for Makefile.in
such that it can be built using make bin/wbidmap, and the logging
patch against current winbindd_idmap.c.
Cheers!
Michael
/*
Unix SMB/Netbios implementation.
Version 2.0
Winbind idmap tdb manipulation program.
Michael Steffens [EMAIL PROTECTED]
Copyright (C) Hewlett
Hi,
recently David Shapiro complained about getent group not working
in large domain groups, in particular Domain Users:
http://lists.samba.org/pipermail/samba-technical/2002-November/040646.html
I was facing the same problem, which I found annoying because it
always blocks winbindd without
Tim Potter wrote:
On Mon, Nov 11, 2002 at 01:40:25PM +0100, Michael Steffens wrote:
The winbind enum users/groups parameter deliberately doesn't stop wbinfo
from listing the groups so there is at least one way to enumerate users
and groups.
Yes, but specifically in an environment where domains
Hi,
noticed that very recently a bunch of patches was checked
in the SAMBA_2_2 CVS tree, correcting STAT_ST_BLOCKSIZE
to be 512 for a number of platforms. (see configure and
configure.in)
It remained on 8192 for HP-UX (which is the number given
by st_blksize) and which seems to be just as wrong
[EMAIL PROTECTED] wrote:
It remained on 8192 for HP-UX (which is the number given
by st_blksize) and which seems to be just as wrong there.
The correct unit of st_blocks is 1024, instead.
I got this value from the HPUX team (who site near me in
Cupertino) but I'll check again
I first
Hi,
the attached patch prevents winbindd from corrupting the
id mapping database in case of write failure. For example when
the filesystem hosting the TDB file is full.
Storing a new meapping consists of three steps
1. allocate UID/GID (increment HWM)
2. store mapping UID/GID : SID
3. store
Ooops, bug in patch: Duplicate deletion of mapping on
rollback. Corrected version is attached. Sorry!
Michael
Index: nsswitch/winbindd_idmap.c
===
RCS file: /cvsroot/samba/source/nsswitch/winbindd_idmap.c,v
retrieving revision
Andrew Bartlett wrote:
This looks like a good idea - getting this stuff right does matter...
Even more since this db is very hard to recover with Samba onboard
facilities...
I don't like the use of uid_t for gid_t, on the assumption that they
must be the same... I know it will never happen,
Hi,
since quite some time I was observing an intermittant (thus
annoying) problem. Winbindd apparently loses connections to DCs
now and then. As multiple winbind instances are affected
simultanously, I suppose the reason for connections dying is
external. But they all fail to reconnect, then.
Celebrated too early. In sequence_number() hnd was not
initialized, and its value not tested when checking
whether to retry.
Result: bus error when querying a non-existent domain. Grr...
Corrected patch is attached. Sorry!
Michael
Index: source/nsswitch/winbindd_rpc.c
Hi Miles,
Miles Roper wrote:
Hi Drew,
No luck.
Pretty much done all that, still get all the same problems
That site was pretty good though :o)
There is one thing missing, however. If you fake winbind NSS to be
ldap, exported constructor names in winbind_nss_solaris.c also need
to be
Hi Samba team,
as 2.2.8 seems to approach now, have the following patches been
considered for it? They both don't add functionality, but rather
improve robustness, and are platform independent:
http://lists.samba.org/pipermail/samba-technical/2002-December/041413.html
prevents winbindd from
Gerald (Jerry) Carter wrote:
On Fri, 31 Jan 2003 [EMAIL PROTECTED] wrote:
They are in my inbox queue of things to merge. I have to work on HP
printing bugs as my 'day' job priority, but I have not forgotten
these and will ensure they get added before 2.2.8
But probably not for 2.2.8pre1.
Hi,
we are running a big Samba 2.2.7a server with Winbind (100 concurrent
users, 600 id mappings created since then) since last weekend.
It's running quite well! :)
However, users are complaining about Samba being very slow when
NT ACL support is enabled. I'm suspecting that winbindd is the
Hi Jeremy,
[EMAIL PROTECTED] wrote:
Damn good idea ! I think I'll look into applying some version
of this - thanks !
Many thanks to you!
Our big boy unveiled another problem with winbind and a large
number of clients (most of them smbds, but also other processes,
of course): Winbindd becomes
Esh, Andrew wrote:
I thought I was told early on in this discussion that HP-UX doesn't like
certain keywords in nsswitch.conf, and winbind is one of them. That being
the case, isn't libnss_winbind.1 useless?
Discovered recently that this is no longer true for 11.00. Patch PHCO_26089
is
Ken Cross wrote:
Currently, if you do WINBINDD_GETGRNAM to an NT domain using RPC, you
get *all* the members of a group, whether primary or supplemental.
The same call to an AD using LDAP just returns supplemental members.
My patch causes the call to either an NT domain or AD to return the
the impressions that
most people are voting for unifying to inclusion of primary group members,
who also had their valid points.
But I think this way is not necessarily a good idea. Unifying the
behaviour *is* a good idea, for sure. :)
Cheers!
Michael
-Original Message-
From: Michael
Hi,
does anyone have an idea concerning this one? Has anyone else also
seen these symptoms?
http://lists.samba.org/pipermail/samba-technical/2003-January/041748.html
The problem described in this posting occurs here, too.
The situation: A user has read/write permissions on a Word/Excel file,
Hi Don,
MCCALL,DON (HP-USA,ex1) wrote:
Hi Michael,
what's your umask for the users in question?
The umask at smbd's startup is 077, but one of the first actions of
smbd is setting it to zero. Are there any user specific umask settings
for smbd?
create mask is default (i.e. 0744). But
Hi Jeff,
Jeff Mandel wrote:
I found this is office 2000 v 9.3821 SR1 (not the latest)
We are trying to load the latest office update to see if that fixes it
first. Is anybody experiencing this with samba later than 9.4402 SR1 or
on the latest version, whatever that is?
Would also prefer to
Michael Steffens wrote:
On the other hand, in debug level 10, create_canon_ace_lists() always logs
that clients attempt to apply the corresponding allow ACEs. This part does
work correctly for W2k clients, however.
Should probably add, that I can only pretend reading level 10 logs. :)
It's
What I would be very curious about: Does 3.0 exhibit the same problem?
http://lists.samba.org/pipermail/samba-technical/2003-January/041748.html
http://lists.samba.org/pipermail/samba-technical/2003-February/042392.html
Maybe someone already running 3.0 could try?
Cheers!
Michael
Hi Ken,
Ken Cross wrote:
I've run into a problem with winbindd in both 2.2.x and 3.0 where it
just locks up after a while on large, busy networks.
We finally tracked down the problem to the fact that the C library
select function is limited by default to 256 file descriptors in
NetBSD (1024 in
Michael Steffens wrote:
Ken Cross wrote:
There is pretty much a one-to-one correspondence between the number of
smbd processes open (i.e. connected users) and winbindd file descriptors
(per fstat).
Hmm, it may be platform specific. smbd connects winbindd both directly
and via NSS. On HP-UX
David Collier-Brown -- Customer Engineering wrote:
Ken Cross wrote:
#define FD_SETSIZE 2048 /* Max # of winbindd connections */
must occur before the first invocation of sys/types.
This could be a build option, but it might be much simpler to hard-code
it in local.h, which is what I did to
Ken Cross wrote:
My $0.02...
Mike Sweet wrote:
Sooo, my recommendations are as follows:
1. Provide a configure option (--with-maxfiles or similar)
to configure the upper limit you want to support in SAMBA.
2. Provide a smb.conf option to control the max number of
file
Ken Cross wrote:
I was suggesting the other way around -- the number of winbindd fd's
shouldn't be more than the max # of smbd's (well, maybe a *few* more).
But if you are having a system hard limit of 1024 FDs per process,
for example, which you can't raise via setrlimit, you could only
Hi all,
tried to dig into it, testing with various clients, browsing level 10 logs
and hacking posic_acls.c, which are all almost equally trivial (read: oh
dear it got my head spinning. :).
I think there are basically two problem:
1. Windows clients do not always send ACEs for
[EMAIL PROTECTED] wrote:
On Wed, Feb 19, 2003 at 10:20:35PM +0100, Stefan (metze) Metzmacher wrote:
At 21:07 19.02.2003 +, [EMAIL PROTECTED] wrote:
On Wed, Feb 19, 2003 at 10:03:57PM +0100, Stefan (metze) Metzmacher wrote:
HI all,
here's a small fix for returning the correct sidtype in
Michael Steffens wrote:
[EMAIL PROTECTED] wrote:
On Wed, Feb 19, 2003 at 10:20:35PM +0100, Stefan (metze) Metzmacher
wrote:
At 21:07 19.02.2003 +, [EMAIL PROTECTED] wrote:
On Wed, Feb 19, 2003 at 10:03:57PM +0100, Stefan (metze) Metzmacher
wrote:
HI all,
here's a small fix
Hi Jeremy,
[EMAIL PROTECTED] wrote:
On Thu, Feb 20, 2003 at 01:20:14PM +0100, Michael Steffens wrote:
Hmm, I'm not sure whether the speed gain for local lookups outweighs
the costs of having them wipe winbind SID mapping cache entries.
The latter ones look more expensive to me.
Hmmm. True
Ray Frush wrote:
We've been seeing a re-curring problem on one of our Samba servers:
Samba 2.2.7 running on HP-UX 11.0.
After a week of running relatively quietly, we'll get a rash of errors
in smbd.log associated with a call from a user that their connection is
getting dropped.
I_ve been
Hi Michael,
Michael Fair wrote:
The admin would have to rechown all the files from the
old ids to the new ones, but a simple find command could
probably manage that.
How does that work? Any major wrinkles?
I'm not feeling really comfortable with winbind assigning all
UIDs and GIDs on a system,
Hi Michael,
Michael Fair wrote:
Oh yes, entirely! Nothing I mentioned was an attempt
to put winbind in control of all the UID/GIDs on a system.
I personally have never used, nor even heard of a system
that used UID/GIDs 100,000,000 and above. That's the address
space that winbind would be
Fredrik Ohrn wrote:
It seems that Samba 2.2.8 is unable to open TDB files written by older
versions. Instead it just overwrites them with a fresh file.
This caused our domain-server to loose the domain SID leaving all our NT
clients out in the cold. We use a domain SID extracted from the
Hello,
The [Samba] number of groups of NT account causes authentication
problems thread discussed the problem of dealing with NT users,
which are members of more domain global groups than the OS running
Samba can cope with.
Limits do vary, some have 16, or 20, or 32, with some platforms it's
Jan Houstek wrote:
server:
linux 2.4.19 with xfs 1.2 and its ACL
libacl 2.0.19
samba 2.2.8 compiled from source with --with-acl-support
acting as PDC
interesting parts of smb.conf
create mask = 0600
directory mask = 0700
Hello Jeff,
Jeff Mandel wrote:
As long as you're having a look, will you give a look at the mode
problem at file create time? In some cases samba over-rides the umask
and inherited acls and creates the file as r--r--r--. Only samba's force
create will kind of fix that. It's like the
Hi,
the attached enhancements of SID related debug messages were quite
useful for me for tracking down where strange SIDs winbindd
complained about are coming from.
Being there I found that my suspicous SIDs are included in the
user token from DC on domain client validation, in the other
sids
Hello Buck,
Buck Huppmann wrote:
i'm also seeing some aberrant ACL-setting behavior in samba 2.2.8. more-
over, the new Creator Owner and Creator Group semantics are bewildering,
although i can understand if, in that sense, they're just mimicking NT
behavior all the more closely. at any rate,
41 matches
Mail list logo
