writeable = yes guest ok = yes [smRoot] comment = valid users = reader Harry path = / writeable = yes guest ok = yes [smReader] comment = valid users = reader Harry path = /home/reader writeable = yes guest ok = yes [smPub] comment = valid users = reader harry path = /pub writeable = yes guest ok = yes == smbusers: root = administrator admin harry Harry reader nobody = guest pcguest smbguest reader = harry Harry = log extract: I hope this is the relevant part. I cranked log level up to 7 and its hard to tell what might be usefull. I've posted a small snippet below but have put the entire ouput of one failure at: http://www.jtan.com/~reader/smb.log To try to give you a head start, what I did was try to access /root on the linux box from a windows machine, logged in there as user harry. I started by rm -f /var/log/samba/log.chub. Then made my attempt from chub (a windows machine). The log produced by that one attempt is what is posted on line at above address. A partial extract is posted here: == [...] [2006/09/12 11:11:39, 3] smbd/process.c:switch_message(914) switch message SMBtrans2 (pid 3652) conn 0x803f2198 [2006/09/12 11:11:39, 4] smbd/uid.c:change_to_user(176) change_to_user: Skipping user change - already user [2006/09/12 11:11:39, 3] smbd/trans2.c:call_trans2findfirst(1662) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2006/09/12 11:11:39, 10] smbd/msdfs.c:parse_processed_dfs_path(91) temp in parse_processed_dfs_path:
Re: [Samba] group membership issue?
On Monday 11 September 2006 16:29, Henrik Hudson [EMAIL PROTECTED] sent a missive stating: Hey List- running samba 3.0.23b As a follow up to myself. I narrowed it down to this: On the PDC I can do:id -Gn userB and it shows that the user is in the correct group and has the correct effective permissions. On the member server, I do: id -Gn userB and it tells me the effective group of the user is none This is actually happening for 2 users and I'm at a lost to explain this. All my wbinfo -u / -g ,etc.. show the users to be part of the group, yet their effective permissions are showing them as none. As far as I am aware I only need to add users to /etc/group in order to add them to a NT group, right? As long as that group is mapped of course and it is, since the 10 other people have no issue. How to solve this? I have an issue with a single member of a group not being able to get write access to a share that all the other members have access to. I have checked the file permissions and they look good to me. Any thoughts on where to look or solve this? Below is some info. net rpc group members ecwusers: ECW\usera ECW\userb etc permissions of /data/www/webroot/files : nobody:ECW\ecwusers and 775 If I manually create a sub-folder and own it to: ECW\userb:nobody then userb can work inside that sub-folder just fine. However, WCW\userb can't do anything in the base folder. I'm kinda stuck. I've verified he exists in the group and other users in the group have no problem??? Thanks. Henrik -- Henrik Hudson [EMAIL PROTECTED] -- God, root, what is difference? Pitr; UF (http://www.userfriendly.org/) -- Henrik Hudson [EMAIL PROTECTED] -- God, root, what is difference? Pitr; UF (http://www.userfriendly.org/) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Login problem
Hi everyone! I'm quite new of Samba world but I'been able to make a PDC work...quite well. In effect I have two strange problem I cannot solve. 1) From every XP Pro PC I can access but sometimes I have to try 5 or 6 times to enter my domain. Then, once entered, everything works good, until next login, when I have the same problem. 2) From a Win 2000 Pro PC I cannot login as the same user that works on the XP. It says something like there is not enough space on the server and it cannot create profile, but it's impossible,I have more than GBs free on my server. Please tell me if my informations are not enough to help me. Thanks a lot in advance Stefano -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.23c and CUPS - RESOLVED but not SOLVED
Dale Schroeder wrote: After upgrading to 3.0.23c, only 3 of 12 installed printers reappeared. Which tdb or other file got corrupted? Dale Approximately 23 hours after they disappeared, the missing printers have magically reappeared and seem to work. I have no idea why or how or where they've been in the interim. Maybe it's best that way. :-\ Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] More on the archive bit saga
Using attrib -s on the file removed the access denied part. Strange that some files mysteriously got ACLs when others did not. Yes, map system = no is set. server:/share/personal/smith# getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x0 Is that good or bad? Hi Aaron, assuming the following conditions are met: - the samba share is located on a file system which supports xattr - smb.conf has the following entries ea support = yes store dos attributes = yes map archive = no map hidden = no map system = no Expressing the DOS attribute bits in hexadecimal notation, you get the following - the user.DOSATTRIB like display is shown in braces: readonly 0x01 (0x1) hidden0x02 (0x2) system0x04 (0x4) archive 0x20 (0x20) Any mixture of no attribute to all attributes set is possible. The bits are ORed together. So, when all attributes are set: | is the OR operator 0x01 | 0x02 | 0x04 | 0x20 results to 0x27 getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x27 matches the win console output: attrib foo.txt A SHR Z:\foo.txt When removing all attributes with attrib -r -h -s -a foo.txt windows shows: attrib foo.txt Z:\foo.txt and linux: getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x0 As already noted, any mixture of bits is possible. Hope this helps. Guenter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Andreas Moroder wrote: Hello Michael, whynot change to openoffice. I made a test with a 1580 KB xls. In openoffice format the file is 275 KB. Bye Andreas Hello Andreas, Wow, that's a difference! Didn't know that, maybe M$ Office 2007 will catch-up in terms of filesize with its xml-based format. I'll install OpenOffice for testing on some of our machines.. are there any converting-issues from Office2003 documents? Regards, Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Possible to have two SAMBA srvs act as one?
Andrew Morgan wrote: Have you looked into WAN Accelerators? These are typically hardware devices placed at each end of the WAN link which do some sort of fancy mojo to reduce the perceived latency of the link. (Can you tell I have no clue how they really work?) Short of replicating all the data to a local machine, it seems like a WAN accelerator is the only other choice. Andy Thnx for the info, this is quite interesting. Results look breathtaking, but so is the price.. this is absolutely not affordable for us. Regards, Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: netlogon initially fails after moving samba server to new machine.
Well this is even more interesting. Parts of the profile are not being saved back to the server, at least for existing users. For instance, 1. login 2. change the start menu to classic view 3. rearrange the desktop 4. logout 5. login again start menu is back as it was and it isn't classic view any more. Very strange. Wipe the test profile on the server and the copy on the client. Login (creates a new one), ok, now changes are being saved. What is going on here??? Thanks, David Mathog [EMAIL PROTECTED] Manager, Sequence Analysis Facility, Biology Division, Caltech -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] netlogon initially fails after moving samba server to new machine.
Yesterday I migrated a Samba server from one machine running Samba 3.0.13 (on Mandrake 10.0) to another running 3.0.20-3 (on Mandriva 2006). The contents of: /etc/samba/* (all the .conf files) /usr/local/samba/private/* (secrets.pdb, smbpasswd) were moved intact from one machine to the other, as was all of the user data. I even checked md5sums - no changes to any of the samba files. Then the new machine was given the old machine's IP address and vice versa. Reboot both machines, start Samba on the new one, leave it off on the original server. The firewall configuration is identical on the two machines. Verified that windows explorer (run as administrator on a test machine) can mount any user (domain\username) without a problem. One would think that the XP clients could then logon to the domain, which moved intact to the new machine. But no. Attempts to login to the domain failed until the following steps were taken on one client: 1. login as administrator on the client. 2. remove the client machine from the domain. 3. reboot the client machine. 4. smbpasswd -m -x clientname 5. smbpasswd -m -a clientname 6. login as administrator on the client. 7. add the client to the domain. 8. reboot the client. After that I could login on that client, but logins on the other clients say this: Windows did not load your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the Administrator's group must be the owner of the folder. Contact your network administrator. (Whether or not a local profile actually exists.) I'm guessing that this too will go away once the second machine is removed/added to the domain. Testing... Yes, that's true. This is all very strange to me. The only thing that the client can see that differs between yesterday and today, near as I can tell, is the MAC of the server. They are all on the same subnet, so the client can see the MAC. Else, how does the XP client realize the server has changed and fail to logon? This is only a minor PITA for me, since there are only 8 clients involved. It would be really painful though for a site with hundreds of clients. Thanks, David Mathog [EMAIL PROTECTED] Manager, Sequence Analysis Facility, Biology Division, Caltech -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.23c and CUPS - RESOLVED but not SOLVED
Dale Schroeder wrote: After upgrading to 3.0.23c, only 3 of 12 installed printers reappeared. Which tdb or other file got corrupted? Dale Approximately 23 hours after they disappeared, the missing printers have magically reappeared and seem to work. I have no idea why or how or where they've been in the interim. Maybe it's best that way. :-\ Dale It is always reassuring to know there is a little mystery left in life -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: netlogon initially fails after moving samba server to new machine.
David Mathog írta: Well this is even more interesting. Parts of the profile are not being saved back to the server, at least for existing users. For instance, 1. login 2. change the start menu to classic view 3. rearrange the desktop 4. logout 5. login again start menu is back as it was and it isn't classic view any more. Very strange. Wipe the test profile on the server and the copy on the client. Login (creates a new one), ok, now changes are being saved. What is going on here??? Thanks, David Mathog [EMAIL PROTECTED] Manager, Sequence Analysis Facility, Biology Division, Caltech The most probably cause of this is, that you have different domain SIDs on the old and the new machine. Try to find it out with net getlocalsid and compare the results. If they are different you need to reset the new servers version to the olds with net setlocalsid SID. Good Luck! Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Home dirs problem
Hello, I have a question about mapping users home directory's to samba. The homedir layout is based on an old one used on NIS+ system. The structure is something like: /users /group1 /user1 /user2 ... /group2 /user3 ... /group3 /group3_1 /user4 ... /group3_2 ... /group4 /user5 How can I configure samba to use this home directory's? The user data is stored in LDAP (including the home directory and other information not related to samba: qmail-ldap, courier, etc) ? The only option I've found is something similar to: path = /home/%U Can samba retrieve the home directory from LDAP? Thank You, Neagul Marian, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: netlogon initially fails after moving samba server to new machine.
Gémes Géza wrote The most probably cause of this is, that you have different domain SIDs on the old and the new machine. Try to find it out with net getlocalsid and compare the results. If they are different you need to reset the new servers version to the olds with net setlocalsid SID. Hmm, good shot, they are different. Where is this stored? I copied over all the configuration files that I could find and still ended up with different SID values. Thanks, David Mathog [EMAIL PROTECTED] Manager, Sequence Analysis Facility, Biology Division, Caltech -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] One way sharing
Hi, I am using Samba to share my computer over a windows network. I can access any computer(there are over 400 computers) on LAN but no one can access. They can't do it.. I am pasting the output of testparam for your reference..Any pointers will be helpful linux-fh4f:/etc/samba # testparm /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf Processing section [homes] Processing section [shared] Global parameter guest account found in service section! Loaded services file OK. WARNING: passdb expand explicit = yes is deprecated Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] workgroup = MSHOME netbios name = PUNEIT server string = puneit_singh security = SHARE map to guest = Bad User server signing = auto printcap name = cups add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ logon path = \\%L\profiles\.msprofile logon drive = P: logon home = \\%L\%U\.9xprofile os level = 2 preferred master = No local master = No domain master = No ldap ssl = no usershare max shares = 100 hosts allow = 192.168.0.0/255.255.255.0 cups options = raw include = /etc/samba/dhcp.conf [homes] comment = Home Directories valid users = %S, %D%w%S read only = No inherit acls = Yes browseable = No [shared] path = /home/puneit/Shared/ username = prometheus read only = No guest only = Yes guest ok = Yes case sensitive = No msdfs proxy = no -- Puneit Singh 0091-9350832020 pgpx5mFs5vqxZ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: netlogon initially fails after moving samba server to new machine.
If they are different you need to reset the new servers version to the olds with net setlocalsid SID. Where is this stored? I found the problem, there were /etc/samba/secrets.tdb /usr/local/samba/private/secrets.tdb but only the latter had been copied from the previous system. I'll slink away quietly now. Thanks for your help, David Mathog [EMAIL PROTECTED] Manager, Sequence Analysis Facility, Biology Division, Caltech -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba ldap pdc w/unix accounts: local unix and ldap unix users can't resolve uids to names on the server
Try temporally stop winbind and start nscd to look if your problem is solved. On 9/12/06, Noah Dain [EMAIL PROTECTED] wrote: On 9/11/06, Cleber P. de Souza [EMAIL PROTECTED] wrote: You'll need setup and start the nscd service on your machine. This solve your problem. well, windbind and nscd don't get along together, as winbind does it's own caching. reference: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#id2544165 On 9/11/06, Noah Dain [EMAIL PROTECTED] wrote: * distro: ubuntu breezy ( 6.06 ) * samba version: shipped version with updates ( 3.0.22-1ubuntu3.1 ) * no ssl * openLDAP is running on the same machine as samba, and referenced as localhost/127.0.0.1 where applicable ( 2.2.26-5ubuntu2.1 ) * nscd is not installed, much less running I've set up a samba pdc with ldap by following the Samba Guide very closely, adapting it to Ubuntu/Debian where it seemed applicable, and I've had mostly success. Windows clients work fine: they can join the domain, roaming profiles work, read/write to their respective shares. However, when logged into the samba/ldap server, local users other than root cannot resolve names in ldap. No ldap accounts show up for 'getent passwd' or 'getent group'. I can login to the system with an ldap user account, but when I do so I get: NOTE: 'ndain' is a local account. 'dainn' is an ldap account. [EMAIL PROTECTED]:~$ su dainn Password: id: cannot find name for group ID 513 id: cannot find name for group ID 512 I have no [EMAIL PROTECTED]:/home/ndain$ /var/log/syslog records: Sep 11 11:32:49 sambapdc bash: nss_ldap: could not search LDAP server - Operations error Sep 11 11:32:49 sambapdc id: nss_ldap: could not search LDAP server - Operations error However, if I set /etc/libnss-ldap.conf permissions to 644, everything works. Obviously, this is less than optimal as it has the root ldap account password in plaintext. ### nothing below but config files ### ## file: /etc/nsswitch.conf ## edited to incorporate changes from #3: ##http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss02 passwd: files ldap group: files ldap shadow: files ldap #hosts: files dns hosts: files dns wins networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis # end /etc/nsswitch.conf ## file: /etc/libnss-ldap.conf ## ripped from: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss01 host 127.0.0.1 #base dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?one nss_base_group ou=Groups,dc=sysgenmedia,dc=com?one ssl off ## end file: /etc/nsswitch.conf -- Noah Dain I don't want to make toys, I want to be a dentist! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- *** Cleber P. de Souza -- Noah Dain I don't want to make toys, I want to be a dentist! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- *** Cleber P. de Souza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: What's wrong with my smb.conf? Access Denied with 3.0.23c
Nolan Garrett wrote: Still having problems with my Samba configuration, even after upgrade to the latest FC5 samba package. Getting Access Denied errors when trying to connect with a member of the group Domain Users to the MP3s share. The W2K3 server shows that authentication was successful. I can't find any errors in the logs at all, and winbind appears to be working (I can su to the user, and can do other things, just not access any share other than the home directory). Here's my smb.conf: [global] workgroup = MASSIVEGEEK server string = Samba Server printcap name = /etc/printcap load printers = yes printer admin = MASSIVEGEEK+ngarrett MASSIVEGEEK+Administrator root cups options = raw log file = /var/log/samba/%m.log max log size = 50 ; log level = 10 security = ADS realm = MASSIVEGEEK.LOCAL socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = yes username map = /etc/samba/smbusers winbind separator = + winbind enum users = yes winbind enum groups = yes template homedir = /home/winnt/%D/%U admin users = @MASSIVEGEEK+Domain Admins [homes] comment = Home Directories browseable = no writeable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no public = yes guest ok = yes printable = yes [MP3s] path = /home/samba/MP3s browseable = yes valid users = @Domain Users writeable = yes [print$] comment = Printer Driver Download Area path = /etc/samba/drivers browseable = yes guest ok = yes read only = no Domain Admins can access this share without any problems. I've also tried specifying valid users as @MASSIVEGEEK+Domain Users, but then I get the error: [2006/09/11 09:56:27, 0] smbd/service.c:make_connection_snum(773) make_connection: connection to MP3s denied due to security descriptor. I am currently running samba-3.0.23c-2, from the FC5 development tree. Any help would be appreciated! Nolan Just wanted to give this a quick bump - anyone have any thoughts for me regarding this issue? signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: What's wrong with my smb.conf? Access Denied with 3.0.23c
Here is some output with a level 10 debug, using smbclient to try to connect: [2006/09/12 14:29:27, 4] smbd/reply.c:reply_tcon_and_X(668) Client requested device type [?] for share [MP3S] [2006/09/12 14:29:27, 5] smbd/service.c:make_connection(1116) making a connection to 'normal' service mp3s [2006/09/12 14:29:27, 3] lib/util_sid.c:string_to_sid(223) string_to_sid: Sid @Domain Users does not start with 'S-'. [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(423) Unable to get default yp domain, let's try without specifying it [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(427) looking for user MASSIVEGEEK+mgwinxpvm1vpn of domain (ANY) in netgroup Domain Users [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(443) looking for user massivegeek+mgwinxpvm1vpn of domain (ANY) in netgroup Domain Users [2006/09/12 14:29:27, 10] passdb/lookup_sid.c:lookup_name(64) lookup_name: MGGRYPHON\Domain Users = MGGRYPHON (domain), Domain Users (name) [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:push_sec_ctx(208) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2006/09/12 14:29:27, 3] smbd/uid.c:push_conn_ctx(345) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2006/09/12 14:29:27, 5] auth/auth_util.c:debug_nt_user_token(448) NT user token: (NULL) [2006/09/12 14:29:27, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:pop_sec_ctx(339) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2006/09/12 14:29:27, 10] smbd/share_access.c:user_ok_token(208) User MASSIVEGEEK+mgwinxpvm1vpn not in 'valid users' [2006/09/12 14:29:27, 2] smbd/service.c:make_connection_snum(571) user 'MASSIVEGEEK+mgwinxpvm1vpn' (from session setup) not permitted to access this share (MP3s) [2006/09/12 14:29:27, 3] smbd/error.c:error_packet(146) error packet at smbd/reply.c(676) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED [2006/09/12 14:29:27, 5] lib/util.c:show_msg(500) [2006/09/12 14:29:27, 5] lib/util.c:show_msg(510) size=35 smb_com=0x75 smb_rcls=34 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=17010 smb_uid=101 smb_mid=7 smt_wct=0 smb_bcc=0 [2006/09/12 14:29:27, 10] smbd/process.c:setup_select_timeout(1284) change_notify_timeout: -1 [2006/09/12 14:29:27, 10] lib/util_sock.c:read_data(525) read_data: read of 4 returned 0. Error = Success [2006/09/12 14:29:27, 10] lib/util_sock.c:receive_smb_raw(672) receive_smb_raw: length 0! [2006/09/12 14:29:27, 3] smbd/process.c:timeout_processing(1359) timeout_processing: End of file from client (client has disconnected). Is this useful at all? Nolan signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: What's wrong with my smb.conf? Access Denied with 3.0.23c
I'm just comparing your smb.conf to mine and I have these lines where you don't that might make a difference: password server = * encrypt passwords = yes Give those a shot and see if they help. Nolan Garrett wrote: Nolan Garrett wrote: Still having problems with my Samba configuration, even after upgrade to the latest FC5 samba package. Getting Access Denied errors when trying to connect with a member of the group Domain Users to the MP3s share. The W2K3 server shows that authentication was successful. I can't find any errors in the logs at all, and winbind appears to be working (I can su to the user, and can do other things, just not access any share other than the home directory). Here's my smb.conf: [global] workgroup = MASSIVEGEEK server string = Samba Server printcap name = /etc/printcap load printers = yes printer admin = MASSIVEGEEK+ngarrett MASSIVEGEEK+Administrator root cups options = raw log file = /var/log/samba/%m.log max log size = 50 ; log level = 10 security = ADS realm = MASSIVEGEEK.LOCAL socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = yes username map = /etc/samba/smbusers winbind separator = + winbind enum users = yes winbind enum groups = yes template homedir = /home/winnt/%D/%U admin users = @MASSIVEGEEK+Domain Admins [homes] comment = Home Directories browseable = no writeable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no public = yes guest ok = yes printable = yes [MP3s] path = /home/samba/MP3s browseable = yes valid users = @Domain Users writeable = yes [print$] comment = Printer Driver Download Area path = /etc/samba/drivers browseable = yes guest ok = yes read only = no Domain Admins can access this share without any problems. I've also tried specifying valid users as @MASSIVEGEEK+Domain Users, but then I get the error: [2006/09/11 09:56:27, 0] smbd/service.c:make_connection_snum(773) make_connection: connection to MP3s denied due to security descriptor. I am currently running samba-3.0.23c-2, from the FC5 development tree. Any help would be appreciated! Nolan Just wanted to give this a quick bump - anyone have any thoughts for me regarding this issue? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: What's wrong with my smb.conf? Access Denied with 3.0.23c
Nolan Garrett wrote: Here is some output with a level 10 debug, using smbclient to try to connect: [2006/09/12 14:29:27, 4] smbd/reply.c:reply_tcon_and_X(668) Client requested device type [?] for share [MP3S] [2006/09/12 14:29:27, 5] smbd/service.c:make_connection(1116) making a connection to 'normal' service mp3s [2006/09/12 14:29:27, 3] lib/util_sid.c:string_to_sid(223) string_to_sid: Sid @Domain Users does not start with 'S-'. [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(423) Unable to get default yp domain, let's try without specifying it [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(427) looking for user MASSIVEGEEK+mgwinxpvm1vpn of domain (ANY) in netgroup Domain Users [2006/09/12 14:29:27, 5] smbd/password.c:user_in_netgroup(443) looking for user massivegeek+mgwinxpvm1vpn of domain (ANY) in netgroup Domain Users [2006/09/12 14:29:27, 10] passdb/lookup_sid.c:lookup_name(64) lookup_name: MGGRYPHON\Domain Users = MGGRYPHON (domain), Domain Users (name) [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:push_sec_ctx(208) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2006/09/12 14:29:27, 3] smbd/uid.c:push_conn_ctx(345) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2006/09/12 14:29:27, 5] auth/auth_util.c:debug_nt_user_token(448) NT user token: (NULL) [2006/09/12 14:29:27, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2006/09/12 14:29:27, 3] smbd/sec_ctx.c:pop_sec_ctx(339) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2006/09/12 14:29:27, 10] smbd/share_access.c:user_ok_token(208) User MASSIVEGEEK+mgwinxpvm1vpn not in 'valid users' [2006/09/12 14:29:27, 2] smbd/service.c:make_connection_snum(571) user 'MASSIVEGEEK+mgwinxpvm1vpn' (from session setup) not permitted to access this share (MP3s) [2006/09/12 14:29:27, 3] smbd/error.c:error_packet(146) error packet at smbd/reply.c(676) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED [2006/09/12 14:29:27, 5] lib/util.c:show_msg(500) [2006/09/12 14:29:27, 5] lib/util.c:show_msg(510) size=35 smb_com=0x75 smb_rcls=34 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=17010 smb_uid=101 smb_mid=7 smt_wct=0 smb_bcc=0 [2006/09/12 14:29:27, 10] smbd/process.c:setup_select_timeout(1284) change_notify_timeout: -1 [2006/09/12 14:29:27, 10] lib/util_sock.c:read_data(525) read_data: read of 4 returned 0. Error = Success [2006/09/12 14:29:27, 10] lib/util_sock.c:receive_smb_raw(672) receive_smb_raw: length 0! [2006/09/12 14:29:27, 3] smbd/process.c:timeout_processing(1359) timeout_processing: End of file from client (client has disconnected). Is this useful at all? Nolan Sorry for the multiple posts, but I was able to generate another log entry, which may be helpful for troubleshooting. With the valid users = @MASSIVEGEEK+Domain Users, I get this error in my log file: [2006/09/12 14:44:29, 10] lib/util_seaccess.c:se_access_check(233) se_access_check: requested access 0x0001, for NT token with 8 entries and first sid S-1-5-21-2685110052-21075211-2435468744-1142. [2006/09/12 14:44:29, 3] lib/util_seaccess.c:se_access_check(250) [2006/09/12 14:44:29, 3] lib/util_seaccess.c:se_access_check(251) se_access_check: user sid is S-1-5-21-2685110052-21075211-2435468744-1142 se_access_check: also S-1-5-21-2685110052-21075211-2435468744-1120 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: also S-1-5-21-2685110052-21075211-2435468744-513 se_access_check: also S-1-5-21-2685110052-21075211-2435468744-1119 se_access_check: also S-1-5-32-545 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-5-21-2685110052-21075211-2435468744-1110 mask = 1f01ff, current desired = 1 [2006/09/12 14:44:29, 5] lib/util_seaccess.c:se_access_check(314) se_access_check: access (1) denied. [2006/09/12 14:44:29, 0] smbd/service.c:make_connection_snum(773) make_connection: connection to MP3s denied due to security descriptor. [2006/09/12 14:44:29, 3] smbd/error.c:error_packet(146) error packet at smbd/reply.c(676) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED Thanks! Nolan signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba/PAM/winbind/ssh
I have the winbind login working on FC5 but now logins to local accounts cannot authenticate. My config files are here: http://www.pigeonnier.org/nsswitch.conf http://www.pigeonnier.org/pam.d/ http://www.pigeonnier.org/krb.conf Again, if I try to ssh in as a user that exists only as a local account on the remote host, I am rejected. User msh is -not- a AD account and only exists on the FC5 server province From the /var/log/secure file: Sep 12 16:58:29 province sshd[11521]: reverse mapping checking getaddrinfo for zogness.cinteractive.com failed - POSSIBLE BREAK-IN ATTEMPT! Sep 12 16:58:33 province sshd[11521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.76.121.62 user=msh Sep 12 16:58:35 province sshd[11521]: Failed password for msh from 198.76.121.62 port 58069 ssh2 Sep 12 16:58:39 province sshd[11521]: pam_succeed_if(sshd:account): requirement uid 100 not met by user msh Sep 12 16:58:39 province sshd[11521]: fatal: Access denied for user msh by PAM account configuration -- Announcing your plans is a good way to hear the gods' laughter. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] More on the archive bit saga
I appreciate the help. I've got those set (ea support I didn't have) and everything appears to work fine except for MS Word. Notepad, Wordpad, OpenOffice.org, MS Excel and even MS Paint seem to have no problem setting the archive bit. Word is the problem child. This would seem on the surface to indicate maybe there is something strange with Word. Google reveals past inquiries into this to the list. Has anyone found a solution? Thanks, Aaron Kincer Guenter Kukkukk wrote: Using attrib -s on the file removed the access denied part. Strange that some files mysteriously got ACLs when others did not. Yes, map system = no is set. server:/share/personal/smith# getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x0 Is that good or bad? Hi Aaron, assuming the following conditions are met: - the samba share is located on a file system which supports xattr - smb.conf has the following entries ea support = yes store dos attributes = yes map archive = no map hidden = no map system = no Expressing the DOS attribute bits in hexadecimal notation, you get the following - the user.DOSATTRIB like display is shown in braces: readonly 0x01 (0x1) hidden0x02 (0x2) system0x04 (0x4) archive 0x20 (0x20) Any mixture of no attribute to all attributes set is possible. The bits are ORed together. So, when all attributes are set: | is the OR operator 0x01 | 0x02 | 0x04 | 0x20 results to 0x27 getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x27 matches the win console output: attrib foo.txt A SHR Z:\foo.txt When removing all attributes with attrib -r -h -s -a foo.txt windows shows: attrib foo.txt Z:\foo.txt and linux: getfattr -d foo.txt # file: foo.txt user.DOSATTRIB=0x0 As already noted, any mixture of bits is possible. Hope this helps. Guenter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Home dirs problem
On Tue, 12 Sep 2006, Marian Neagul wrote: I have a question about mapping users home directory's to samba. The homedir layout is based on an old one used on NIS+ system. The structure is something like: /users /group1 /user1 /user2 ... /group2 /user3 ... /group3 /group3_1 /user4 ... /group3_2 ... /group4 /user5 How can I configure samba to use this home directory's? The user data is stored in LDAP (including the home directory and other information not related to samba: qmail-ldap, courier, etc) ? The only option I've found is something similar to: path = /home/%U Can samba retrieve the home directory from LDAP? Do you mean that if you do finger user or getent passwd user that the directory you want shows up in that output? If so, just delete the path statement from the [homes] section. Samba will use the user's home directory by default. Note, however, that you didn't really make a distinction between the Unix system using the data stored in LDAP as its password database (through some mechanism like nsswitch) and the home directory data just being in LDAP. I believe that if the Unix system isn't using the LDAP data and passing it through to calls like getpwent(), then Samba won't use the LDAP data either. - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Home dirs problem
Path = /truepath/profile You use the /path/%U when using a script to setup the user account in ldap. Then you need to look at the [Profile] Area to have the client connect to the samba share. -Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Logan Shaw Sent: Tuesday, September 12, 2006 4:06 PM To: samba@lists.samba.org Subject: Re: [Samba] Home dirs problem On Tue, 12 Sep 2006, Marian Neagul wrote: I have a question about mapping users home directory's to samba. The homedir layout is based on an old one used on NIS+ system. The structure is something like: /users /group1 /user1 /user2 ... /group2 /user3 ... /group3 /group3_1 /user4 ... /group3_2 ... /group4 /user5 How can I configure samba to use this home directory's? The user data is stored in LDAP (including the home directory and other information not related to samba: qmail-ldap, courier, etc) ? The only option I've found is something similar to: path = /home/%U Can samba retrieve the home directory from LDAP? Do you mean that if you do finger user or getent passwd user that the directory you want shows up in that output? If so, just delete the path statement from the [homes] section. Samba will use the user's home directory by default. Note, however, that you didn't really make a distinction between the Unix system using the data stored in LDAP as its password database (through some mechanism like nsswitch) and the home directory data just being in LDAP. I believe that if the Unix system isn't using the LDAP data and passing it through to calls like getpwent(), then Samba won't use the LDAP data either. - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] allow creating files but not deleting
Hi, I have tried using the chattr +i to the files to solve the same issue, but its getting more complicated in terms of management, and if I do the same at the directory level, no one can create new files to that directory, is there any better to achieve the same?? I have a common directory which everyone can access, but its becoming a problem when people delete the files and remain untraced as samba logging does not log the user file activity. Thanks in advance. Pavan. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Toni Casueps Sent: Tuesday, September 12, 2006 7:47 PM To: samba@lists.samba.org Subject: [Samba] allow creating files but not deleting I need to create a directory where a user can create and work with files but not delete them. Other users can do anything in that directory. I have a recycle bin set up but I must make it impossible to delete the files. I have tried setting the sticky bit on the directory, and the delete readonly option of smb.conf to no, but the user can always delete the files ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allow creating files but not deleting
as long as you are the owner of the file you can delete it. you can do this by setting the sticky on the parent directory and add inherit owner = yes on your share section. in this case you can no longer delete,rename a file but can create. for other users that can do anything, you can list them in admin users = . warren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r18417 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 06:19:11 + (Tue, 12 Sep 2006) New Revision: 18417 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18417 Log: overload send() and recv() by socket wrapper and add a dummy swrap_dump_packet() function which can later dump the packet content, so that a script can then generate a capture file for wireshark metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 04:03:43 UTC (rev 18416) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 06:19:11 UTC (rev 18417) @@ -53,6 +53,8 @@ #define real_setsockopt setsockopt #define real_recvfrom recvfrom #define real_sendto sendto +#define real_recv recv +#define real_send send #define real_socket socket #define real_close close #endif @@ -398,6 +400,20 @@ return -1; } +enum swrap_packet_type { + SWRAP_RECVFROM, + SWRAP_SENDTO, + SWRAP_RECV, + SWRAP_SEND +}; + +static void swrap_dump_packet(struct socket_info *si, const struct sockaddr *addr, + enum swrap_packet_type type, + const void *buf, size_t len, ssize_t ret) +{ + +} + _PUBLIC_ int swrap_socket(int domain, int type, int protocol) { struct socket_info *si; @@ -700,12 +716,14 @@ si-domain, from, fromlen) == -1) { return -1; } - + + swrap_dump_packet(si, from, SWRAP_RECVFROM, buf, len, ret); + return ret; } -_PUBLIC_ ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen) +_PUBLIC_ ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen) { struct sockaddr_un un_addr; int ret; @@ -740,6 +758,9 @@ /* ignore the any errors in broadcast sends */ real_sendto(s, buf, len, flags, (struct sockaddr *)un_addr, sizeof(un_addr)); } + + swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len, len); + return len; } @@ -752,9 +773,48 @@ } } + swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len, ret); + return ret; } +_PUBLIC_ ssize_t swrap_recv(int s, void *buf, size_t len, int flags) +{ + int ret; + struct socket_info *si = find_socket_info(s); + + if (!si) { + return real_recv(s, buf, len, flags); + } + + ret = real_recv(s, buf, len, flags); + if (ret == -1) + return ret; + + swrap_dump_packet(si, NULL, SWRAP_RECV, buf, len, ret); + + return ret; +} + + +_PUBLIC_ ssize_t swrap_send(int s, const void *buf, size_t len, int flags) +{ + int ret; + struct socket_info *si = find_socket_info(s); + + if (!si) { + return real_send(s, buf, len, flags); + } + + ret = real_send(s, buf, len, flags); + if (ret == -1) + return ret; + + swrap_dump_packet(si, NULL, SWRAP_SEND, buf, len, ret); + + return ret; +} + _PUBLIC_ int swrap_close(int fd) { struct socket_info *si = find_socket_info(fd); Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h 2006-09-12 04:03:43 UTC (rev 18416) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h 2006-09-12 06:19:11 UTC (rev 18417) @@ -28,7 +28,9 @@ int swrap_getsockopt(int s, int level, int optname, void *optval, socklen_t *optlen); int swrap_setsockopt(int s, int level, int optname, const void *optval, socklen_t optlen); ssize_t swrap_recvfrom(int s, void *buf, size_t len, int flags, struct sockaddr *from, socklen_t *fromlen); -ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen); +ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen); +ssize_t swrap_recv(int s, void *buf, size_t len, int flags); +ssize_t swrap_send(int s, const void *buf, size_t len, int flags); int swrap_close(int); #ifdef SOCKET_WRAPPER_REPLACE @@ -78,6 +80,16 @@ #endif #define sendto(s,buf,len,flags,to,tolen) swrap_sendto(s,buf,len,flags,to,tolen) +#ifdef recv +#undef recv +#endif +#define recv(s,buf,len,flags) swrap_recv(s,buf,len,flags) + +#ifdef send +#undef send +#endif +#define send(s,buf,len,flags) swrap_send(s,buf,len,flags) + #ifdef socket #undef
svn commit: samba r18418 - in branches/SAMBA_4_0/source/lib/replace/repdir: .
Author: metze Date: 2006-09-12 07:04:12 + (Tue, 12 Sep 2006) New Revision: 18418 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18418 Log: Tru64 has a different prototype for seekdir() returning int when _OSF_SOURCE is defined metze Modified: branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c === --- branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c 2006-09-12 06:19:11 UTC (rev 18417) +++ branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c 2006-09-12 07:04:12 UTC (rev 18418) @@ -118,7 +118,11 @@ return d-seekpos + d-ofs; } +#ifdef _OSF_SOURCE +int seekdir(DIR *dir, long ofs) +#else void seekdir(DIR *dir, long ofs) +#endif { struct dir_buf *d = (struct dir_buf *)dir; d-seekpos = lseek(d-fd, ofs ~(DIR_BUF_SIZE-1), SEEK_SET); @@ -127,6 +131,9 @@ while (d-ofs (ofs (DIR_BUF_SIZE-1))) { if (readdir(dir) == NULL) break; } +#ifdef _OSF_SOURCE + return -1; +#else } void rewinddir(DIR *dir)
svn commit: samba r18419 - in branches/SAMBA_4_0/source: build/tests lib/replace lib/replace/repdir lib/replace/test
Author: metze Date: 2006-09-12 07:05:41 + (Tue, 12 Sep 2006) New Revision: 18419 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18419 Log: fix include paths of the configure tests metze Added: branches/SAMBA_4_0/source/lib/replace/test/os2_delete.c Removed: branches/SAMBA_4_0/source/build/tests/os2_delete.c Modified: branches/SAMBA_4_0/source/lib/replace/getpass.m4 branches/SAMBA_4_0/source/lib/replace/repdir/config.m4 branches/SAMBA_4_0/source/lib/replace/replace.h Changeset: Deleted: branches/SAMBA_4_0/source/build/tests/os2_delete.c === --- branches/SAMBA_4_0/source/build/tests/os2_delete.c 2006-09-12 07:04:12 UTC (rev 18418) +++ branches/SAMBA_4_0/source/build/tests/os2_delete.c 2006-09-12 07:05:41 UTC (rev 18419) @@ -1,110 +0,0 @@ -/* - test readdir/unlink pattern that OS/2 uses - [EMAIL PROTECTED] July 2005 -*/ - -#include stdio.h -#include stdlib.h -#include sys/stat.h -#include unistd.h -#include sys/types.h -#include dirent.h -#include errno.h -#include string.h -#include fcntl.h -#ifdef REPLACE_READDIR -#include lib/replace/repdir/repdir.h -#endif - -#define NUM_FILES 700 -#define READDIR_SIZE 100 -#define DELETE_SIZE 4 - -#define TESTDIR test.dir - -#define FAILED(d) (fprintf(stderr, Failed for %s - %s\n, d, strerror(errno)), exit(1), 1) - -#ifndef MIN -#define MIN(a,b) ((a)(b)?(a):(b)) -#endif - -static void cleanup(void) -{ - /* I'm a lazy bastard */ - system(rm -rf TESTDIR); - mkdir(TESTDIR, 0700) == 0 || FAILED(mkdir); -} - -static void create_files() -{ - int i; - for (i=0;iNUM_FILES;i++) { - char fname[40]; - sprintf(fname, TESTDIR /test%u.txt, i); - close(open(fname, O_CREAT|O_RDWR, 0600)) == 0 || FAILED(close); - } -} - -static int os2_delete(DIR *d) -{ - off_t offsets[READDIR_SIZE]; - int i, j; - struct dirent *de; - char names[READDIR_SIZE][30]; - - /* scan, remembering offsets */ - for (i=0, de=readdir(d); -de i READDIR_SIZE; -de=readdir(d), i++) { - offsets[i] = telldir(d); - strcpy(names[i], de-d_name); - } - - if (i == 0) { - return 0; - } - - /* delete the first few */ - for (j=0; jMIN(i, DELETE_SIZE); j++) { - char fname[40]; - sprintf(fname, TESTDIR /%s, names[j]); - unlink(fname) == 0 || FAILED(unlink); - } - - /* seek to just after the deletion */ - seekdir(d, offsets[j-1]); - - /* return number deleted */ - return j; -} - -int main(void) -{ - int total_deleted = 0; - DIR *d; - struct dirent *de; - - cleanup(); - create_files(); - - d = opendir(TESTDIR); - - /* skip past . and .. */ - de = readdir(d); - strcmp(de-d_name, .) == 0 || FAILED(match .); - de = readdir(d); - strcmp(de-d_name, ..) == 0 || FAILED(match ..); - - while (1) { - int n = os2_delete(d); - if (n == 0) break; - total_deleted += n; - } - closedir(d); - - printf(Deleted %d files of %d\n, total_deleted, NUM_FILES); - - rmdir(TESTDIR) == 0 || FAILED(rmdir); - - return 0; -} Modified: branches/SAMBA_4_0/source/lib/replace/getpass.m4 === --- branches/SAMBA_4_0/source/lib/replace/getpass.m42006-09-12 07:04:12 UTC (rev 18418) +++ branches/SAMBA_4_0/source/lib/replace/getpass.m42006-09-12 07:05:41 UTC (rev 18419) @@ -1,11 +1,12 @@ AC_CACHE_CHECK([whether getpass should be replaced],samba_cv_REPLACE_GETPASS,[ SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS=$CPPFLAGS -I${srcdir-.}/ -I${srcdir-.}/include -I${srcdir-.}/ubiqx -I${srcdir-.}/popt -I${srcdir-.}/smbwrapper +CPPFLAGS=$CPPFLAGS -I$libreplacedir/ AC_TRY_COMPILE([ +#include confdefs.h +#define _LIBREPLACE_REPLACE_H #define REPLACE_GETPASS 1 -#define NO_CONFIG_H 1 #define main dont_declare_main -#include ${srcdir-.}/lib/replace/getpass.c +#include $libreplacedir/getpass.c #undef main ],[],samba_cv_REPLACE_GETPASS=yes,samba_cv_REPLACE_GETPASS=no) CPPFLAGS=$SAVE_CPPFLAGS Modified: branches/SAMBA_4_0/source/lib/replace/repdir/config.m4 === --- branches/SAMBA_4_0/source/lib/replace/repdir/config.m4 2006-09-12 07:04:12 UTC (rev 18418) +++ branches/SAMBA_4_0/source/lib/replace/repdir/config.m4 2006-09-12 07:05:41 UTC (rev 18419) @@ -1,5 +1,5 @@ AC_CACHE_CHECK([for broken readdir],samba_cv_HAVE_BROKEN_READDIR,[ - AC_TRY_RUN([#include ${srcdir-.}/build/tests/os2_delete.c], + AC_TRY_RUN([#include $libreplacedir/test/os2_delete.c], [samba_cv_HAVE_BROKEN_READDIR=no], [samba_cv_HAVE_BROKEN_READDIR=yes],
svn commit: samba r18420 - in branches/SAMBA_4_0/source/lib/replace/repdir: .
Author: metze Date: 2006-09-12 07:25:16 + (Tue, 12 Sep 2006) New Revision: 18420 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18420 Log: fix the build... metze Modified: branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c === --- branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c 2006-09-12 07:05:41 UTC (rev 18419) +++ branches/SAMBA_4_0/source/lib/replace/repdir/repdir.c 2006-09-12 07:25:16 UTC (rev 18420) @@ -133,7 +133,7 @@ } #ifdef _OSF_SOURCE return -1; -#else +#endif } void rewinddir(DIR *dir)
svn commit: samba r18421 - in branches/SAMBA_4_0/source/torture: .
Author: metze Date: 2006-09-12 07:35:04 + (Tue, 12 Sep 2006) New Revision: 18421 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18421 Log: support --target=samba3, I thought that was already supported metze Modified: branches/SAMBA_4_0/source/torture/smbtorture.c Changeset: Modified: branches/SAMBA_4_0/source/torture/smbtorture.c === --- branches/SAMBA_4_0/source/torture/smbtorture.c 2006-09-12 07:25:16 UTC (rev 18420) +++ branches/SAMBA_4_0/source/torture/smbtorture.c 2006-09-12 07:35:04 UTC (rev 18421) @@ -399,7 +399,7 @@ {parse-dns, 'D', POPT_ARG_STRING, NULL, OPT_DNS, parse-dns,NULL}, {dangerous, 'X', POPT_ARG_NONE, NULL, OPT_DANGEROUS, run dangerous tests (eg. wiping out password database), NULL}, - {target, 'T', POPT_ARG_STRING, target, 0, samba4|other, NULL}, + {target, 'T', POPT_ARG_STRING, target, 0, samba3|samba4|other, NULL}, {async, 'a', POPT_ARG_NONE, NULL, OPT_ASYNC, run async tests, NULL}, {num-async,0, POPT_ARG_INT, torture_numasync, 0, @@ -489,7 +489,9 @@ exit(1); } - if (!strcmp(target, samba4)) { + if (strcmp(target, samba3) == 0) { + lp_set_cmdline(target:samba3, true); + } else if (strcmp(target, samba4) == 0) { lp_set_cmdline(target:samba4, true); }
svn commit: samba r18422 - in branches/SAMBA_3_0/source/sam: .
Author: gd Date: 2006-09-12 08:27:27 + (Tue, 12 Sep 2006) New Revision: 18422 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18422 Log: Use LDAPMessage in idmap_ad as well. Guenther Modified: branches/SAMBA_3_0/source/sam/idmap_ad.c Changeset: Modified: branches/SAMBA_3_0/source/sam/idmap_ad.c === --- branches/SAMBA_3_0/source/sam/idmap_ad.c2006-09-12 07:35:04 UTC (rev 18421) +++ branches/SAMBA_3_0/source/sam/idmap_ad.c2006-09-12 08:27:27 UTC (rev 18422) @@ -149,7 +149,7 @@ ADS_STATUS rc; NTSTATUS status = NT_STATUS_NONE_MAPPED; const char *attrs[] = { objectSid, NULL }; - void *res = NULL; + LDAPMessage *res = NULL; void *msg = NULL; char *expr = NULL; fstring sid_string; @@ -235,7 +235,7 @@ ADS_ATTR_RFC2307_UIDNUMBER_OID, ADS_ATTR_RFC2307_GIDNUMBER_OID, NULL }; - void *res = NULL; + LDAPMessage *res = NULL; void *msg = NULL; char *expr = NULL; uint32 atype, uid;
svn commit: samba r18423 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 09:08:55 + (Tue, 12 Sep 2006) New Revision: 18423 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18423 Log: record accept, connect and close events in socket wrapper metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 08:27:27 UTC (rev 18422) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 09:08:55 UTC (rev 18423) @@ -113,6 +113,23 @@ return s; } +static const char *socket_wrapper_dump_dir(void) +{ + const char *s = getenv(SOCKET_WRAPPER_DUMP_DIR); + + if (!socket_wrapper_dir()) { + return NULL; + } + + if (s == NULL) { + return NULL; + } + if (strncmp(s, ./, 2) == 0) { + s += 2; + } + return s; +} + static unsigned int socket_wrapper_default_iface(void) { const char *s = getenv(SOCKET_WRAPPER_DEFAULT_IFACE); @@ -401,16 +418,22 @@ } enum swrap_packet_type { + SWRAP_CONNECT, + SWRAP_ACCEPT, SWRAP_RECVFROM, SWRAP_SENDTO, SWRAP_RECV, - SWRAP_SEND + SWRAP_SEND, + SWRAP_CLOSE }; static void swrap_dump_packet(struct socket_info *si, const struct sockaddr *addr, enum swrap_packet_type type, const void *buf, size_t len, ssize_t ret) { + if (!socket_wrapper_dump_dir()) { + return; + } } @@ -493,6 +516,8 @@ DLIST_ADD(sockets, child_si); + swrap_dump_packet(child_si, addr, SWRAP_ACCEPT, NULL, 0, 0); + return fd; } @@ -586,6 +611,8 @@ si-peername = sockaddr_dup(serv_addr, addrlen); } + swrap_dump_packet(si, serv_addr, SWRAP_CONNECT, NULL, 0, ret); + return ret; } @@ -822,6 +849,8 @@ if (si) { DLIST_REMOVE(sockets, si); + swrap_dump_packet(si, NULL, SWRAP_CLOSE, NULL, 0, 0); + free(si-path); free(si-myname); free(si-peername);
svn commit: samba r18424 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 14:44:44 + (Tue, 12 Sep 2006) New Revision: 18424 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18424 Log: there's no need to allocate a wrapped socket for unix sockets, also this makes sure the socket file isn't unlinked if using socket wrapper. metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 09:08:55 UTC (rev 18423) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 14:44:44 UTC (rev 18424) @@ -361,9 +361,6 @@ } else { return convert_in_un_remote(si, (const struct sockaddr_in *)in_addr, out_addr, bcast); } - case AF_UNIX: - memcpy(out_addr, in_addr, sizeof(*out_addr)); - return 0; default: break; } @@ -405,10 +402,6 @@ return -1; } return convert_un_in(in_addr, (struct sockaddr_in *)out_addr, _out_addrlen); - case AF_UNIX: - memcpy(out_addr, in_addr, out_addrlen); - *_out_addrlen = out_addrlen; - return 0; default: break; } @@ -445,6 +438,16 @@ if (!socket_wrapper_dir()) { return real_socket(domain, type, protocol); } + + switch (domain) { + case AF_INET: + break; + case AF_UNIX: + return real_socket(domain, type, protocol); + default: + errno = EAFNOSUPPORT; + return -1; + } fd = real_socket(AF_UNIX, type, 0); @@ -588,7 +591,7 @@ return real_connect(s, serv_addr, addrlen); } - if (si-bound == 0 si-domain != AF_UNIX) { + if (si-bound == 0) { ret = swrap_auto_bind(si); if (ret == -1) return -1; } @@ -600,10 +603,8 @@ sizeof(struct sockaddr_un)); /* to give better errors */ - if (serv_addr-sa_family == AF_INET) { - if (ret == -1 errno == ENOENT) { - errno = EHOSTUNREACH; - } + if (ret == -1 errno == ENOENT) { + errno = EHOSTUNREACH; } if (ret == 0) { @@ -691,8 +692,6 @@ } switch (si-domain) { - case AF_UNIX: - return real_getsockopt(s, level, optname, optval, optlen); default: errno = ENOPROTOOPT; return -1; @@ -712,8 +711,6 @@ } switch (si-domain) { - case AF_UNIX: - return real_setsockopt(s, level, optname, optval, optlen); case AF_INET: return 0; default: @@ -761,7 +758,7 @@ return real_sendto(s, buf, len, flags, to, tolen); } - if (si-bound == 0 si-domain != AF_UNIX) { + if (si-bound == 0) { ret = swrap_auto_bind(si); if (ret == -1) return -1; } @@ -794,10 +791,8 @@ ret = real_sendto(s, buf, len, flags, (struct sockaddr *)un_addr, sizeof(un_addr)); /* to give better errors */ - if (to-sa_family == AF_INET) { - if (ret == -1 errno == ENOENT) { - errno = EHOSTUNREACH; - } + if (ret == -1 errno == ENOENT) { + errno = EHOSTUNREACH; } swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len, ret);
svn commit: samba r18425 - in branches/SAMBA_3_0/source/libads: .
Author: gd Date: 2006-09-12 14:45:24 + (Tue, 12 Sep 2006) New Revision: 18425 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18425 Log: Fix ads_ntstatus(). LDAP_SUCCESS should really map to NT_STATUS_OK. Guenther Modified: branches/SAMBA_3_0/source/libads/ads_status.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ads_status.c === --- branches/SAMBA_3_0/source/libads/ads_status.c 2006-09-12 14:44:44 UTC (rev 18424) +++ branches/SAMBA_3_0/source/libads/ads_status.c 2006-09-12 14:45:24 UTC (rev 18425) @@ -76,6 +76,9 @@ return map_nt_error_from_unix(status.err.rc); #ifdef HAVE_LDAP case ENUM_ADS_ERROR_LDAP: + if (status.err.rc == LDAP_SUCCESS) { + return NT_STATUS_OK; + } return NT_STATUS_LDAP(status.err.rc); #endif #ifdef HAVE_KRB5
svn commit: samba r18426 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 14:59:08 + (Tue, 12 Sep 2006) New Revision: 18426 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18426 Log: use 'family' consistantly instead of mixing 'domain' and 'family' metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 14:45:24 UTC (rev 18425) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 14:59:08 UTC (rev 18426) @@ -80,7 +80,7 @@ { int fd; - int domain; + int family; int type; int protocol; int bound; @@ -430,20 +430,20 @@ } -_PUBLIC_ int swrap_socket(int domain, int type, int protocol) +_PUBLIC_ int swrap_socket(int family, int type, int protocol) { struct socket_info *si; int fd; if (!socket_wrapper_dir()) { - return real_socket(domain, type, protocol); + return real_socket(family, type, protocol); } - switch (domain) { + switch (family) { case AF_INET: break; case AF_UNIX: - return real_socket(domain, type, protocol); + return real_socket(family, type, protocol); default: errno = EAFNOSUPPORT; return -1; @@ -455,7 +455,7 @@ si = calloc(1, sizeof(struct socket_info)); - si-domain = domain; + si-family = family; si-type = type; si-protocol = protocol; si-fd = fd; @@ -492,14 +492,14 @@ fd = ret; ret = sockaddr_convert_from_un(parent_si, un_addr, un_addrlen, - parent_si-domain, addr, addrlen); + parent_si-family, addr, addrlen); if (ret == -1) return ret; child_si = malloc(sizeof(struct socket_info)); memset(child_si, 0, sizeof(*child_si)); child_si-fd = fd; - child_si-domain = parent_si-domain; + child_si-family = parent_si-family; child_si-type = parent_si-type; child_si-protocol = parent_si-protocol; child_si-bound = 1; @@ -508,7 +508,7 @@ if (ret == -1) return ret; ret = sockaddr_convert_from_un(child_si, un_my_addr, un_my_addrlen, - child_si-domain, my_addr, my_addrlen); + child_si-family, my_addr, my_addrlen); if (ret == -1) return ret; child_si-myname_len = my_addrlen; @@ -691,11 +691,8 @@ return real_getsockopt(s, level, optname, optval, optlen); } - switch (si-domain) { - default: - errno = ENOPROTOOPT; - return -1; - } + errno = ENOPROTOOPT; + return -1; } _PUBLIC_ int swrap_setsockopt(int s, int level, int optname, const void *optval, socklen_t optlen) @@ -710,7 +707,7 @@ return real_setsockopt(s, level, optname, optval, optlen); } - switch (si-domain) { + switch (si-family) { case AF_INET: return 0; default: @@ -737,7 +734,7 @@ return ret; if (sockaddr_convert_from_un(si, un_addr, un_addrlen, -si-domain, from, fromlen) == -1) { +si-family, from, fromlen) == -1) { return -1; } Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h 2006-09-12 14:45:24 UTC (rev 18425) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.h 2006-09-12 14:59:08 UTC (rev 18426) @@ -19,7 +19,7 @@ #ifndef __SOCKET_WRAPPER_H__ #define __SOCKET_WRAPPER_H__ -int swrap_socket(int domain, int type, int protocol); +int swrap_socket(int family, int type, int protocol); int swrap_accept(int s, struct sockaddr *addr, socklen_t *addrlen); int swrap_connect(int s, const struct sockaddr *serv_addr, socklen_t addrlen); int swrap_bind(int s, const struct sockaddr *myaddr, socklen_t addrlen);
svn commit: samba r18427 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 16:25:50 + (Tue, 12 Sep 2006) New Revision: 18427 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18427 Log: set sin_port correctly on autobound socket metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 14:59:08 UTC (rev 18426) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 16:25:50 UTC (rev 18427) @@ -535,6 +535,7 @@ int i; char type; int ret; + int port; struct stat st; un_addr.sun_family = AF_UNIX; @@ -552,9 +553,10 @@ } for (i=0;i1000;i++) { + port = 1 + i; snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), %s/SOCKET_FORMAT, socket_wrapper_dir(), -type, socket_wrapper_default_iface(), i + 1); +type, socket_wrapper_default_iface(), port); if (stat(un_addr.sun_path, st) == 0) continue; ret = real_bind(si-fd, (struct sockaddr *)un_addr, sizeof(un_addr)); @@ -571,7 +573,7 @@ memset(in, 0, sizeof(in)); in.sin_family = AF_INET; - in.sin_port = htons(i); + in.sin_port = htons(port); in.sin_addr.s_addr = htonl(12724 | socket_wrapper_default_iface()); si-myname_len = sizeof(in);
svn commit: samba r18428 - in branches/SAMBA_4_0/source/lib/socket_wrapper: .
Author: metze Date: 2006-09-12 16:33:24 + (Tue, 12 Sep 2006) New Revision: 18428 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18428 Log: add my copyright metze Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c === --- branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 16:25:50 UTC (rev 18427) +++ branches/SAMBA_4_0/source/lib/socket_wrapper/socket_wrapper.c 2006-09-12 16:33:24 UTC (rev 18428) @@ -3,6 +3,7 @@ unix domain sockets if the environment variable SOCKET_WRAPPER_DIR is set. Copyright (C) Jelmer Vernooij 2005 + Copyright (C) Stefan Metzmacher 2006 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -98,7 +99,7 @@ struct socket_info *prev, *next; }; -static struct socket_info *sockets = NULL; +static struct socket_info *sockets; static const char *socket_wrapper_dir(void)
svn commit: samba r18429 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jerry Date: 2006-09-12 18:02:33 + (Tue, 12 Sep 2006) New Revision: 18429 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18429 Log: fix a regression renaming local group introduced by trying to handle renames to the same name Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2006-09-12 16:33:24 UTC (rev 18428) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2006-09-12 18:02:33 UTC (rev 18429) @@ -4638,6 +4638,8 @@ if ( strequal( acct_name, info.acct_name ) ) return NT_STATUS_OK; + fstrcpy( info.acct_name, acct_name ); + /* make sure the name doesn't already exist as a user or local group */
svn commit: samba r18430 - in branches/SAMBA_3_0/source/librpc/ndr: .
Author: jerry Date: 2006-09-12 18:03:13 + (Tue, 12 Sep 2006) New Revision: 18430 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18430 Log: ignore *.po Modified: branches/SAMBA_3_0/source/librpc/ndr/ Changeset: Property changes on: branches/SAMBA_3_0/source/librpc/ndr ___ Name: svn:ignore + *.po
svn commit: samba r18431 - in branches/SAMBA_4_0/source: .
Author: tridge Date: 2006-09-12 18:38:12 + (Tue, 12 Sep 2006) New Revision: 18431 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18431 Log: use this to suppress things on fort in the build farm Added: branches/SAMBA_4_0/source/.valgrind_suppressions Changeset: Added: branches/SAMBA_4_0/source/.valgrind_suppressions === --- branches/SAMBA_4_0/source/.valgrind_suppressions2006-09-12 18:03:13 UTC (rev 18430) +++ branches/SAMBA_4_0/source/.valgrind_suppressions2006-09-12 18:38:12 UTC (rev 18431) @@ -0,0 +1,2 @@ +# add valgrind suppressions for the build farm here. Get the format +# from the build farm log
svn commit: samba r18432 - in branches/SAMBA_4_0/source/lib/replace: .
Author: tridge Date: 2006-09-12 18:45:05 + (Tue, 12 Sep 2006) New Revision: 18432 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18432 Log: ensure roken doesn't try to include both inttypes.h and stdint.h. The two conflict on irix. Modified: branches/SAMBA_4_0/source/lib/replace/replace.h Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/replace.h === --- branches/SAMBA_4_0/source/lib/replace/replace.h 2006-09-12 18:38:12 UTC (rev 18431) +++ branches/SAMBA_4_0/source/lib/replace/replace.h 2006-09-12 18:45:05 UTC (rev 18432) @@ -53,6 +53,9 @@ #ifdef HAVE_STDINT_H #include stdint.h +/* force off HAVE_INTTYPES_H so that roken doesn't try to include both, + which causes a warning storm on irix */ +#undef HAVE_INTTYPES_H #elif HAVE_INTTYPES_H #include inttypes.h #endif
svn commit: samba r18433 - in branches/SAMBA_4_0/source/nbt_server/dgram: .
Author: abartlet Date: 2006-09-12 22:03:24 + (Tue, 12 Sep 2006) New Revision: 18433 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18433 Log: Make sure to search below the partitions baseDN for the netbios name. I think we should have a helper function for this search, we do it too often... Andrew Bartlett Modified: branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c === --- branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c 2006-09-12 18:45:05 UTC (rev 18432) +++ branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c 2006-09-12 22:03:24 UTC (rev 18433) @@ -45,6 +45,7 @@ const char *ref_attrs[] = {nETBIOSName, NULL}; struct ldb_message **ref_res; struct ldb_context *samctx; + const struct ldb_dn *partitions_basedn; int ret; /* only answer getdc requests on the PDC or LOGON names */ @@ -58,7 +59,9 @@ return; } - ret = gendb_search(samctx, samctx, NULL, ref_res, ref_attrs, + partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx); + + ret = gendb_search(samctx, samctx, partitions_basedn, ref_res, ref_attrs, (((nETBIOSName=%s)(objectclass=crossRef))(ncName=*)), name-name);
svn commit: samba r18434 - in branches/SAMBA_4_0/source/nbt_server/dgram: .
Author: abartlet Date: 2006-09-12 22:26:19 + (Tue, 12 Sep 2006) New Revision: 18434 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18434 Log: Fix typo... Modified: branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c === --- branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c 2006-09-12 22:03:24 UTC (rev 18433) +++ branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c 2006-09-12 22:26:19 UTC (rev 18434) @@ -59,7 +59,7 @@ return; } - partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx); + partitions_basedn = samdb_partitions_dn(samctx, samctx); ret = gendb_search(samctx, samctx, partitions_basedn, ref_res, ref_attrs, (((nETBIOSName=%s)(objectclass=crossRef))(ncName=*)),
Build status as of Wed Sep 13 00:00:01 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-09-12 00:00:21.0 + +++ /home/build/master/cache/broken_results.txt 2006-09-13 00:00:19.0 + @@ -1,21 +1,21 @@ -Build status as of Tue Sep 12 00:00:02 2006 +Build status as of Wed Sep 13 00:00:01 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 40 8 0 -distcc 41 7 0 -ldb 38 8 0 -libreplace 37 4 0 +ccache 41 8 0 +distcc 42 7 0 +ldb 39 8 0 +libreplace 38 3 0 lorikeet-heimdal 2 1 0 -ppp 18 0 0 -rsync38 5 0 +ppp 19 0 0 +rsync39 5 0 samba0 0 0 samba-docs 0 0 0 -samba4 44 20 4 -samba_3_043 39 1 +samba4 43 18 2 +samba_3_044 25 0 smb-build31 4 0 -talloc 41 5 0 -tdb 40 8 0 +talloc 42 4 0 +tdb 41 6 0
svn commit: samba r18435 - in branches/SAMBA_4_0/source/lib/talloc: .
Author: tridge Date: 2006-09-13 00:05:07 + (Wed, 13 Sep 2006) New Revision: 18435 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18435 Log: added a function talloc_move() which is like talloc_steal(), but is meant for moving pointers between structures. The difference is that talloc_move() will zero the source pointer, thus ensuring you don't reference the pointer in the old context. talloc_move() is appropriate in some, but not all cases where we use talloc_steal() now. The interface came out of a discussion with Jeremy. Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.3.xml branches/SAMBA_4_0/source/lib/talloc/talloc.c branches/SAMBA_4_0/source/lib/talloc/talloc.h branches/SAMBA_4_0/source/lib/talloc/testsuite.c Changeset: Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.3.xml === --- branches/SAMBA_4_0/source/lib/talloc/talloc.3.xml 2006-09-12 22:26:19 UTC (rev 18434) +++ branches/SAMBA_4_0/source/lib/talloc/talloc.3.xml 2006-09-13 00:05:07 UTC (rev 18435) @@ -369,7 +369,7 @@ known so the type-safe talloc_realloc() cannot be used. /para /refsect2 -refsect2titlevoid *talloc_steal(const void *emphasis role=italicnew_ctx/emphasis, const void *emphasis role=italicptr/emphasis);/title +refsect2titleTYPE *talloc_steal(const void *emphasis role=italicnew_ctx/emphasis, const TYPE *emphasis role=italicptr/emphasis);/title para The talloc_steal() function changes the parent context of a talloc pointer. It is typically used when the context that the @@ -387,6 +387,16 @@ data if you do this. /para /refsect2 +refsect2titleTYPE *talloc_move(const void *emphasis role=italicnew_ctx/emphasis, TYPE *emphasis role=italicptr/emphasis);/title +para + The talloc_move() function is a wrapper around + talloc_steal() which zeros the source pointer after the + move. This avoids a potential source of bugs where a + programmer leaves a pointer in two structures, and uses the + pointer from the old structure after it has been moved to a + new one. +/para +/refsect2 refsect2titlesize_t talloc_total_size(const void *emphasis role=italicptr/emphasis);/title para The talloc_total_size() function returns the total size in bytes Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.c === --- branches/SAMBA_4_0/source/lib/talloc/talloc.c 2006-09-12 22:26:19 UTC (rev 18434) +++ branches/SAMBA_4_0/source/lib/talloc/talloc.c 2006-09-13 00:05:07 UTC (rev 18435) @@ -738,6 +738,17 @@ } /* + a wrapper around talloc_steal() for situations where you are moving a pointer + between two structures, and want the old pointer to be set to NULL +*/ +void *_talloc_move(const void *new_ctx, const void **pptr) +{ + void *ret = _talloc_steal(new_ctx, *pptr); + (*pptr) = NULL; + return ret; +} + +/* return the total size of a talloc pool (subtree) */ size_t talloc_total_size(const void *ptr) Modified: branches/SAMBA_4_0/source/lib/talloc/talloc.h === --- branches/SAMBA_4_0/source/lib/talloc/talloc.h 2006-09-12 22:26:19 UTC (rev 18434) +++ branches/SAMBA_4_0/source/lib/talloc/talloc.h 2006-09-13 00:05:07 UTC (rev 18435) @@ -65,15 +65,16 @@ /* this extremely strange macro is to avoid some braindamaged warning stupidity in gcc 4.1.x */ #define talloc_steal(ctx, ptr) ({ _TALLOC_TYPEOF(ptr) __talloc_steal_ret = (_TALLOC_TYPEOF(ptr))_talloc_steal((ctx),(ptr)); __talloc_steal_ret; }) -#define talloc_reference(ctx, ptr) (_TALLOC_TYPEOF(ptr))_talloc_reference((ctx),(ptr)) #else #define talloc_set_destructor(ptr, function) \ _talloc_set_destructor((ptr), (int (*)(void *))(function)) #define _TALLOC_TYPEOF(ptr) void * #define talloc_steal(ctx, ptr) (_TALLOC_TYPEOF(ptr))_talloc_steal((ctx),(ptr)) -#define talloc_reference(ctx, ptr) (_TALLOC_TYPEOF(ptr))_talloc_reference((ctx),(ptr)) #endif +#define talloc_reference(ctx, ptr) (_TALLOC_TYPEOF(ptr))_talloc_reference((ctx),(ptr)) +#define talloc_move(ctx, ptr) (_TALLOC_TYPEOF(ptr))_talloc_move((ctx),(ptr)) + /* useful macros for creating type checked pointers */ #define talloc(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type) #define talloc_size(ctx, size) talloc_named_const(ctx, size, __location__) @@ -127,6 +128,7 @@ void talloc_free_children(void *ptr); void *_talloc_realloc(const void *context, void *ptr, size_t size, const char *name); void *_talloc_steal(const void *new_ctx, const void *ptr); +void *_talloc_move(const void *new_ctx, const void **pptr); size_t talloc_total_size(const void *ptr); size_t talloc_total_blocks(const void *ptr); void talloc_report_depth_cb(const
svn commit: samba r18436 - in branches/SAMBA_4_0/source/lib/ldb: common ldb_ildap ldb_sqlite3 ldb_tdb modules tools
Author: tridge Date: 2006-09-13 00:10:38 + (Wed, 13 Sep 2006) New Revision: 18436 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18436 Log: converted ldb to use talloc_move() instead of talloc_steal() when appropriate. Note that I also removed the error checks that were being done on the result of talloc_steal(). They are pointless as talloc_steal() doesn't have any failure modes that wouldn't cause a segv anyway, and they tend to clutter the code Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c branches/SAMBA_4_0/source/lib/ldb/modules/asq.c branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c branches/SAMBA_4_0/source/lib/ldb/modules/sort.c branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbsearch.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 00:05:07 UTC (rev 18435) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 00:10:38 UTC (rev 18436) @@ -528,11 +528,7 @@ res-msgs[res-count + 1] = NULL; - res-msgs[res-count] = talloc_steal(res-msgs, ares-message); - if (! res-msgs[res-count]) { - goto error; - } - + res-msgs[res-count] = talloc_move(res-msgs, ares-message); res-count++; } @@ -548,15 +544,12 @@ goto error; } - res-refs[n] = talloc_steal(res-refs, ares-referral); + res-refs[n] = talloc_move(res-refs, ares-referral); res-refs[n + 1] = NULL; } if (ares-controls) { - res-controls = talloc_steal(res, ares-controls); - if (! res-controls) { - goto error; - } + res-controls = talloc_move(res, ares-controls); } talloc_free(ares); Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 00:05:07 UTC (rev 18435) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 00:10:38 UTC (rev 18436) @@ -249,9 +249,7 @@ return; } - if (msg-controls) { - ares-controls = talloc_steal(ares, msg-controls); - } + ares-controls = talloc_move(ares, msg-controls); if (msg-r.SearchResultDone.resultcode) { if (msg-r.SearchResultDone.errormessage) { ldb_set_errstring(ac-module-ldb, msg-r.SearchResultDone.errormessage); @@ -280,7 +278,7 @@ return; } ares-message-num_elements = search-num_attributes; - ares-message-elements = talloc_steal(ares-message, search-attributes); + ares-message-elements = talloc_move(ares-message, search-attributes); handle-status = LDB_SUCCESS; handle-state = LDB_ASYNC_PENDING; @@ -383,7 +381,7 @@ return LDB_ERR_OPERATIONS_ERROR; } - ildb_ac-req = talloc_steal(ildb_ac, req); + ildb_ac-req = talloc_move(ildb_ac, req); talloc_free(req-time_event); req-time_event = NULL; if (timeout) { Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c 2006-09-13 00:05:07 UTC (rev 18435) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c 2006-09-13 00:10:38 UTC (rev 18436) @@ -865,11 +865,7 @@ res-msgs[res-count + 1] = NULL; - res-msgs[res-count] = talloc_steal(res-msgs, ares-message); - if (! res-msgs[res-count]) { - goto error; - } - + res-msgs[res-count] = talloc_move(res-msgs, ares-message); res-count++; } else { ldb_debug(ldb, LDB_DEBUG_ERROR, unrecognized async reply in ltdb_search_sync_callback!\n); Modified:
svn commit: samba r18437 - in branches/SAMBA_4_0/source/lib/ldb: .
Author: tridge Date: 2006-09-13 00:11:07 + (Wed, 13 Sep 2006) New Revision: 18437 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18437 Log: added a 'make valgrindtest' target for ldb Modified: branches/SAMBA_4_0/source/lib/ldb/Makefile.in Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/Makefile.in === --- branches/SAMBA_4_0/source/lib/ldb/Makefile.in 2006-09-13 00:10:38 UTC (rev 18436) +++ branches/SAMBA_4_0/source/lib/ldb/Makefile.in 2006-09-13 00:11:07 UTC (rev 18437) @@ -131,6 +131,9 @@ test: all for t in $(TESTS); do echo STARTING $${t}; $(srcdir)/tests/$${t} || exit 1; done +valgrindtest: all + for t in $(TESTS); do echo STARTING $${t}; VALGRIND=valgrind -q --db-attach=yes --num-callers=30 $(srcdir)/tests/$${t} || exit 1; done + installcheck: install test install: all
svn commit: samba r18438 - in branches/SAMBA_4_0/source/lib/ldb: common ldb_ildap modules
Author: tridge Date: 2006-09-13 02:03:20 + (Wed, 13 Sep 2006) New Revision: 18438 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18438 Log: I should have examined these uses of talloc_move() more carefully. Most of them are OK, but a couple were not. Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 00:11:07 UTC (rev 18437) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 02:03:20 UTC (rev 18438) @@ -548,10 +548,7 @@ res-refs[n + 1] = NULL; } - if (ares-controls) { - res-controls = talloc_move(res, ares-controls); - } - + talloc_steal(res, ares-controls); talloc_free(ares); return LDB_SUCCESS; Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 00:11:07 UTC (rev 18437) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 02:03:20 UTC (rev 18438) @@ -381,7 +381,6 @@ return LDB_ERR_OPERATIONS_ERROR; } - ildb_ac-req = talloc_move(ildb_ac, req); talloc_free(req-time_event); req-time_event = NULL; if (timeout) { @@ -392,6 +391,7 @@ req-async.fn = ildb_callback; req-async.private_data = (void *)h; + ildb_ac-req = talloc_move(ildb_ac, req); *handle = h; return LDB_SUCCESS; Modified: branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c === --- branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c 2006-09-13 00:11:07 UTC (rev 18437) +++ branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c 2006-09-13 02:03:20 UTC (rev 18438) @@ -190,7 +190,7 @@ ac-store-num_entries++; - ac-store-last-r = talloc_move(ac-store-last, ares); + ac-store-last-r = talloc_steal(ac-store-last, ares); ac-store-last-next = NULL; } @@ -205,14 +205,12 @@ goto error; } - ac-store-last_ref-r = talloc_move(ac-store-last, ares); + ac-store-last_ref-r = talloc_steal(ac-store-last, ares); ac-store-last_ref-next = NULL; } if (ares-type == LDB_REPLY_DONE) { - if (ares-controls) { - ac-store-controls = talloc_move(ac-store, ares-controls); - } + ac-store-controls = talloc_move(ac-store, ares-controls); talloc_free(ares); }
svn commit: samba r18439 - in branches/SAMBA_4_0/source/lib: ldb/common ldb/ldb_ildap ldb/ldb_sqlite3 ldb/ldb_tdb ldb/modules ldb/tools talloc
Author: tridge Date: 2006-09-13 02:33:51 + (Wed, 13 Sep 2006) New Revision: 18439 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18439 Log: 2nd try at a talloc_move() api. This type with the ** ptr interface exposed. Unfortunately this generates a large number of type punning warnings. We'll have to find some magic to hide those. Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c branches/SAMBA_4_0/source/lib/ldb/modules/asq.c branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c branches/SAMBA_4_0/source/lib/ldb/modules/paged_results.c branches/SAMBA_4_0/source/lib/ldb/modules/sort.c branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbsearch.c branches/SAMBA_4_0/source/lib/talloc/talloc.3.xml branches/SAMBA_4_0/source/lib/talloc/talloc.h branches/SAMBA_4_0/source/lib/talloc/testsuite.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 02:03:20 UTC (rev 18438) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-13 02:33:51 UTC (rev 18439) @@ -528,7 +528,7 @@ res-msgs[res-count + 1] = NULL; - res-msgs[res-count] = talloc_move(res-msgs, ares-message); + res-msgs[res-count] = talloc_move(res-msgs, ares-message); res-count++; } @@ -544,7 +544,7 @@ goto error; } - res-refs[n] = talloc_move(res-refs, ares-referral); + res-refs[n] = talloc_move(res-refs, ares-referral); res-refs[n + 1] = NULL; } Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 02:03:20 UTC (rev 18438) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c 2006-09-13 02:33:51 UTC (rev 18439) @@ -249,7 +249,7 @@ return; } - ares-controls = talloc_move(ares, msg-controls); + ares-controls = talloc_move(ares, msg-controls); if (msg-r.SearchResultDone.resultcode) { if (msg-r.SearchResultDone.errormessage) { ldb_set_errstring(ac-module-ldb, msg-r.SearchResultDone.errormessage); @@ -278,7 +278,8 @@ return; } ares-message-num_elements = search-num_attributes; - ares-message-elements = talloc_move(ares-message, search-attributes); + ares-message-elements = talloc_move(ares-message, + search-attributes); handle-status = LDB_SUCCESS; handle-state = LDB_ASYNC_PENDING; @@ -391,7 +392,7 @@ req-async.fn = ildb_callback; req-async.private_data = (void *)h; - ildb_ac-req = talloc_move(ildb_ac, req); + ildb_ac-req = talloc_move(ildb_ac, req); *handle = h; return LDB_SUCCESS; Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c 2006-09-13 02:03:20 UTC (rev 18438) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_sqlite3/ldb_sqlite3.c 2006-09-13 02:33:51 UTC (rev 18439) @@ -865,7 +865,7 @@ res-msgs[res-count + 1] = NULL; - res-msgs[res-count] = talloc_move(res-msgs, ares-message); + res-msgs[res-count] = talloc_move(res-msgs, ares-message); res-count++; } else { ldb_debug(ldb, LDB_DEBUG_ERROR, unrecognized async reply in ltdb_search_sync_callback!\n); Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2006-09-13 02:03:20 UTC (rev 18438) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2006-09-13 02:33:51 UTC (rev 18439) @@ -378,7 +378,7 @@ for (i=0;ilist-count;i++) { if (ldb_list_find(list-dn[i], list2-dn, list2-count, sizeof(char *),
svn commit: samba r18440 - in branches/SAMBA_4_0/source/setup: .
Author: idra Date: 2006-09-13 03:56:31 + (Wed, 13 Sep 2006) New Revision: 18440 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18440 Log: builtinDomain is not a child of domain Modified: branches/SAMBA_4_0/source/setup/provision_init.ldif Changeset: Modified: branches/SAMBA_4_0/source/setup/provision_init.ldif === --- branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-09-13 02:33:51 UTC (rev 18439) +++ branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-09-13 03:56:31 UTC (rev 18440) @@ -43,7 +43,6 @@ top: person top: group domain: domainDNS -domain: builtinDomain person: organizationalPerson organizationalPerson: user user: computer
svn commit: samba r18441 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2006-09-13 04:03:58 + (Wed, 13 Sep 2006) New Revision: 18441 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18441 Log: Allow searching for the high bit in these bitfields, when the client asks for them as large integers, rather than a negative integer. Due to an OpenLDAP bug, this only works reliably against OpenLDAP CVS as of today. (but mostly works in older versions, depending on a thread-specific value fo errno in the server). Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2006-09-13 03:56:31 UTC (rev 18440) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2006-09-13 04:03:58 UTC (rev 18441) @@ -171,7 +171,22 @@ } +static struct ldb_val normalise_to_signed32(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) +{ + long long int signed_ll = strtoll(val-data, NULL, 10); + if (signed_ll = 0x8000LL) { + union { + int32_t signed_int; + uint32_t unsigned_int; + } u = { + .unsigned_int = strtoul(val-data, NULL, 10) + }; + struct ldb_val out = data_blob_string_const(talloc_asprintf(ctx, %d, u.signed_int)); + return out; + } + return val_copy(module, ctx, val); +} const struct ldb_map_attribute entryUUID_attributes[] = { @@ -258,6 +273,28 @@ } }, { + .local_name = groupType, + .type = MAP_CONVERT, + .u = { + .convert = { +.remote_name = groupType, +.convert_local = normalise_to_signed32, +.convert_remote = val_copy, +}, + } + }, + { + .local_name = samAccountType, + .type = MAP_CONVERT, + .u = { + .convert = { +.remote_name = samAccountType, +.convert_local = normalise_to_signed32, +.convert_remote = val_copy, +}, + } + }, + { .local_name = *, .type = MAP_KEEP, },