[Samba] 4.0.6 error: AD based DNS cannot be used
I need Bind so that dynamic dns will work with Linux clients. This was OK in 4.0.5. Any ideas anyone? Provisioning with or moving to BIND9_DLZ produces the error: samba_upgradedns --dns-backend=BIND9_DLZ Reading domain information DNS accounts already exist No zone file /usr/local/samba/private/dns/HH3.SITE.zone DNS records will be automatically created DNS partitions already exist Adding dns-hh16 account Failed to setup database for BIND, AD based DNS cannot be used Traceback (most recent call last): File /usr/local/samba/sbin/samba_upgradedns, line 454, in module domainguid) File /usr/local/samba/lib64/python2.7/site-packages/samba/provision/sambadns.py, line 805, in create_samdb_copy os.path.join(dns_dir, sam.ldb)) File /usr/local/samba/lib64/python2.7/site-packages/samba/tdb_util.py, line 36, in tdb_copy status = subprocess.call(tdbbackup_cmd, close_fds=True, shell=False) File /usr/lib64/python2.7/subprocess.py, line 493, in call return Popen(*popenargs, **kwargs).wait() File /usr/lib64/python2.7/subprocess.py, line 679, in __init__ errread, errwrite) File /usr/lib64/python2.7/subprocess.py, line 1249, in _execute_child raise child_exception OSError: [Errno 2] No such file or directory -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba fsmo/demote/unjoin trouble after crash
Fixed this mess. If anybody else needs this: 1) samba_backup on working good DC :) 2) rm -rfv private/* var/{lock,locks}/*.{t,l}db on bad server 3) rejoin with the same name *and* the same site it was on 4a) TRY to demote: this will luckily work but not for me 4b) samba-tool dbcheck --cross-ncs --fix --yes Search for registered DC'as: ldbsearch (invocationid=*) objectguid Search for entries of your bad DC: ldbsearch (objectguid=GUID_FROM_BAD_SERVER) Here I've got only 1 entry: that is NTDS settings (maybe there should be more?) Only after i've deleted NTDS settings, I *was* *able* to delete server from database (with windows DSA tools) ldbdel CN=NTDS Settings,CN=SERVER_NAME,CN=Servers,CN=SITE_NAME, CN=Sites,CN=Configuration,YOUR_DOMAIN in form DC=DOMAIN,DC=EXAMPLE,DC=COM You now *can* delete the server from sites services AND computers users samba-tool dbcheck --cross-ncs --fix --yes (haven't got any, but who knows. 5) Rejoin your bad server again (if it *is* needed) 6) Everything is working flawlessly now. Side note: ldbsearch / ldbedit / ldbdel DID NOT WOTK for me with kerberos (-k yes), though kinit is fine, so use it like this: ldbsearch -UAdministrator --password your password --cross-ncs ldap://localhost .. All ldb* and dbcheck commands were run from *running**good DC* If dbcheck complains about bad owner GUID on NTDS Settings, you might have dublicated msDS-hasMasterNCs. and dbcheck is *NOT* fixing this. Just delete duplicated lines (for me this was ForestDnsZones and DomainDnsZones) with ldbedit... otherwise samba will keep crashing with SIGSEGV One of the DC's was not able to replicate after first rejoin - delete was needed Double / tripple or even more *check the netbios name= in your smb.conf* - this is how i've got 2 DC names in the database (but only 1 join) Demote *will not work*, if your bad server has DNS zones configured (on SAMBA LDAP) Demote complains about *2 roles still on server,* but no list witch ones (presumably the ForestDnsZones and DomainDnsZones) Thanks all for help 2013.05.21 00:46, Andrew Bartlett rašė: On Wed, 2013-05-15 at 10:09 +0300, Giedrius wrote: 2013.05.14 18:48, Denis Cardon rašė: Hi Giedrius, i've got initial setup on DC1 (4.0.1)... all working good and flawless Added additional geographically distributed controllers (DC2, DC3, DC4,DC5) with 4.0.5 - no problem. All PC's can connect to their own site/DC Transferred all FSMO's to DC2 - transferred successfully (with seize error bug) DC1 crashed badly during maintenance, SAMBA was updated to 4.0.5, data restored from backup. Now, the problem is: 1) DC1 sees itself as owner of all FSMO's, although DC[2,3,4,5] sees DC2 as owner of FSMO's 3) DC1 is missing some users (created between backup and crash), wbinfo for these users return E_DOMAIN_NOT_FOUND 4) Got decrypt integrity check failed errors, fixed with chtdcpass, witch not results to Failed to find HOST$#DOMAIN(kvno) (client reboot seems to fix this) 4) any attempt to replicate missing information from DC2/DC3 to DC1 (samba-tool drs replicate) results in errors after it (cannot find own NTDS) 5) impossible to demote / unjoin server and provision from scratch - some DRS errors Question is: how can i change FSMO owner (ldbedit ?) on DC1 to be DC2 and then: a) replicate missing users (and computer trust accounts) to DC1 b) force removing DC1 from domain for good ( reinstall from scratch ) Domain as a whole recreation from scratch is sadly *not* an option :( On https://wiki.samba.org/index.php/Backup_and_Recovery#General it is clearly stated that you shouldn't restore a DC from backup in a multi DC environment. Ok, my bad. Others DC have evolved since you backed up your data, and you cannot have synchronisation with the other DCs. It is not a Samba problem, but it is by design because the multi master replication between DCs. You should just re-install samba4 4.0.5 on your DC1 server, and then join it to the domain as a DC, it will synchronise and all will be back to normal. But how do i force remove the old server from domain ? (Windows tools and samba's net unjoin failed) Just re-join it with the same name, that does as much as we can do. It isn't perfectly ideal, but it should be good enough. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] userAccountControl can't be set to 0x800002 (8388610, UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED):samldb: Unrecognized account type
the userAccountControl value becomes 0x202 (514) after 0x82 was written to active directory of windows server 2003, so it looks like UF_NORMAL_ACCOUNT (0x200) is really implied. Original -- From: Andrew Bartlettabart...@samba.org; Date: Tue, May 28, 2013 10:50 AM To: Tidelovet...@qq.com; Cc: sambasamba@lists.samba.org; Subject: Re: [Samba] userAccountControl can't be set to 0x82 (8388610,UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED):samldb: Unrecognized account type On Tue, 2013-05-28 at 10:32 +0800, Tide wrote: We have a third party mail system which can write/read accounts to/from AD using ldaps protocol, it works fine with active directory of windows server 2003. When I test the mail system with samba4 DC, I can't disable user from the mail system, because the mail system write 0x82 (8388610,UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED) to userAccountControl field of AD/samba4, and samldb returns Unrecognized account type error. Is this expected behaviour or a possible bug? # test from command line ldbedit --show-binary -H /usr/local/samba/private/sam.ldb sAMAccountName=YOUR_ACCOUNT userAccountControl # then change userAccountControl to 8388610, save, quit editor If it works against Windows and doesn't work against Samba, it's a bug. We need to know what the value becomes after you do this against windows, then then we need the tests updated to cover this case. Presumably the UF_NORMAL_ACCOUNT flag is implied. Once that's done, it shouldn't be too hard to also imply it. Any chance you can look into this for us? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smb.conf sync
On Mon, 2013-05-27 at 16:56 +0200, Michael De Groote wrote: watch out when you do that!! i killed one of my previous test-setups by doing that when i forgot to change the netbios name for the second machine Our fix for that sort of problem is to have /etc/samba/netbiosname.conf which is different on each host (and just sets the netbios name, but obviously you can extend that idea to whatever machine-specific settings need to be different), have a smb.conf that includes that file, and then I can ensure that the master smb.conf is synced between multiple machines. Adam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smb.conf sync
I solved the shared data problem with heartbeat+drbd combo so that should not be a problem. TDB files data should be syncronized between my domain members or am I wrong? Regards, Robert 2013/5/27 Marc Muehlfeld sa...@marc-muehlfeld.de Hello Robert, Am 27.05.2013 21:37, schrieb Sandbox: Just a quick question. Do I have to syncronise my smb.conf file between my servers? No. And it would be a bad idea. Each Samba server has it's own smb.conf, with it's own shares/paths/server name/etc. If you mix there something (e. g. twice the same DC name in your network), you maybe confuse everything in your network. That was the reason why I thought about this, I sat up the DC, and joined to the DC with my other Samba. But I asked myself if the master server dies for any reason the member server how could provide the shares if there is only basic smb.conf settings on the member server. It's not just done with syncing the smb.conf. If an other server should take over the job of the failed one, you also would need the whole share data on the second host, the servers tdb files, etc - what brings you to the clustering topic. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.6.6 - Debian 7
Hi, I use Samba + Ldapas a domain controller but after the update the version of Debian6 to Debain 7I can't authenticate my users in the Samba server. logs: [2013/05/23 08:29:55.811240, 1] auth/server_info.c:386(samu_to_SamInfo3) The primary group domain sid(S-1-5-21-3651478259-4121578499-3132057975-513) does not match the domain sid(S-1-5-21-3182595135-1874831366-4239877494) for user(S-1-5-21-3182595135-1874831366-4239877494-60012) [2013/05/23 08:29:55.811383, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL' # net getlocalsid SID for domain ROCKY is: S-1-5-21-2260219023-4180104146-1160048873 # net getdomainsid SID for local machine ROCKY is: S-1-5-21-2260219023-4180104146-1160048873 SID for domain PRINTERRESERVA is: S-1-5-21-3651478259-4121578499-3132057975 #pdbedit -v user User SID: S-1-5-21-3182595135-1874831366-4239877494-60012 Primary Group SID: S-1-5-21-3651478259-4121578499-3132057975-513 Thanks, Marcos. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New Samba Error We Have Not Seen Before
-Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Monday, May 27, 2013 5:03 PM To: Robinson, Eric Cc: samba@lists.samba.org Subject: Re: [Samba] New Samba Error We Have Not Seen Before On Mon, 2013-05-27 at 18:32 +, Robinson, Eric wrote: We have about 40 samba servers in our domain. The two newest ones are throwing an error we've never seen before. [root@vmhost06a samba]# net join Enter root's password: dos charset 'CP850' unavailable - using ASCII This worries me. I think it may be the source of your issue. It suggests your build was without iconv support! (We removed the internal code page handling in 3.6 from memory, relying on the system to handle it for us). convert_string_talloc: Conversion not supported. Failed to join domain: failed to lookup DC info for domain 'MYCHARTS.MD' over rpc: Memory allocation error ADS join did not work, falling back to RPC... convert_string_talloc: Conversion not supported. Connection failed: NT_STATUS_NO_MEMORY Enter root's password: convert_string_talloc: Conversion not supported. Could not connect to server RPT01 Connection failed: NT_STATUS_NO_MEMORY Any thoughts? Possibly related: It alwways says could not connect to server RPT01. I'm not sure why it says this since RPT01 is our oldest domain controller and it is not referenced in any of the config files. Only servers DC01 and TS04 are mentioned in krb5.conf. I suppose it must be getting it from DNS, but why only RPT01? Samba version info follows... [root@vmhost06a samba]# rpm -qa|grep -i samba samba-winbind-3.6.9-151.el6.x86_64 samba-3.6.9-151.el6.x86_64 samba-common-3.6.9-151.el6.x86_64 samba-client-3.6.9-151.el6.x86_64 samba-winbind-clients-3.6.9-151.el6.x86_64 It seems unlikely that these RPMs are built without iconv support, but can you verify by getting us the output of smbd -b? Thanks, Andrew Bartlett -- Hi Andrew -- Here is the output you asked for... [root@vmhost06a samba]# smbd -b Build environment: Built by:mockbu...@c6b7.bsys.dev.centos.org Built on:Fri Feb 22 04:08:22 UTC 2013 Built using: gcc Build host: Linux c6b7.bsys.dev.centos.org 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT 2011 x86_64 x86_64 x86_64 GNU/Linux SRCDIR: /builddir/build/BUILD/samba-3.6.9/source3 BUILDDIR:/builddir/build/BUILD/samba-3.6.9/source3 Paths: SBINDIR: /usr/sbin BINDIR: /usr/bin SWATDIR: /usr/share/swat CONFIGFILE: /etc/samba/smb.conf LOGFILEBASE: /var/log/samba LMHOSTSFILE: /etc/samba/lmhosts LIBDIR: /usr/lib64 MODULESDIR: /usr/lib64/samba SHLIBEXT: so LOCKDIR: /var/lib/samba STATEDIR: /var/lib/samba CACHEDIR: /var/lib/samba PIDDIR: /var/run SMB_PASSWD_FILE: /var/lib/samba/private/smbpasswd PRIVATE_DIR: /var/lib/samba/private NCALRPCDIR: /var/ncalrpc NMBDSOCKETDIR: /var/nmbd System Headers: HAVE_SYS_ACL_H HAVE_SYS_CAPABILITY_H HAVE_SYS_CDEFS_H HAVE_SYS_EPOLL_H HAVE_SYS_FCNTL_H HAVE_SYS_FILE_H HAVE_SYS_INOTIFY_H HAVE_SYS_IOCTL_H HAVE_SYS_IPC_H HAVE_SYS_MMAN_H HAVE_SYS_MOUNT_H HAVE_SYS_PARAM_H HAVE_SYS_PRCTL_H HAVE_SYS_QUOTA_H HAVE_SYS_RESOURCE_H HAVE_SYS_SELECT_H HAVE_SYS_SHM_H HAVE_SYS_SOCKET_H HAVE_SYS_STATFS_H HAVE_SYS_STATVFS_H HAVE_SYS_STAT_H HAVE_SYS_SYSCALL_H HAVE_SYS_SYSCTL_H HAVE_SYS_SYSLOG_H HAVE_SYS_SYSMACROS_H HAVE_SYS_TIME_H HAVE_SYS_TYPES_H HAVE_SYS_UIO_H HAVE_SYS_UNISTD_H HAVE_SYS_UN_H HAVE_SYS_VFS_H HAVE_SYS_WAIT_H HAVE_SYS_XATTR_H Headers: HAVE_ACL_LIBACL_H HAVE_AIO_H HAVE_ALLOCA_H HAVE_ARPA_INET_H HAVE_ASM_TYPES_H HAVE_ASM_UNISTD_H HAVE_ATTR_XATTR_H HAVE_CRYPT_H HAVE_CTDB_H HAVE_CTDB_PRIVATE_H HAVE_CTYPE_H HAVE_CUPS_CUPS_H HAVE_CUPS_LANGUAGE_H HAVE_DIRENT_H HAVE_DLFCN_H HAVE_EXECINFO_H HAVE_FCNTL_H HAVE_FLOAT_H HAVE_FNMATCH_H HAVE_GLOB_H HAVE_GRP_H HAVE_GSSAPI_GSSAPI_EXT_H HAVE_GSSAPI_GSSAPI_GENERIC_H HAVE_GSSAPI_GSSAPI_H HAVE_GSSAPI_H HAVE_IFADDRS_H HAVE_KRB5_H HAVE_KRB5_LOCATE_PLUGIN_H HAVE_LANGINFO_H HAVE_LASTLOG_H HAVE_LBER_H HAVE_LDAP_H HAVE_LIBINTL_H HAVE_LIMITS_H HAVE_LINUX_DQBLK_XFS_H HAVE_LINUX_FALLOC_H HAVE_LINUX_INOTIFY_H HAVE_LINUX_NETLINK_H HAVE_LINUX_RTNETLINK_H HAVE_LINUX_TYPES_H HAVE_LOCALE_H HAVE_MEMORY_H HAVE_MNTENT_H HAVE_NETDB_H HAVE_NETINET_IN_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSS_H HAVE_POLL_H HAVE_PTHREAD_H HAVE_PWD_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_EXT_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H
[Samba] Samba4 + Shared Folders
Hello dear, Could help me? I have configured a server with CentOS and Samba4, both Linux and Windows stations joined to the domain with successfully. However, I can not share access to a single set in Samba4, except share folder default (sysvol and netlogon). The error returned is Permission Denied. Follow my smb.conf: # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB active directory server role = domain controller server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [Test] path = /data/test read only = No Grateful, Diogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problems during connect to server and listing files
Hi, first time poster. I am having trouble getting one of my servers to list all the files in the directory. Consequently, it is failing to work with email when users create new sub folders ( main problem). background: we have two servers -old solaris 10 system running as server not smb master which is mail server -new linux CentOS 5.9 system running as master that also serves as file server if I create a sub folder in mail ( either Thunderbird or Outlook ) the file gets created on the CentOS system but does not get listed via imap subscribe which is running on the solaris system. The file permissions are correct and I can dump the file header which tells me that it is a mail file. But the smb server on the CentOS system apparently is not serving the file to the solaris system. Also, if I connect from a windows client to the solaris server I only get one file in the list, whereas on the CentOS system it will give the complete listing. I have some debug listing but not sure if this is shows the problem. thanks, jerry debug listing: [2013/05/28 08:37:49, 2] smbd/sesssetup.c:(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2013/05/28 08:37:49, 2] smbd/sesssetup.c:(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2013/05/28 08:37:49, 2] auth/auth.c:(319) check_ntlm_password: Authentication for user [jlowry] - [jlowry] FAILED with error NT_STATUS_WRONG_PASSWORD [2013/05/28 08:38:03, 2] smbd/sesssetup.c:(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2013/05/28 08:38:03, 2] smbd/sesssetup.c:(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2013/05/28 08:38:04, 2] auth/auth.c:(309) check_ntlm_password: authentication for user [jlowry] - [jlowry] - [jlowry] succeeded [2013/05/28 08:38:04, 0] auth/auth_util.c:(792) create_builtin_administrators: Failed to create Administrators [2013/05/28 08:38:04, 2] auth/auth_util.c:(914) create_local_nt_token: Failed to create BUILTIN\Administrators group! [2013/05/28 08:38:04, 0] auth/auth_util.c:(758) create_builtin_users: Failed to create Users [2013/05/28 08:38:04, 2] auth/auth_util.c:(941) create_local_nt_token: Failed to create BUILTIN\Users group! [2013/05/28 08:38:04, 1] smbd/service.c:(1033) bagby (10.10.10.2) connect to service jlowry initially as user jlowry (uid=1002, gid=1010) (pid 8145) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Shared Folders
First, this line in your config is formed wrong... server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate IF you have a need to define it yourself it should look like: server services = s3fs, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate I should mention however the defaults (which is what you are currently using since samba can't parse that line) should work fine, so that line can be completely removed if you'd like. Next, on to your issue. The first time you access your share you should be doing it as DOMAIN\Administrator from windows, then you can set permissions to the share by opening the share (start - run - \\smb\test ) then right clicking on a open area (non folder/non file) of your share and selecting properties, then click on the security tab and set the permissions how you would like. Hope that helps, Ricky On Tue, May 28, 2013 at 9:44 AM, Diogo Borsoi diogobor...@gmail.com wrote: Hello dear, Could help me? I have configured a server with CentOS and Samba4, both Linux and Windows stations joined to the domain with successfully. However, I can not share access to a single set in Samba4, except share folder default (sysvol and netlogon). The error returned is Permission Denied. Follow my smb.conf: # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB active directory server role = domain controller server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [Test] path = /data/test read only = No Grateful, Diogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.6.6 - Debian 7
Hi Marco, I use Samba + Ldapas a domain controller but after the update the version of Debian6 to Debain 7I can't authenticate my users in the Samba server. logs: [2013/05/23 08:29:55.811240, 1] auth/server_info.c:386(samu_to_SamInfo3) The primary group domain sid(S-1-5-21-3651478259-4121578499-3132057975-513) does not match the domain sid(S-1-5-21-3182595135-1874831366-4239877494) for user(S-1-5-21-3182595135-1874831366-4239877494-60012) [2013/05/23 08:29:55.811383, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL' # net getlocalsid SID for domain ROCKY is: S-1-5-21-2260219023-4180104146-1160048873 # net getdomainsid SID for local machine ROCKY is: S-1-5-21-2260219023-4180104146-1160048873 SID for domain PRINTERRESERVA is: S-1-5-21-3651478259-4121578499-3132057975 #pdbedit -v user User SID: S-1-5-21-3182595135-1874831366-4239877494-60012 Primary Group SID: S-1-5-21-3651478259-4121578499-3132057975-513 You user SID is composed of the domain SID (ie S-1-5-21-3182595135-1874831366-4239877494-60012), which is the same for all users and groups of a domain, and the end part which is the user RID (relative ID) -60012. Same thing for your group SID. So you can see here that the domain SID part of the user SID is not the same as the domain SID S-1-5-21-3651478259-4121578499-3132057975. That is what your debug log message basically says. I don't think that it is just a squeeze to wheezy upgrade that would have messed'up that much with you ldap entries. You should double check your ldap. And take a look at samba4, it is much easier to setup and manage. Cheers, Denis Thanks, Marcos. -- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Shared Folders
Thanks Ricky, But I wrote it wrong in e-mail, my smb.conf was as you suggested. I had already tried these steps (\\test.local\test), but it did not work, I get the message ...Permission denied... Element not found # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [teste] path = /data/teste read only = No Diogo -- = Diogo Borsoi Mobile: +55 12 91436960 http://br.linkedin.com/in/diborsoi http://diborsoi.wordpress.com/ = On Tue, May 28, 2013 at 2:49 PM, Ricky Nance ricky.na...@gmail.com wrote: First, this line in your config is formed wrong... server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate IF you have a need to define it yourself it should look like: server services = s3fs, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate I should mention however the defaults (which is what you are currently using since samba can't parse that line) should work fine, so that line can be completely removed if you'd like. Next, on to your issue. The first time you access your share you should be doing it as DOMAIN\Administrator from windows, then you can set permissions to the share by opening the share (start - run - \\smb\test ) then right clicking on a open area (non folder/non file) of your share and selecting properties, then click on the security tab and set the permissions how you would like. Hope that helps, Ricky On Tue, May 28, 2013 at 9:44 AM, Diogo Borsoi diogobor...@gmail.comwrote: Hello dear, Could help me? I have configured a server with CentOS and Samba4, both Linux and Windows stations joined to the domain with successfully. However, I can not share access to a single set in Samba4, except share folder default (sysvol and netlogon). The error returned is Permission Denied. Follow my smb.conf: # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB active directory server role = domain controller server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [Test] path = /data/test read only = No Grateful, Diogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Shared Folders
Can you test from the samba server using smbclient //localhost/teste -UAdministrator -d5 and paste the output here if it errors out? Ricky On Tue, May 28, 2013 at 1:47 PM, Diogo Borsoi diogobor...@gmail.com wrote: Thanks Ricky, But I wrote it wrong in e-mail, my smb.conf was as you suggested. I had already tried these steps (\\test.local\test), but it did not work, I get the message ...Permission denied... Element not found # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [teste] path = /data/teste read only = No Diogo -- = Diogo Borsoi Mobile: +55 12 91436960 http://br.linkedin.com/in/diborsoi http://diborsoi.wordpress.com/ = On Tue, May 28, 2013 at 2:49 PM, Ricky Nance ricky.na...@gmail.com wrote: First, this line in your config is formed wrong... server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate IF you have a need to define it yourself it should look like: server services = s3fs, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate I should mention however the defaults (which is what you are currently using since samba can't parse that line) should work fine, so that line can be completely removed if you'd like. Next, on to your issue. The first time you access your share you should be doing it as DOMAIN\Administrator from windows, then you can set permissions to the share by opening the share (start - run - \\smb\test ) then right clicking on a open area (non folder/non file) of your share and selecting properties, then click on the security tab and set the permissions how you would like. Hope that helps, Ricky On Tue, May 28, 2013 at 9:44 AM, Diogo Borsoi diogobor...@gmail.com wrote: Hello dear, Could help me? I have configured a server with CentOS and Samba4, both Linux and Windows stations joined to the domain with successfully. However, I can not share access to a single set in Samba4, except share folder default (sysvol and netlogon). The error returned is Permission Denied. Follow my smb.conf: # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB active directory server role = domain controller server = s3fs services, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [Test] path = /data/test read only = No Grateful, Diogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Shared Folders
Follow output: smbclient //localhost/teste -UAdministrator -d5 INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5 vfs: 5 idmap: 5 quota: 5 acls: 5 locking: 5 msdfs: 5 dmapi: 5 registry: 5 lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5 vfs: 5 idmap: 5 quota: 5 acls: 5 locking: 5 msdfs: 5 dmapi: 5 registry: 5 params.c:pm_process() - Processing configuration file /usr/local/samba/etc/smb. conf Processing section [global] doing parameter workgroup = TEST doing parameter realm = test.local doing parameter netbios name = SMB doing parameter server role = active directory domain controller doing parameter server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl , winbind, ntp_signd, kcc, dnsupdate pm_process() returned Yes added interface eth0 ip=192.168.137.2 bcast=192.168.137.255 netmask=255.255.255. 0 Netbios name list:- my_netbios_names[0]=SMB Client started (version 4.0.5). Enter Administrator's password: Opening cache file at /usr/local/samba/var/lock/gencache.tdb Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb sitename_fetch: No stored sitename for TEST.LOCAL no entry for localhost#20 found. resolve_lmhosts: Attempting lmhosts lookup for name localhost0x20 resolve_lmhosts: Attempting lmhosts lookup for name localhost0x20 startlmhosts: Can't open lmhosts file /usr/local/samba/etc/lmhosts. Error was No such file or directory resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: Attempting host lookup for name localhost0x20 namecache_store: storing 2 addresses for localhost#20: [::1],127.0.0.1 Connecting to ::1 at port 445 Socket options: SO_KEEPALIVE = 0 SO_REUSEADDR = 0 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 172880 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 session request ok Doing spnego session setup (blob length=96) got OID=1.2.840.48018.1.2.2 got OID=1.2.840.113554.1.2.2 got OID=1.3.6.1.4.1.311.2.2.10 got principal=not_defined_in_RFC4178@please_ignore Got challenge flags: Got NTLMSSP neg_flags=0x60898215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH Domain=[TEST] OS=[Unix] Server=[Samba 4.0.5] session setup ok tconx ok Thanks, Diogo -- = Diogo Borsoi Mobile: +55 12 91436960 http://br.linkedin.com/in/diborsoi http://diborsoi.wordpress.com/ = On Tue, May 28, 2013 at 4:05 PM, Ricky Nance ricky.na...@gmail.com wrote: Can you test from the samba server using smbclient //localhost/teste -UAdministrator -d5 and paste the output here if it errors out? Ricky On Tue, May 28, 2013 at 1:47 PM, Diogo Borsoi diogobor...@gmail.comwrote: Thanks Ricky, But I wrote it wrong in e-mail, my smb.conf was as you suggested. I had already tried these steps (\\test.local\test), but it did not work, I get the message ...Permission denied... Element not found # Global parameters [global] workgroup = TEST realm = test.local netbios name = SMB server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate [netlogon] path = /usr/local/samba/var/locks/sysvol/test.local/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [teste] path = /data/teste read only = No Diogo
Re: [Samba] userAccountControl can't be set to 0x800002 (8388610, UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED):samldb: Unrecognized account type
Matthias, Any chance you can look into this for me? Thanks, On Tue, 2013-05-28 at 15:56 +0800, Tide wrote: the userAccountControl value becomes 0x202 (514) after 0x82 was written to active directory of windows server 2003, so it looks like UF_NORMAL_ACCOUNT (0x200) is really implied. Original -- From: Andrew Bartlettabart...@samba.org; Date: Tue, May 28, 2013 10:50 AM To: Tidelovet...@qq.com; Cc: sambasamba@lists.samba.org; Subject: Re: [Samba] userAccountControl can't be set to 0x82 (8388610,UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED):samldb: Unrecognized account type On Tue, 2013-05-28 at 10:32 +0800, Tide wrote: We have a third party mail system which can write/read accounts to/from AD using ldaps protocol, it works fine with active directory of windows server 2003. When I test the mail system with samba4 DC, I can't disable user from the mail system, because the mail system write 0x82 (8388610,UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED) to userAccountControl field of AD/samba4, and samldb returns Unrecognized account type error. Is this expected behaviour or a possible bug? # test from command line ldbedit --show-binary -H /usr/local/samba/private/sam.ldb sAMAccountName=YOUR_ACCOUNT userAccountControl # then change userAccountControl to 8388610, save, quit editor If it works against Windows and doesn't work against Samba, it's a bug. We need to know what the value becomes after you do this against windows, then then we need the tests updated to cover this case. Presumably the UF_NORMAL_ACCOUNT flag is implied. Once that's done, it shouldn't be too hard to also imply it. Any chance you can look into this for us? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smb.conf sync
On Tue, 2013-05-28 at 12:45 +0200, Sandbox wrote: I solved the shared data problem with heartbeat+drbd combo so that should not be a problem. TDB files data should be syncronized between my domain members or am I wrong? Please synchronise TDB files except by using using real CTDB (which doesn't provide an AD DC). I spent much of a week trying to reconstruct a database lost this way. If this is about the AD DC, then the only safe way is to use DRS replication. The important details for the domain are synchronised over DRS, except for the sysvol share. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5a633dd s4-dns: Print/Set minimumTTL value in SOA record via 6676511 build: Remove unused mkbuildoptions.awk via dd72d85 build: Remove unused tool for config.h comparison via 4c4520a build: Remove feature tests for variables now always provided via dc6b03f build: Remove unused credentials_samba3.c via 26d36be selftest: VFSLIBDIR is not needed, the waf build knows where to find modules automatically via cbddf9e build: Remove autoconf build system from examples/VFS via f073401 passdb-machine_account_secrets: Remove #if SAMBA_BUILD_ == 4 now we only have the waf build via 2c70b0e nsswitch: Remove #if SAMBA_BUILD_ = 4 now we only have the waf build via 922fe92 lib/util/modules.c: Remove #if SAMBA_BUILD_ == 3 now we only have the waf build via 2bede9d param: Remove _SAMBA_BUILD_ checks from now the autoconf build is gone via ae14497 docs: Document removal of the autoconf build system via 11aab8a build: Remove unused preproc-dummy.c via 53c61a3 build: Remove unused linkmodules.sh script via 69c09e7 build: Remove unused revert.sh script via 26ff1f2 build: Remove unused uninstall*.sh scripts via d98f107 build: Remove unused install*.sh scripts via 167b8bd build: Remove unused build_idl.sh via c5bde69 Remove lib/netapi autoconf build system, this is now build with waf via 87049bf build: Remove unused build_idl.sh via af443d0 Remove now-unused s3-selftest.sh wrapper via 8bcaa14 Remove stub ldb_version.h and source3/include/autoconf as no longer needed via 8b2590c build: Remove autoconf directory no longer needed via 0b5c23b build: Remove unused script/mkversion.sh via a768e6b build: Remove unused install-sh via cd4b413 build: Remove autoconf build system via 97cceb5 build: No longer run autogen.sh during tarball creation via fb67cea autobuild: Remove samba3 and samba3-ctdb targets to allow autoconf removal for 4.1 from 4e76a77 waf: build position independent executables http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5a633dd6bb5be817c6b421df0c098e3428a20773 Author: Amitay Isaacs ami...@gmail.com Date: Thu Dec 6 16:10:42 2012 +1100 s4-dns: Print/Set minimumTTL value in SOA record Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue May 28 08:47:56 CEST 2013 on sn-devel-104 commit 667651132b9136e1ad9d7dc5f44dd86c66907e70 Author: Andrew Bartlett abart...@samba.org Date: Thu May 23 09:37:10 2013 +1000 build: Remove unused mkbuildoptions.awk This is not used by the waf build. Andrew Bartlett Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org commit dd72d85e928a9f52113235daaab1e71ea916aa0d Author: Andrew Bartlett abart...@samba.org Date: Wed May 22 17:05:11 2013 +1000 build: Remove unused tool for config.h comparison Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org commit 4c4520ac3794f917c831255d6598945712bcfb5c Author: Andrew Bartlett abart...@samba.org Date: Wed May 22 16:23:23 2013 +1000 build: Remove feature tests for variables now always provided These #ifdef statements were added in replacement for #if (_SAMBA_BUILD_ = 4) in fbe7ed79b0f056a9a8f44a9b42e887441d2f00d5 Andrew Bartlett Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org commit dc6b03ffa55968708576cb527f1b52a37d8e5317 Author: Andrew Bartlett abart...@samba.org Date: Wed May 22 16:16:31 2013 +1000 build: Remove unused credentials_samba3.c This file was only used by the autoconf build system. Andrew Bartlett Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org commit 26d36befa8347eb093850cc8853fd9939555d458 Author: Andrew Bartlett abart...@samba.org Date: Wed May 22 16:13:21 2013 +1000 selftest: VFSLIBDIR is not needed, the waf build knows where to find modules automatically This is why was relinks on install, because it is fixing these internal variables up. Andrew Bartlett Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org commit cbddf9e2efd856a25c6405f6893ad3a9cda1b181 Author: Andrew Bartlett abart...@samba.org Date: Wed May 22 14:22:36 2013 +1000 build: Remove autoconf build system from examples/VFS Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: David Disseldorp dd...@samba.org
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-05-28-0934/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-05-28-0934/samba3.stderr http://git.samba.org/autobuild.flakey/2013-05-28-0934/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-05-28-0934/samba.stderr http://git.samba.org/autobuild.flakey/2013-05-28-0934/samba.stdout The top commit at the time of the failure was: commit 4e76a77f622f1fa30a8ae1e011d87fc9754e1b85 Author: David Disseldorp dd...@samba.org Date: Mon May 27 17:57:01 2013 +0200 waf: build position independent executables This patch re-instates support for building Position Independent Executables using the '-fPIE' and '-pie' compiler and linker flags respectively. PIE builds are enabled by default, and can be explicitly disabled using the '--without-pie' configure argument. Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue May 28 02:56:36 CEST 2013 on sn-devel-104
[SCM] CTDB repository - branch master updated - ctdb-2.1-218-g1b5968f
The branch, master has been updated via 1b5968f6be084590667f4f15ff3bef13ed9a2973 (commit) via 25a6fd784cde96f3d20a79f70b5589b5c4aca675 (commit) via 80b3cf2c652c6098390cdd0dbb3edc648f7df487 (commit) via 85e11b9b13b3add88c1b8957be51793cc1db4f2d (commit) via 194f7a0dec26d693a5f3e6734b1c82f61f8e4d19 (commit) via 11af486754bb04899e3dc544157bf70530e66cd1 (commit) via f2ef3510407fbad29908195c58e4160d5a81e8a4 (commit) via 0ca7a98ffef50cbd06849cfbf65fb4a3d668b7bd (commit) via b2654853ce9b7c18c5874b080bc94d3118078a5d (commit) via b2b572e9049c7138bd223226475bef8fe3e01f10 (commit) via c9e36f596c63c9af7f80d7cb8d7a5c6dcca4860a (commit) from e5a5ab53173d9aa4190ddf68c4ae316d4473eb56 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 1b5968f6be084590667f4f15ff3bef13ed9a2973 Author: Martin Schwenke mar...@meltin.net Date: Tue May 28 12:01:57 2013 +1000 eventscripts: Fix statd-callout update handling 60.nfs and 60.ganesha touch $statd_update_trigger every time they're run. This stops the statd-callout updates from ever being called. Make this logic self-contained and move it to new function nfs_statd_update() in the functions file. Call this in 60.nfs and 60.ganesha with the appropriate update period as the only argument. Signed-off-by: Martin Schwenke mar...@meltin.net Reported-by: Poornima Gupte poornima.gu...@in.ibm.com commit 25a6fd784cde96f3d20a79f70b5589b5c4aca675 Author: Martin Schwenke mar...@meltin.net Date: Tue May 28 11:26:17 2013 +1000 tests/integration: Improve debug output for unhealthy cluster after restart Signed-off-by: Martin Schwenke mar...@meltin.net commit 80b3cf2c652c6098390cdd0dbb3edc648f7df487 Author: Martin Schwenke mar...@meltin.net Date: Mon May 27 15:16:28 2013 +1000 tests/scripts: Delete unused $rows and $ww variables from run_tests Signed-off-by: Martin Schwenke mar...@meltin.net commit 85e11b9b13b3add88c1b8957be51793cc1db4f2d Author: Martin Schwenke mar...@meltin.net Date: Tue May 28 14:19:32 2013 +1000 packaging: Create separate package for pcp pmda To build ctdb-pcp-pmda package, run packaging/RPM/makerpms.sh script with --with pmda option. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit 194f7a0dec26d693a5f3e6734b1c82f61f8e4d19 Author: Martin Schwenke mar...@meltin.net Date: Tue May 28 14:16:02 2013 +1000 build: Separate autoconf macros for pmda The pmda stuff is no longer built by default even if the headers are available. To build, run configure --enable-pmda. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit 11af486754bb04899e3dc544157bf70530e66cd1 Author: Martin Schwenke mar...@meltin.net Date: Tue May 28 14:16:25 2013 +1000 build: Fix install paths for pcp pmda Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit f2ef3510407fbad29908195c58e4160d5a81e8a4 Author: Martin Schwenke mar...@meltin.net Date: Mon May 27 14:43:03 2013 +1000 packaging: makerpms.sh can take multiple arguments for rpmbuild Signed-off-by: Martin Schwenke mar...@meltin.net commit 0ca7a98ffef50cbd06849cfbf65fb4a3d668b7bd Author: Martin Schwenke mar...@meltin.net Date: Mon May 27 12:56:41 2013 +1000 eventscripts: Stop NAT gateway's delete_all() from polluting the log Every time a node that wasn't the NAT gateway master gets reconfigured something like this appears in the log: ctdbd: 11.natgw: Failed to del 10.0.1.139 on dev eth1 Since this usually fails it is better to mute the error than to have it pollute the log. Signed-off-by: Martin Schwenke mar...@meltin.net commit b2654853ce9b7c18c5874b080bc94d3118078a5d Author: Martin Schwenke mar...@meltin.net Date: Mon May 27 11:29:42 2013 +1000 recoverd: Backward compatibility for nodes without IPREALLOCATED control Consider the case of upgrading a cluster node by node, where some nodes are still running older versions of CTDB without the IPREALLOCATED control. If a new node takes over as recovery master and a failover occurs, then it will attempt to send IPREALLOCATED controls to all nodes. The old nodes will fail in a fairly nondescript way (result == -1). To try to handle this situation, fall back to the EVENTSCRIPT control to handle ipreallocated. Only do this on the failed nodes. However, do not do this on nodes that timed out (they've probably implemented the control and we should call the regular fail_callback to get those nodes banned) or for stopped nodes (since they can't actually run the
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3bd686c tdb: fix logging of offets and lengths. from 5a633dd s4-dns: Print/Set minimumTTL value in SOA record http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3bd686c5ad4756af1033ac14ba09a40156cc6d47 Author: Rusty Russell ru...@rustcorp.com.au Date: Tue May 28 16:53:56 2013 +0930 tdb: fix logging of offets and lengths. We can have offsets 2G, so use unsigned values. Fixes other prints to be native types rather than casts, too. Signed-off-by: Rusty Russell ru...@rustcorp.com.au Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue May 28 11:22:14 CEST 2013 on sn-devel-104 --- Summary of changes: lib/tdb/common/check.c | 22 +++--- lib/tdb/common/dump.c|9 - lib/tdb/common/freelist.c|8 lib/tdb/common/io.c | 36 ++-- lib/tdb/common/lock.c|8 lib/tdb/common/summary.c |2 +- lib/tdb/common/transaction.c |8 7 files changed, 46 insertions(+), 47 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/check.c b/lib/tdb/common/check.c index dc38102..9f9d870 100644 --- a/lib/tdb/common/check.c +++ b/lib/tdb/common/check.c @@ -76,19 +76,19 @@ static bool tdb_check_record(struct tdb_context *tdb, /* Check rec-next: 0 or points to record offset, aligned. */ if (rec-next 0 rec-next TDB_DATA_START(tdb-hash_size)){ TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d too small next %d\n, +Record offset %u too small next %u\n, off, rec-next)); goto corrupt; } if (rec-next + sizeof(*rec) rec-next) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d too large next %d\n, +Record offset %u too large next %u\n, off, rec-next)); goto corrupt; } if ((rec-next % TDB_ALIGNMENT) != 0) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d misaligned next %d\n, +Record offset %u misaligned next %u\n, off, rec-next)); goto corrupt; } @@ -98,14 +98,14 @@ static bool tdb_check_record(struct tdb_context *tdb, /* Check rec_len: similar to rec-next, implies next record. */ if ((rec-rec_len % TDB_ALIGNMENT) != 0) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d misaligned length %d\n, +Record offset %u misaligned length %u\n, off, rec-rec_len)); goto corrupt; } /* Must fit tailer. */ if (rec-rec_len sizeof(tailer)) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d too short length %d\n, +Record offset %u too short length %u\n, off, rec-rec_len)); goto corrupt; } @@ -119,7 +119,7 @@ static bool tdb_check_record(struct tdb_context *tdb, goto corrupt; if (tailer != sizeof(*rec) + rec-rec_len) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d invalid tailer\n, off)); +Record offset %u invalid tailer\n, off)); goto corrupt; } @@ -247,7 +247,7 @@ static bool tdb_check_used_record(struct tdb_context *tdb, /* key + data + tailer must fit in record */ if (rec-key_len + rec-data_len + sizeof(tdb_off_t) rec-rec_len) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d too short for contents\n, off)); +Record offset %u too short for contents\n, off)); return false; } @@ -257,7 +257,7 @@ static bool tdb_check_used_record(struct tdb_context *tdb, if (tdb-hash_fn(key) != rec-full_hash) { TDB_LOG((tdb, TDB_DEBUG_ERROR, -Record offset %d has incorrect hash\n, off)); +Record offset %u has incorrect hash\n, off)); goto fail_put_key; } @@ -411,14 +411,14 @@ _PUBLIC_ int tdb_check(struct tdb_context *tdb, goto corrupt; TDB_LOG((tdb, TDB_DEBUG_ERROR, -Dead space at %d-%d (of %u)\n, +Dead space at %u-%u (of %u)\n, off, off + dead, tdb-map_size));
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 277831e dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents via 2d38009 torture: Add tests of rename behaviour to replica_sync.py via 6960f8e dsdb-repl_meta_data: Handle renames better, considering only the RDN as given, and then the parent as given via 54e092b dsdb-linked_attributes: Do not crash if the target GUID can not be found from 3bd686c tdb: fix logging of offets and lengths. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 277831eaf140c06bb25a3549434bc4acd4f533ec Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 17:51:56 2013 +1000 dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue May 28 18:11:00 CEST 2013 on sn-devel-104 commit 2d38009852487ab3572b66817ed0492333b5ec7d Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 15:24:25 2013 +1000 torture: Add tests of rename behaviour to replica_sync.py Reviewed-by: Stefan Metzmacher me...@samba.org commit 6960f8e4c3d683103580aa91605f951bc227dbed Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 15:19:20 2013 +1000 dsdb-repl_meta_data: Handle renames better, considering only the RDN as given, and then the parent as given This ignores the full DN as given, because the parent compents might be out of date. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 54e092bb31001879f4d7a49e36a226c27b4d9843 Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 13:52:51 2013 +1000 dsdb-linked_attributes: Do not crash if the target GUID can not be found Note that we must not give an error when we cannot find the object that should hold the backlink, there really isn't anything we can do in this case. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source4/dsdb/samdb/ldb_modules/linked_attributes.c | 15 ++ source4/dsdb/samdb/ldb_modules/repl_meta_data.c| 230 --- source4/torture/drs/python/replica_sync.py | 104 + 3 files changed, 264 insertions(+), 85 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index a55ec87..eb57f91 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -4,6 +4,7 @@ Copyright (C) Andrew Bartlett abart...@samba.org 2007 Copyright (C) Simo Sorce i...@samba.org 2008 Copyright (C) Matthieu Patou m...@matws.net 2011 + Copyright (C) Andrew Tridgell 2009 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -729,6 +730,20 @@ static int linked_attributes_fix_links(struct ldb_module *module, talloc_free(tmp_ctx); return ret; } + if (res-count == 0) { + /* Forward link without backlink object remaining - nothing to do here */ + continue; + } + if (res-count != 1) { + ldb_asprintf_errstring(ldb, Linked attribute %s-%s between %s and %s - target GUID %s found more than once!, + el-name, target-lDAPDisplayName, + ldb_dn_get_linearized(old_dn), + ldb_dn_get_linearized(dsdb_dn-dn), + GUID_string(tmp_ctx, link_guid)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + msg = res-msgs[0]; if (msg-num_elements == 0) { diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 651cdf1..98e60d7 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -94,6 +94,8 @@ struct replmd_replicated_request { bool is_urgent; }; +static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar); + enum urgent_situation { REPL_URGENT_ON_CREATE = 1, REPL_URGENT_ON_UPDATE = 2, @@ -3656,15 +3658,6 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) int ret; bool remote_isDeleted = false; - /* -* TODO: check if the parent object exist -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89edff0 net: use smbconf_create_set_share() in net conf import via caf83bc libsmbconf: add smbconf_create_set_share via 57634fd libsmbconf: fix documentation of transaction calls. from 277831e dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89edff08db367417f3032563df3ea1b546553c83 Author: Michael Adam ob...@samba.org Date: Tue May 21 16:50:49 2013 +0200 net: use smbconf_create_set_share() in net conf import Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: David Disseldorp dd...@samba.org Autobuild-User(master): Michael Adam ob...@samba.org Autobuild-Date(master): Tue May 28 20:01:12 CEST 2013 on sn-devel-104 commit caf83bcb76f52b0628f6d59e95396d16b5e3c66e Author: David Disseldorp dd...@samba.org Date: Thu May 16 11:55:04 2013 +0200 libsmbconf: add smbconf_create_set_share This call creates a new share definition, using the parameters provided with a smbconf_service structure. Such an interface allows for simple cloning of services with: smbconf_get_share(conf_ctx, mem_ctx, base_sharename, base_service_def); base_service_def-name = clone_sharename; smbconf_create_set_share(conf_ctx, base_service_def); Pair-Programmed-With: Michael Adam ob...@samba.org Signed-off-by: David Disseldorp dd...@samba.org Signed-off-by: Michael Adam ob...@samba.org commit 57634fd87d7176a1f92281ad1b3e9a565b54cfc7 Author: Michael Adam ob...@samba.org Date: Mon May 20 23:30:14 2013 +0200 libsmbconf: fix documentation of transaction calls. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: David Disseldorp dd...@samba.org --- Summary of changes: lib/smbconf/smbconf.c| 77 ++ lib/smbconf/smbconf.h| 22 - source3/utils/net_conf.c | 49 + 3 files changed, 99 insertions(+), 49 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/smbconf/smbconf.c b/lib/smbconf/smbconf.c index e0441ed..27d36ca 100644 --- a/lib/smbconf/smbconf.c +++ b/lib/smbconf/smbconf.c @@ -231,6 +231,83 @@ sbcErr smbconf_create_share(struct smbconf_ctx *ctx, } /** + * create and set the definition for a new share (service). + */ +sbcErr smbconf_create_set_share(struct smbconf_ctx *ctx, + struct smbconf_service *service) +{ + sbcErr err, err2; + int i; + uint32_t num_includes = 0; + char **includes = NULL; + TALLOC_CTX *tmp_ctx = NULL; + + if ((service-name != NULL) smbconf_share_exists(ctx, service-name)) + { + return SBC_ERR_FILE_EXISTS; + } + + err = smbconf_transaction_start(ctx); + if (!SBC_ERROR_IS_OK(err)) { + return err; + } + + tmp_ctx = talloc_stackframe(); + + err = smbconf_create_share(ctx, service-name); + if (!SBC_ERROR_IS_OK(err)) { + goto cancel; + } + + for (i = 0; i service-num_params; i++) { + if (strequal(service-param_names[i], include)) { + includes = talloc_realloc(tmp_ctx, includes, char *, + num_includes+1); + if (includes == NULL) { + err = SBC_ERR_NOMEM; + goto cancel; + } + includes[num_includes] = talloc_strdup(includes, + service-param_values[i]); + if (includes[num_includes] == NULL) { + err = SBC_ERR_NOMEM; + goto cancel; + } + num_includes++; + } else { + err = smbconf_set_parameter(ctx, + service-name, + service-param_names[i], + service-param_values[i]); + if (!SBC_ERROR_IS_OK(err)) { + goto cancel; + } + } + } + + err = smbconf_set_includes(ctx, service-name, num_includes, + (const char **)includes); + if (!SBC_ERROR_IS_OK(err)) { + goto cancel; + } + + err = smbconf_transaction_commit(ctx); + + goto done; + +cancel: + err2 = smbconf_transaction_cancel(ctx); + if (!SBC_ERROR_IS_OK(err2)) { + DEBUG(5, (__location__ : Error cancelling transaction: %s\n, +