Again, nice work Jerry!
-Tom
Gerald (Jerry) Carter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Pomroy wrote:
| I'm having similar problems with Samba 3.0.6... | | Jason, try this for scientific purposes: | | 1. Stop Samba | 2. Delete /%samba/var/locks/netsamlogon_cache.tdb | 3. Start Samba | 4. run 'getent passwd <username>' (where <username> includes the domain | name and domain separator if necessary) | | If the account shows up, my guess is that your shares | will work for that user for the moment. If you try to | access a share before that (even anonymous "\\server"), | you'll be locked out and won't be able to access | anything until you delete netsamlogon_cache.tdb and | start over.
Here's a preliminary patch. Sorry. I'm copying it to http://samba.org/~jerry/patches/post-3.0.6/winbind_getpwnam_v1.patch This patch does not ensure that we get the username case right.
cheers, jerry - --------------------------------------------------------------------- Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "If we're adding to the noise, turn off this song"--Switchfoot (2003) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBLzccIR7qMdg1EfYRAtiMAJ0VsfIcarCZ8jlIb2K299S81MoNwACgztVn 6T+hLEjCHoz0TMdnRWunlpQ= =/NeU -----END PGP SIGNATURE-----
------------------------------------------------------------------------
Index: libsmb/samlogon_cache.c
===================================================================
--- libsmb/samlogon_cache.c (revision 2082)
+++ libsmb/samlogon_cache.c (working copy)
@@ -106,9 +106,10 @@
/***********************************************************************
Store a NET_USER_INFO_3 structure in a tdb for later user + username should be in UTF-8 format
***********************************************************************/
-BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
+BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, const char * username, NET_USER_INFO_3 *user)
{
TDB_DATA data;
fstring keystr;
@@ -130,6 +131,14 @@
slprintf(keystr, sizeof(keystr), "%s", sid_string_static(&user_sid));
DEBUG(10,("netsamlogon_cache_store: SID [%s]\n", keystr));
+
+ /* only Samba fills in the username, not sure why NT doesn't */
+ /* so we fill it in since winbindd_getpwnam() makes use of it */
+
+ if ( !user->uni_user_name.buffer ) {
+ init_unistr2( &user->uni_user_name, username, STR_TERMINATE );
+ init_uni_hdr( &user->hdr_user_name, &user->uni_user_name );
+ }
/* Prepare data */
Index: nsswitch/winbindd_pam.c
===================================================================
--- nsswitch/winbindd_pam.c (revision 2082)
+++ nsswitch/winbindd_pam.c (working copy)
@@ -283,7 +283,7 @@
}
if (NT_STATUS_IS_OK(result)) {
- netsamlogon_cache_store( cli->mem_ctx, &info3 );
+ netsamlogon_cache_store( cli->mem_ctx, name_user, &info3 );
wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
/* Check if the user is in the right group */
@@ -538,7 +538,7 @@
}
if (NT_STATUS_IS_OK(result)) {
- netsamlogon_cache_store( cli->mem_ctx, &info3 );
+ netsamlogon_cache_store( cli->mem_ctx, name_user, &info3 );
wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
if (!NT_STATUS_IS_OK(result = check_info3_in_group(mem_ctx, &info3, state->request.data.auth_crap.required_membership_sid))) {
Index: auth/auth_domain.c
===================================================================
--- auth/auth_domain.c (revision 2082)
+++ auth/auth_domain.c (working copy)
@@ -205,7 +205,7 @@
} else {
nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str, user_info->smb_name.str, domain, server_info, &info3);
- netsamlogon_cache_store( mem_ctx, &info3 );
+ netsamlogon_cache_store( mem_ctx, user_info->smb_name.str, &info3 );
}
#if 0
-- _________________________________________________
Thomas Pomroy | "First, they ignore you. Systems Administrator | Then they laugh at you. UCD Fleet Services | Then they fight you. 754-8459 | Then you win." -Gandhi _________________________________________________ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
