Re: [Samba] Long delays when launching programs for the first time in my Windows 7 Profile (Samba 3.4.3 as PDC)
here is my 5 pence, of a POSSIBLE cause... if you have a large network Winbind enumuration can take a loong time, that is if it is used in this instance... R. Mark --- On Wed, 30/6/10, John Drescher dresche...@gmail.com wrote: From: John Drescher dresche...@gmail.com Subject: Re: [Samba] Long delays when launching programs for the first time in my Windows 7 Profile (Samba 3.4.3 as PDC) To: Tom H. Lautenbacher mailingli...@lautenbacher.biz Cc: samba@lists.samba.org Date: Wednesday, 30 June, 2010, 23:32 But I think that the group of users using the following combination: Samba 3.4.3 Windows 7-64bit Samba as a PDC roaming profiles using this mailing list being able to report the problem is very limited until today.. I am using roaming profiles with windows 7 64 and samba PDC / BDCs. I am not using 3.4.3 however. Currently we are running 3.5.4. I did have 3.4.6 for a few weeks just after the upgrade from 3.0.37 to support windows 7. I do not have the 40 minute initial logins. However it does take me 5 minutes to login and logout on a 100% gigabit network every single time not just the first time. At some point I will look into folder redirection on top of the trimming of the profiles that I have begun.. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Long delays when launching programs for the first time in my Windows 7 Profile (Samba 3.4.3 as PDC)
I have seen this behaviour with overcrowded profiles, too.In my cases I have identified huge iTunes backups and (old) installations of Google Chrome as the source for very huge profiles. Johannes Am 30.06.2010 23:11, schrieb Tom H. Lautenbacher: Hello John, To me this sounds like a normal case of overcrowded user profiles. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.0.23d - Solaris 10
Solaris 10 comes with Samba 3.0.x (I think 3.0.35 is the most recent) so no need to compile it yourself.It includes backported support for zfs acl's.I have compiled Samab 3.4.x on solaris because I needed better support for domain trusts with Windows 2003 mode domains. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Fair, Barbara Sent: Wednesday, June 30, 2010 9:22 AM To: sa...@samba.org Cc: Fair, Barbara; Bonasera, John Subject: [Samba] Samba 3.0.23d - Solaris 10 Good Morning I have not been able to find the binary file(s) for Solaris. I have downloaded the tarball for 3.0.23d, but when I go to run the make all command I get the following error: make: Fatal error: Command failed for target 'dynconfig.o' I have not been able to find a workaround for it. Do you have any suggestions? I am running this on a Solaris 10 (release 11/06) box. Thanks Barb Fair Lockheed Martin Valley Forge, PA 610-531-5442 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with Windows XP: Cannot join Samba PDC
Hello Samba friends, Did you check or disable possible firewalls in between the network traffic? This is usually causing this error in my case. On Fri, Jun 18, 2010 at 01:56:46PM +0700, Hung Nguyen Van wrote: I double checked and it's exactly what I do, it seems server netbios name is not available in world of Windows client. It's so weird with me. On Thu, 17 Jun 2010 13:45:48 -0400 Gaiseric Vandal gaiseric.van...@gmail.com wrote: For an NT4/Samba domain, DNS is not relevant. The XP client will locate the PDC via netbios. WINS is not essential but definately helps. On the XP machine, type ipconfig /all and make sure that your XP machine is configured for the WINS server. Also, make sure on your XP TCP/IP settings that you have NOT disabled netbios-over-tcp/ip (NBT.) On 06/17/2010 10:22 AM, Hung Nguyen wrote: I have tried several times to get Windows XP client join SAMBA PDC domain, but no luck. I follow some nice guide from Ubuntu Forum and samba Document, my Samba PDC working with OpenLDAP. When I type join XP to domain I get : http://osvn.pastebin.com/QUpVVq5q http://osvn.pastebin.com/QUpVVq5q DOMAIN is name of workgroup = DOMAIN in my samba group, it seems like XP client cannot find where is DOMAIN. I'm pretty sure that my DNS is working properly, XP can resolve dc.DOMAIN.local to its IP address and use my dns server to connect to internet without problem. Linux Clients can join domain without problem. Does someone face this problem before, please help. I also enable WinS server on Samba configuration. Actually, I dont understand why I need a local DNS here, because when we join Samba Domain, we just type in Domain form NetBios name of server, not full domain name. If you can explain, please give me an answer too. Thank you very much for your help, 2 days working on it did not help me too much. Regards, -- -- Nguyen Van Hung System Administrator SYNAPSYS Co., Ltd 1st Floor, 49 Bui Dinh Tuy St, Binh Thanh Dist, HCMC, Vietnam Tel: ( +84-8 ) 66 599 379 Cell : ( +84 ) 0976 30 22 32 Email: vhngu...@synapsys-vn.com Website: http://www.synapsys-vn.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Met vriendelijke groeten, With kind regards, Mit freundlichen Gruessen, De jrus wah, Willy * Dr. W.K. Offermans CAT Postdoctoral Fellow CAT Catalytic Center Institut f�r Technische und Makromolekulare Chemie RWTH Aachen Worringerweg 1, Raum 38C-150 D-52074 Aachen, Germany Phone: +49 241 80 28592 Fax:+49 241 80 22593 Home: +31 45 544 49 44 Mobile: +31 681 15 87 68 e-mail: wi...@offermans.rompen.nl e-mail: willy.offerm...@catalyticcenter.rwth-aachen.de Powered by (__) \\\'',) \/ \ ^ .\._/_) www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Password policies in the LDAP server
Hello Samba Friend, I'm sorry that I cannot help you in finding an answer to your question, but I'm rather interested in how you can add password policies to the LDAP sever. Is this openldap? and how did you implement the policies? On Mon, Jun 28, 2010 at 12:40:09PM +0200, Juan Asensio Sánchez wrote: Hi We have some Samba servers using LDAP (389 DS) as backend. In the LDAP server, we have defined some policies to make the passwords stronger. When a user tries to change his password (Control-Alt-Del), this message appears in the LOGs: == /var/log/samba/xptest == [2010/06/28 12:26:26, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [1001S] - [1001S] - [1001S] succeeded [2010/06/28 12:26:26, 2] passdb/pdb_ldap.c:init_sam_from_ldap(545) init_sam_from_ldap: Entry found for user: 1001S [2010/06/28 12:26:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2167) init_group_from_ldap: Entry found for group: 10001 [2010/06/28 12:26:37, 2] passdb/pdb_ldap.c:init_group_from_ldap(2167) init_group_from_ldap: Entry found for group: 10001 [2010/06/28 12:26:38, 2] passdb/pdb_ldap.c:init_ldap_from_sam(972) init_ldap_from_sam: Setting entry for user: 1001S [2010/06/28 12:26:38, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1651) ldapsam_modify_entry: LDAP Password could not be changed for user 1001S: Constraint violation Failed to update password == /var/log/dirsrv/slapd-pruebas/audit == time: 20100628122637 dn: uid=1001s,X changetype: modify delete: sambaLMPassword sambaLMPassword: 0182BD0BDBF836077A718CCDF409 - add: sambaLMPassword sambaLMPassword: 39EAD569B79C7EA2C2265B23734E0DAC - delete: sambaNTPassword sambaNTPassword: 259745CB123A52AA2E693AAACCA2DB52 - add: sambaNTPassword sambaNTPassword: 8EC60ADEA316D957D1CF532C5841758D - delete: sambaPwdLastSet sambaPwdLastSet: 1277720109 - add: sambaPwdLastSet sambaPwdLastSet: 1277720798 - replace: modifiersname modifiersname: uid=adminsamba,XXX - replace: modifytimestamp modifytimestamp: 20100628102637Z - So, the Samba passwords are changed, but the unix password is not changed because the LDAP rejects it because it is not as string as required. Is there any way to avoid this? Shouldn't the unix password be changed before the samba passwords to check if the LDAP server accepts it? Regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Met vriendelijke groeten, With kind regards, Mit freundlichen Gruessen, De jrus wah, Willy * Dr. W.K. Offermans CAT Postdoctoral Fellow CAT Catalytic Center Institut f�r Technische und Makromolekulare Chemie RWTH Aachen Worringerweg 1, Raum 38C-150 D-52074 Aachen, Germany Phone: +49 241 80 28592 Fax:+49 241 80 22593 Home: +31 45 544 49 44 Mobile: +31 681 15 87 68 e-mail: wi...@offermans.rompen.nl e-mail: willy.offerm...@catalyticcenter.rwth-aachen.de Powered by (__) \\\'',) \/ \ ^ .\._/_) www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Password policies in the LDAP server
Hi We are using 389 Directory Server (formerly Fedora Directory Server). http://directory.fedoraproject.org/ There, regarding to password policies, you can specifiy minimum password length, minimum digits, minimum letters, minimum uppercase, minimum lowercase, minimum simbols, minimum ascii characters, minimum group types of characters, password history, etc. http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Management.html Regards. El 1 de julio de 2010 14:27, Willy Offermans wi...@offermans.rompen.nlescribió: Hello Samba Friend, I'm sorry that I cannot help you in finding an answer to your question, but I'm rather interested in how you can add password policies to the LDAP sever. Is this openldap? and how did you implement the policies? -- Met vriendelijke groeten, With kind regards, Mit freundlichen Gruessen, De jrus wah, Willy * Dr. W.K. Offermans CAT Postdoctoral Fellow CAT Catalytic Center Institut für Technische und Makromolekulare Chemie RWTH Aachen Worringerweg 1, Raum 38C-150 D-52074 Aachen, Germany Phone: +49 241 80 28592 Fax:+49 241 80 22593 Home: +31 45 544 49 44 Mobile: +31 681 15 87 68 e-mail: wi...@offermans.rompen.nl e-mail: willy.offerm...@catalyticcenter.rwth-aachen.de Powered by (__) \\\'',) \/ \ ^ .\._/_) www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Default Hidden Disk Shares
Windows automatically creates an Admin level disk share as \\server\volume$ file:///\\server\volume$ . Can anyone tell me if Samba automatically does the same without having to define these in SMB.CONF? Thanks, Robert. *** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Intermittent authentication error
Hello, I have an intermittent authentication error between a Windows 2003 Server and AIX 6.1 TL4 Samba 2.2.7. I have the Samba server passing auth details to an active directory server. The account exists on AIX but is locked and there is no smbpasswd entry (this is how I setup all my samba shares). On the Windows server a mapping has been created to mount this path on restart. In most cases this works fine but from time to time it fails with authentication issue. Rebooting the Windows server fixes the problem but I would like to find the root cause and fix it. I have setup debug level 2 and got the following. Any help would be greatly appreciated. Couldn't find user 'aonunitp' in passdb. Rejecting user 'aonunitp': authentication failed Couldn't find user 'aonunitp' in passdb. NT Password did not match for user 'aonunitp'! Defaulting to Lanman password for aonunitp Couldn't find user 'aonunitp' in passdb. Rejecting user 'aonunitp': authentication failed reboot aonprod (10.1.66.235) connect to service aonunitp as user aonunitp (uid=512, gid=1) (pid 4530328) aonprod (10.1.66.235) closed connection to service aonunitp aonprod (10.1.66.235) connect to service aonunitp as user aonunitp (uid=512, gid=1) (pid 4411538) smb.conf security = server password server = dc1 AIX account aonunitp id=512 pgrp=staff groups=staff home=/home/aonunitp shell=/usr/local/bin/no_shell gecos=Functional Account - XPLAN login=false su=false rlogin=false daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=files SYSTEM=compat logintimes= loginretries=3 pwdwarntime=4 account_locked=true minage=1 maxage=6 maxexpired=7 minalpha=2 minother=1 mindiff=2 maxrepeats=4 minlen=8 histexpire=0 histsize=4 pwdchecks= dictionlist=/usr/share/dict/words core_compress=on core_path=on core_pathname=/tmp/cores core_naming=on fsize=-1 cpu=-1 data=262144 stack=65536 core=2097151 rss=65536 nofiles=2000 unsuccessful_login_count=0 roles= Regards, Andrew Melchert | Technical Services| Pillar Administration ( (02) 4298 6985 | Ë 0434 604 139 | * andrew_melch...@pillar.com.au blocked::blocked::mailto:andrew_melch...@pillar.com.au This email (including all attachments) is confidential, may contain personal or legally privileged information and is intended solely for the named addressee. Confidentiality or privilege is not waived or lost because this email has been sent to you by mistake. If you have received it in error, please let us know by reply email, delete it from your system and destroy any copies. This email is also subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. Any personal information in this email must be handled in accordance with the Privacy Act 1988 (Cth). Emails may be interfered with, may contain computer viruses or other defects and may not be successfully replicated on other systems. Pillar Administration makes no representations and gives no warranties in relation to these matters and does not accept liability for any loss or damage which may result from this email. If you have any doubts about the authenticity of an email purportedly sent by Pillar Administration, please contact us immediately. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.0.23d
Good Morning I am looking to download the Samba 3.0.23d binary for Solaris. When I go to the area that is set up for binaries, there is nothing under the Sparc folder. Is there another place I can get the binary? Thanks in advance for your help. Barb Fair Lockheed Martin Valley Forge, PA 610-531-5442 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] joining 2008 DC
Hi, We have installed Samba version 3.3.7 on AIX server. So we use AIX version 6.1 samba sw pware.samba.rte 3.3.7.0 actually connected to WIN 2003 DC We would like to upgrade our DC to WIN 2008, so the question is: can we stay with installed Samba and go towards to upgrade DC to WIN2008 ? or do we have to also upgrade Samba itself ? I mean before joining the new domain on WIN 2008 DC. thanx alot for your answer, best regards, Jiří Koutník RaiffeisenBank, a.s. tel: +420 222 115 105 mobil: +420 603 808 302 Czech Republic -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] plreoblem how to reset the password of samba ldap user
HI all I am facing a problem to reset the password of a user in ldap + samba 3. Samba is working fine with ldap backend and users are able to login to domain. In ldap I have a user - Adminisrator I want to reset its password, tried the commands 'Smbldap-passwd Administrator' Also 'smbpasswd Administrator' ,but that password is nt working when I try to login or access shares using smbclient or to the pc. What is the exact way to reset a password of a user in samba + openldap environment so it is able to login to domain. Please note that I also have ldap password sync = yes enabled in my smb.conf Thanks in advance, will appreciate an early response Niyati Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net ads testjoin without asking for password
Hello all, is it possible to execute net ads testjoin without net asking for a password (in any circumstance)? The reason for my question is that I want to use it in a script and thus won't be able to supply a password to net (net does not ask for a password on stdin). Thanks in advance to anyone who can shed some light on this for me! Regards, Khaled -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Enabling logs in pam_smbpass in samba source code
I am facing some problem with samba 3.4.8 PAM pam_smbpass module, both vsftpd,proftpd are not working ..I have opened thread at http://forums.proftpd.org/smf/index.php/topic,4739.0.html it is working fine with samba 3.0.32 I want to see the _log_err messages from pam_smbpass , for that I have added log level=4 and log file= /tmp/samba/sambalog.log. I did not see any of the messages in that samba log file. Please tell me how to enable log for pam_smbpass module in samba, Thanks Suresh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net ads testjoin without asking for password
Hi Robert, I've already tried that and it wouldn't work :( If I understand it correctly, then net writes the account password for the joining account to the secrets.tdb file and if that file still is there say after a reboot then net ads testjoin should not ask for a password right? Regards, Khaled 2010/7/1 Atkinson, Robert ratkin...@tbs-ltd.co.uk: Try :- -U username%password on the command. Rob. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Khaled Blah Sent: 01 July 2010 15:05 To: samba@lists.samba.org Subject: [Samba] net ads testjoin without asking for password Hello all, is it possible to execute net ads testjoin without net asking for a password (in any circumstance)? The reason for my question is that I want to use it in a script and thus won't be able to supply a password to net (net does not ask for a password on stdin). Thanks in advance to anyone who can shed some light on this for me! Regards, Khaled -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba *** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Enabling logs in pam_smbpass in samba source code
On 07/01/2010 09:04 AM, kandukuru_sur...@emc.com wrote: I am facing some problem with samba 3.4.8 PAM pam_smbpass module, both vsftpd,proftpd are not working ..I have opened thread at http://forums.proftpd.org/smf/index.php/topic,4739.0.html it is working fine with samba 3.0.32 I want to see the _log_err messages from pam_smbpass , for that I have added log level=4 and log file= /tmp/samba/sambalog.log. I did not see any of the messages in that samba log file. Please tell me how to enable log for pam_smbpass module in samba, Suresh, From the documentation in the source code: 25 Mar 2001 pam_smbpass is a PAM module which can be used on conforming systems to keep the smbpasswd (Samba password) database in sync with the unix password file. PAM (Pluggable Authentication Modules) is an API supported under some Unices, such as Solaris, HPUX and Linux, that provides a generic interface to authentication mechanisms. For more information on PAM, see http://ftp.kernel.org/pub/linux/libs/pam/ This module authenticates a local smbpasswd user database. If you require support for authenticating against a remote SMB server, or if you're concerned about the presence of suid root binaries on your system, it is recommended that you use pam_winbind instead. Options recognized by this module are as follows: debug - log more debugging info audit - like debug, but also logs unknown usernames use_first_pass - don't prompt the user for passwords; take them from PAM_ items instead try_first_pass - try to get the password from a previous PAM module, fall back to prompting the user use_authtok - like try_first_pass, but *fail* if the new PAM_AUTHTOK has not been previously set. (intended for stacking password modules only) not_set_pass- don't make passwords used by this module available to other modules. nodelay - don't insert ~1 second delays on authentication failure. nullok - null passwords are allowed. nonull - null passwords are not allowed. Used to override the Samba configuration. migrate - only meaningful in an auth context; used to update smbpasswd file with a password used for successful authentication. smbconf=file - specify an alternate path to the smb.conf file. Here is a sample PAM config line in the appropriate file/s in /etc/pam.d: password required pam_smbpass.so use_authtok use_first_pass debug I hope that helps. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net ads testjoin without asking for password
You seem to be correct :- $ NET RPC TESTJOIN Join to 'UK' is OK $ Note this is an OpenVMS server, not Linux/Unix. Rob. -Original Message- From: Khaled Blah [mailto:khaled.b...@googlemail.com] Sent: 01 July 2010 15:41 To: Atkinson, Robert Cc: samba@lists.samba.org Subject: Re: [Samba] net ads testjoin without asking for password Hi Robert, I've already tried that and it wouldn't work :( If I understand it correctly, then net writes the account password for the joining account to the secrets.tdb file and if that file still is there say after a reboot then net ads testjoin should not ask for a password right? Regards, Khaled 2010/7/1 Atkinson, Robert ratkin...@tbs-ltd.co.uk: Try :- -U username%password on the command. Rob. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Khaled Blah Sent: 01 July 2010 15:05 To: samba@lists.samba.org Subject: [Samba] net ads testjoin without asking for password Hello all, is it possible to execute net ads testjoin without net asking for a password (in any circumstance)? The reason for my question is that I want to use it in a script and thus won't be able to supply a password to net (net does not ask for a password on stdin). Thanks in advance to anyone who can shed some light on this for me! Regards, Khaled -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba * ** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 * ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] joining 2008 DC
We have several Samba systems of varying versions joined to our Windows Server 2008 Active Directory domain. I don't recall having to do anything special to get it working. -Nick On 2010/06/30 at 09:23, jiri.kout...@rb.cz wrote: Hi, We have installed Samba version 3.3.7 on AIX server. So we use AIX version 6.1 samba sw pware.samba.rte 3.3.7.0 actually connected to WIN 2003 DC We would like to upgrade our DC to WIN 2008, so the question is: can we stay with installed Samba and go towards to upgrade DC to WIN2008 ? or do we have to also upgrade Samba itself ? I mean before joining the new domain on WIN 2008 DC. thanx alot for your answer, best regards, Ji*í Koutník RaiffeisenBank, a.s. tel: +420 222 115 105 mobil: +420 603 808 302 Czech Republic This e-mail may contain confidential and privileged material for the sole use of the intended recipient. If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information. In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way. If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox. Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Default Hidden Disk Shares
On Thu, Jul 01, 2010 at 02:01:22PM +0100, Atkinson, Robert wrote: Windows automatically creates an Admin level disk share as \\server\volume$ file:///\\server\volume$ . Can anyone tell me if Samba automatically does the same without having to define these in SMB.CONF? No, sorry. That would be rather dangerous IMHO. You can easily define these yourself if you need them and export the root of the filesystem. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] joining 2008 DC
Various versions - 3.3.x, for the most part, I believe. Are you running Server 2008 or Server 2008 R2? On 2010/07/01 at 12:30, Indexer inde...@internode.on.net wrote: On 02/07/2010, at 3:34 AM, Nick Couchman wrote: We have several Samba systems of varying versions joined to our Windows Server 2008 Active Directory domain. I don't recall having to do anything special to get it working. That is interesting, as i have just been tearing out my hair for a few hours attempting to get a server 2008 system to join the samba PDC. What version of samba are you using? William This e-mail may contain confidential and privileged material for the sole use of the intended recipient. If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information. In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way. If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox. Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.0.23d
What area? The initial packages should be on the solaris DVD bash-3.00# pkginfo | grep -i samba system SUNWsmbacsamba - A Windows SMB/CIFS fileserver for UNIX (client) system SUNWsmbarsamba - A Windows SMB/CIFS fileserver for UNIX (Root) system SUNWsmbausamba - A Windows SMB/CIFS fileserver for UNIX (Usr) bash-3.00# If you go to sunsolve.sun.com and search for Samba 5.10 you should be able to find the patches to bring it up to 3.0.37. On 06/30/2010 08:44 AM, Fair, Barbara wrote: Good Morning I am looking to download the Samba 3.0.23d binary for Solaris. When I go to the area that is set up for binaries, there is nothing under the Sparc folder. Is there another place I can get the binary? Thanks in advance for your help. Barb Fair Lockheed Martin Valley Forge, PA 610-531-5442 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] joining 2008 DC
On 02/07/2010, at 3:34 AM, Nick Couchman wrote: We have several Samba systems of varying versions joined to our Windows Server 2008 Active Directory domain. I don't recall having to do anything special to get it working. That is interesting, as i have just been tearing out my hair for a few hours attempting to get a server 2008 system to join the samba PDC. What version of samba are you using? William -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wbinfo recognises my username, smbclient does not
Ok, solved my own problem, but I have no idea how, so if anyone has any insights I'd still love to hear them. From the behaviour I was seeing (described below) I had decided that perhaps there was something wrong with the smb.conf file, which I had mostly copied over from another machine. So, in desperation, I commented out every single line in the file, and added back the most basic configuration options until I could connect to the samba share with smbclient. Then, to discover what was causing my problem, I added back the other commented lines one at a time to see which one broke it. Well, in the end I added them all back, and it still works! So, in short, the solution to my problem was to comment and then uncomment the smb.conf file?!? I just ran testparm again and the output is exactly the same as the one from yesterday quoted below. Nothing else on the machine (should have) changed. I think my machine is haunted... *sigh* - rob. On 06/30/2010 03:26 PM, Rob Moser wrote: Hello folks. Brand new 3.5.4 install of samba, on a brand new redhat 5.5 install, trying to connect to a windows domain and allow AD users access. I used a series of how-tos to set things up, and modified the smb.conf and krb5.conf files from an existing (working, 3.2.8) system. I apparently join the domain ok, and I can authenticate an AD user using wbinfo, but when I try to use the same user with smbclient I get a NT_STATUS_NO_SUCH_USER response. I thought perhaps that smbclient was somehow not associating the username with the correct domain, but explicitly stating the domain didn't help. Googling about on the problem found me (among a lot of dross) someone with similar symptoms who claimed to fix his problem by adding client NTLMv2 auth = Yes to his smb.conf, so I tried that, but got no joy there either. Much diagnostic text follows; apologies for the bulk, but figured its better to put too much in than leave too much out. Any suggestions would be most appreciated; thanks. - rob. [r...@dev-acadprtsrv3 log]# kinit -V rmoser Password for rmo...@students.froot.nau.edu: Authenticated to Kerberos v5 [r...@dev-acadprtsrv3 log]# klist -5 Ticket cache: FILE:/tmp/krb5cc_0 Default principal: rmo...@students.froot.nau.edu Valid starting ExpiresService principal 06/30/10 14:19:56 07/01/10 00:20:00 krbtgt/students.froot.nau@students.froot.nau.edu renew until 07/01/10 14:19:56 [r...@dev-acadprtsrv3 log]# net ads testjoin -U rmoser Join is OK [r...@dev-acadprtsrv3 log]# wbinfo -t checking the trust secret for domain NAU-STUDENTS via RPC calls succeeded [r...@dev-acadprtsrv3 log]# wbinfo -a NAU-STUDENTS\\rmoser Enter NAU-STUDENTS\rmoser's password: plaintext password authentication succeeded Enter NAU-STUDENTS\rmoser's password: challenge/response password authentication succeeded [r...@dev-acadprtsrv3 log]# smbclient -d3 -U NAU-STUDENTS\\rmoser -L dev-acadprtsrv3.ucc.nau.edu lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] added interface eth0 ip=fe80::9015:73ff:fe64:54cf%eth0 bcast=fe80:::::%eth0 netmask=::::: added interface eth0 ip=134.114.138.189 bcast=134.114.138.255 netmask=255.255.255.0 Client started (version 3.5.4). Enter NAU-STUDENTS\rmoser's password: resolve_lmhosts: Attempting lmhosts lookup for name dev-acadprtsrv3.ucc.nau.edu0x20 resolve_wins: Attempting wins lookup for name dev-acadprtsrv3.ucc.nau.edu0x20 resolve_wins: using WINS server 134.114.138.35 and tag '*' Got a positive name query response from 134.114.138.35 ( 134.114.138.189 ) Connecting to 134.114.138.189 at port 445 Doing spnego session setup (blob length=131) got OID=1.2.840.113554.1.2.2 got OID=1.2.840.48018.1.2.2 got OID=1.3.6.1.4.1.311.2.2.10 got principal=cifs/dev-acadprtsrv3.ucc.nau@students.froot.nau.edu Got challenge flags: Got NTLMSSP neg_flags=0x60898215 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60088215 SPNEGO login failed: Logon failure session setup failed: NT_STATUS_LOGON_FAILURE [r...@dev-acadprtsrv3 log]# tail /var/log/samba/log.smbd [2010/06/30 14:12:22.530813, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [rmoser] - [rmoser] FAILED with error NT_STATUS_NO_SUCH_USER [2010/06/30 14:22:52.071828, 0] lib/util_sock.c:1505(matchname) matchname: host name/address mismatch: :::134.114.138.189 != dev-acadprtsrv3.ucc.nau.edu [2010/06/30 14:22:52.072189, 0] lib/util_sock.c:1626(get_peer_name) Matchname failed on dev-acadprtsrv3.ucc.nau.edu :::134.114.138.189 [2010/06/30 14:22:52.072281, 2] lib/access.c:406(check_access) Allowed connection from UNKNOWN
Re: [Samba] Can SAMBA work with 2008 R2 Read Only Domain controller
This is a me too. We just installed a new CentOS server (running self-compiled samba-3.5.4 from samba.org) into a remote site that only has a RODC and although the domain join appeared to work fine, every few hours it drops off the domain. i.e. net ads join worked net ads testjoin worked but then hours later net ads testjoin returns Failed to join domain: failed to connect to AD: Decrypt integrity check failed Ok Strangely enough, if I then do net ads testjoin -S real.remote.dc that works just fine. Even stranger, immediately doing net ads testjoin starts working again - for a few hours It looks like the RODC (I know this error occurs with the RODC - -d9 shows it) is returning some kind of unexpected errocode when objects aren't in its cache - and Samba freaks? Note to Serge: I think hagai is - like me - referring to Samba as a domain member - not as a domain controller. Jason On 06/07/2010 03:19 AM, Serge Fonville wrote: Hi, Have you read http://wiki.samba.org/index.php/Samba4_joining_a_domain ? # Samba4 joining a domain as a RODC HTH Regards, Serge Fonville On Sun, Jun 6, 2010 at 5:12 PM, hagai yaffe hag...@yahoo.com wrote: Hello, We are planing to utilize Microsoft 2008 R2 Read Only Domain controller, and deploy RODC's in branches. If I would like to have SAMBA servers in those branches, will I be able to add them to the domain (using net ads join) and work with them, when using the RODC's as domain controllers configured in my smb.conf krb5.conf? I have looked around and did not find any documentation for SAMBA supporting / not supporting this. I have done some testing and failed (I got Failed to join domain: failed to connect to AD: Decrypt integrity check failed Ok from the net ads join command), before investing more time in troubleshooting I hoped that someone could assist and tell me if such a configuration is possible. If this is not possible, it would be great to know why. Best Regards, Hagai -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Thu Jul 1 06:00:01 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-06-30 00:00:21.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-07-01 00:00:03.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Wed Jun 30 06:00:01 2010 +Build status as of Thu Jul 1 06:00:01 2010 Build counts: Tree Total Broken Panic @@ -16,7 +16,7 @@ samba_3_master 28 28 1 samba_3_next 28 28 3 samba_4_0_test 30 30 0 -samba_4_0_waf 30 30 1 +samba_4_0_waf 30 30 2 talloc 30 7 0 tdb 28 7 0
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 3c4353d... s3-librpc: Fixed GUID_from_data_blob() with length of 32. from 28f6e41... WHATSNEW: Start release notes for 3.5.5. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 3c4353d2aa15db278bb87c949cce2deb3a5072ca Author: Andreas Schneider a...@samba.org Date: Mon Jun 28 21:00:30 2010 +0200 s3-librpc: Fixed GUID_from_data_blob() with length of 32. If we hit the case that the blob length is 32. The code goes to the end of the function and generates a GUID with garbage. So try to convert the blob to the GUID and return. Fix bug #7538 (Backport fixes for GUID_from_data_blob). --- Summary of changes: librpc/ndr/uuid.c |9 + 1 files changed, 5 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/uuid.c b/librpc/ndr/uuid.c index 2b47246..80c35cd 100644 --- a/librpc/ndr/uuid.c +++ b/librpc/ndr/uuid.c @@ -81,11 +81,12 @@ _PUBLIC_ NTSTATUS GUID_from_data_blob(const DATA_BLOB *s, struct GUID *guid) } else if (s-length == 32) { size_t rlen = strhex_to_str((char *)blob16.data, blob16.length, (const char *)s-data, s-length); - if (rlen == blob16.length) { - /* goto the ndr_pull_struct_blob() path */ - status = NT_STATUS_OK; - s = blob16; + if (rlen != blob16.length) { + return NT_STATUS_INVALID_PARAMETER; } + + s = blob16; + return GUID_from_ndr_blob(s, guid); } if (s-length == 16) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e4ba8fb... s3-printing: Fix Bug #7541, %D in printer admin causing smbd crash. from 74721bf... s3-registry: fix malloc/talloc mismatch upon free in reg_enumvalue(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc Author: Günther Deschner g...@samba.org Date: Thu Jul 1 13:46:55 2010 +0200 s3-printing: Fix Bug #7541, %D in printer admin causing smbd crash. Guenther --- Summary of changes: source3/printing/nt_printing.c |3 ++- source3/rpc_server/srv_spoolss_nt.c | 22 +++--- 2 files changed, 17 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 657db56..9ed6461 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5678,7 +5678,8 @@ bool print_access_check(struct auth_serversupplied_info *server_info, int snum, if (!NT_STATUS_IS_OK(status) (token_contains_name_in_list(uidtoname(server_info-utok.uid), -NULL, NULL, server_info-ptok, +server_info-info3-base.domain.string, +NULL, server_info-ptok, lp_printer_admin(snum { talloc_destroy(mem_ctx); return True; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 6fd3695..c844027 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1567,7 +1567,8 @@ WERROR _spoolss_OpenPrinterEx(pipes_struct *p, se_printop ) !token_contains_name_in_list( uidtoname(p-server_info-utok.uid), - NULL, NULL, + p-server_info-info3-base.domain.string, + NULL, p-server_info-ptok, lp_printer_admin(snum))) { close_printer_handle(p, r-out.handle); @@ -1863,8 +1864,10 @@ WERROR _spoolss_DeletePrinterDriver(pipes_struct *p, if ( (p-server_info-utok.uid != sec_initial_uid()) !user_has_privileges(p-server_info-ptok, se_printop ) !token_contains_name_in_list( - uidtoname(p-server_info-utok.uid), NULL, - NULL, p-server_info-ptok, + uidtoname(p-server_info-utok.uid), + p-server_info-info3-base.domain.string, + NULL, + p-server_info-ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -1962,7 +1965,9 @@ WERROR _spoolss_DeletePrinterDriverEx(pipes_struct *p, if ( (p-server_info-utok.uid != sec_initial_uid()) !user_has_privileges(p-server_info-ptok, se_printop ) !token_contains_name_in_list( - uidtoname(p-server_info-utok.uid), NULL, NULL, + uidtoname(p-server_info-utok.uid), + p-server_info-info3-base.domain.string, + NULL, p-server_info-ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -7825,7 +7830,8 @@ WERROR _spoolss_AddForm(pipes_struct *p, if ((p-server_info-utok.uid != sec_initial_uid()) !user_has_privileges(p-server_info-ptok, se_printop) !token_contains_name_in_list(uidtoname(p-server_info-utok.uid), - NULL, NULL, + p-server_info-info3-base.domain.string, + NULL, p-server_info-ptok, lp_printer_admin(snum))) { DEBUG(2,(_spoolss_Addform: denied by insufficient permissions.\n)); @@ -7924,7 +7930,8 @@ WERROR _spoolss_DeleteForm(pipes_struct *p, if ((p-server_info-utok.uid != sec_initial_uid()) !user_has_privileges(p-server_info-ptok, se_printop) !token_contains_name_in_list(uidtoname(p-server_info-utok.uid), - NULL, NULL, + p-server_info-info3-base.domain.string, + NULL, p-server_info-ptok, lp_printer_admin(snum))) {
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de8a339... s4:registry - move some common constraint checks to the local backend via d81e2af... s4:lib/registry/tests/registry.c - test recursive key generation via ae50385... s4:registry - on key add operations we have to handle with paths not always only a name via 781ea5b... s4:lib/registry/local.c - support recursive key generation via 809c747... s4:lib/registry/ldb.c - refactor reg_path_to_ldb via 50ae292... s4:lib/registry/ldb.c - use ldb_path rather than ldap_path as LDB key varibale identifiers via d0e877e... s4:lib/registry/ldb.c - ldb_add_key - fix talloc handling from e4ba8fb... s3-printing: Fix Bug #7541, %D in printer admin causing smbd crash. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de8a339cdf95f6737a8b1d34aa2aa9287bae0e46 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 16:10:32 2010 +0200 s4:registry - move some common constraint checks to the local backend They should also be enforced when we don't use ldb. commit d81e2af69de4401335681d859c44b2c30fb4456c Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 18:27:49 2010 +0200 s4:lib/registry/tests/registry.c - test recursive key generation commit ae50385d524d8cb4831d8eb0c45feb4d04437f28 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 18:08:47 2010 +0200 s4:registry - on key add operations we have to handle with paths not always only a name Recursive key generations are allowed. commit 781ea5be1399de8abe201ab239d3915331264deb Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 15:45:37 2010 +0200 s4:lib/registry/local.c - support recursive key generation Code taken from local_open_key. commit 809c74790006c985ac64eb7823a4a450498c832f Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Jun 24 21:12:19 2010 +0200 s4:lib/registry/ldb.c - refactor reg_path_to_ldb This makes it easier to understand and would also support splitting in more DN components. commit 50ae292e60e53275f87ad2281b25eda34d0af59c Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 17:37:45 2010 +0200 s4:lib/registry/ldb.c - use ldb_path rather than ldap_path as LDB key varibale identifiers commit d0e877e785f6463dadbb973bc42174674cbdbad2 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Jun 29 15:52:19 2010 +0200 s4:lib/registry/ldb.c - ldb_add_key - fix talloc handling - free msg when possible - prevent talloc_strdups where not necessary --- Summary of changes: source4/lib/registry/interface.c |4 +- source4/lib/registry/ldb.c| 112 ++-- source4/lib/registry/local.c | 115 ++--- source4/lib/registry/registry.h |2 +- source4/lib/registry/rpc.c|4 +- source4/lib/registry/tests/registry.c | 11 +-- 6 files changed, 132 insertions(+), 116 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/registry/interface.c b/source4/lib/registry/interface.c index c5d5ce8..07e606d 100644 --- a/source4/lib/registry/interface.c +++ b/source4/lib/registry/interface.c @@ -202,7 +202,7 @@ _PUBLIC_ WERROR reg_key_del(TALLOC_CTX *mem_ctx, struct registry_key *parent, */ _PUBLIC_ WERROR reg_key_add_name(TALLOC_CTX *mem_ctx, struct registry_key *parent, -const char *name, const char *key_class, +const char *path, const char *key_class, struct security_descriptor *desc, struct registry_key **newkey) { @@ -215,7 +215,7 @@ _PUBLIC_ WERROR reg_key_add_name(TALLOC_CTX *mem_ctx, return WERR_NOT_SUPPORTED; } - return parent-context-ops-create_key(mem_ctx, parent, name, + return parent-context-ops-create_key(mem_ctx, parent, path, key_class, desc, newkey); } diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c index 2b08445..122f565 100644 --- a/source4/lib/registry/ldb.c +++ b/source4/lib/registry/ldb.c @@ -277,44 +277,46 @@ static struct ldb_dn *reg_path_to_ldb(TALLOC_CTX *mem_ctx, const char *path, const char *add) { struct ldb_dn *ret; - char *mypath = talloc_strdup(mem_ctx, path); + char *mypath; char *begin; struct ldb_key_data *kd = talloc_get_type(from, struct ldb_key_data); struct ldb_context *ldb = kd-ldb; + mypath = talloc_strdup(mem_ctx, path); + if (mypath == NULL) { + return NULL; + } +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 21c2155... s4:lib/registry/ldb.c - free some msg objects earlier through explicit talloc_frees from de8a339... s4:registry - move some common constraint checks to the local backend http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 21c215512661907832570d18e7e61b3bb6447dcf Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Jul 1 16:35:12 2010 +0200 s4:lib/registry/ldb.c - free some msg objects earlier through explicit talloc_frees No other functional change --- Summary of changes: source4/lib/registry/ldb.c | 11 ++- 1 files changed, 10 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c index 122f565..c14ee70 100644 --- a/source4/lib/registry/ldb.c +++ b/source4/lib/registry/ldb.c @@ -417,8 +417,10 @@ static WERROR ldb_get_default_value(TALLOC_CTX *mem_ctx, return WERR_FOOBAR; } - if (res-count == 0 || res-msgs[0]-num_elements == 0) + if (res-count == 0 || res-msgs[0]-num_elements == 0) { + talloc_free(res); return WERR_BADFILE; + } if ((data_type != NULL) (data != NULL)) { reg_ldb_unpack_value(mem_ctx, res-msgs[0], name, data_type, @@ -647,6 +649,9 @@ static WERROR ldb_del_value(TALLOC_CTX *mem_ctx, struct hive_key *key, ldb_msg_add_empty(msg, type, LDB_FLAG_MOD_DELETE, NULL); ret = ldb_modify(kd-ldb, msg); + + talloc_free(msg); + if (ret != LDB_SUCCESS) { DEBUG(1, (ldb_del_value: %s\n, ldb_errstring(kd-ldb))); return WERR_FOOBAR; @@ -758,6 +763,8 @@ static WERROR ldb_del_key(TALLOC_CTX *mem_ctx, const struct hive_key *key, } } } + talloc_free(res_keys); + talloc_free(res_vals); /* Delete the key itself */ ret = ldb_delete(c, ldb_path); @@ -836,6 +843,8 @@ static WERROR ldb_set_value(struct hive_key *parent, ret = LDB_SUCCESS; } + talloc_free(msg); + if (ret != LDB_SUCCESS) { DEBUG(1, (ldb_set_value: %s\n, ldb_errstring(kd-ldb))); talloc_free(mem_ctx); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c2e2f78... s4:dsdb/tests/python/passwords.py - add the right result codes for user password changes from 21c2155... s4:lib/registry/ldb.c - free some msg objects earlier through explicit talloc_frees http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c2e2f783d02c7128ce1d7748ec2764998edc1be1 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Jul 1 17:23:01 2010 +0200 s4:dsdb/tests/python/passwords.py - add the right result codes for user password changes They will be enabled once the ACL modules supports it. It was my fault to not import them earlier. --- Summary of changes: source4/dsdb/tests/python/passwords.py |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/tests/python/passwords.py b/source4/dsdb/tests/python/passwords.py index fd2ed1c..bf9e909 100755 --- a/source4/dsdb/tests/python/passwords.py +++ b/source4/dsdb/tests/python/passwords.py @@ -26,7 +26,7 @@ from samba.auth import system_session from samba.credentials import Credentials from ldb import SCOPE_BASE, LdbError from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS -from ldb import ERR_UNWILLING_TO_PERFORM +from ldb import ERR_UNWILLING_TO_PERFORM, ERR_INSUFFICIENT_ACCESS_RIGHTS from ldb import ERR_NO_SUCH_ATTRIBUTE from ldb import ERR_CONSTRAINT_VIOLATION from ldb import Message, MessageElement, Dn @@ -341,6 +341,7 @@ userPassword: thatsAcomplPASS1 self.fail() except LdbError, (num, _): self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) +#self.assertEquals(num, ERR_INSUFFICIENT_ACCESS_RIGHTS) try: ldb.modify_ldif( @@ -427,6 +428,7 @@ userPassword: thatsAcomplPASS2 self.fail() except LdbError, (num, _): self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) +#self.assertEquals(num, ERR_INSUFFICIENT_ACCESS_RIGHTS) try: ldb.modify_ldif( @@ -457,6 +459,7 @@ userPassword: thatsAcomplPASS2 self.fail() except LdbError, (num, _): self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) +#self.assertEquals(num, ERR_INSUFFICIENT_ACCESS_RIGHTS) try: ldb.modify_ldif( @@ -487,6 +490,7 @@ userPassword: thatsAcomplPASS3 self.fail() except LdbError, (num, _): self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) +#self.assertEquals(num, ERR_INSUFFICIENT_ACCESS_RIGHTS) # Reverse order does work self.ldb2.modify_ldif( -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2f9076a... s3-libads: use shared well known guids. via b9e6962... s3-libads: move KRB5_ENV_CCNAME to separate header krb5_env.h. from c2e2f78... s4:dsdb/tests/python/passwords.py - add the right result codes for user password changes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2f9076ac29904c98e1a794d04c79db637283f888 Author: Günther Deschner g...@samba.org Date: Wed Jun 30 23:09:05 2010 +0200 s3-libads: use shared well known guids. Guenther commit b9e6962dd7616eaeaf8a0bc42c1180541ca06dd3 Author: Günther Deschner g...@samba.org Date: Wed Jun 30 22:32:00 2010 +0200 s3-libads: move KRB5_ENV_CCNAME to separate header krb5_env.h. Guenther --- Summary of changes: source3/include/ads.h |6 -- source3/include/includes.h |1 + source3/include/krb5_env.h |2 ++ source3/libads/ldap.c |2 +- source3/utils/net_ads.c|4 ++-- 5 files changed, 6 insertions(+), 9 deletions(-) create mode 100644 source3/include/krb5_env.h Changeset truncated at 500 lines: diff --git a/source3/include/ads.h b/source3/include/ads.h index d0bae80..132586f 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -241,12 +241,6 @@ typedef void **ADS_MODLIST; #define ADS_AUTH_SASL_FORCE 0x0080 #define ADS_AUTH_USER_CREDS 0x0100 -/* Kerberos environment variable names */ -#define KRB5_ENV_CCNAME KRB5CCNAME - -#define WELL_KNOWN_GUID_COMPUTERS AA312825768811D1ADED00C04FD8D5CD -#define WELL_KNOWN_GUID_USERS A9D1CA15768811D1ADED00C04FD8D5CD - enum ads_extended_dn_flags { ADS_EXTENDED_DN_HEX_STRING = 0, ADS_EXTENDED_DN_STRING = 1 /* not supported on win2k */ diff --git a/source3/include/includes.h b/source3/include/includes.h index 02a8494..9c97042 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -626,6 +626,7 @@ extern void *cmdline_lp_ctx; #include ../lib/util/time.h #include ../lib/util/asn1.h +#include krb5_env.h #include ads.h #include ads_dns.h #include interfaces.h diff --git a/source3/include/krb5_env.h b/source3/include/krb5_env.h new file mode 100644 index 000..aa96795 --- /dev/null +++ b/source3/include/krb5_env.h @@ -0,0 +1,2 @@ +/* Kerberos environment variable names */ +#define KRB5_ENV_CCNAME KRB5CCNAME diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 98da8ff..af48fda 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1602,7 +1602,7 @@ char *ads_ou_string(ADS_STRUCT *ads, const char *org_unit) if (!org_unit || !*org_unit) { - ret = ads_default_ou_string(ads, WELL_KNOWN_GUID_COMPUTERS); + ret = ads_default_ou_string(ads, DS_GUID_COMPUTERS_CONTAINER); /* samba4 might not yet respond to a wellknownobject-query */ return ret ? ret : SMB_STRDUP(cn=Computers); diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 4aea9a7..700d98b 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -476,7 +476,7 @@ static int ads_user_add(struct net_context *c, int argc, const char **argv) if (c-opt_container) { ou_str = SMB_STRDUP(c-opt_container); } else { - ou_str = ads_default_ou_string(ads, WELL_KNOWN_GUID_USERS); + ou_str = ads_default_ou_string(ads, DS_GUID_USERS_CONTAINER); } status = ads_add_user_acct(ads, argv[0], ou_str, c-opt_comment); @@ -770,7 +770,7 @@ static int ads_group_add(struct net_context *c, int argc, const char **argv) if (c-opt_container) { ou_str = SMB_STRDUP(c-opt_container); } else { - ou_str = ads_default_ou_string(ads, WELL_KNOWN_GUID_USERS); + ou_str = ads_default_ou_string(ads, DS_GUID_USERS_CONTAINER); } status = ads_add_group_acct(ads, argv[0], ou_str, c-opt_comment); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via eb634e8... s3-libnet_join: small IDL enhancement. from 2f9076a... s3-libads: use shared well known guids. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit eb634e8c7fcce424186514a8e0a8a799d6e7fc8d Author: Günther Deschner g...@samba.org Date: Thu Jul 1 01:19:39 2010 +0200 s3-libnet_join: small IDL enhancement. Guenther --- Summary of changes: source3/libads/ndr.c |2 -- source3/librpc/idl/libnet_join.idl |4 ++-- 2 files changed, 2 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c index 9ee249f..397aa2c 100644 --- a/source3/libads/ndr.c +++ b/source3/libads/ndr.c @@ -39,8 +39,6 @@ void ndr_print_ads_auth_flags(struct ndr_print *ndr, const char *name, uint32_t void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ads_struct *r) { - if (!r) { return; } - ndr_print_struct(ndr, name, ads_struct); ndr-depth++; ndr_print_bool(ndr, is_mine, r-is_mine); diff --git a/source3/librpc/idl/libnet_join.idl b/source3/librpc/idl/libnet_join.idl index 9984e9e..b67400c 100644 --- a/source3/librpc/idl/libnet_join.idl +++ b/source3/librpc/idl/libnet_join.idl @@ -28,7 +28,7 @@ interface libnetjoin [in] boolean8 create_upn, [in] string upn, [in] boolean8 modify_config, - [in] ads_struct *ads, + [in,unique] ads_struct *ads, [in] boolean8 debug, [in] boolean8 use_kerberos, [in] netr_SchannelType secure_channel_type, @@ -56,7 +56,7 @@ interface libnetjoin [in] boolean8 delete_machine_account, [in] boolean8 modify_config, [in] dom_sid *domain_sid, - [in] ads_struct *ads, + [in,unique] ads_struct *ads, [in] boolean8 debug, [in] boolean8 use_kerberos, [in,noprint] messaging_context *msg_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 568a54f... s3-waf: fix the build after smbd/change_trust_pw.c removal. via f7a3bd4... tdb: fix the build on mac os x 10.6.4. from eb634e8... s3-libnet_join: small IDL enhancement. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 568a54f324c4564438edd6369ae4fdf17b667e6e Author: Günther Deschner g...@samba.org Date: Thu Jul 1 23:15:13 2010 +0200 s3-waf: fix the build after smbd/change_trust_pw.c removal. Guenther commit f7a3bd4fa42eba56675c46d0a2baf0dccded8018 Author: Günther Deschner g...@samba.org Date: Thu Jun 3 19:05:43 2010 +0200 tdb: fix the build on mac os x 10.6.4. Guenther --- Summary of changes: lib/tdb/common/transaction.c |4 source3/wscript_build|2 +- 2 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/transaction.c b/lib/tdb/common/transaction.c index 304a03f..ebf1cec 100644 --- a/lib/tdb/common/transaction.c +++ b/lib/tdb/common/transaction.c @@ -548,7 +548,11 @@ static int transaction_sync(struct tdb_context *tdb, tdb_off_t offset, tdb_len_t return 0; } +#ifdef HAVE_FDATASYNC if (fdatasync(tdb-fd) != 0) { +#else + if (fsync(tdb-fd) != 0) { +#endif tdb-ecode = TDB_ERR_IO; TDB_LOG((tdb, TDB_DEBUG_FATAL, tdb_transaction: fsync failed\n)); return -1; diff --git a/source3/wscript_build b/source3/wscript_build index d91d2be..cc7ebd3 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -686,7 +686,7 @@ SMBD_SRC_SRV = '''smbd/server_reload.c smbd/files.c smbd/connection.c smbd/process.c smbd/service.c smbd/error.c printing/printfsp.c lib/sysquotas.c lib/sysquotas_linux.c lib/sysquotas_xfs.c lib/sysquotas_4A.c - smbd/change_trust_pw.c smbd/fake_file.c + smbd/fake_file.c smbd/quotas.c smbd/ntquotas.c ${AFS_SRC} smbd/msdfs.c ${AFS_SETTOKEN_SRC} smbd/aio.c smbd/statvfs.c smbd/dmapi.c smbd/signing.c -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d1538ad... s3-nss_info: only include nss_info.h where needed. via 04641ab... s3-libads: move ldap posix schema defines to their own header file. via 3f453f7... s3-libads: move spnego defines to their appropriate header file. via dff7be8... s3-libads: only include libds flags where needed. via 6d810ef... s3-libads: move keytab macros out of ads.h. via 56538be... s3-libads: move ads_dns out of main includes. via e64df82... s3-libads: move ads_status to a separate header file. via 6b25d47... s3-libads: move ads_protos.h to ads_ldap_protos.h. from 568a54f... s3-waf: fix the build after smbd/change_trust_pw.c removal. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d1538add736ae3ac7ca3c728e2bd1696d588b374 Author: Günther Deschner g...@samba.org Date: Thu Jul 1 00:44:15 2010 +0200 s3-nss_info: only include nss_info.h where needed. Guenther commit 04641abb33a06486327088105b578865ed727a23 Author: Günther Deschner g...@samba.org Date: Wed Jun 30 23:48:34 2010 +0200 s3-libads: move ldap posix schema defines to their own header file. Guenther commit 3f453f73a80c98cc98b6b61698c547339817285c Author: Günther Deschner g...@samba.org Date: Wed Jun 30 23:47:03 2010 +0200 s3-libads: move spnego defines to their appropriate header file. Guenther commit dff7be8ccb9538cfe8468884aa2eecd129c631cb Author: Günther Deschner g...@samba.org Date: Wed Jun 30 23:38:57 2010 +0200 s3-libads: only include libds flags where needed. Guenther commit 6d810eff81f6a0abb371b2661cb0711e46e1bf1d Author: Günther Deschner g...@samba.org Date: Wed Jun 30 23:20:22 2010 +0200 s3-libads: move keytab macros out of ads.h. Guenther commit 56538be6af9d4d76bffe5f142ba6a62e978561da Author: Günther Deschner g...@samba.org Date: Wed Jun 30 22:36:40 2010 +0200 s3-libads: move ads_dns out of main includes. Guenther commit e64df82146cf62ae6e13b8e4c1adcc8b49b2fd6d Author: Günther Deschner g...@samba.org Date: Mon May 31 12:51:58 2010 +0200 s3-libads: move ads_status to a separate header file. Guenther commit 6b25d47fea231fad2009a1e0971ccfa1acf68176 Author: Günther Deschner g...@samba.org Date: Mon May 31 12:51:29 2010 +0200 s3-libads: move ads_protos.h to ads_ldap_protos.h. Guenther --- Summary of changes: libcli/auth/spnego.h |6 ++ source3/include/ads.h| 107 -- source3/include/ads_dns.h| 61 --- source3/include/ads_protos.h | 123 -- source3/include/includes.h |5 +- source3/include/proto.h | 58 -- source3/include/smb.h| 12 +++ source3/include/smb_macros.h |9 ++ source3/lib/netapi/user.c|1 + source3/libads/ads_ldap_protos.h | 123 ++ source3/libads/ads_status.h | 42 ++ source3/libads/disp_sec.c|1 + source3/libads/dns.c |1 + source3/libads/dns.h | 90 ++ source3/libads/ldap.c|2 + source3/libads/ldap_schema.c |1 + source3/libads/ldap_schema.h | 62 +++ source3/libads/ldap_user.c |1 + source3/libnet/libnet_join.c |2 + source3/libsmb/dsgetdcname.c |1 + source3/libsmb/namequery.c |1 + source3/passdb/pdb_ads.c |1 + source3/utils/net_ads.c |2 + source3/utils/net_ads_gpo.c |1 + source3/utils/net_lookup.c |1 + source3/winbindd/idmap_ad.c |3 + source3/winbindd/idmap_adex/cell_util.c |1 + source3/winbindd/idmap_adex/idmap_adex.c |1 + source3/winbindd/idmap_hash/idmap_hash.c |1 + source3/winbindd/winbindd_ads.c |1 + source3/winbindd/winbindd_cache.c|1 + 31 files changed, 370 insertions(+), 352 deletions(-) delete mode 100644 source3/include/ads_dns.h delete mode 100644 source3/include/ads_protos.h create mode 100644 source3/libads/ads_ldap_protos.h create mode 100644 source3/libads/ads_status.h create mode 100644 source3/libads/dns.h create mode 100644 source3/libads/ldap_schema.h Changeset truncated at 500 lines: diff --git a/libcli/auth/spnego.h b/libcli/auth/spnego.h index 4b60f22..6aed765 100644 --- a/libcli/auth/spnego.h +++ b/libcli/auth/spnego.h @@ -33,6 +33,12 @@ #define SPNEGO_CONF_FLAG 0x20 #define SPNEGO_INTEG_FLAG0x40 +#define TOK_ID_KRB_AP_REQ ((const
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3721161... s3:auth Fix switch statement referencing a uninitialized variable from d1538ad... s3-nss_info: only include nss_info.h where needed. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3721161d90c835604f38d2f178fbcd8c5f708077 Author: Simo Sorce i...@samba.org Date: Thu Jul 1 17:47:46 2010 -0400 s3:auth Fix switch statement referencing a uninitialized variable Looking at the original commit (9a747d500fad699038ecf75615c680a9fd9e4cc7) this seem the right solution. Andrew please check. --- Summary of changes: source3/rpc_server/srv_pipe.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 65251ec..3bc997e 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1139,7 +1139,7 @@ static bool pipe_spnego_auth_bind_negotiate(pipes_struct *p, prs_struct *rpc_in_ goto err; } - switch (auth_info.auth_level) { + switch (pauth_info-auth_level) { case DCERPC_AUTH_LEVEL_INTEGRITY: auth_ntlmssp_want_sign(a); break; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c482798... s4:dsdb Ensure we free old schema copies via 5a66edc... s4/dsdb: Assert DSDB_FLAG_*_MODULE is always passed in function call via 7347499... s4-source4/dsdb/samdb/ldb_modules/util.c Use DSDB_FLAG_NEXT_MODULE flag via 682f7a5... s4-source4/dsdb/samdb/ldb_modules/subtree_delete.c: Use DSDB_FLAG_NEXT_MODULE flag via bf373d5... s4-source4/dsdb/samdb/ldb_modules/schema_load.c: Use DSDB_FLAG_NEXT_MODULE flag via 7c653c4... s4-source4/dsdb/samdb/ldb_modules/samldb.c: Use DSDB_FLAG_NEXT_MODULE flag via 0e023f2... s4-source4/dsdb/samdb/ldb_modules/samba3sid.c: Use DSDB_FLAG_NEXT_MODULE flag via 30a69eb... s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flag via 68c6e60... s4-source4/dsdb/samdb/ldb_modules/ridalloc.c: Use DSDB_FLAG_NEXT_MODULE flag via f3f87e8... s4-source4/dsdb/samdb/ldb_modules/repl_meta_data.c: Use DSDB_FLAG_NEXT_MODULE flag via b29921b... s4-dsdb/samdb/ldb_modules/linked_attributes.c: make use of DSDB_FLAG_NEXT_MODULE flag via f570eec... s4/dsdb: Add DSDB_FLAG_NEXT_MODULE flag from 3721161... s3:auth Fix switch statement referencing a uninitialized variable http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c48279896d93ab8d4490cbf9d47eb6f763b43785 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 30 23:25:32 2010 +1000 s4:dsdb Ensure we free old schema copies It was reported by aatanasov that we kept around one whole schema per modification made. This does not fix that, but I hope moves us closer to a fix The most important part of the fix is that: - if (schema_out != schema_in) { - talloc_unlink(schema_in, ldb); - } was the wrong way around. This is now handled in the schema_set calls. Andrew Bartlett commit 5a66edc99ee782e36efa2fc64a7603247ba3abc1 Author: Kamen Mazdrashki kame...@samba.org Date: Thu Jul 1 23:47:02 2010 +0300 s4/dsdb: Assert DSDB_FLAG_*_MODULE is always passed in function call Signed-off-by: Andrew Bartlett abart...@samba.org commit 73474998e167837002da495993fa75de17e3aecd Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:29:05 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/util.c Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit 682f7a53383f1c72f53fc5238f4ca2db348f9df3 Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:28:46 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/subtree_delete.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit bf373d5c29737264724ae4f86e05a79d7b69b4ee Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:28:30 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/schema_load.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit 7c653c429a7d31d00620fc8cfda913a814c1048f Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:28:10 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/samldb.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit 0e023f23408df71aa3ad24f0a78cfead44d63d4b Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:27:51 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/samba3sid.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit 30a69eb4a0cf61cc21c11bbb71494aae57bfe139 Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:27:32 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit 68c6e607d9facd20ba792cd8f8e1a5e8740bf300 Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:26:53 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/ridalloc.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit f3f87e8deed86d066346e852269ae12d1966ea0a Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:26:07 2010 +0300 s4-source4/dsdb/samdb/ldb_modules/repl_meta_data.c: Use DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit b29921b82ea34f307f04acb86afe64f33a69ab1e Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:25:28 2010 +0300 s4-dsdb/samdb/ldb_modules/linked_attributes.c: make use of DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett abart...@samba.org commit f570eec26432a66d7fbc2a70017b3df8dbdd1e89 Author: Kamen Mazdrashki kame...@samba.org Date: Mon Jun 28 21:07:51 2010 +0300 s4/dsdb: Add DSDB_FLAG_NEXT_MODULE flag Although it is not currently used in
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 84c5dd1... s4-ldb: fixed error handling in openldap backend via 277a9b4... s4-ldb: fixed the parsing of references in the openldap backend via f9022a1... s4-dsdb: fixed use after free of sasl mechanisms opaque via 2671b5a... s4-dsdb: fixed spelling of supportedSASLMechanisms from c482798... s4:dsdb Ensure we free old schema copies http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 84c5dd1e4bb1b4c45d7b5ac68ab432cfc399835c Author: Andrew Tridgell tri...@samba.org Date: Fri Jul 2 11:39:28 2010 +1000 s4-ldb: fixed error handling in openldap backend fixed several bugs in error handling. the ldb context was used without being initialised in the error paths, and several error paths did not set an ldb error string. commit 277a9b4aaca60745acfa3f82bd021390de337a26 Author: Andrew Tridgell tri...@samba.org Date: Fri Jul 2 11:37:50 2010 +1000 s4-ldb: fixed the parsing of references in the openldap backend We need to use ldap_parse_reference() not ldap_parse_result() commit f9022a1a30dbe57c6b6226c1f3d749b0ba87ce66 Author: Andrew Tridgell tri...@samba.org Date: Wed Jun 30 13:49:05 2010 +1000 s4-dsdb: fixed use after free of sasl mechanisms opaque the supportedSASLMechanisms opaque must live for at least as long as the ldb, or we can crash when the first connection is torn down Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit 2671b5aeb0442b1c2a67ba9c43113ba3eec6bc15 Author: Andrew Tridgell tri...@samba.org Date: Wed Jun 30 13:47:29 2010 +1000 s4-dsdb: fixed spelling of supportedSASLMechanisms Pair-Programmed-With: Andrew Bartlett abart...@samba.org --- Summary of changes: source4/dsdb/samdb/ldb_modules/rootdse.c |2 +- source4/ldap_server/ldap_backend.c |8 ++- source4/lib/ldb/ldb_ldap/ldb_ldap.c | 31 - 3 files changed, 29 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 0cb0f3f..2219f59 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -220,7 +220,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms } } - server_sasl = talloc_get_type(ldb_get_opaque(ldb, supportedSASLMechanims), + server_sasl = talloc_get_type(ldb_get_opaque(ldb, supportedSASLMechanisms), char *); if (server_sasl do_attribute(attrs, supportedSASLMechanisms)) { unsigned int i; diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c index c1bd630..23210fa 100644 --- a/source4/ldap_server/ldap_backend.c +++ b/source4/ldap_server/ldap_backend.c @@ -219,7 +219,13 @@ NTSTATUS ldapsrv_backend_Init(struct ldapsrv_connection *conn) } } talloc_unlink(conn, ops); - ldb_set_opaque(conn-ldb, supportedSASLMechanims, sasl_mechs); + + /* ldb can have a different lifetime to conn, so we + need to ensure that sasl_mechs lives as long as the + ldb does */ + talloc_steal(conn-ldb, sasl_mechs); + + ldb_set_opaque(conn-ldb, supportedSASLMechanisms, sasl_mechs); } return NT_STATUS_OK; diff --git a/source4/lib/ldb/ldb_ldap/ldb_ldap.c b/source4/lib/ldb/ldb_ldap/ldb_ldap.c index 11edd34..292da7a 100644 --- a/source4/lib/ldb/ldb_ldap/ldb_ldap.c +++ b/source4/lib/ldb/ldb_ldap/ldb_ldap.c @@ -282,7 +282,7 @@ static int lldb_add(struct lldb_context *lldb_ac) char *dn; int ret; - ldb_module_get_ctx(module); + ldb = ldb_module_get_ctx(module); ldb_request_set_state(req, LDB_ASYNC_PENDING); @@ -321,7 +321,7 @@ static int lldb_modify(struct lldb_context *lldb_ac) char *dn; int ret; - ldb_module_get_ctx(module); + ldb = ldb_module_get_ctx(module); ldb_request_set_state(req, LDB_ASYNC_PENDING); @@ -359,7 +359,7 @@ static int lldb_delete(struct lldb_context *lldb_ac) char *dnstr; int ret; - ldb_module_get_ctx(module); + ldb = ldb_module_get_ctx(module); ldb_request_set_state(req, LDB_ASYNC_PENDING); @@ -391,7 +391,7 @@ static int lldb_rename(struct lldb_context *lldb_ac) char *parentdn; int ret; - ldb_module_get_ctx(module); + ldb = ldb_module_get_ctx(module); ldb_request_set_state(req, LDB_ASYNC_PENDING); @@ -502,20 +502,24 @@ static bool lldb_parse_result(struct lldb_context *ac, LDAPMessage *result) ldbmsg