Re: [Samba] Trouble with restricting access and ads

[D G Teed]

On 1/30/08, simo [EMAIL PROTECTED] wrote:
 On Tue, 2008-01-29 at 23:00 -0400, D G Teed wrote:
  We are migrating old FreeBSD machines to Redhat EL 5.
 
  On FreeBSD, we have previously used valid users = with sucess.
  valid users was never a group, but always a list of user names like:
  valid users = david joe henry
 
  Moving to Redhat Enterprise 5,

 [...]

  Please shed some light on this if anyone can.

 Why people never read release notes ? :-D

 Since a few samba versions the usernames must be fully qualified

 In domain FOO with user Bar you set:
 valid users = FOO\Bar

 setting just valid users = Bar  won't do it.


In what I saw from running winbindd with debug tracing, it looked
like the domain was being prepended. I imagined the default
domain line in smb.conf was helping with that.

I did read that, and a bunch of other tips that people were certain helped
this situation, and none of the things I tried helped.  However, perhaps
I don't know how to test with smbclient.  How would I set up the user
name from -U ?  I would think it would need double backslashes on
the shell?  Or would it be quotes?  Or is the domain not needed with
the smbclient if we have default domain? I thought I had tried
this, but I might have messed up the client end of the test.

--Donald
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Samba Administrator account for XP

[Michael Lueck]

satish patel wrote:

i have created root 
account and map root account with Administrator /etc/samba/smbuser file 


I have never heard of such a file...

 i have created root account

I have specifically avoided creating an account named root. Since Ubuntu which 
we are now using uses a sudo environment, seems a wise decision way back when.

Still, I do not think that alone is your source of trouble.

and root UID=0 and memeber of Domain Admin group. but still when i am 
login in XP client machine with root user in samba Domain i  dont have 
much privielges on XP machine even i can not change my XP client  
machine System Time 


Did you get a copy of ifmember.exe and run it with the /list option to see which local and domain groups you are a member of? What did it return? Are you a member of the local Administrators group or 
not? (Sounds like not.)


satish patel wrote:
 dear your URL PDF is damage so that could not open properly

Works fine for us with both Linux and Windows and the Acrobat / Firefox for 
those platforms.

--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Member Server creates sambaDomainName LDAP entry

[Jamrock]

Brian High [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 Short version:

 Why does my domain member server create a sambaDomainName entry in LDAP?

 Long Version:

 I have created a Domain Member Server for a NT4 style Samba domain
 with an LDAP backend.

 It is a print server, running Winbind (because it solved a group SID
 mapping problem and an 'invalid SID' error in syslog), and it works fine
 in all other respects, but this:

 After joining the domain, the member server creates a sambaDomainName
 entry in LDAP that I don't think should be there.  It is of the form:

 sambaDomainName=HOSTNAME,dc=example,dc=com

 ... where HOSTNAME is the hostname of the domain member server.

 I have Googled this and have come up with some posts to this list:

To which LDAP server is your smb.conf file pointing?  The one on the member
server or the one on the domain controller?




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A good read

[Robert Pollard]

From what I understand of roaming profiles is the only purpose to allow 
users to log into any computer not just their own?  I assume this capability 
will download all of their profile settings no matter where they login?



- Original Message - 
From: Adam Williams [EMAIL PROTECTED]

To: Robert Pollard [EMAIL PROTECTED]
Cc: samba@lists.samba.org
Sent: Tuesday, January 29, 2008 5:10 PM
Subject: Re: [Samba] A good read


have you read Samba 3 by Example?  it covers some real world examples, ads 
joins, etc.


i think you'd want to use a PDC w/ roaming profiles.  that way you can 
locate all of your user's data on your server and backup your server 
instead of a lot of clients.  and you'll definitely want a PDC/BDC setup 
when you have branch offices.  for host name lookup use dynamic dns dhcp. 
there's plenty of howtos on how to set that up too, but I can send you my 
configs too.


Robert Pollard wrote:

Hi,

I have been reading the older O'Reilly book on Samba.  This book explains 
in general the concept of NetBIOS and some other related areas.


Do you have any recommendations as to what is available to read that will 
take me through the world of Windows networking?  I am sitting here 
reading these messages and see things like requires a flat namespace to 
function or dfs stub server or I then bind Samba domain members using 
'net ads join -U domain_admin_login' and I'm am at a loss as to what 
they are talking about.


I have read up on how to setup Samba as a PDC but I don't know why I 
would ever want to.  Even if I had enough users in our network I still 
don't believe there would be any purpose for it.  I am leaning more 
towards using using LDAP for authentication.  I would also like to use 
for host name lookup and some other odds and ends.


Is there something out there that would take me by the hand and lead me 
through the decision making process of what to use and when to use it, 
how to set it up and trouble-shoot it and maybe some other relevant 
information that would be needed?


I want to know more about Windows networking but also how to use the best 
tools available for what makes sense now and in the future.


Thanks,

Robert






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Trouble with restricting access and ads

[D G Teed]

Hi,

Thanks for this tip.  I did get valid users = DOMAIN\user
working today.  I have also verified someone authenticated
in AD, but not in the parameter valid users = can not get in.
Great - this is what I expect...

I've now learned that testing I can access it is only half the test.
I should also test that I can't access it if the user is not listed.
I wonder how many sites are out there with only users = 
and no valid keyword in front of it, running with a share
open to anyone on ADS, as we were initially?  I read this
help tip in many forums - and it seems correct because
when they half test it, they can get in.

I consider it a serious bug that with nothing for a write list,
read list, nor valid user parameter, samba defaults to write
access merely by having AD authentication succeed.
This is with 3.0.25 in Redhat Enterprise 5.

Or would you say this is linked to a pam misconfiguration?

We've got guest ok = no and public = no everywhere in smb.conf

I have this in my pam.d/samba :

auth   required pam_nologin.so
auth sufficient pam_winbind.so use_first_pass
auth required   pam_deny.so
account [default=bad success=ok user_unknown=ignore]  pam_winbind.so
account required  pam_permit.so
passwordsufficientpam_winbind.so use_authtok
passwordrequired  pam_deny.so
session required  pam_limits.so

--Donald
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Get number of current logged on users

[Ari Constancio]

Hi,

I'm looking for a simple way to get the number of current logged on
users (with established sessions) to measure the use frequency of our
student labs. I don't need to identify the users.

I haven't found anything useful yet. So I'm asking here for some
advice before getting myself hacking my own scripts :).

Thanks in advance,
Ari Constancio
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Samba still asking password

[Jamrock]

Marcelo Bossoni [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi All,
I need some help.
I installed Samba 3.0.26a from Ubuntu Gutsy repository under kubuntu, and
make a share with share permissions (LAN), but he always asks for a
password

Can you guys have any idea about what is wrong. I am going crazy with
this.


Share control does not mean that a password is not required.  I have used
user security and share security with Samba in a Windows workgroup.

With user security, the prompt appears for the username and password when
someone tries to access the Samba server in network neighborhood.

With share security, the prompt appears for the username and password when
someone tries to access a share on the Samba server in network neighborhood.

In the first case, security is set on the machine.  In the second case,
security is set on the share.

In general, a user cannot access a Linux machine unless he has an account on
it.  He has access to specific folders when the administrator of the machine
gives him access to those folders.

Samba runs as a service on the Linux machine.  Each user must have a Samba
account to access the Linux machine through Samba.  Each Samba account is
mapped to a Linux user account.

Security on the Samba account is set by setting security on the Linux
account to which it has been mapped.

To access a share on the Linux/Samba box, do the following:

Create a Linux user account on the machine.  Set a password for it.

Create a Samba account on the machine with the same username.

Give the Linux user security access to the folder to which the Samba share
is mapped.

The only way to avoid the prompt for the username and password is to create
a username and password on the Samba machine that is the same as the
username and password on the Windows machine from which you accessing the
Samba machine.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Samba still asking password

[Marcelo Bossoni]

Thank you man, but I found the error.
Nothing with samba, but with Kubuntu fstab approach, that mount the drives
with umask 007 instead 002 (to permit others to see the content of mount
point).
Changing the umask to 002 everything works fine.

2008/1/30, Jamrock [EMAIL PROTECTED]:


 Marcelo Bossoni [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
 Hi All,
 I need some help.
 I installed Samba 3.0.26a from Ubuntu Gutsy repository under kubuntu,
 and
 make a share with share permissions (LAN), but he always asks for a
 password

 Can you guys have any idea about what is wrong. I am going crazy with
 this.


 Share control does not mean that a password is not required.  I have used
 user security and share security with Samba in a Windows workgroup.

 With user security, the prompt appears for the username and password when
 someone tries to access the Samba server in network neighborhood.

 With share security, the prompt appears for the username and password when
 someone tries to access a share on the Samba server in network
 neighborhood.

 In the first case, security is set on the machine.  In the second case,
 security is set on the share.

 In general, a user cannot access a Linux machine unless he has an account
 on
 it.  He has access to specific folders when the administrator of the
 machine
 gives him access to those folders.

 Samba runs as a service on the Linux machine.  Each user must have a Samba
 account to access the Linux machine through Samba.  Each Samba account is
 mapped to a Linux user account.

 Security on the Samba account is set by setting security on the Linux
 account to which it has been mapped.

 To access a share on the Linux/Samba box, do the following:

 Create a Linux user account on the machine.  Set a password for it.

 Create a Samba account on the machine with the same username.

 Give the Linux user security access to the folder to which the Samba share
 is mapped.

 The only way to avoid the prompt for the username and password is to
 create
 a username and password on the Samba machine that is the same as the
 username and password on the Windows machine from which you accessing the
 Samba machine.



 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba




-- 
Marcelo Marzola Bossoni
  IC - UNICAMP 
***  EC 04  ***
Engenharia de Computação
Tel.: (14) 3474 1160
Tel.: (19) 3342 4752
Cel.: (19) 9765 1919
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] net ads join : ads_connect: No logon servers

[D G Teed]

I've been able to use security = ads in smb.conf, and connect OK,
but it must be falling back to domain.  When I run net ads join
I get the error (debug trace below):

ads_connect: No logon servers

Here is my krb5.conf:

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
[libdefaults]
 default_realm = BEER
[realms]
 BEER = {
  kdc = ADC1.AD.BEERU.CA
 }
[domain_realm]
 beer.ca = BEER
 .beer.ca = BEER

Here is my rpc join status:
# net rpc testjoin
Join to 'BEER' is OK

Here is my attempt to graduate this to ADS levels, with debug:

# net ads join -Ubeeruser%beeruserpw -d3
[2008/01/30 11:06:08, 3] param/loadparm.c:lp_load(5033)
  lp_load: refreshing parameters
[2008/01/30 11:06:08, 3] param/loadparm.c:init_globals(1424)
  Initialising global parameters
[2008/01/30 11:06:08, 3] param/params.c:pm_process(572)
  params.c:pm_process() - Processing configuration file /etc/samba/smb.conf
[2008/01/30 11:06:08, 3] param/loadparm.c:do_section(3772)
  Processing section [global]
[2008/01/30 11:06:08, 2] lib/interface.c:add_interface(81)
  added interface ip=111.111.200.8 bcast=111.111.207.255 nmask=255.255.248.0
[2008/01/30 11:06:08, 2] lib/interface.c:add_interface(81)
  added interface ip=111.111.202.39 bcast=111.111.207.255 nmask=255.255.248.0
[2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ADC2, 111.111.200.67
[2008/01/30 11:06:08, 1] libads/cldap.c:recv_cldap_netlogon(247)
  Failed to parse cldap reply
[2008/01/30 11:06:08, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 111.111.200.66 failed.
[2008/01/30 11:06:08, 1] libads/cldap.c:recv_cldap_netlogon(247)
  Failed to parse cldap reply
[2008/01/30 11:06:08, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 111.111.200.67 failed.
[2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ADC2, 111.111.200.67
[2008/01/30 11:06:08, 3] libsmb/namequery_dc.c:rpc_dc_name(154)
  Could not look up dc's for domain BEER
[2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ADC2, 111.111.200.67
[2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ADC2, 111.111.200.67
[2008/01/30 11:06:08, 0] utils/net_ads.c:ads_startup_int(286)
  ads_connect: No logon servers
[2008/01/30 11:06:08, 1] utils/net_ads.c:net_ads_join(1470)
  error on ads_startup: No logon servers
Failed to join domain: No logon servers
[2008/01/30 11:06:08, 2] utils/net.c:main(1032)
  return code = -1

Can this user achieve such a goal?

Here is beeruser's rights via rpc:
net rpc rights list -Ubeeruser
Password:
 SeMachineAccountPrivilege  Add machines to domain
  SeTakeOwnershipPrivilege  Take ownership of files or other objects
 SeBackupPrivilege  Back up files and directories
SeRestorePrivilege  Restore files and directories
 SeRemoteShutdownPrivilege  Force shutdown from a remote system
  SePrintOperatorPrivilege  Manage printers
   SeAddUsersPrivilege  Add users and groups to the domain
   SeDiskOperatorPrivilege  Manage disk shares

I've had various toggles done to my smb.conf, but here is what the
global section
of smb.conf looks like at the moment, following the hints of someone else who
solved this on the list...

[global]
netbios name = www2
workgroup = BEER
unix charset = LOCALE
realm = BEER
server string = Web Server
security = ADS
password server = 111.111.200.67
idmap backend = rid:BEER=5000-1
idmap uid = 1-1000
idmap gid = 1-1000
template shell = /bin/bash
winbind use default domain = Yes
winbind enum users = Yes
winbind enum groups = Yes
allow trusted domains = No
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
dns proxy = No
winbind use default domain = Yes
hosts allow = 111.111.
encrypt passwords = yes

I had great results with the last question I put on the list.  I hope
someone can help us graduate to ads with kerberos level authentication.

It feels like there is something missing on the AD end, but I know
nothing about this
other than that it is Windows Server 2003 and it has been in production for
awhile with good performance.

--Donald
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Get number of current logged on users

[Adam Tauno Williams]

 I'm looking for a simple way to get the number of current logged on
 users (with established sessions) to measure the use frequency of our
 student labs. I don't need to identify the users.

sardine:~ # expr `smbstatus -b | cut -c35-45 | sort | uniq | wc -l` - 3
151

-- 
Adam Tauno Williams, Network  Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba hanging from time to time

[Benedict White]

I am having some trouble with Samba. It was working fine on an old server with 
3.0.21.

Now I have updated to 3.0.28 (via 3.0.25) and a bigger fatter faster server.

There are two problems. Firstly the new server seems slower than the old one, 
and some users 
are experiencing intermittent data loss via MS apps such as Word or Excell 
crashing.

The system runs on Arch Linux, with a slightly modified package to include 
winbind.

The smb.conf file reads as follows:

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2006/12/18 17:27:22

[global]
workgroup = somegroup
interfaces = eth0, lo
bind interfaces only = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password* %n\n *Re-enter*new*password*%n\n 
*Password*changed*
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 2
syslog = 0
log file = /var/log/samba/%M
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts lmhosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = P:
logon home = \\%L\%U
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
ldap ssl = no
utmp = Yes
idmap uid = 2-3
idmap gid = 2-3
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
winbind enum users = No
winbind enum groups = No
winbind use default domain = Yes
map acl inherit = Yes
cups options = Raw
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8576 
SO_SNDBUF=8576
veto files = /*.eml/*.nws/*.{*}/
veto oplock files = /*.doc/*.xls/*.mdb/

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
use client driver = Yes
default devmode = Yes
browseable = No

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
locking = No

[profiles]
comment = Profile Share
path = /home/samba/profiles
read only = No
profile acls = Yes

[Accounts]
comment = Accounting Files
path = /home/data/accounts
force group = accounts
read only = No
create mask = 0770
directory mask = 0770
force directory mode = 0770

[general]
comment = General file area
path = /home/data/general
read only = No
create mask = 0774
force create mode = 0770
directory mask = 0775
force directory mode = 0770

[hr]
comment = Human Resource
path = /home/data/hr
valid users = @hr
force group = hr
read only = No
create mask = 0774
force directory mode = 0770

##Ends

Now I managed to get a report of an error which left a trace in a log file 
showing some errors which are here:

Sorry about the length of the extracts, but there seem to be two types of 
different errors including:
sys_acl_set_file type file failed
smb_set_file_dosmode: file_set_dosmode ... (Operation not permitted)



[2008/01/30 13:00:44, 2] smbd/open.c:open_file(391)
  user1 opened file somedata/ADMIN/some directory/2008/~WRD3964.tmp read=Yes 
write=Yes (numopen=5)
[2008/01/30 13:00:44, 2] smbd/open.c:open_file(391)
  user1 opened file somedata/ADMIN/some directory/2008/A file name 33 chars 
long 080130.doc read=No write=No (numopen=6)
[2008/01/30 13:00:44, 2] smbd/close.c:close_normal_file(406)
  user1 closed file somedata/ADMIN/some directory/2008/A file name 33 chars 
long 080130.doc (numopen=5) NT_STATUS_OK
[2008/01/30 13:00:44, 2] smbd/open.c:open_file(391)
  user1 opened file somedata/ADMIN/some directory/2008/~WRD3964.tmp read=No 
write=No (numopen=6)
[2008/01/30 13:00:44, 2] smbd/posix_acls.c:set_canon_ace_list(2496)
  set_canon_ace_list: sys_acl_set_file type file failed for file 
somedata/ADMIN/some directory/2008/~WRD3964.tmp (Operation not supported).
[2008/01/30 13:00:44, 2] smbd/close.c:close_normal_file(406)
  user1 closed file somedata/ADMIN/some 

Re: [Samba] smaba + ldap + privilages

[Net Warrior]

Hi.

If I understand well, you mean a user logged to a windows wortstation, be
able to do some stuff than a basic users, ifthat's your question the answer
is yes, you can achieve that by , when adding a user, specify which group
he/she will belong.
I do not know which sitro you are using, but samba has nice command line
tools to do so that come with the samba-doc, or samba-tools package, do not
know which distro or tools youl'll be using to admin your PDC, but you can
do that, I user webmin or phpldapadmin.

Then you mention to do that with the normal user permissions, I guess you
are referring to the common chmod+chown commands, thst's not possible as far
as I know, BUT, you can set up and refine permissions using the file system
ACL to allow/disallow acces to some folders for example, but most of it can
be done from the samba configuration file, wher you can play how a group or
a user can access a share.

Hope this helps.
CU



2008/1/29, satish patel [EMAIL PROTECTED]:

 Dear all

  I have smb+ ldap setup not everything is fine but i want to
 assign some right to perticuler Group so they can change TCP/IP properties
 and change system time and do some other right

 Is it possible to give some privilages to normal users ???




 $ cat ~/satish/url.txt

 http://www.linuxbug.org

 _


 -
 Why delete messages? Unlimited storage is just a click away.
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] joining an AD - SOLVED

[Calderon, Willy (NIH/NINDS) [C]]

The problem is that Kerberos can only deal with flatname space to
function so you cannot have subdomain.domain.com as the Linux server
name in DNS. Changing that solved this for me. 



-Original Message-
From: Calderon, Willy (NIH/NINDS) [C] 
Sent: Monday, January 28, 2008 7:58 PM
To: Guillermo Gutierrez; samba@lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks. I keep getting this error every time I log in now with the
options you've given below


[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
  Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
  ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
  ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
  ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED]
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
  ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
  ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
  return code = -1




 

*   *   *   *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-Original Message-
From: Guillermo Gutierrez [mailto:[EMAIL PROTECTED]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba@lists.samba.org
Subject: RE: [Samba] joining an AD
 
Whoops,

The trailing () should be at the end of the OU path, in your case after
the 'AD'.

The computername is a separate value that you are feeding it.

net ads join createcomputer=Servers/Windows/Computers/AD computername

-Original Message-
From: Calderon, Willy (NIH/NINDS) [C] [mailto:[EMAIL PROTECTED] 
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba@lists.samba.org
Subject: RE: [Samba] joining an AD

Is there a trailing quote () after computer name ?

 
*   *   *   *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913
 

-Original Message-
From: Guillermo Gutierrez [mailto:[EMAIL PROTECTED] 
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba@lists.samba.org
Subject: RE: [Samba] joining an AD

You have to use the createcomputer parameter if you want to specify
the OUs.

Ex: net ads join createcomputer=Servers/Windows/Computers/AD
computername

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba@lists.samba.org
Subject: [Samba] joining an AD



Hi there -

I am trying to join the domain using the net ads join  command but keep
getting a  

Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter

when I try to add the computer into the correct OU like so:

net ads join Servers/Windows/Computers/AD



Is there a correct way to get this to work?

I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Is my kerberos ok with AD?

[Serbülent ÜNSAL]

Hi all,

I can get a kerberos ticket sucessfully from my AD server, and i can check it 
with klist. ( with # kinit [EMAIL PROTECTED] )

But when i try to login to AD with # net ads join -U administrator system 
ask for administrator password again. I think this isn't normal behavior.

Is my kerberos system ok ? Or asking password again points a problem in 
configuration.

Best Regards

Serbulent UNSAL 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] net ads join : ads_connect: No logon servers

[Douglas VanLeuven]

D G Teed wrote:
 I've been able to use security = ads in smb.conf, and connect OK,
 but it must be falling back to domain.  When I run net ads join
 I get the error (debug trace below):
 
 ads_connect: No logon servers
 
 Here is my krb5.conf:
 
 [logging]
  default = FILE:/var/log/krb5libs.log
  kdc = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmind.log
 [libdefaults]
  default_realm = BEER
 [realms]
  BEER = {
   kdc = ADC1.AD.BEERU.CA
  }
 [domain_realm]
  beer.ca = BEER
  .beer.ca = BEER

This should be a mapping from DNS domain to Kerberos REALM.
Going by the kdc name, what you probably want is:
beer.ca = AD.BEERU.CA
.beer.ca = AD.BEERU.CA
www2.beer.ca = AD.BEERU.CA


 
 Here is my rpc join status:
 # net rpc testjoin
 Join to 'BEER' is OK
 
 Here is my attempt to graduate this to ADS levels, with debug:
 
 # net ads join -Ubeeruser%beeruserpw -d3
 [2008/01/30 11:06:08, 3] param/loadparm.c:lp_load(5033)
   lp_load: refreshing parameters
 [2008/01/30 11:06:08, 3] param/loadparm.c:init_globals(1424)
   Initialising global parameters
 [2008/01/30 11:06:08, 3] param/params.c:pm_process(572)
   params.c:pm_process() - Processing configuration file /etc/samba/smb.conf
 [2008/01/30 11:06:08, 3] param/loadparm.c:do_section(3772)
   Processing section [global]
 [2008/01/30 11:06:08, 2] lib/interface.c:add_interface(81)
   added interface ip=111.111.200.8 bcast=111.111.207.255 nmask=255.255.248.0
 [2008/01/30 11:06:08, 2] lib/interface.c:add_interface(81)
   added interface ip=111.111.202.39 bcast=111.111.207.255 nmask=255.255.248.0
 [2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
   get_dc_list: preferred server list: ADC2, 111.111.200.67
 [2008/01/30 11:06:08, 1] libads/cldap.c:recv_cldap_netlogon(247)
   Failed to parse cldap reply
 [2008/01/30 11:06:08, 3] libads/ldap.c:ads_try_connect(189)
   ads_try_connect: CLDAP request 111.111.200.66 failed.
 [2008/01/30 11:06:08, 1] libads/cldap.c:recv_cldap_netlogon(247)
   Failed to parse cldap reply
 [2008/01/30 11:06:08, 3] libads/ldap.c:ads_try_connect(189)
   ads_try_connect: CLDAP request 111.111.200.67 failed.
 [2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
   get_dc_list: preferred server list: ADC2, 111.111.200.67
 [2008/01/30 11:06:08, 3] libsmb/namequery_dc.c:rpc_dc_name(154)
   Could not look up dc's for domain BEER
 [2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
   get_dc_list: preferred server list: ADC2, 111.111.200.67
 [2008/01/30 11:06:08, 3] libsmb/namequery.c:get_dc_list(1489)
   get_dc_list: preferred server list: ADC2, 111.111.200.67
 [2008/01/30 11:06:08, 0] utils/net_ads.c:ads_startup_int(286)
   ads_connect: No logon servers
 [2008/01/30 11:06:08, 1] utils/net_ads.c:net_ads_join(1470)
   error on ads_startup: No logon servers
 Failed to join domain: No logon servers
 [2008/01/30 11:06:08, 2] utils/net.c:main(1032)
   return code = -1
 
 Can this user achieve such a goal?
 
 Here is beeruser's rights via rpc:
 net rpc rights list -Ubeeruser
 Password:
  SeMachineAccountPrivilege  Add machines to domain
   SeTakeOwnershipPrivilege  Take ownership of files or other objects
  SeBackupPrivilege  Back up files and directories
 SeRestorePrivilege  Restore files and directories
  SeRemoteShutdownPrivilege  Force shutdown from a remote system
   SePrintOperatorPrivilege  Manage printers
SeAddUsersPrivilege  Add users and groups to the domain
SeDiskOperatorPrivilege  Manage disk shares
 
 I've had various toggles done to my smb.conf, but here is what the
 global section
 of smb.conf looks like at the moment, following the hints of someone else who
 solved this on the list...
 
 [global]
 netbios name = www2
 workgroup = BEER
 unix charset = LOCALE
 realm = BEER

Same here.
   realm = AD.BEERU.CA

 server string = Web Server
 security = ADS
 password server = 111.111.200.67
 idmap backend = rid:BEER=5000-1
 idmap uid = 1-1000
 idmap gid = 1-1000
 template shell = /bin/bash
 winbind use default domain = Yes
 winbind enum users = Yes
 winbind enum groups = Yes
 allow trusted domains = No
 log level = 3
 log file = /var/log/samba/%m.log
 max log size = 50
 dns proxy = No
 winbind use default domain = Yes
 hosts allow = 111.111.
 encrypt passwords = yes
 
 I had great results with the last question I put on the list.  I hope
 someone can help us graduate to ads with kerberos level authentication.
 
 It feels like there is something missing on the AD end, but I know
 nothing about this
 other than that it is Windows Server 2003 and it has been in production for
 awhile with good performance.
 

There may be something else, but the REALM is what jumped out at me.

Regards, Doug
-- 
To unsubscribe from this list go to the following URL and read 

Re: [Samba] net ads join : ads_connect: No logon servers

[D G Teed]

Thanks very much, Douglas.  That did the trick.
I had not understood what realm represented in a dns
style domain.

It is also confusing that one lists a realm section,
defining it...

BEER = {
   kdc = ADC1.AD.BEERU.CA
}

But then when providing the realm name in smb.conf, the
handle isn't BEER, but rather the subdomain in
which the AD controller lives.

Regards,

--Donald

On Jan 30, 2008 3:37 PM, Douglas VanLeuven [EMAIL PROTECTED] wrote:
 Douglas VanLeuven wrote:
  D G Teed wrote:
  I've been able to use security = ads in smb.conf, and connect OK,
  but it must be falling back to domain.  When I run net ads join
  I get the error (debug trace below):
 
  ads_connect: No logon servers
 
  Here is my krb5.conf:
 
  [logging]
   default = FILE:/var/log/krb5libs.log
   kdc = FILE:/var/log/krb5kdc.log
   admin_server = FILE:/var/log/kadmind.log
  [libdefaults]
   default_realm = BEER
  [realms]
   BEER = {
kdc = ADC1.AD.BEERU.CA
   }

 Missed this on the last post.
   default realm = AD.BEERU.CA

 Doug

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] net ads join : ads_connect: No logon servers

[Douglas VanLeuven]

Douglas VanLeuven wrote:
 D G Teed wrote:
 I've been able to use security = ads in smb.conf, and connect OK,
 but it must be falling back to domain.  When I run net ads join
 I get the error (debug trace below):

 ads_connect: No logon servers

 Here is my krb5.conf:

 [logging]
  default = FILE:/var/log/krb5libs.log
  kdc = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmind.log
 [libdefaults]
  default_realm = BEER
 [realms]
  BEER = {
   kdc = ADC1.AD.BEERU.CA
  }

Missed this on the last post.
  default realm = AD.BEERU.CA

Doug
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba cluster on multi tiered storage / hierarchial storage management

[Olivier Sessink]

Hi all,

we're looking at future storage technologies and possibilities to use
open source software. One thing that looks very promising already is
samba clustering with ctdb.

However, if we replace all file servers with a single samba cluster,
that cluster needs a lot of storage space. A large SAN would do, but
using fast disks for all of the storage is quite expensive. Using a mix
of cheap (slow) storage and fast (expensive) storage would satisfy the
needs much better.

Some of the data is used frequently, and some of the data is not used
frequently. A policy driven hierarchial storage management solution for
the samba ctdb cluster would be great. Keeping often-used blocks on a
SAN with fast storage, and using cheaper storage for data that hasn't
been used recently.

What are good solutions in combination with samba, or should we look at
something completely different ?

regards,
Olivier


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] net ads join : ads_connect: No logon servers

[Douglas VanLeuven]

D G Teed wrote:
 Thanks very much, Douglas.  That did the trick.
 I had not understood what realm represented in a dns
 style domain.
 
 It is also confusing that one lists a realm section,
 defining it...
 
 BEER = {
kdc = ADC1.AD.BEERU.CA
 }

Sorry, missed that one too.  Should be
AD.BEERU.CA = {
kdc = ADC1.AD.BEERU.CA
}

It's just that Kerberos doesn't know anything about workgroups in
windows and so there shouldn't be any workgroup names in krb5.conf,
only DNS names and REALM names.  It worked because samba picked up the
Kerberos kdc from SRV records in DNS.  BEER defines the .BEER realm
which doesn't exist.


 
 But then when providing the realm name in smb.conf, the
 handle isn't BEER, but rather the subdomain in
 which the AD controller lives.
 
 Regards,
 
 --Donald
 
 On Jan 30, 2008 3:37 PM, Douglas VanLeuven [EMAIL PROTECTED] wrote:
 Douglas VanLeuven wrote:
 D G Teed wrote:
 I've been able to use security = ads in smb.conf, and connect OK,
 but it must be falling back to domain.  When I run net ads join
 I get the error (debug trace below):

 ads_connect: No logon servers

 Here is my krb5.conf:

 [logging]
  default = FILE:/var/log/krb5libs.log
  kdc = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmind.log
 [libdefaults]
  default_realm = BEER
 [realms]
  BEER = {
   kdc = ADC1.AD.BEERU.CA
  }
 Missed this on the last post.
   default realm = AD.BEERU.CA

 Doug


Regards, Doug
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Trusted domain user login

[Carlos Lorenzo Matés]

Hi.


El Miércoles, 30 de Enero de 2008, Jay Santillan escribió:
 Hello Mr. Carlos,

 getent returns the ldap users, groups and paswwords, should getent also
  return the NT domain users when they are the same?

 I think,This will depend on your smb.conf.
 if you set 'winbind enum users' and 'winbind enum groups' to yes, getent
 should also display the users. by default, these are set to 'no'.


I already have the enum options to yes

Thanks


-- 
Un saludo.

Carlos Lorenzo Matés.
clmates AT mundo-r DOT com


signature.asc
Description: This is a digitally signed message part.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Terminal Server and samba anyone?

[Carlos Lorenzo Matés]

Hi.

Have anyone in the list users form a samba domain login in to a Windows 
terminal server with the samba domain account?

can you put here the results of the set command in the cmd.exe?

have you the HOMEPATH defined?

Thanks


-- 
Un saludo.

Carlos Lorenzo Matés.
clmates AT mundo-r DOT com


signature.asc
Description: This is a digitally signed message part.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Slow to start coping .exe files

[Jason Waters]

Has anyone ever had an issue coping .exe files from a samba share?  If I
rename the .exe to .ex1 it works great.  Seems odd.  I've disabled all virus
scanning software on the local machine and things like that.

Jason
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Member Server creates sambaDomainName LDAP entry

[Brian High]

On Wed, 30 Jan 2008, Jamrock wrote:



Brian High [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]

Short version:

Why does my domain member server create a sambaDomainName entry in LDAP?



To which LDAP server is your smb.conf file pointing?  The one on the member
server or the one on the domain controller?


There is only one LDAP primary (on PDC) and one LDAP secondary (on BDC). 
The member server has no LDAP server, and only uses LDAP as a client.


--
Brian High
Systems Administrator
Department of Environmental and Occupational Health Sciences
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Trusted domain user login

[Thorkil Olesen]

Carlos Lorenzo Matés clmates at mundo-r.com writes:

  Maybe you should try:
 
  wbinfo -a NTDOMAIN\\clorenzo%myrealpassword
 
 This was my first try and it says exactly the same.

Well, that should work.


 We have the very same users groups and passwords in the
 NT Domain and in the 
 samba Domain, our samba domain uses ldap for storage.

It doesn't make sense to have same users in both domains.
From samba's point of view users in different domains are
not the same even though they have same username and
password. They will still have different SIDs.

 Here is our nsswitch.conf

(...)
 passwd: files ldap
 group:  files ldap
(...)
 passwd_compat:  ldap winbind
 group_compat:   ldap winbind
(...)

Why do you put winbind at 'passwd_compat' instead of 'passwd'?

 getent returns the ldap users, groups and paswwords, should
 getent also return 
 the NT domain users when they are the same?

If you use 'DOMAIN\user' it should, eg.

getent passwd NTDOMAIN\\clorenzo

I don't think however that nsswitch is used by wbinfo -a so this
may not be your real problem.

I had a similar problem that i solved by changing to kerberos,
but with NT this is not possible.
I don't think I can help with this.

-- 
Thorkil Olesen, Denmark.







-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Trusted domain user login

[Carlos Lorenzo Matés]

Hi.

El Miércoles, 30 de Enero de 2008, Thorkil Olesen escribió:
 Carlos Lorenzo Matés clmates at mundo-r.com writes:
   Maybe you should try:
  
   wbinfo -a NTDOMAIN\\clorenzo%myrealpassword
 
  This was my first try and it says exactly the same.

 Well, that should work.

  We have the very same users groups and passwords in the
  NT Domain and in the
  samba Domain, our samba domain uses ldap for storage.

 It doesn't make sense to have same users in both domains.


We make this because we are migrating the NT domain to a samba domain and this 
was the best option to make this transparent for users

 From samba's point of view users in different domains are

 not the same even though they have same username and
 password. They will still have different SIDs.

  Here is our nsswitch.conf

 (...)

  passwd: files ldap
  group:  files ldap

 (...)

  passwd_compat:  ldap winbind
  group_compat:   ldap winbind

 (...)

 Why do you put winbind at 'passwd_compat' instead of 'passwd'?


I don't know I'm going to revise this, thanks


  getent returns the ldap users, groups and paswwords, should
  getent also return
  the NT domain users when they are the same?

 If you use 'DOMAIN\user' it should, eg.

 getent passwd NTDOMAIN\\clorenzo

 I don't think however that nsswitch is used by wbinfo -a so this
 may not be your real problem.

 I had a similar problem that i solved by changing to kerberos,
 but with NT this is not possible.
 I don't think I can help with this.



Ok, im going to play with nsswitch to see if this changes something, also will 
make another try with getent with the NTDOMAIN as you said.

Thanks again


-- 
Un saludo.

Carlos Lorenzo Matés.
clmates AT mundo-r DOT com


signature.asc
Description: This is a digitally signed message part.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba share setup witn nt acl permissions

[joel valenzuela]

Hi all,

I am trying to setup a file server using nt acl -like permissioning(like 
the ones with windows server 2003) but dunno where to start. I am switching to 
Samba because of speed,less maintenance and most of all FREE! Can anyone post 
me the step by step solution(guide) or point me in the right direction 
specifically on installing samba with nt-acl like permissioning?

Thanks.

Joel

   
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] PANIC on 6 of my client servers .Please Help

[Brad Horrocks [Secure Office Services]]

Hi everybody
I have six samba servers working in various client locations all of which 
exhibit the
same problem.

+
Jan 31 09:37:58 sos02sp smbd[1454]: [2008/01/31 09:37:58, 0] 
lib/util_sec.c:assert_uid(101)
Jan 31 09:37:58 sos02sp smbd[1454]:   Failed to set uid privileges to (-1,533) 
now set
to (0,0)
Jan 31 09:37:58 sos02sp smbd[1454]: [2008/01/31 09:37:58, 0] 
lib/util.c:smb_panic(1621)
Jan 31 09:37:58 sos02sp smbd[1454]:   PANIC (pid 1454): failed to set uid
+

Followed by a backtrace dump. 

Some of these servers have been running for several years without any major 
issues and
this problem seems to have after a version upgrade to 3.0.24. Having six 
servers with
the same problem tends to indicate to myself that I have a common configuration 
issue. I
have tried everything including complete fresh installs and don't seem to be 
able to
resolve the issue.  Having done significant research on the Web, this panic 
issue does
not appear to be endemic nor common.

To save space I has included all my logs and configurations at the following 
Web address. 


All logs and config information can be found at:-
http://www.secureoffice.com.au/samba/


 Any help (or constructive criticism) would be greatly appreciated


Regards
Brad Horrocks

--
Secure Office Services 
ABN 75 196 364 531
19 Burrendong Road
COOMBABAH QLD 4216
Ph. +61 7 5537 4955
Fx. +61 7 5537 4966
Mob.+61 (0)404142690
web: http://www.secureoffice.com.au

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Get number of current logged on users

[Marcello Romani]

Adam Tauno Williams ha scritto:

I'm looking for a simple way to get the number of current logged on
users (with established sessions) to measure the use frequency of our
student labs. I don't need to identify the users.


sardine:~ # expr `smbstatus -b | cut -c35-45 | sort | uniq | wc -l` - 3
151



I've tried it and it seems the columns are slightly wrong...

serverlinux backup # smbd --version
Version 3.0.24

The cut parameters should be:

cut -c36-49


:-)

--
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1713-g6bbe0fd

[Günther Deschner]

The branch, v3-2-test has been updated
   via  6bbe0fde6ebb5c1ea00ea24d3bdbffbf6f246bd6 (commit)
  from  e9b3115c85e3d04eeaa04bfa71972d393272afca (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit 6bbe0fde6ebb5c1ea00ea24d3bdbffbf6f246bd6
Author: Günther Deschner [EMAIL PROTECTED]
Date:   Wed Jan 30 02:08:23 2008 +0100

Add netrenumtrusteddomains() and netrenumtrusteddomainsex() cmds to 
rpcclient.

Guenther

---

Summary of changes:
 source/rpcclient/cmd_netlogon.c |   71 +++
 1 files changed, 71 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/rpcclient/cmd_netlogon.c b/source/rpcclient/cmd_netlogon.c
index 38df7c1..aad538a 100644
--- a/source/rpcclient/cmd_netlogon.c
+++ b/source/rpcclient/cmd_netlogon.c
@@ -739,6 +739,75 @@ static WERROR cmd_netlogon_dsr_getforesttrustinfo(struct 
rpc_pipe_client *cli,
return werr;
 }
 
+static WERROR cmd_netlogon_enumtrusteddomains(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx, int argc,
+ const char **argv)
+{
+   NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+   WERROR werr = WERR_GENERAL_FAILURE;
+   const char *server_name = cli-cli-desthost;
+   struct netr_Blob blob;
+
+
+   if (argc  1 || argc  3) {
+   fprintf(stderr, Usage: %s server_name\n, argv[0]);
+   return WERR_OK;
+   }
+
+   if (argc = 2) {
+   server_name = argv[1];
+   }
+
+   status = rpccli_netr_NetrEnumerateTrustedDomains(cli, mem_ctx,
+server_name,
+blob,
+werr);
+   if (!NT_STATUS_IS_OK(status)) {
+   goto done;
+   }
+
+   if (W_ERROR_IS_OK(werr)) {
+   printf(success\n);
+   dump_data(1, blob.data, blob.length);
+   }
+ done:
+   return werr;
+}
+
+static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli,
+   TALLOC_CTX *mem_ctx, int argc,
+   const char **argv)
+{
+   NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+   WERROR werr = WERR_GENERAL_FAILURE;
+   const char *server_name = cli-cli-desthost;
+   struct netr_DomainTrustList list;
+
+   if (argc  1 || argc  3) {
+   fprintf(stderr, Usage: %s server_name\n, argv[0]);
+   return WERR_OK;
+   }
+
+   if (argc = 2) {
+   server_name = argv[1];
+   }
+
+   status = rpccli_netr_NetrEnumerateTrustedDomainsEx(cli, mem_ctx,
+  server_name,
+  list,
+  werr);
+   if (!NT_STATUS_IS_OK(status)) {
+   goto done;
+   }
+
+   if (W_ERROR_IS_OK(werr)) {
+   printf(success\n);
+   }
+ done:
+   return werr;
+}
+
+
 
 /* List of commands exported by this module */
 
@@ -763,6 +832,8 @@ struct cmd_set netlogon_commands[] = {
{ dsr_enumtrustdom, RPC_RTYPE_WERROR, NULL, 
cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, Enumerate trusted domains,  
},
{ dsenumdomtrusts,  RPC_RTYPE_WERROR, NULL, 
cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, Enumerate all trusted 
domains in an AD forest,  },
{ deregisterdnsrecords, RPC_RTYPE_WERROR, NULL, 
cmd_netlogon_deregisterdnsrecords, PI_NETLOGON, NULL, Deregister DNS records, 
 },
+   { netrenumtrusteddomains, RPC_RTYPE_WERROR, NULL, 
cmd_netlogon_enumtrusteddomains, PI_NETLOGON, NULL, Enumerate trusted 
domains,  },
+   { netrenumtrusteddomainsex, RPC_RTYPE_WERROR, NULL, 
cmd_netlogon_enumtrusteddomainsex, PI_NETLOGON, NULL, Enumerate trusted 
domains,  },
 
{ NULL }
 };


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1714-g46882ad

[Volker Lendecke]

The branch, v3-2-test has been updated
   via  46882ad9927c95caadeb7fb03c1d7491bbe1fb22 (commit)
  from  6bbe0fde6ebb5c1ea00ea24d3bdbffbf6f246bd6 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit 46882ad9927c95caadeb7fb03c1d7491bbe1fb22
Author: Volker Lendecke [EMAIL PROTECTED]
Date:   Wed Jan 30 11:11:27 2008 +0100

Re-enable async I/O for non-TSM systems

The logic was wrong: A SMB_VFS_AIO_FORCE()==False disabled async I/O, 
whereas
a SMB_VFS_AIO_FORCE()==True should enforce it regardless of other 
settings.

Alexander, please check!

---

Summary of changes:
 source/smbd/aio.c   |6 --
 source/smbd/reply.c |   11 ++-
 2 files changed, 6 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/smbd/aio.c b/source/smbd/aio.c
index 9c25f69..86fdfe3 100644
--- a/source/smbd/aio.c
+++ b/source/smbd/aio.c
@@ -202,7 +202,8 @@ bool schedule_aio_read_and_X(connection_struct *conn,
size_t bufsize;
size_t min_aio_read_size = lp_aio_read_size(SNUM(conn));
 
-   if (!min_aio_read_size || (smb_maxcnt  min_aio_read_size)) {
+   if ((!min_aio_read_size || (smb_maxcnt  min_aio_read_size))
+!SMB_VFS_AIO_FORCE(fsp)) {
/* Too small a read for aio request. */
DEBUG(10,(schedule_aio_read_and_X: read size (%u) too small 
  for minimum aio_read of %u\n,
@@ -284,7 +285,8 @@ bool schedule_aio_write_and_X(connection_struct *conn,
bool write_through = BITSETW(req-inbuf+smb_vwv7,0);
size_t min_aio_write_size = lp_aio_write_size(SNUM(conn));
 
-   if (!min_aio_write_size || (numtowrite  min_aio_write_size)) {
+   if ((!min_aio_write_size || (numtowrite  min_aio_write_size))
+!SMB_VFS_AIO_FORCE(fsp)) {
/* Too small a write for aio request. */
DEBUG(10,(schedule_aio_write_and_X: write size (%u) too 
  small for minimum aio_write of %u\n,
diff --git a/source/smbd/reply.c b/source/smbd/reply.c
index 4ea81a3..1837603 100644
--- a/source/smbd/reply.c
+++ b/source/smbd/reply.c
@@ -3338,11 +3338,7 @@ void reply_read_and_X(struct smb_request *req)
return;
}
 
-   /* It is possible for VFS modules to selectively decide whether Async 
I/O should be used
-  for the file or not.
-*/
-   if ((SMB_VFS_AIO_FORCE(fsp)) 
-   !big_readX 
+   if (!big_readX 
schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
END_PROFILE(SMBreadX);
return;
@@ -4012,10 +4008,7 @@ void reply_write_and_X(struct smb_request *req)
nwritten = 0;
} else {
 
-   /* It is possible for VFS modules to selectively decide whether 
Async I/O
-  should be used for the file or not.
-   */
-   if ((SMB_VFS_AIO_FORCE(fsp))  (req-unread_bytes == 0) 
+   if ((req-unread_bytes == 0) 
schedule_aio_write_and_X(conn, req, fsp, data, startpos,
 numtowrite)) {
END_PROFILE(SMBwriteX);


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1715-ga3417be

[Günther Deschner]

The branch, v3-2-test has been updated
   via  a3417be934e34af2525ddb731af288034d51432b (commit)
  from  46882ad9927c95caadeb7fb03c1d7491bbe1fb22 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit a3417be934e34af2525ddb731af288034d51432b
Author: Günther Deschner [EMAIL PROTECTED]
Date:   Wed Jan 30 12:48:20 2008 +0100

Fix build warning.

Guenther

---

Summary of changes:
 source/nsswitch/libwbclient/wbclient.c |1 -
 1 files changed, 0 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/nsswitch/libwbclient/wbclient.c 
b/source/nsswitch/libwbclient/wbclient.c
index 304e49c..2f76f76 100644
--- a/source/nsswitch/libwbclient/wbclient.c
+++ b/source/nsswitch/libwbclient/wbclient.c
@@ -78,7 +78,6 @@ wbcErr wbcRequestResponse(int cmd,
break;
}
 
-done:
return wbc_status;
 }
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1716-gf02b74f

[Kai Blin]

The branch, v3-2-test has been updated
   via  f02b74fc067074d8e48e186a7b7255a244592f7d (commit)
  from  a3417be934e34af2525ddb731af288034d51432b (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit f02b74fc067074d8e48e186a7b7255a244592f7d
Author: Kai Blin [EMAIL PROTECTED]
Date:   Mon Jan 28 11:28:38 2008 +0100

ntlm_auth: Add a blackbox test.

---

Summary of changes:
 source/script/tests/test_ntlm_auth_s3.sh |   21 +++
 source/script/tests/tests_all.sh |1 +
 source/torture/test_ntlm_auth.py |  212 ++
 3 files changed, 234 insertions(+), 0 deletions(-)
 create mode 100755 source/script/tests/test_ntlm_auth_s3.sh
 create mode 100755 source/torture/test_ntlm_auth.py


Changeset truncated at 500 lines:

diff --git a/source/script/tests/test_ntlm_auth_s3.sh 
b/source/script/tests/test_ntlm_auth_s3.sh
new file mode 100755
index 000..8568da9
--- /dev/null
+++ b/source/script/tests/test_ntlm_auth_s3.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+incdir=`dirname $0`
+. $incdir/test_functions.sh
+
+failed=0
+
+(/usr/bin/env python --version  /dev/null 21)
+
+if $? -ne 0:
+then
+   echo Python binary not found in path. Skipping ntlm_auth tests.
+   exit 0
+fi
+
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth || failed=`expr $failed + 1`
+# This should work even with NTLMv2
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --client-domain=fOo --server-domain=fOo || failed=`expr 
$failed + 1`
+
+
+testok $0 $failed
diff --git a/source/script/tests/tests_all.sh b/source/script/tests/tests_all.sh
index 259e28e..369cf3e 100755
--- a/source/script/tests/tests_all.sh
+++ b/source/script/tests/tests_all.sh
@@ -6,6 +6,7 @@ $SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP || 
failed=`expr $failed + $?`
 echo Testing encrypted
 $SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP -e || failed=`expr 
$failed + $?`
 $SCRIPTDIR/test_wbinfo_s3.sh $WORKGROUP $SERVER $USERNAME $PASSWORD || 
failed=`expr $failed + $?`
+$SCRIPTDIR/test_ntlm_auth_s3.sh || failed=`expr $failed + $?`
 
 eval $LIB_PATH_VAR=\$SAMBA4SHAREDDIR:\$$LIB_PATH_VAR; export $LIB_PATH_VAR
 eval echo $LIB_PATH_VAR=\$$LIB_PATH_VAR
diff --git a/source/torture/test_ntlm_auth.py b/source/torture/test_ntlm_auth.py
new file mode 100755
index 000..3e7cc05
--- /dev/null
+++ b/source/torture/test_ntlm_auth.py
@@ -0,0 +1,212 @@
+#!/usr/bin/env python
+
+# Unix SMB/CIFS implementation.
+# A test for the ntlm_auth tool
+# Copyright (C) Kai Blin [EMAIL PROTECTED] 2008
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see http://www.gnu.org/licenses/.
+#
+Test ntlm_auth
+This test program will start ntlm_auth with the given command line switches and
+see if it will get the expected results.
+
+
+import os
+import sys
+from optparse import OptionParser
+
+class ReadChildError(Exception):
+   pass
+
+class WriteChildError(Exception):
+   pass
+
+def readLine(pipe):
+   readLine(pipe) - str
+   Read a line from the child's pipe, returns the string read.
+   Throws ReadChildError if the read fails.
+   
+   buf = os.read(pipe, 2047)
+   newline = buf.find('\n')
+   if newline == -1:
+   raise ReadChildError()
+   return buf[:newline]
+
+def writeLine(pipe, buf):
+   writeLine(pipe, buf) - nul
+   Write a line to the child's pipe.
+   Raises WriteChildError if the write fails.
+   
+   written = os.write(pipe, buf)
+   if written != len(buf):
+   raise WriteChildError()
+   os.write(pipe, \n)
+
+def parseCommandLine():
+   parseCommandLine() - (opts, ntlm_auth_path)
+   Parse the command line.
+   Return a tuple consisting of the options and the path to ntlm_auth.
+   
+   usage = usage: %prog [options] path/to/ntlm_auth
+   parser = OptionParser(usage)
+
+   parser.set_defaults(client_username=foo)
+   parser.set_defaults(client_password=secret)
+   parser.set_defaults(client_domain=FOO)
+   parser.set_defaults(client_helper=ntlmssp-client-1)
+
+   parser.set_defaults(server_username=foo)
+   parser.set_defaults(server_password=secret)
+   parser.set_defaults(server_domain=FOO)
+   

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1717-gbfa919c

[Kai Blin]

The branch, v3-2-test has been updated
   via  bfa919cde57a26cd2ae7397281923792b7afe83a (commit)
  from  f02b74fc067074d8e48e186a7b7255a244592f7d (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit bfa919cde57a26cd2ae7397281923792b7afe83a
Author: Kai Blin [EMAIL PROTECTED]
Date:   Wed Jan 30 16:59:40 2008 +0100

ntlm_auth: Fix typos in the torture test script.

This should fix the build farm. Sorry, wonder why it worked on my box
before.

---

Summary of changes:
 source/script/tests/test_ntlm_auth_s3.sh |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/script/tests/test_ntlm_auth_s3.sh 
b/source/script/tests/test_ntlm_auth_s3.sh
index 8568da9..6a52e59 100755
--- a/source/script/tests/test_ntlm_auth_s3.sh
+++ b/source/script/tests/test_ntlm_auth_s3.sh
@@ -5,9 +5,9 @@ incdir=`dirname $0`
 
 failed=0
 
-(/usr/bin/env python --version  /dev/null 21)
+(/usr/bin/env python --version  /dev/null 21)
 
-if $? -ne 0:
+if test $? -ne 0;
 then
echo Python binary not found in path. Skipping ntlm_auth tests.
exit 0


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1718-g11c9c15

[Kai Blin]

The branch, v3-2-test has been updated
   via  11c9c1536b153047ba387b9804f34a6555a5ae26 (commit)
  from  bfa919cde57a26cd2ae7397281923792b7afe83a (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit 11c9c1536b153047ba387b9804f34a6555a5ae26
Author: Kai Blin [EMAIL PROTECTED]
Date:   Wed Jan 30 17:57:32 2008 +0100

ntlm_auth: test should honour configfile option to run on build farm.

---

Summary of changes:
 source/script/tests/test_ntlm_auth_s3.sh |4 ++--
 source/torture/test_ntlm_auth.py |6 ++
 2 files changed, 8 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/script/tests/test_ntlm_auth_s3.sh 
b/source/script/tests/test_ntlm_auth_s3.sh
index 6a52e59..6bcb3e2 100755
--- a/source/script/tests/test_ntlm_auth_s3.sh
+++ b/source/script/tests/test_ntlm_auth_s3.sh
@@ -13,9 +13,9 @@ then
exit 0
 fi
 
-testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth || failed=`expr $failed + 1`
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile $CONFFILE || failed=`expr $failed + 1`
 # This should work even with NTLMv2
-testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --client-domain=fOo --server-domain=fOo || failed=`expr 
$failed + 1`
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile $CONFFILE --client-domain=fOo 
--server-domain=fOo || failed=`expr $failed + 1`
 
 
 testok $0 $failed
diff --git a/source/torture/test_ntlm_auth.py b/source/torture/test_ntlm_auth.py
index 3e7cc05..12a4dae 100755
--- a/source/torture/test_ntlm_auth.py
+++ b/source/torture/test_ntlm_auth.py
@@ -70,6 +70,7 @@ def parseCommandLine():
parser.set_defaults(server_password=secret)
parser.set_defaults(server_domain=FOO)
parser.set_defaults(server_helper=squid-2.5-ntlmssp)
+   parser.set_defaults(config_file=/etc/samba/smb.conf)
 
parser.add_option(--client-username, dest=client_username,\
help=User name for the client. [default: foo])
@@ -89,6 +90,9 @@ def parseCommandLine():
parser.add_option(--server-helper, dest=server_helper,\
help=Helper mode for the ntlm_auth server. 
[default: squid-2.5-server])
 
+   parser.add_option(-s, --configfile, dest=config_file,\
+   help=Path to smb.conf file. 
[default:/etc/samba/smb.conf)
+
(opts, args) = parser.parse_args()
if len(args) != 1:
parser.error(Invalid number of arguments.)
@@ -129,6 +133,7 @@ def main():
client_args.append(--username=%s % opts.client_username)
client_args.append(--password=%s % opts.client_password)
client_args.append(--domain=%s % opts.client_domain)
+   client_args.append(--configfile=%s % opts.config_file)
 
os.execv(ntlm_auth_path, client_args)
 
@@ -161,6 +166,7 @@ def main():
server_args.append(--username=%s % opts.server_username)
server_args.append(--password=%s % opts.server_password)
server_args.append(--domain=%s % opts.server_domain)
+   server_args.append(--configfile=%s % opts.config_file)
 
os.execv(ntlm_auth_path, server_args)
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1719-gd12c49e

[Kai Blin]

The branch, v3-2-test has been updated
   via  d12c49e60f4390707c924b9e9f12fa9333b006e2 (commit)
  from  11c9c1536b153047ba387b9804f34a6555a5ae26 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit d12c49e60f4390707c924b9e9f12fa9333b006e2
Author: Kai Blin [EMAIL PROTECTED]
Date:   Wed Jan 30 18:34:24 2008 +0100

ntlm_auth: Fix another typo in the test.

This _should_ be the last one.

---

Summary of changes:
 source/script/tests/test_ntlm_auth_s3.sh |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/script/tests/test_ntlm_auth_s3.sh 
b/source/script/tests/test_ntlm_auth_s3.sh
index 6bcb3e2..6c97f2e 100755
--- a/source/script/tests/test_ntlm_auth_s3.sh
+++ b/source/script/tests/test_ntlm_auth_s3.sh
@@ -13,9 +13,9 @@ then
exit 0
 fi
 
-testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile $CONFFILE || failed=`expr $failed + 1`
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile=$CONFFILE || failed=`expr $failed + 1`
 # This should work even with NTLMv2
-testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile $CONFFILE --client-domain=fOo 
--server-domain=fOo || failed=`expr $failed + 1`
+testit ntlm_auth $VALGRIND $SRCDIR/torture/test_ntlm_auth.py 
$BINDIR/ntlm_auth --configfile=$CONFFILE --client-domain=fOo 
--server-domain=fOo || failed=`expr $failed + 1`
 
 
 testok $0 $failed


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1720-g0341b0b

[Volker Lendecke]

The branch, v3-2-test has been updated
   via  0341b0be49fef5e6003a170100388b5c47a41e67 (commit)
  from  d12c49e60f4390707c924b9e9f12fa9333b006e2 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit 0341b0be49fef5e6003a170100388b5c47a41e67
Author: Volker Lendecke [EMAIL PROTECTED]
Date:   Wed Jan 30 19:56:05 2008 +0100

Fix some IBM checker warnings

---

Summary of changes:
 source/torture/cmd_vfs.c |8 
 1 files changed, 4 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/torture/cmd_vfs.c b/source/torture/cmd_vfs.c
index f3b9886..82a28bd 100644
--- a/source/torture/cmd_vfs.c
+++ b/source/torture/cmd_vfs.c
@@ -575,7 +575,7 @@ static NTSTATUS cmd_fstat(struct vfs_state *vfs, TALLOC_CTX 
*mem_ctx, int argc,
}
 
fd = atoi(argv[1]);
-   if (fd  0 || fd  1024) {
+   if (fd  0 || fd = 1024) {
printf(fstat: error=%d (file descriptor out of range)\n, 
EBADF);
return NT_STATUS_OK;
}
@@ -710,7 +710,7 @@ static NTSTATUS cmd_fchmod(struct vfs_state *vfs, 
TALLOC_CTX *mem_ctx, int argc,
 
fd = atoi(argv[1]);
mode = atoi(argv[2]);
-   if (fd  0 || fd  1024) {
+   if (fd  0 || fd = 1024) {
printf(fchmod: error=%d (file descriptor out of range)\n, 
EBADF);
return NT_STATUS_OK;
}
@@ -763,7 +763,7 @@ static NTSTATUS cmd_fchown(struct vfs_state *vfs, 
TALLOC_CTX *mem_ctx, int argc,
uid = atoi(argv[2]);
gid = atoi(argv[3]);
fd = atoi(argv[1]);
-   if (fd  0 || fd  1024) {
+   if (fd  0 || fd = 1024) {
printf(fchown: faliure=%d (file descriptor out of range)\n, 
EBADF);
return NT_STATUS_OK;
}
@@ -822,7 +822,7 @@ static NTSTATUS cmd_ftruncate(struct vfs_state *vfs, 
TALLOC_CTX *mem_ctx, int ar
 
fd = atoi(argv[1]);
off = atoi(argv[2]);
-   if (fd  0 || fd  1024) {
+   if (fd  0 || fd = 1024) {
printf(ftruncate: error=%d (file descriptor out of range)\n, 
EBADF);
return NT_STATUS_OK;
}


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-591-gfc69e3f

[Stefan Metzmacher]

The branch, v4-0-test has been updated
   via  fc69e3f829a83aae311b4849d91509fcfa47816b (commit)
   via  ab2e1394d0a66ca13750e1b6f4ced07f4a0f3453 (commit)
  from  421bdd203eab09e560f4919715fa4cc4497e406f (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit fc69e3f829a83aae311b4849d91509fcfa47816b
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date:   Wed Jan 30 20:30:27 2008 +0100

libndr: depend on samba-config, so that callers doesn't need to know about 
it

metze

commit ab2e1394d0a66ca13750e1b6f4ced07f4a0f3453
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date:   Wed Jan 30 20:25:40 2008 +0100

pidl: be consistent and always ask pkg-config only for 'ndr'

metze

---

Summary of changes:
 source/librpc/ndr.pc.in   |2 +-
 source/pidl/tests/Util.pm |2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/librpc/ndr.pc.in b/source/librpc/ndr.pc.in
index 4317397..ed4c459 100644
--- a/source/librpc/ndr.pc.in
+++ b/source/librpc/ndr.pc.in
@@ -5,7 +5,7 @@ [EMAIL PROTECTED]@
 
 Name: ndr
 Description: Network Data Representation Core Library
-Requires: talloc
+Requires: samba-config talloc
 Version: 0.0.1
 Libs: -L${libdir} -lndr 
 Cflags: -I${includedir}  -DHAVE_IMMEDIATE_STRUCTURES=1
diff --git a/source/pidl/tests/Util.pm b/source/pidl/tests/Util.pm
index 82ab130..4ad216a 100644
--- a/source/pidl/tests/Util.pm
+++ b/source/pidl/tests/Util.pm
@@ -134,7 +134,7 @@ $c
$cc = cc;
}
 
-   my $flags = `pkg-config --libs --cflags ndr samba-config`;
+   my $flags = `pkg-config --libs --cflags ndr`;
 
my $cmd = $cc $cflags -x c - -o $outfile $flags $ldflags;
$cmd =~ s/\n//g;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1721-g1a1c795

[Andrew Tridgell]

The branch, v3-2-test has been updated
   via  1a1c7954368a7f168a57f86f4f857cf70258e37a (commit)
  from  0341b0be49fef5e6003a170100388b5c47a41e67 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -
commit 1a1c7954368a7f168a57f86f4f857cf70258e37a
Author: Andrew Tridgell [EMAIL PROTECTED]
Date:   Thu Jan 31 09:48:20 2008 +1100

merged tdb transaction fix

---

Summary of changes:
 source/lib/tdb/common/transaction.c |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/lib/tdb/common/transaction.c 
b/source/lib/tdb/common/transaction.c
index c3e7a4e..4e2127b 100644
--- a/source/lib/tdb/common/transaction.c
+++ b/source/lib/tdb/common/transaction.c
@@ -321,6 +321,9 @@ static int transaction_write_existing(struct tdb_context 
*tdb, tdb_off_t off,
 
if (blk == tdb-transaction-num_blocks-1 
off + len  tdb-transaction-last_block_size) {
+   if (off = tdb-transaction-last_block_size) {
+   return 0;
+   }
len = tdb-transaction-last_block_size - off;
}
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-593-gf6a5848

[Andrew Tridgell]

The branch, v4-0-test has been updated
   via  f6a5848e5e211d4d4d66b7eca46b4b0ad4c9daab (commit)
   via  eb3af24926977208a8099c848a510704d2ae3524 (commit)
  from  fc69e3f829a83aae311b4849d91509fcfa47816b (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit f6a5848e5e211d4d4d66b7eca46b4b0ad4c9daab
Merge: eb3af24926977208a8099c848a510704d2ae3524 
fc69e3f829a83aae311b4849d91509fcfa47816b
Author: Andrew Tridgell [EMAIL PROTECTED]
Date:   Thu Jan 31 09:49:15 2008 +1100

Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 
v4-0-test

commit eb3af24926977208a8099c848a510704d2ae3524
Author: Andrew Tridgell [EMAIL PROTECTED]
Date:   Thu Jan 31 09:48:46 2008 +1100

merged tdb transaction fix

---

Summary of changes:
 source/lib/tdb/common/transaction.c |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/lib/tdb/common/transaction.c 
b/source/lib/tdb/common/transaction.c
index c3e7a4e..4e2127b 100644
--- a/source/lib/tdb/common/transaction.c
+++ b/source/lib/tdb/common/transaction.c
@@ -321,6 +321,9 @@ static int transaction_write_existing(struct tdb_context 
*tdb, tdb_off_t off,
 
if (blk == tdb-transaction-num_blocks-1 
off + len  tdb-transaction-last_block_size) {
+   if (off = tdb-transaction-last_block_size) {
+   return 0;
+   }
len = tdb-transaction-last_block_size - off;
}
 


-- 
Samba Shared Repository

Build status as of Thu Jan 31 00:00:01 2008

[build]

URL: http://build.samba.org/

--- /home/build/master/cache/broken_results.txt.old 2008-01-30 
00:00:27.0 +
+++ /home/build/master/cache/broken_results.txt 2008-01-31 00:00:51.0 
+
@@ -1,4 +1,4 @@
-Build status as of Wed Jan 30 00:00:02 2008
+Build status as of Thu Jan 31 00:00:01 2008
 
 Build counts:
 Tree Total  Broken Panic 
@@ -6,17 +6,17 @@
 ccache   30 10 0 
 ctdb 0  0  0 
 distcc   1  0  0 
-ldb  30 23 0 
+ldb  30 22 0 
 libreplace   29 19 0 
 lorikeet-heimdal 25 15 0 
 pidl 17 6  0 
-ppp  8  6  0 
+ppp  8  0  0 
 rsync30 14 0 
 samba-docs   0  0  0 
 samba-gtk4  4  0 
-samba_3_2_test 31 19 0 
+samba_3_2_test 31 26 0 
 samba_4_0_test 28 25 2 
 smb-build28 3  0 
 talloc   30 9  0 
-tdb  30 18 0 
+tdb  30 19 0