Re: [Samba] ubuntu, ocfs2 with cman and ctdb
Gfs2 on centOS is working for me with ctdb. Gluster 3.2.1 is working with some tricks on Centos without using ctdb on a PDC BDC situation. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Jeremy Allison Gesendet: Dienstag, 21. Juni 2011 02:27 An: charles Cc: samba@lists.samba.org Betreff: Re: [Samba] ubuntu, ocfs2 with cman and ctdb On Mon, Jun 20, 2011 at 03:18:02PM -0600, charles wrote: hi guys, we're evaluating the available clustering options to get ctdb up and running for a highly available file server. we've set up both gluster and ocfs2 both on seperate 2 node setups. ocfs2 seems to provide better throughput and iops to samba clients than does gluster and that is comparing a single node server to a ctdb clustered 2 node server. problem with ocfs2 is that i've been unable to configure it to utilize cman's stack to provide proper locking for ctdb. gfs2 is up next. does anyone have any pointers/tutorials/document for getting ocfs2 set up with cman on ubunutu? Jim Mcdonough and his team @ SuSE has done most of the work looking at Samba/CTDB with ocfs2. Jim, any comments ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] problems after Upgrade to Samba version 3.5.8-SerNet-Debian
Hi all, after update to Samba version 3.5.8-SerNet-Debian, I've got the following errors, when I try to connect to the share via smbclient: Domain=[ESERVICE] OS=[Unix] Server=[Samba 3.5.8-SerNet-Debian] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD In my global definitions I set security to share. ... security = share client lanman auth = yes guest account = edi invalid users = root encrypt passwords = yes passdb backend = tdbsam:/etc/samba/passdb.tdb ... When I do not set 'client lanman auth' I also got an error: Domain=[ESERVICE] OS=[Unix] Server=[Samba 3.5.8-SerNet-Debian] Server not using user level security and no password supplied. Server requested LANMAN password (share-level security) but 'client lanman auth' is disabled tree connect failed: NT_STATUS_ACCESS_DENIED My share definition is listed below: .. guest ok = no public = no valid users = edi hosts allow = .. I only can connect to share when I set security to user.. Why? What is different in this version? Any suggestions? Walter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Setting domain group ownership on files
Hi, I have been testing out a samba installation and am slowly getting to a point where I am ready to push the project live. I have been playing with a domain member server that uses winbindd. I have created a share in /tmp called public to see what happens with user and group permissions. I created the directory as follows: mkdir /tmp/public; chgrp users /tmp/public; chmod 2777 /tmp/public. Then from a Windows XP work station I logged in as a domain user, connected to the share and created a folder. When I list the folder from the shell on the server I see: root@dev2:/etc/samba# ls -ltr /tmp/public/ total 4 drwxrwxr-x 2 DOM\djohn users 4096 2011-06-21 11:44 d_john That's great, the domain user owns the file. However the group owner is the local group 'users' (coming from the chmod above). My question is Is there a way to chgrp the parent folder to the DOM\Domain users group? or do I have to employ a groupmap between Domain users and the local users group? Thanks, Dermot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Machines randomly kicks out of the domain
Hello Sorry to ask here, but all googeling doesn't helped. We have several samba domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked fine so far. Know we begin to see that random machines begin to kick out of the domain with the error: _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ Nothing was changed (no updates or anything else) on the client machine nor the samba server. The registry keys for SignOrSeal and StrongKey are already set correctly. I can't see any additional error Maybe somebody faced the same problem and give me a hint. Thanks a lot. Roland The Full log for the login try of the machine is: [2011/06/21 11:49:33.372812, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: MBBUCHHALTUNG04$ [2011/06/21 11:49:33.372837, 10] passdb/pdb_get_set.c:608(pdb_set_username) pdb_set_username: setting username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372867, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 12 - now SET [2011/06/21 11:49:33.372894, 10] passdb/pdb_get_set.c:631(pdb_set_domain) pdb_set_domain: setting domain METHABAU-PUR, was [2011/06/21 11:49:33.372908, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 14 - now DEFAULT [2011/06/21 11:49:33.372922, 10] passdb/pdb_get_set.c:654(pdb_set_nt_username) pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372935, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 15 - now SET [2011/06/21 11:49:33.372952, 10] passdb/pdb_get_set.c:550(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372966, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372981, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 18 - now SET [2011/06/21 11:49:33.372994, 11] passdb/pdb_get_set.c:299(pdb_get_init_flags) element 18: SET [2011/06/21 11:49:33.373010, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 21 - now SET [2011/06/21 11:49:33.373051, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.373065, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 13 - now SET [2011/06/21 11:49:33.373081, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive Z:, was NULL [2011/06/21 11:49:33.373094, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 3 - now DEFAULT [2011/06/21 11:49:33.373113, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) pdb_set_homedir: setting home dir \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was [2011/06/21 11:49:33.373127, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 1 - now DEFAULT [2011/06/21 11:49:33.373144, 10] passdb/pdb_get_set.c:700(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2011/06/21 11:49:33.373157, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 4 - now DEFAULT [2011/06/21 11:49:33.373175, 10] passdb/pdb_get_set.c:723(pdb_set_profile_path) pdb_set_profile_path: setting profile path \\HALLE\Profiles\mbbuchhaltung04_, was [2011/06/21 11:49:33.373189, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 2 - now DEFAULT [2011/06/21 11:49:33.373218, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 32 - now SET [2011/06/21 11:49:33.373250, 11] passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) ldapsam_get_account_policy: got valid value from cache [2011/06/21 11:49:33.373272, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 20 - now SET [2011/06/21 11:49:33.373286, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 16 - now SET [2011/06/21 11:49:33.373298, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 17 - now SET [2011/06/21 11:49:33.373396, 7] passdb/login_cache.c:88(login_cache_read) Looking up login cache for user MBBUCHHALTUNG04$ [2011/06/21 11:49:33.373415, 7] passdb/login_cache.c:104(login_cache_read) No cache entry found [2011/06/21 11:49:33.373428, 9] passdb/pdb_ldap.c:1126(init_sam_from_ldap) No cache entry, bad count = 0, bad time = 0 [2011/06/21 11:49:33.373443, 11] passdb/pdb_get_set.c:499(pdb_set_init_flags) element 34 - now CHANGED [2011/06/21 11:49:33.373474, 11] passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) ldapsam_get_account_policy: got valid value from cache [2011/06/21 11:49:33.373493, 11] passdb/pdb_get_set.c:309(pdb_get_init_flags) element 3: DEFAULT [2011/06/21 11:49:33.373506, 11] passdb/pdb_get_set.c:309(pdb_get_init_flags) element 1: DEFAULT [2011/06/21 11:49:33.373519, 11] passdb/pdb_get_set.c:309(pdb_get_init_flags) element 4: DEFAULT [2011/06/21 11:49:33.373531, 11]
Re: [Samba] Machines randomly kicks out of the domain
Sorry to ask here, but all googeling doesn't helped. We have several samba domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked fine so far. Know we begin to see that random machines begin to kick out of the domain with the error: I have seen this happen if the user is not logged on when the machine password is changed the password will change on the client but the samba PDC does not get the change. Remember the machine password changes every 30 days by default. To fix this disable the client from changing its machine password. http://samba.2283325.n4.nabble.com/Windows-7-machine-trust-accounts-expiring-td2456812.html John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net ads user info .vs. wbinfo -g ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/20/2011 12:44 PM, John McNulty wrote: The group names from these two commands display differently. For example: $ net ads user info my-name -U my-name . . Systems Engineering EU $ wbinfo -g . . systemsengineeringeu.write Why is this different? Regards, John John, The net command is a close relative to the net command for windows. It will display information in a format more like windows or ldap-like output. If you do this type of net command on your samba install: net ads search (SAMAccountName=adusername) -P you will get all the entries from active directory, similar to the output from ADSIedit. The -P allows you to use your samba machine's credentials (if it is joined to the domain). net ads search ((objectCategory=computer)(name=*rhel*)) -P Allows ldap-like searching. wbinfo and winbindd allow translation from windows account formats to unix-like account formats. This is why the outputs are different. If you were to do a getent passwd aduser you will get a direct entry that is as if it was from /etc/passwd. It is actually getting info from winbindd and translating it on the fly. Hope that helps differentiate them. Robert - -- Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0xBA9DF9ED3E4C7D36 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk4Af7EACgkQup357T5MfTZE2wCfbOebJzIGvrlJp+vSNJ/MOKv+ QF8An3NOKExf9gusbJfsZr/R13Heemwt =bdGG -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Machines randomly kicks out of the domain
Hello, Try [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] Update=no On your Win7 clients. We had the same issue solved by doing this. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Roland Kaeser Gesendet: Dienstag, 21. Juni 2011 13:01 An: samba@lists.samba.org Betreff: [Samba] Machines randomly kicks out of the domain Hello Sorry to ask here, but all googeling doesn't helped. We have several samba domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked fine so far. Know we begin to see that random machines begin to kick out of the domain with the error: _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ Nothing was changed (no updates or anything else) on the client machine nor the samba server. The registry keys for SignOrSeal and StrongKey are already set correctly. I can't see any additional error Maybe somebody faced the same problem and give me a hint. Thanks a lot. Roland The Full log for the login try of the machine is: [2011/06/21 11:49:33.372812, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: MBBUCHHALTUNG04$ [2011/06/21 11:49:33.372837, 10] passdb/pdb_get_set.c:608(pdb_set_username) pdb_set_username: setting username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372867, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 12 - now SET [2011/06/21 11:49:33.372894, 10] passdb/pdb_get_set.c:631(pdb_set_domain) pdb_set_domain: setting domain METHABAU-PUR, was [2011/06/21 11:49:33.372908, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 14 - now DEFAULT [2011/06/21 11:49:33.372922, 10] passdb/pdb_get_set.c:654(pdb_set_nt_username) pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372935, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 15 - now SET [2011/06/21 11:49:33.372952, 10] passdb/pdb_get_set.c:550(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372966, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372981, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 18 - now SET [2011/06/21 11:49:33.372994, 11] passdb/pdb_get_set.c:299(pdb_get_init_flags) element 18: SET [2011/06/21 11:49:33.373010, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 21 - now SET [2011/06/21 11:49:33.373051, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.373065, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 13 - now SET [2011/06/21 11:49:33.373081, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive Z:, was NULL [2011/06/21 11:49:33.373094, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 3 - now DEFAULT [2011/06/21 11:49:33.373113, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) pdb_set_homedir: setting home dir \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was [2011/06/21 11:49:33.373127, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 1 - now DEFAULT [2011/06/21 11:49:33.373144, 10] passdb/pdb_get_set.c:700(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2011/06/21 11:49:33.373157, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 4 - now DEFAULT [2011/06/21 11:49:33.373175, 10] passdb/pdb_get_set.c:723(pdb_set_profile_path) pdb_set_profile_path: setting profile path \\HALLE\Profiles\mbbuchhaltung04_, was [2011/06/21 11:49:33.373189, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 2 - now DEFAULT [2011/06/21 11:49:33.373218, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 32 - now SET [2011/06/21 11:49:33.373250, 11] passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) ldapsam_get_account_policy: got valid value from cache [2011/06/21 11:49:33.373272, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 20 - now SET [2011/06/21 11:49:33.373286, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 16 - now SET [2011/06/21 11:49:33.373298, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 17 - now SET [2011/06/21 11:49:33.373396, 7] passdb/login_cache.c:88(login_cache_read) Looking up login cache for user MBBUCHHALTUNG04$ [2011/06/21 11:49:33.373415, 7] passdb/login_cache.c:104(login_cache_read) No cache entry found
Re: [Samba] Machines randomly kicks out of the domain
Hello All Thanks very much for the great hints! I would have never thought about that in 100years! We just made the changes to the workstations and added a hack to our unattended setup. Thank You all. Regards Roland - Ursprüngliche Mail - Von: Daniel Müller muel...@tropenklinik.de An: Roland Kaeser roland.kae...@ziil.ch, samba@lists.samba.org Gesendet: Dienstag, 21. Juni 2011 13:31:37 Betreff: AW: [Samba] Machines randomly kicks out of the domain Hello, Try [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] Update=no On your Win7 clients. We had the same issue solved by doing this. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Roland Kaeser Gesendet: Dienstag, 21. Juni 2011 13:01 An: samba@lists.samba.org Betreff: [Samba] Machines randomly kicks out of the domain Hello Sorry to ask here, but all googeling doesn't helped. We have several samba domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked fine so far. Know we begin to see that random machines begin to kick out of the domain with the error: _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ Nothing was changed (no updates or anything else) on the client machine nor the samba server. The registry keys for SignOrSeal and StrongKey are already set correctly. I can't see any additional error Maybe somebody faced the same problem and give me a hint. Thanks a lot. Roland The Full log for the login try of the machine is: [2011/06/21 11:49:33.372812, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: MBBUCHHALTUNG04$ [2011/06/21 11:49:33.372837, 10] passdb/pdb_get_set.c:608(pdb_set_username) pdb_set_username: setting username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372867, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 12 - now SET [2011/06/21 11:49:33.372894, 10] passdb/pdb_get_set.c:631(pdb_set_domain) pdb_set_domain: setting domain METHABAU-PUR, was [2011/06/21 11:49:33.372908, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 14 - now DEFAULT [2011/06/21 11:49:33.372922, 10] passdb/pdb_get_set.c:654(pdb_set_nt_username) pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372935, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 15 - now SET [2011/06/21 11:49:33.372952, 10] passdb/pdb_get_set.c:550(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372966, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372981, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 18 - now SET [2011/06/21 11:49:33.372994, 11] passdb/pdb_get_set.c:299(pdb_get_init_flags) element 18: SET [2011/06/21 11:49:33.373010, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 21 - now SET [2011/06/21 11:49:33.373051, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.373065, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 13 - now SET [2011/06/21 11:49:33.373081, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive Z:, was NULL [2011/06/21 11:49:33.373094, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 3 - now DEFAULT [2011/06/21 11:49:33.373113, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) pdb_set_homedir: setting home dir \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was [2011/06/21 11:49:33.373127, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 1 - now DEFAULT [2011/06/21 11:49:33.373144, 10] passdb/pdb_get_set.c:700(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2011/06/21 11:49:33.373157, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 4 - now DEFAULT [2011/06/21 11:49:33.373175, 10] passdb/pdb_get_set.c:723(pdb_set_profile_path) pdb_set_profile_path: setting profile path \\HALLE\Profiles\mbbuchhaltung04_, was [2011/06/21 11:49:33.373189, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 2 - now DEFAULT [2011/06/21 11:49:33.373218, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 32 - now SET [2011/06/21 11:49:33.373250, 11] passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) ldapsam_get_account_policy: got valid value from cache
[Samba] Building Samba 3.5.9 on Solaris 10
I wanted to build samba with CUPS and LDAP support, and put it into a location from where it can be automounted by other systems. There were a few gotchas I solved the hard way, to save anyone else's time, this is what I did. C compiler I used is Sun's Studio. Solaris sed behaves differently to Sunfreeware sed tolka source3 $ echo libwbclient.so.0|/usr/local/bin/sed 's/so\(.[0-9]\{1,\}\)\{0,1\}$/syms/' libwbclient.syms tolka source3 $ echo libwbclient.so.0|sed 's/so\(.[0-9]\{1,\}\)\{0,1\}$/syms/' libwbclient.so.0 tolka source3 $ So install Sunfreeware sed and dependencies libgcc_s, libiconv, libintl. Solaris make doesn't like Samba's generated Makefile, so install make from SunFreeware. who3 source3 $ which make /usr/ccs/bin/make who3 source3 $ make make: Fatal error in reader: Makefile, line 1397: Extra `:', `::', or `:=' on dependency line who3 source3 $ Set up paths etcetera. export LDFLAGS=-L/nerc/packages/samba/3.5.9/lib -R/nerc/packages/samba/3.5.9/lib export LD_RUN_PATH=/nerc/packages/samba/3.5.9/lib export LD_LIBRARY_PATH=/nerc/packages/samba/3.5.9/lib export CPPFLAGS=-I/nerc/packages/samba/3.5.9/include -I/nerc/packages/samba/3.5.9/lib/ldb/include -I/usr/include export CC=`which cc` export LIBS=-lintl build LDAP ./configure --prefix=/nerc/packages/samba/3.5.9 --disable-slapd --disable-slurpd --without-tls make depend make as root, make install build Samba No need to autoconf.sh as we already have a configure script. ./configure --prefix=/nerc/packages/samba/3.5.9 --enable-cups find .. -name Makefile -mtime -1 edit Makefile, change occurrences of sed to /usr/local/bin/sed /usr/local/bin/make as root, /usr/local/bin/make install Check the binaries can see all their libraries, and hadn't picked up any odd ones (they hadn't) ldd /nerc/packages/samba/3.5.9/sbin/* ldd /nerc/packages/samba/3.5.9/bin/* This procedure worked on both sparc and x86 architectures. cheers, Dick -- Richard Gillman IST UNIX Systems Group, Maclean Building, Wallingford OX10 8BB Tel: 01491 - 692 339 (outside UK: +44 1491 692339) Fax: 01491 - 692 424 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] tkey-gssapi-credential and bind (Samba4)
So I am in step 10 of the samba4 howto (https://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates); my bind9 is 9.7.3 which seems to be current enough for this. In it we are to add tkey-gssapi-credential DNS/samdom.example.com; tkey-domain SAMDOM.EXAMPLE.COM; to /etc/bind/named.conf.options. Since my test domain is test.domain.com, I changed the above to tkey-gssapi-credential DNS/test.domain.com; tkey-domain TEST.DOMAIN.COM; In the log file I have: Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: D.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 9.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: A.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: B.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: configuring TKEY: failure Jun 21 10:02:39 sambabox named[3302]: loading configuration: failure Jun 21 10:02:39 sambabox named[3302]: exiting (due to fatal error) Jun 21 10:02:50 sambabox named[3316]: starting BIND 9.7.3 -u bind Jun 21 10:02:50 sambabox named[3316]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' IMHO, just saying TKEY:failure is not very helpful. I did find out the line bind does not seem to like is the first one, tkey-gssapi-credential DNS/test.domain.com; This is an ubuntu 11.04 machine if this matters. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Machines randomly kicks out of the domain
Hi! That can't be the solution. There seems to be a bug when changing passwords. This is supposed to work. Not that I have the solution, but you should enter this as a bug in bugzilla.samba.org. Volker On Tue, Jun 21, 2011 at 02:15:03PM +0200, Roland Kaeser wrote: Hello All Thanks very much for the great hints! I would have never thought about that in 100years! We just made the changes to the workstations and added a hack to our unattended setup. Thank You all. Regards Roland - Ursprüngliche Mail - Von: Daniel Müller muel...@tropenklinik.de An: Roland Kaeser roland.kae...@ziil.ch, samba@lists.samba.org Gesendet: Dienstag, 21. Juni 2011 13:31:37 Betreff: AW: [Samba] Machines randomly kicks out of the domain Hello, Try [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] Update=no On your Win7 clients. We had the same issue solved by doing this. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Roland Kaeser Gesendet: Dienstag, 21. Juni 2011 13:01 An: samba@lists.samba.org Betreff: [Samba] Machines randomly kicks out of the domain Hello Sorry to ask here, but all googeling doesn't helped. We have several samba domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked fine so far. Know we begin to see that random machines begin to kick out of the domain with the error: _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ Nothing was changed (no updates or anything else) on the client machine nor the samba server. The registry keys for SignOrSeal and StrongKey are already set correctly. I can't see any additional error Maybe somebody faced the same problem and give me a hint. Thanks a lot. Roland The Full log for the login try of the machine is: [2011/06/21 11:49:33.372812, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: MBBUCHHALTUNG04$ [2011/06/21 11:49:33.372837, 10] passdb/pdb_get_set.c:608(pdb_set_username) pdb_set_username: setting username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372867, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 12 - now SET [2011/06/21 11:49:33.372894, 10] passdb/pdb_get_set.c:631(pdb_set_domain) pdb_set_domain: setting domain METHABAU-PUR, was [2011/06/21 11:49:33.372908, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 14 - now DEFAULT [2011/06/21 11:49:33.372922, 10] passdb/pdb_get_set.c:654(pdb_set_nt_username) pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.372935, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 15 - now SET [2011/06/21 11:49:33.372952, 10] passdb/pdb_get_set.c:550(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372966, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 [2011/06/21 11:49:33.372981, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 18 - now SET [2011/06/21 11:49:33.372994, 11] passdb/pdb_get_set.c:299(pdb_get_init_flags) element 18: SET [2011/06/21 11:49:33.373010, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 21 - now SET [2011/06/21 11:49:33.373051, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was [2011/06/21 11:49:33.373065, 11] passdb/pdb_get_set.c:510(pdb_set_init_flags) element 13 - now SET [2011/06/21 11:49:33.373081, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive Z:, was NULL [2011/06/21 11:49:33.373094, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 3 - now DEFAULT [2011/06/21 11:49:33.373113, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) pdb_set_homedir: setting home dir \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was [2011/06/21 11:49:33.373127, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 1 - now DEFAULT [2011/06/21 11:49:33.373144, 10] passdb/pdb_get_set.c:700(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2011/06/21 11:49:33.373157, 11] passdb/pdb_get_set.c:522(pdb_set_init_flags) element 4 - now DEFAULT [2011/06/21 11:49:33.373175, 10] passdb/pdb_get_set.c:723(pdb_set_profile_path) pdb_set_profile_path:
Re: [Samba] tkey-gssapi-credential and bind (Samba4)
Hi Mauricio, this is usually caused by one of 3 things: 1) bind is started without KRB5_KTNAME being set, and therefore doesn't know where to look for it's keytab 2) the bind user does not have access permission to the keytab (or any directory in its path) 3) I also hat problems related to apparmor (on Ubuntu 10.04) where the apparmor security framework prevented bind from accessing the keytab, even if file permissions were ok Hope this helps, Marcel -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Mauricio Tavares Gesendet: Dienstag, 21. Juni 2011 16:11 An: samba@lists.samba.org Betreff: [Samba] tkey-gssapi-credential and bind (Samba4) So I am in step 10 of the samba4 howto (https://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates); my bind9 is 9.7.3 which seems to be current enough for this. In it we are to add tkey-gssapi-credential DNS/samdom.example.com; tkey-domain SAMDOM.EXAMPLE.COM; to /etc/bind/named.conf.options. Since my test domain is test.domain.com, I changed the above to tkey-gssapi-credential DNS/test.domain.com; tkey-domain TEST.DOMAIN.COM; In the log file I have: Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: D.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 9.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: A.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: B.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: configuring TKEY: failure Jun 21 10:02:39 sambabox named[3302]: loading configuration: failure Jun 21 10:02:39 sambabox named[3302]: exiting (due to fatal error) Jun 21 10:02:50 sambabox named[3316]: starting BIND 9.7.3 -u bind Jun 21 10:02:50 sambabox named[3316]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' IMHO, just saying TKEY:failure is not very helpful. I did find out the line bind does not seem to like is the first one, tkey-gssapi-credential DNS/test.domain.com; This is an ubuntu 11.04 machine if this matters. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] tkey-gssapi-credential and bind (Samba4)
In my experience this is due to gssapi not being compiled to the correct directory for bind.. I also used 11.04 and my compile path was --with-gssapi=/usr/include/gssapi,, instead of /usr On 06/21/2011 10:45 AM, Marcel Ritter wrote: Hi Mauricio, this is usually caused by one of 3 things: 1) bind is started without KRB5_KTNAME being set, and therefore doesn't know where to look for it's keytab 2) the bind user does not have access permission to the keytab (or any directory in its path) 3) I also hat problems related to apparmor (on Ubuntu 10.04) where the apparmor security framework prevented bind from accessing the keytab, even if file permissions were ok Hope this helps, Marcel -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Mauricio Tavares Gesendet: Dienstag, 21. Juni 2011 16:11 An: samba@lists.samba.org Betreff: [Samba] tkey-gssapi-credential and bind (Samba4) So I am in step 10 of the samba4 howto (https://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates); my bind9 is 9.7.3 which seems to be current enough for this. In it we are to add tkey-gssapi-credential DNS/samdom.example.com; tkey-domain SAMDOM.EXAMPLE.COM; to /etc/bind/named.conf.options. Since my test domain is test.domain.com, I changed the above to tkey-gssapi-credential DNS/test.domain.com; tkey-domain TEST.DOMAIN.COM; In the log file I have: Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: D.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 9.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: A.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: B.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: configuring TKEY: failure Jun 21 10:02:39 sambabox named[3302]: loading configuration: failure Jun 21 10:02:39 sambabox named[3302]: exiting (due to fatal error) Jun 21 10:02:50 sambabox named[3316]: starting BIND 9.7.3 -u bind Jun 21 10:02:50 sambabox named[3316]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' IMHO, just saying TKEY:failure is not very helpful. I did find out the line bind does not seem to like is the first one, tkey-gssapi-credential DNS/test.domain.com; This is an ubuntu 11.04 machine if this matters. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ubuntu, ocfs2 with cman and ctdb
On Mon, Jun 20, 2011 at 8:27 PM, Jeremy Allison j...@samba.org wrote: On Mon, Jun 20, 2011 at 03:18:02PM -0600, charles wrote: hi guys, we're evaluating the available clustering options to get ctdb up and running for a highly available file server. we've set up both gluster and ocfs2 both on seperate 2 node setups. ocfs2 seems to provide better throughput and iops to samba clients than does gluster and that is comparing a single node server to a ctdb clustered 2 node server. problem with ocfs2 is that i've been unable to configure it to utilize cman's stack to provide proper locking for ctdb. gfs2 is up next. does anyone have any pointers/tutorials/document for getting ocfs2 set up with cman on ubunutu? Jim Mcdonough and his team @ SuSE has done most of the work looking at Samba/CTDB with ocfs2. Jim, any comments ? I'm not familiar with cman. On SUSE distributions, ocfs2 uses the pacemaker stack, so I can't really comment on cman. The locking works properly with the pacemaker linux-ha stack and ocfs2. -- Jim McDonough Samba Team SUSE labs jmcd at samba dot org jmcd at themcdonoughs dot org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Setting domain group ownership on files
On 06/21/2011 5:58 AM, Dermot wrote: Hi, I have been testing out a samba installation and am slowly getting to a point where I am ready to push the project live. I have been playing with a domain member server that uses winbindd. I have created a share in /tmp called public to see what happens with user and group permissions. I created the directory as follows: mkdir /tmp/public; chgrp users /tmp/public; chmod 2777 /tmp/public. Then from a Windows XP work station I logged in as a domain user, connected to the share and created a folder. When I list the folder from the shell on the server I see: root@dev2:/etc/samba# ls -ltr /tmp/public/ total 4 drwxrwxr-x 2 DOM\djohn users 4096 2011-06-21 11:44 d_john That's great, the domain user owns the file. However the group owner is the local group 'users' (coming from the chmod above). My question is Is there a way to chgrp the parent folder to the DOM\Domain users group? or do I have to employ a groupmap between Domain users and the local users group? chgrp DOM\Domain Users /tmp/public should work with winbind. Dale Thanks, Dermot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] tkey-gssapi-credential and bind (Samba4)
On Tue, Jun 21, 2011 at 1:14 PM, Aaron E. ssures...@gmail.com wrote: In my experience this is due to gssapi not being compiled to the correct directory for bind.. I also used 11.04 and my compile path was --with-gssapi=/usr/include/gssapi,, instead of /usr Aaron, in my case it seems to be pointing to /usr: root@sambabox:~# named -V BIND 9.7.3 built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' root@sambabox:~# On 06/21/2011 10:45 AM, Marcel Ritter wrote: Hi Mauricio, this is usually caused by one of 3 things: 1) bind is started without KRB5_KTNAME being set, and therefore doesn't know where to look for it's keytab Marcel, what I have in /etc/default/bind9 is # Samba-related stuff KEYTAB_FILE=/var/lib/samba/private/dns.keytab KRB5_KTNAME=/var/lib/samba/private/dns.keytab export KEYTAB_FILE export KRB5_KTNAME And here is what dns.keytab looks like: -rw-r- 1 root bind 1.3K 2011-06-21 09:57 /var/lib/samba/private/dns.keytab 2) the bind user does not have access permission to the keytab (or any directory in its path) As user bind (I edited /etc/passwd temporarily) I was able to reach that file: bind@sambabox:~$ cat /var/lib/samba/private/dns.keytab HTEST.DOMAIN.COMDNStest.domain.com [...] 3) I also hat problems related to apparmor (on Ubuntu 10.04) where the apparmor security framework prevented bind from accessing the keytab, even if file permissions were ok I edited # /etc/apparmor.d/usr.sbin.named per http://blog.mycroes.nl/2010/09/installing-samba-4-on-ubuntu-maverick.html , adding the following lines: /var/lib/samba/private/* rw, /var/lib/samba/private/dns/* rw, Hope this helps, Marcel -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Mauricio Tavares Gesendet: Dienstag, 21. Juni 2011 16:11 An: samba@lists.samba.org Betreff: [Samba] tkey-gssapi-credential and bind (Samba4) So I am in step 10 of the samba4 howto (https://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates); my bind9 is 9.7.3 which seems to be current enough for this. In it we are to add tkey-gssapi-credential DNS/samdom.example.com; tkey-domain SAMDOM.EXAMPLE.COM; to /etc/bind/named.conf.options. Since my test domain is test.domain.com, I changed the above to tkey-gssapi-credential DNS/test.domain.com; tkey-domain TEST.DOMAIN.COM; In the log file I have: Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: D.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 9.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: A.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: B.E.F.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Jun 21 10:02:39 sambabox named[3302]: configuring TKEY: failure Jun 21 10:02:39 sambabox named[3302]: loading configuration: failure Jun 21 10:02:39 sambabox named[3302]: exiting (due to fatal error) Jun 21 10:02:50 sambabox named[3316]: starting BIND 9.7.3 -u bind Jun 21 10:02:50 sambabox named[3316]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' IMHO, just saying TKEY:failure is not very helpful. I did find out the line bind does not seem to like is the first one, tkey-gssapi-credential DNS/test.domain.com; This is an ubuntu 11.04 machine if this matters. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [j...@samba.org: Re: How do i get file attributes using samba.]
Keeping the list informed also... - Forwarded message from Jeremy Allison j...@samba.org - Date: Tue, 21 Jun 2011 13:46:18 -0700 From: Jeremy Allison j...@samba.org To: naga_kishore_komm...@yahoo.com Cc: Jeremy Allison j...@samba.org Subject: Re: [Samba] How do i get file attributes using samba. User-Agent: Mutt/1.5.20 (2009-06-14) On Mon, Jun 20, 2011 at 09:23:25PM -0700, naga_kishore_komm...@yahoo.com wrote: Hi Allison, Thanks for the reply. Yes I tried system.dos_attr.mode. But I think it will give the following attributes only. Snippet from libsmbclient.h. /* * Mappings of the DOS mode bits, as returned by smbc_getxattr() when the * attribute name system.dos_attr.mode (or system.dos_attr.* or * system.*) is specified. */ #define SMBC_DOS_MODE_READONLY 0x01 #define SMBC_DOS_MODE_HIDDEN 0x02 #define SMBC_DOS_MODE_SYSTEM 0x04 #define SMBC_DOS_MODE_VOLUME_ID 0x08 #define SMBC_DOS_MODE_DIRECTORY 0x10 #define SMBC_DOS_MODE_ARCHIVE 0x20 My requirement is to extract FILE_ATTRIBUTE_OFFLINE attribute. As far as I can tell this code just returns the 16-bit dos attributes field as defined in the protocol, so it should just return the FILE_ATTRIBUTE_OFFLINE in the returned bits (even if it's not listed in the SMB_DOS_MODE_XXX) definitions. Jeremy. - End forwarded message - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 machine account fails to authenticate against samba PDC
Hi, it's been a while since the original message appeared, but here's my experience in case someone finds it useful: I set up a standalone (tdb backend) PDC on samba 3.4.7 (Ubuntu 10.04 LTS) and got similar messages as graham-65 did: [2011/06/21 17:01:45, 1] auth/auth_util.c:577(make_server_info_sam) User WIN7HOST$ in passdb, but getpwnam() fails! [2011/06/21 17:01:45, 0] auth/auth_sam.c:355(check_sam_security) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' In my case, the logon proceeds normally the user on WIN7HOST$ can open and close files normally. I believe the issue lies with the upper case name of the machine account. I changed the machine account name to uppercase in the passwd shadow files and the message does not appear anymore in the logs. This would explain why it's not an issue on an LDAP backend, as the uid there is case insensitive. Greetings Jose -- View this message in context: http://samba.2283325.n4.nabble.com/windows-7-machine-account-fails-to-authenticate-against-samba-PDC-tp2446003p3615534.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbcacls add acl issue
On Thu, Jun 16, 2011 at 12:00:18PM -, Katariya Rahul wrote: Hi , I am facing weird issue with samba 3.0.28 package on Cent OS 5.2. Following is acl of the file hi.txt === # smbcacls //ntap/shkdata /RahulkTest/hi.txt -U QALAB\\Administrator%password REVISION:1 OWNER:QALAB+administrator GROUP:QALAB+Domain Users ACL:QALAB+tempAcct1:ALLOWED/0/FULL === I want to add aclnbsp; ACL:+Everyone:ALLOWED/16/FULLnbsp; for file hi.txt. But If I try to add, it gives following error: = [root@shekok1 ~]# smbcacls -a ACL:Everyone:ALLOWED/16/FULLnbsp; //ntap/shkdata /RahulkTest/hi.txt -U QALAB\\Administrator%password cacl_set failed to open \RahulkTest\hi.txt: NT_STATUS_ACCESS_DENIED = nbsp; But if I try to add same acl with samba 3.0.23c, it is successful. Why it is an issue with latest versions as it works fine with older version 3.0.23c. Please try with the latest Samba release, 3.5.9. We are not providing updates to 3.0.x anymore. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] howto cache 'root' password for net commands?
Volker Lendecke wrote: Try to start winbind, then wbinfo --ccache-save and net --use-ccache Haven't tested that for a while, so it might not work. But it's supposed to :-) Maybe the options were removed? or maybe needs special compile options for them to be included? wbinfo --ccache-save Invalid option Usage: [OPTION...] net --use-ccache Invalid command: net Usage: -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] howto cache 'root' password for net commands?
On Tue, Jun 21, 2011 at 07:06:23PM -0700, Linda Walsh wrote: Volker Lendecke wrote: Try to start winbind, then wbinfo --ccache-save and net --use-ccache Haven't tested that for a while, so it might not work. But it's supposed to :-) Maybe the options were removed? or maybe needs special compile options for them to be included? Sorry, that's only available with Samba 3.5 and later. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] howto cache 'root' password for net commands?
Linda Walsh wrote: Volker Lendecke wrote: Try to start winbind, then wbinfo --ccache-save and net --use-ccach Haven't tested that for a while, so it might not work. But it's supposed to :-) Maybe the options were removed? or maybe needs special compile options for them to be included? --- Never mind...found the prob -- it takes an argfiguring it out... Thanks! Love the Samba error messages -- they come close to capturing the MS-Win spirit in helpfulness...but really, it should have just said 'error code 0x8008037' or some such... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] howto cache 'root' password for net commands?
Volker Lendecke wrote: On Tue, Jun 21, 2011 at 07:06:23PM -0700, Linda Walsh wrote: Volker Lendecke wrote: Try to start winbind, then wbinfo --ccache-save and net --use-ccache Haven't tested that for a while, so it might not work. But it's supposed to :-) Maybe the options were removed? or maybe needs special compile options for them to be included? Sorry, that's only available with Samba 3.5 and later. It was not including an arg that was the prob... (running 3.6.0-rc2 w/ 'user managed wide links' patch... :-) ) (won't be in 3.6.0 though, but maybe 3.6.1...)... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 'net ads testjoin' return successful but 'wbinfo -t' return failed
Hi, All In my lab, I set up a samba server to join the ad domain, and want to use the domain user to access the cifs share. realm = LAB.TEST.COM workgroup = LAB security = ads encrypt passwords = yes password server = 192.168.1.120 winbind enum users = no winbind enum groups = no winbind use default domain = no I find I can’t get the user information with ‘wbinfo -u’, and the ‘wbinfo -t’ return failed. # wbinfo -u # wbinfo -t checking the trust secret for domain HSVR via RPC calls failed Could not check secret I use ‘net ads testjoin’ to test the join status, and it return successful. # net ads testjoin Join is OK I am a little confused, if the ‘net ads testjoin’ return successful, why the ‘wbinfo –t’ failed. -- Best Regards. Yu Liao -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cfdeef4 s3-smbd: longer explanation of smbd_shim code via b373d0e s3-build: Provide a run-time shim to work around duplicate symbols via e00b1fa lib/util: Restore CH_UNIX as source charset for d_printf() via bf83b64 lib/util Remove display_cd from d_printf() via c017cbf s4/auth: Trivial spelling fixes. via 35a9c23 build: move dynconfig for top level build up from 894b027 lib/ccan/tally.h: update for FreeBSD compile. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cfdeef4c11a75f1051c4b9905a643f61c74437c7 Author: Andrew Tridgell tri...@samba.org Date: Tue Jun 21 15:53:36 2011 +1000 s3-smbd: longer explanation of smbd_shim code Pair-Programmed-With: Andrew Bartlett abart...@samba.org Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Tue Jun 21 09:05:37 CEST 2011 on sn-devel-104 commit b373d0e777df8770c24cfcc5cc80bf4808faa815 Author: Andrew Bartlett abart...@samba.org Date: Tue May 31 13:18:37 2011 +1000 s3-build: Provide a run-time shim to work around duplicate symbols The become_root() and similar 'smbd' functions that are used widely in Samba libraries had 'dummy' copies in dummysmbd.c and dummyroot.c. These have been replaced by a runtime plugin mechanim, which ensures that standlone binaries still do nothing, while in smbd the correct function is used. This avoids having these as duplicate symbols in the smbd binary, which can cause unpredictable behaviour. Andrew Bartlett Signed-off-by: Andrew Tridgell tri...@samba.org commit e00b1fa2b032012e741d94f3fe0057d6ea53bf4c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 21 12:53:12 2011 +1000 lib/util: Restore CH_UNIX as source charset for d_printf() I'm changed this during the change to use the d_printf() code in common, but should not have. However, there is a puzzle: What is the right source charset? Translated strings in our .mo and .msg files are in UTF8, but strings such as file names on remote servers are in UNIX (whatever that is). I can't see how this actually works properly when either CH_DISPLAY or CH_UNIX are other than UTF8! Andrew Bartlett Signed-off-by: Andrew Tridgell tri...@samba.org commit bf83b641e265a7b1523545294c268c6708999d2a Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 21 12:51:30 2011 +1000 lib/util Remove display_cd from d_printf() The setting of the display charset is now done by convert_string_talloc() selecting the right charset based on CH_DISPLAY. Andrew Bartlett Signed-off-by: Andrew Tridgell tri...@samba.org commit c017cbfaa47f6cb7da38a7021427412fe2e62a8d Author: Brad Hards br...@frogmouth.net Date: Fri Jun 17 19:53:11 2011 +1000 s4/auth: Trivial spelling fixes. Signed-off-by: Andrew Tridgell tri...@samba.org commit 35a9c23a016e76df7b5647e1b9285f70d15db807 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 21 12:48:22 2011 +1000 build: move dynconfig for top level build up Signed-off-by: Andrew Tridgell tri...@samba.org --- Summary of changes: {source4/dynconfig = dynconfig}/wscript|2 +- lib/util/dprintf.c |9 +-- source3/Makefile.in |3 +- source3/lib/dummyroot.c | 34 source3/lib/dummysmbd.c | 65 source3/lib/smbd_shim.c | 110 +++ source3/lib/smbd_shim.h | 56 ++ source3/pam_smbpass/wscript_build |2 +- source3/smbd/blocking.c |6 +- source3/smbd/dir.c |4 +- source3/smbd/globals.c | 16 source3/smbd/oplock.c |4 +- source3/smbd/proto.h| 14 source3/smbd/statcache.c|4 +- source3/smbd/uid.c |6 +- source3/wscript_build | 91 +++--- source4/auth/credentials/credentials_krb5.c |6 +- source4/auth/kerberos/kerberos_util.c |6 +- wscript |4 +- wscript_build |2 +- 20 files changed, 267 insertions(+), 177 deletions(-) rename {source4/dynconfig = dynconfig}/wscript (99%) delete mode 100644 source3/lib/dummyroot.c delete mode 100644 source3/lib/dummysmbd.c create mode 100644 source3/lib/smbd_shim.c create mode 100644 source3/lib/smbd_shim.h Changeset truncated at 500 lines: diff --git a/source4/dynconfig/wscript b/dynconfig/wscript similarity index 99%
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7e1d485 s3: Remove unused code via 729d17e s3: Convert WINBINDD_WINS_BYNAME to the async API from cfdeef4 s3-smbd: longer explanation of smbd_shim code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7e1d4857803a17ac88b17bc0297ac13f93c57651 Author: Volker Lendecke v...@samba.org Date: Mon Jun 20 22:25:20 2011 +0200 s3: Remove unused code Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Tue Jun 21 15:36:01 CEST 2011 on sn-devel-104 commit 729d17e725aa1bfd306aa27728c97210c5c01d2c Author: Volker Lendecke v...@samba.org Date: Tue Jun 14 23:51:10 2011 +0200 s3: Convert WINBINDD_WINS_BYNAME to the async API --- Summary of changes: source3/Makefile.in |2 +- source3/winbindd/winbindd.c |6 +- source3/winbindd/winbindd_proto.h |6 ++ source3/winbindd/winbindd_wins.c| 125 -- source3/winbindd/winbindd_wins_byname.c | 149 +++ source3/wscript_build |2 +- 6 files changed, 159 insertions(+), 131 deletions(-) delete mode 100644 source3/winbindd/winbindd_wins.c create mode 100644 source3/winbindd/winbindd_wins_byname.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 31d170d..59f9032 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1353,8 +1353,8 @@ WINBINDD_OBJ1 = \ winbindd/winbindd_pam.o \ winbindd/winbindd_misc.o \ winbindd/winbindd_cm.o\ - winbindd/winbindd_wins.o \ winbindd/winbindd_wins_byip.o \ + winbindd/winbindd_wins_byname.o \ winbindd/winbindd_msrpc.o \ winbindd/winbindd_rpc.o \ winbindd/winbindd_reconnect.o \ diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 8cd68e5..469d64e 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -450,10 +450,6 @@ static struct winbindd_dispatch_table { { WINBINDD_CCACHE_NTLMAUTH, winbindd_ccache_ntlm_auth, NTLMAUTH }, { WINBINDD_CCACHE_SAVE, winbindd_ccache_save, CCACHE_SAVE }, - /* WINS functions */ - - { WINBINDD_WINS_BYNAME, winbindd_wins_byname, WINS_BYNAME }, - /* End of list */ { WINBINDD_NUM_CMDS, NULL, NONE } @@ -546,6 +542,8 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = { winbindd_pam_chng_pswd_auth_crap_recv }, { WINBINDD_WINS_BYIP, WINS_BYIP, winbindd_wins_byip_send, winbindd_wins_byip_recv }, + { WINBINDD_WINS_BYNAME, WINS_BYNAME, + winbindd_wins_byname_send, winbindd_wins_byname_recv }, { 0, NULL, NULL, NULL } }; diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index e0a582e..ce66964 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -866,6 +866,12 @@ struct tevent_req *winbindd_wins_byip_send(TALLOC_CTX *mem_ctx, struct winbindd_request *request); NTSTATUS winbindd_wins_byip_recv(struct tevent_req *req, struct winbindd_response *presp); +struct tevent_req *winbindd_wins_byname_send(TALLOC_CTX *mem_ctx, +struct tevent_context *ev, +struct winbindd_cli_state *cli, +struct winbindd_request *request); +NTSTATUS winbindd_wins_byname_recv(struct tevent_req *req, + struct winbindd_response *presp); /* The following definitions come from winbindd/winbindd_samr.c */ diff --git a/source3/winbindd/winbindd_wins.c b/source3/winbindd/winbindd_wins.c deleted file mode 100644 index 25c04df..000 --- a/source3/winbindd/winbindd_wins.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind daemon - WINS related functions - - Copyright (C) Andrew Tridgell 1999 - Copyright (C) Herb Lewis 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c173e6e s3-spoolss: Fix some valgrind warnings. via a45120a s3-rpc_client: Fix some valgrind warnings. via 0b5e5db s4-smbtorture: rework the spoolss notify test a bit. via 834dcdb s4-smbtorture: use ipv4 addresses for backchannel spoolss change notify connections for now. from 7e1d485 s3: Remove unused code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c173e6e80db7505ccc71d95ed602804133d602d7 Author: Andreas Schneider a...@samba.org Date: Mon Jun 20 19:27:01 2011 +0200 s3-spoolss: Fix some valgrind warnings. These are in/out values and need to be initialized. Signed-off-by: Günther Deschner g...@samba.org Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Tue Jun 21 18:58:30 CEST 2011 on sn-devel-104 commit a45120aea75044fb58dd6ce267d852be9d2978af Author: Andreas Schneider a...@samba.org Date: Mon Jun 20 15:39:36 2011 +0200 s3-rpc_client: Fix some valgrind warnings. These are in/out values and need to be initialized. Signed-off-by: Günther Deschner g...@samba.org commit 0b5e5db218451effe667e50ca0d0783e7878c748 Author: Günther Deschner g...@samba.org Date: Tue Jun 21 15:06:27 2011 +0200 s4-smbtorture: rework the spoolss notify test a bit. Guenther commit 834dcdb35df6c56391cef240accf39b4a3b0c48a Author: Günther Deschner g...@samba.org Date: Mon Jun 20 18:01:38 2011 +0200 s4-smbtorture: use ipv4 addresses for backchannel spoolss change notify connections for now. Guenther --- Summary of changes: source3/rpc_client/cli_winreg.c | 22 +--- source3/rpc_server/spoolss/srv_spoolss_nt.c |6 ++-- source3/rpc_server/spoolss/srv_spoolss_util.c | 10 source4/torture/rpc/spoolss_notify.c | 33 - 4 files changed, 36 insertions(+), 35 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_winreg.c b/source3/rpc_client/cli_winreg.c index 3731fc7..e5ebc25 100644 --- a/source3/rpc_client/cli_winreg.c +++ b/source3/rpc_client/cli_winreg.c @@ -33,7 +33,7 @@ NTSTATUS dcerpc_winreg_query_dword(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; uint32_t value_len = 0; uint32_t data_size = 0; WERROR result = WERR_OK; @@ -69,7 +69,7 @@ NTSTATUS dcerpc_winreg_query_dword(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -108,13 +108,14 @@ NTSTATUS dcerpc_winreg_query_binary(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; NTSTATUS status; DATA_BLOB blob; + ZERO_STRUCT(wvalue); wvalue.name = value; status = dcerpc_winreg_QueryValue(h, @@ -139,7 +140,7 @@ NTSTATUS dcerpc_winreg_query_binary(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -179,7 +180,7 @@ NTSTATUS dcerpc_winreg_query_multi_sz(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; @@ -210,7 +211,7 @@ NTSTATUS dcerpc_winreg_query_multi_sz(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -254,7 +255,7 @@ NTSTATUS dcerpc_winreg_query_sz(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; @@ -285,7 +286,7 @@ NTSTATUS dcerpc_winreg_query_sz(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx,
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 08e64ab docs: fix the missing parameter description section in the smb.conf manpage from a33b603 libreplace: include sys/file.h only when available http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 08e64ab50b9202ccbc6c0b397f9ac8cc467c2254 Author: Michael Adam ob...@samba.org Date: Tue Apr 5 23:07:01 2011 +0200 docs: fix the missing parameter description section in the smb.conf manpage The smb.conf (5) manpage recently sometimes failed to contain the contents of the description of each parameter section. The reason was a unreliable chain of dependencies in the Makefile. The error can be reproduced by touching manpages-3/smb.conf.5.xml and then building the manpages. Then smb.conf.5.xml is newer than any of the smbdotconf/*/*.xml files and hence the intermediate inexistent parameters.*.xml don't get generated. This patch fixes this problem by introducing a phony parameters target referencing the parameters.*.xml targets, so that they get build unconditionally. Fix bug #7997 (smb.conf.5 manpage truncated in 3.5.8). --- Summary of changes: docs-xml/Makefile | 10 +- 1 files changed, 9 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/Makefile b/docs-xml/Makefile index 40a6c7b..40aa161 100644 --- a/docs-xml/Makefile +++ b/docs-xml/Makefile @@ -181,7 +181,15 @@ $(TEXINFODIR)/%.info: $(TEXINFODIR)/%.texi $(MAKEINFO) --no-validate --force -o $@ $ # Manpages -$(MANPAGEDIR3)/smb.conf.5.xml: $(SMBDOTCONFDOC)/parameters.all.xml $(SMBDOTCONFDOC)/parameters.service.xml $(SMBDOTCONFDOC)/parameters.global.xml +$(MANPAGEDIR3)/smb.conf.5.xml: parameters + +# The phony parameters target exists in order to always create the +# the parameters xml files. Otherwise, when parameters.*.xml does not exist +# yet, the parameters are not generated when smb.conf.5.xml is newer than +# any smbdotconf/*/*.xml file ... +.PHONY: parameters + +parameters: $(SMBDOTCONFDOC)/parameters.all.xml $(SMBDOTCONFDOC)/parameters.service.xml $(SMBDOTCONFDOC)/parameters.global.xml $(SMBDOTCONFDOC)/parameters.all.xml: $(wildcard $(SMBDOTCONFDOC)/*/*.xml) $(SMBDOTCONFDOC)/generate-file-list.sh $(SMBDOTCONFDOC)/generate-file-list.sh $(SMBDOTCONFDOC) $@ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via d42bf67 s3: Fix bug 8238 -- KB2536276 prevents access to shares from 08e64ab docs: fix the missing parameter description section in the smb.conf manpage http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit d42bf679b0807ebc47f43c62d4b883e0b5096abb Author: Volker Lendecke v...@samba.org Date: Thu Jun 16 22:20:49 2011 +0200 s3: Fix bug 8238 -- KB2536276 prevents access to shares Without this we were not sending the workgroup name in the negprot reply if plain text passwords are used. --- Summary of changes: source3/smbd/negprot.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 81d29d9..51ad80d 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -382,6 +382,7 @@ static void reply_nt1(struct smb_request *req, uint16 choice) reply_nterror(req, NT_STATUS_NO_MEMORY); return; } + p += ret; DEBUG(3,(not using SPNEGO\n)); } else { DATA_BLOB spnego_blob = negprot_spnego(); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 4b414fb s3:net-man: registry enumerate_recursive via 60dc766 s3:net-man: registry deletekey deletekey_recursive via c890198 s3:net-man: missing dot via 6c165c8 s3:net registry: polish output of net registry enumerate[_recursive] via d4faa39 s3:net: registry: use recursive implementation for enumerate via 901544f s3:net: registry: add new command enumerate_recursive from b08149c s3: improve WHATSNEW around kerberos changes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 4b414fbdf8741f0eada3593c9f4f86fa86d363ef Author: Gregor Beck gb...@sernet.de Date: Tue May 31 18:26:12 2011 +0200 s3:net-man: registry enumerate_recursive Signed-off-by: Michael Adam ob...@samba.org Autobuild-User: Michael Adam ob...@samba.org Autobuild-Date: Wed Jun 1 17:16:05 CEST 2011 on sn-devel-104 commit 60dc766070bd04735cf33b27fb207a8107831257 Author: Gregor Beck gb...@sernet.de Date: Tue May 31 18:25:53 2011 +0200 s3:net-man: registry deletekey deletekey_recursive Signed-off-by: Michael Adam ob...@samba.org commit c890198f9635332525c22783ee72088fd8b0e8c8 Author: Gregor Beck gb...@sernet.de Date: Tue May 31 18:15:38 2011 +0200 s3:net-man: missing dot Signed-off-by: Michael Adam ob...@samba.org commit 6c165c84e3482264d9bd6475cb6bc08ad170e268 Author: Michael Adam ob...@samba.org Date: Mon May 30 16:54:47 2011 +0200 s3:net registry: polish output of net registry enumerate[_recursive] so that net registry enumerate output is as before, and net registry enumerate_recursive is formatted more nicely (cherry picked from commit 0d746f653e76de52985d543a15fd6ee3bf2f4823) Fix bug: #8193 commit d4faa39a76c0c594683fdb6496edbc5f967b24a6 Author: Gregor Beck gb...@sernet.de Date: Mon May 30 10:24:16 2011 +0200 s3:net: registry: use recursive implementation for enumerate Signed-off-by: Michael Adam ob...@samba.org (cherry picked from commit 5ec479fa0c9db4072541d46345164542d037cfc9) Fix bug: #8193 commit 901544fcc736457f234c250850819cc2cf3fcc14 Author: Gregor Beck gb...@sernet.de Date: Mon May 30 08:58:34 2011 +0200 s3:net: registry: add new command enumerate_recursive Signed-off-by: Michael Adam ob...@samba.org (cherry picked from commit 22011ddc9e72c8a201e3ca6e01745a68738d5916) Fix bug: #8193 --- Summary of changes: docs-xml/manpages-3/net.8.xml | 17 +- source3/utils/net_registry.c | 135 ++--- 2 files changed, 128 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index 18c74ef..fac9ba6 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -1854,8 +1854,10 @@ Manipulate Samba's registry. paraThe registry commands are: simplelist membernet registry enumerate - Enumerate registry keys and values./member +membernet registry enumerate_recursive - Enumerate registry key and its subkeys./member membernet registry createkey - Create a new registry key./member membernet registry deletekey - Delete a registry key./member +membernet registry deletekey_recursive - Delete a registry key with subkeys./member membernet registry getvalue- Print a registry value./member membernet registry getvalueraw - Print a registry value (raw format)./member membernet registry setvalue- Set a new registry value./member @@ -1878,7 +1880,13 @@ string./member refsect3 titleREGISTRY ENUMERATE replaceablekey/replaceable /title - paraEnumerate subkeys and values of emphasiskey/emphasis + paraEnumerate subkeys and values of emphasiskey/emphasis. + /para +/refsect3 + +refsect3 + titleREGISTRY ENUMERATE_RECURSIVE replaceablekey/replaceable /title + paraEnumerate values of emphasiskey/emphasis and its subkeys. /para /refsect3 @@ -1890,6 +1898,13 @@ string./member refsect3 titleREGISTRY DELETEKEY replaceablekey/replaceable /title + paraDelete the given emphasiskey/emphasis and its + values from the registry, if it has no subkeys. + /para +/refsect3 + +refsect3 + titleREGISTRY DELETEKEY_RECURSIVE replaceablekey/replaceable /title paraDelete the given emphasiskey/emphasis and all of its subkeys and values from the registry. /para diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c index dcc88a9..0acd8c4 100644 --- a/source3/utils/net_registry.c +++ b/source3/utils/net_registry.c @@ -122,23 +122,88 @@ done: return werr; } +static WERROR registry_enumkey(struct registry_key* parent, const char* keyname, bool recursive) +{ + WERROR werr; + TALLOC_CTX *ctx = talloc_stackframe(); + char* subkey_name; +
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via a1a1a58 s3:idmap_autorid: remove redundant code via 496e472 s3:idmap_autorid: in initialize, don't leak storedconfig to talloc_tos() in the success case via ea0b87a s3:idmap_autorid: use idmap config * : rangesize instead of autorid : rangesize via 06c5f80 s3:idmap_autorid: fail initialization if the domain is not * from 4b414fb s3:net-man: registry enumerate_recursive http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit a1a1a58101319034ea437544313591cb0fd7e7f3 Author: Michael Adam ob...@samba.org Date: Fri Jun 10 00:50:42 2011 +0200 s3:idmap_autorid: remove redundant code The last 4 patches address bug #8213 (Fixes in idmap_autorid). commit 496e472894c3fbd543fac88c0c2d304116d64ff8 Author: Michael Adam ob...@samba.org Date: Fri Jun 10 00:49:37 2011 +0200 s3:idmap_autorid: in initialize, don't leak storedconfig to talloc_tos() in the success case commit ea0b87a6e9857c27383ae3fac2c37c61427d31fc Author: Michael Adam ob...@samba.org Date: Fri Jun 10 00:46:19 2011 +0200 s3:idmap_autorid: use idmap config * : rangesize instead of autorid : rangesize commit 06c5f80ff079c39a3cea10f8a8fc3cc86e04c571 Author: Michael Adam ob...@samba.org Date: Tue Jun 7 15:53:49 2011 +0200 s3:idmap_autorid: fail initialization if the domain is not * autorid can only be used as a backend for the default idmap configuration. --- Summary of changes: source3/winbindd/idmap_autorid.c | 19 --- 1 files changed, 12 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 1f4af33..4028a46 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -436,6 +436,13 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) NTSTATUS status; uint32_t hwm; + if (!strequal(dom-name, *)) { + DEBUG(0, (idmap_autorid_initialize: Error: autorid configured + for domain '%s'. But autorid can only be used for + the default idmap configuration.\n, dom-name)); + return NT_STATUS_INVALID_PARAMETER; + } + config = TALLOC_ZERO_P(dom, struct autorid_global_config); if (!config) { DEBUG(0, (Out of memory!\n)); @@ -448,7 +455,7 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) } config-minvalue = dom-low_id; - config-rangesize = lp_parm_int(-1, autorid, rangesize, 10); + config-rangesize = lp_parm_int(-1, idmap config *, rangesize, 10); if (config-rangesize 2000) { DEBUG(1, (autorid rangesize must be at least 2000\n)); @@ -523,14 +530,12 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) dom-private_data = config; - if (!NT_STATUS_IS_OK(status)) { - goto error; - } + goto done; - return NT_STATUS_OK; - - error: +error: talloc_free(config); + +done: talloc_free(storedconfig); return status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 229c724 s3-spoolss: Fix some valgrind warnings. via 7bf1418 s3-rpc_client: Fix some valgrind warnings. from a1a1a58 s3:idmap_autorid: remove redundant code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 229c7246823f3c156d065546b526f11d1298210e Author: Andreas Schneider a...@samba.org Date: Mon Jun 20 19:27:01 2011 +0200 s3-spoolss: Fix some valgrind warnings. These are in/out values and need to be initialized. The last 2 patches address bug #8240 (valgrind warnings in winreg/spoolss code). commit 7bf1418e9cfe313ee4873853d2ee41ca344f8ee0 Author: Andreas Schneider a...@samba.org Date: Mon Jun 20 15:39:36 2011 +0200 s3-rpc_client: Fix some valgrind warnings. These are in/out values and need to be initialized. --- Summary of changes: source3/rpc_client/cli_winreg.c | 22 -- source3/rpc_server/spoolss/srv_spoolss_nt.c |6 +++--- source3/rpc_server/spoolss/srv_spoolss_util.c | 10 +- 3 files changed, 20 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_winreg.c b/source3/rpc_client/cli_winreg.c index 2517dbc..304d5b4 100644 --- a/source3/rpc_client/cli_winreg.c +++ b/source3/rpc_client/cli_winreg.c @@ -33,7 +33,7 @@ NTSTATUS dcerpc_winreg_query_dword(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; uint32_t value_len = 0; uint32_t data_size = 0; WERROR result = WERR_OK; @@ -69,7 +69,7 @@ NTSTATUS dcerpc_winreg_query_dword(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -108,13 +108,14 @@ NTSTATUS dcerpc_winreg_query_binary(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; NTSTATUS status; DATA_BLOB blob; + ZERO_STRUCT(wvalue); wvalue.name = value; status = dcerpc_winreg_QueryValue(h, @@ -139,7 +140,7 @@ NTSTATUS dcerpc_winreg_query_binary(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -179,7 +180,7 @@ NTSTATUS dcerpc_winreg_query_multi_sz(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; @@ -210,7 +211,7 @@ NTSTATUS dcerpc_winreg_query_multi_sz(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -254,7 +255,7 @@ NTSTATUS dcerpc_winreg_query_sz(TALLOC_CTX *mem_ctx, WERROR *pwerr) { struct winreg_String wvalue; - enum winreg_Type type; + enum winreg_Type type = REG_NONE; WERROR result = WERR_OK; uint32_t value_len = 0; uint32_t data_size = 0; @@ -285,7 +286,7 @@ NTSTATUS dcerpc_winreg_query_sz(TALLOC_CTX *mem_ctx, return status; } - blob = data_blob_talloc(mem_ctx, NULL, data_size); + blob = data_blob_talloc_zero(mem_ctx, data_size); if (blob.data == NULL) { *pwerr = WERR_NOMEM; return status; @@ -380,13 +381,14 @@ NTSTATUS dcerpc_winreg_set_dword(TALLOC_CTX *mem_ctx, uint32_t data, WERROR *pwerr) { - struct winreg_String wvalue = { 0, }; + struct winreg_String wvalue; DATA_BLOB blob; WERROR result = WERR_OK; NTSTATUS status; + ZERO_STRUCT(wvalue); wvalue.name = value; - blob = data_blob_talloc(mem_ctx, NULL, 4); + blob = data_blob_talloc_zero(mem_ctx, 4); SIVAL(blob.data, 0, data); status = dcerpc_winreg_SetValue(h, diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8a7a3c6 s3: Fix Coverity ID 2582: FORWARD_NULL from 229c724 s3-spoolss: Fix some valgrind warnings. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8a7a3c6704d8f2c48c8fbc2ad1bddb5b67131b4c Author: Volker Lendecke v...@samba.org Date: Sun Jun 19 19:23:47 2011 +0200 s3: Fix Coverity ID 2582: FORWARD_NULL Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Sun Jun 19 20:46:43 CEST 2011 on sn-devel-104 (cherry picked from commit 5290faca7a5ae5f3f0309a42586768a5c93bfb9d) Fix bug #8247 (SMB2 shadow copy can be crashed remotely). --- Summary of changes: source3/smbd/smb2_ioctl.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c index 3ee0453..21cc1be 100644 --- a/source3/smbd/smb2_ioctl.c +++ b/source3/smbd/smb2_ioctl.c @@ -398,6 +398,11 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx, char *pdata; NTSTATUS status; + if (fsp == NULL) { + tevent_req_nterror(req, NT_STATUS_FILE_CLOSED); + return tevent_req_post(req, ev); + } + if (in_max_output 16) { DEBUG(0,(FSCTL_GET_SHADOW_COPY_DATA: in_max_output(%u) 16 is invalid!\n, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 11008f1 s3:modules fix Bug 8244 - Cannot copy files larger than 2 GB to Samba share from 8a7a3c6 s3: Fix Coverity ID 2582: FORWARD_NULL http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 11008f1c73afdd86e7fa929fe37675c57ae2c32c Author: Christian Ambach a...@samba.org Date: Fri Jun 17 21:54:30 2011 +0200 s3:modules fix Bug 8244 - Cannot copy files larger than 2 GB to Samba share the time_audit module uses int instead of uint64 as return value in get_alloc_size so that sizes of files larger than 2 GB are cut of leading to wrong replies to NtCreateAndX and Windows clients giving up While checking the types of all functions, I found two more wrong return value types that needed correction Autobuild-User: Christian Ambach a...@samba.org Autobuild-Date: Fri Jun 17 23:11:10 CEST 2011 on sn-devel-104 (cherry picked from commit bb66504dadf56366ea30697ae73673de3df08132) --- Summary of changes: source3/modules/vfs_time_audit.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_time_audit.c b/source3/modules/vfs_time_audit.c index d21542c..365e3b1 100644 --- a/source3/modules/vfs_time_audit.c +++ b/source3/modules/vfs_time_audit.c @@ -564,7 +564,7 @@ static SMB_OFF_T smb_time_audit_lseek(vfs_handle_struct *handle, files_struct *fsp, SMB_OFF_T offset, int whence) { - ssize_t result; + SMB_OFF_T result; struct timespec ts1,ts2; double timediff; @@ -721,7 +721,7 @@ static uint64_t smb_time_audit_get_alloc_size(vfs_handle_struct *handle, files_struct *fsp, const SMB_STRUCT_STAT *sbuf) { - int result; + uint64_t result; struct timespec ts1,ts2; double timediff; @@ -2216,7 +2216,7 @@ static ssize_t smb_time_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb) { - int result; + ssize_t result; struct timespec ts1,ts2; double timediff; -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via ab39177 List 3.4.13 also. from 8925b0c [PATCH] s3-WHATSNEW 3.5.9 Add information on kerberos change http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit ab39177e6812757523ac58641b677663c433e747 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 21 20:37:33 2011 +0200 List 3.4.13 also. Karolin --- Summary of changes: history/header_history.html |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/history/header_history.html b/history/header_history.html index 3df30e0..8b2fb0c 100755 --- a/history/header_history.html +++ b/history/header_history.html @@ -19,6 +19,7 @@ lia href=samba-3.5.2.htmlsamba-3.5.2/a/li lia href=samba-3.5.1.htmlsamba-3.5.1/a/li lia href=samba-3.5.0.htmlsamba-3.5.0/a/li + lia href=samba-3.4.13.htmlsamba-3.4.13/a/li lia href=samba-3.4.12.htmlsamba-3.4.12/a/li lia href=samba-3.4.11.htmlsamba-3.4.11/a/li lia href=samba-3.4.10.htmlsamba-3.4.10/a/li -- Samba Website Repository