Re: [Samba] firewall

2002-11-03 Thread Hesham S. Ahmed
Try adding the following rule before deny

/sbin/iptables -A INPUT -i eth0 -m state --state
ESTABLISHED,RELATED -j ACCEPT

replace eth0 with your interface. This would let ur
firewall accept any pre-established connections,
required for most cases where replies are sent to
random ports.

--- Justin Georgeson [EMAIL PROTECTED]
wrote:
 No change, interestingly enough, iptables says
 --cport is unknown 
 without -m, and I don't see mention of what -m does
 in the man page. I 
 have version 1.2.6a-2 of iptables, packaged by
 RedHat. Looking at 
 tcpdump, the netbios-ns reply packets from the
 server are being dropped 
 by my firewall. Having discovered that, I've found
 that I can mount a 
 file share by IP with my current rules. I just can't
 do netbios-ns or 
 netbios-dgm. Here is the full results of
 iptables-save
 
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 -A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
 -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport
 137:139 --syn -j ACCEPT
 -A INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0
 --dport 67:68 -j ACCEPT
 -A INPUT -p udp -m udp -s 66.150.129.229 --sport 53
 -d 0/0 -j ACCEPT
 -A INPUT -p udp -m udp -s 24.219.4.35 --sport 53 -d
 0/0 -j ACCEPT
 -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport
 137:139 -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p tcp -m tcp --syn -j REJECT
 -A INPUT -p udp -m udp -j REJECT
 COMMIT
 
 How can I allow the reply packets, since they're
 addressed to a randomly 
 selected port?
 
 James Hubbard wrote:
 
  This depends on how restrictive your firewall
 rules are but why don't
  you just use this:
 
  -A INPUT -p udp -s 192.168.1.0/24 --dport 137:139
 -i eth0 -j ACCEPT
  -A INPUT -p tcp -s 192.168.1.0/24 --dport 137:139
 -i eth0 -j ACCEPT
 
  I'm not sure what the -m stands for.  You'll need
 to change eth0 to
  match your internal ethernet card.  Make sure you
 insert this before the
  reject rules.
 
  James Hubbard
 
  Justin Georgeson wrote:
 
   Ok, so I know from `netstat --ip -lnp` that the
 only ports smbd and nmbd
   are using are TCP 139, and UDP 137 and 138. I
 find it a little odd
   though that nmbd is bound to both 0.0.0.0 AND my
 primary interface. My
   problem is that I can't access shares on a
 windows machine unless I turn
   off my firewall. I'm using RH 8 and the 2.2.6-2
 RPMs from the web page
   (working fine so far, barring this firewall
 thing). I have these rules
   added in iptables
  
   -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport
 139 --syn -j ACCEPT
   -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport
 137 -j ACCEPT
   -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport
 138 -j ACCEPT
  
   tcpdump shows ports TCP 139 and UDP 137 being
 accessed when I run
   findsmb. But nothing is listed when I do. If I
 turn off my firewall, the
   other machine on the LAN, my windows box, is
 listed. What am I missing?
  
 
 
 -- 
 To unsubscribe from this list go to the following
 URL and read the
 instructions: 
http://lists.samba.org/mailman/listinfo/samba


__
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] firewall

2002-11-03 Thread Justin Georgeson
Hrm, no change. :( Would that need the ip_conntrakc module loaded? It 
didn't have any change whether the module was loaded or not. Ultimately 
this isn't too big a deal, I'll never be doing SMB over the internet, 
and I don't have any multiple-subnet LANS anywhere, so I can just 
disable the firewall when I need SMB.

Hesham S. Ahmed wrote:

Try adding the following rule before deny

/sbin/iptables -A INPUT -i eth0 -m state --state
ESTABLISHED,RELATED -j ACCEPT

replace eth0 with your interface. This would let ur
firewall accept any pre-established connections,
required for most cases where replies are sent to
random ports.

--- Justin Georgeson
wrote:

No change, interestingly enough, iptables says
--cport is unknown
without -m, and I don't see mention of what -m does
in the man page. I
have version 1.2.6a-2 of iptables, packaged by
RedHat. Looking at
tcpdump, the netbios-ns reply packets from the
server are being dropped
by my firewall. Having discovered that, I've found
that I can mount a
file share by IP with my current rules. I just can't
do netbios-ns or
netbios-dgm. Here is the full results of
iptables-save

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport
137:139 --syn -j ACCEPT
-A INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0
--dport 67:68 -j ACCEPT
-A INPUT -p udp -m udp -s 66.150.129.229 --sport 53
-d 0/0 -j ACCEPT
-A INPUT -p udp -m udp -s 24.219.4.35 --sport 53 -d
0/0 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.1.0/24 --dport
137:139 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --syn -j REJECT
-A INPUT -p udp -m udp -j REJECT
COMMIT

How can I allow the reply packets, since they're
addressed to a randomly
selected port?

James Hubbard wrote:


This depends on how restrictive your firewall

rules are but why don't

you just use this:

-A INPUT -p udp -s 192.168.1.0/24 --dport 137:139

-i eth0 -j ACCEPT

-A INPUT -p tcp -s 192.168.1.0/24 --dport 137:139

-i eth0 -j ACCEPT

I'm not sure what the -m stands for.  You'll need

to change eth0 to

match your internal ethernet card.  Make sure you

insert this before the

reject rules.

James Hubbard

Justin Georgeson wrote:


Ok, so I know from `netstat --ip -lnp` that the

only ports smbd and nmbd

are using are TCP 139, and UDP 137 and 138. I

find it a little odd

though that nmbd is bound to both 0.0.0.0 AND my

primary interface. My

problem is that I can't access shares on a

windows machine unless I turn

off my firewall. I'm using RH 8 and the 2.2.6-2

RPMs from the web page

(working fine so far, barring this firewall

thing). I have these rules

added in iptables

-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport

139 --syn -j ACCEPT

-A INPUT -p udp -m udp -s 192.168.1.0/24 --dport

137 -j ACCEPT

-A INPUT -p udp -m udp -s 192.168.1.0/24 --dport

138 -j ACCEPT

tcpdump shows ports TCP 139 and UDP 137 being

accessed when I run

findsmb. But nothing is listed when I do. If I

turn off my firewall, the

other machine on the LAN, my windows box, is

listed. What am I missing?


--
To unsubscribe from this list go to the following
URL and read the
instructions:

http://lists.samba.org/mailman/listinfo/samba


__
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/



--
Justin Georgeson
UnBound Technologies, Inc.
http://www.unboundtech.com
Main   713.329.9330
Fax713.460.4051
Mobile 512.789.1962

5295 Hollister Road
Houston, TX 77040
Real Applications using Real Wireless Intelligence(tm)

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] No such file error when reading Win98 profiles

2002-11-03 Thread Gerald (Jerry) Carter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, 1 Nov 2002, Ed Lally wrote:

 Wanted to follow up and let you know that 2.2.6 did indeed fix the name
 mangling problem we were having.  Thanks for the tip!

Cool.  Thanks for the update.




cheers, jerry
 -
 Hewlett-Packard   - http://www.hp.com
 SAMBA Team-- http://www.samba.org
 GnuPG Key  http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed
 I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9xS4bIR7qMdg1EfYRAgm1AKCE2j7pl7h/Yuxd6VvUwYVXde/7mwCeI4nc
4GLGrXgvUSrMriw6+bGLURw=
=Jnzf
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] 2.2.6 and printer questions

2002-11-03 Thread Gerald (Jerry) Carter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, 1 Nov 2002, Thomas Bork wrote:

  If printers served from Samba it is nessesary to double click the
  netbios name of the samba server to see printershares. Why?
 
  Unknown.  Tim had looked into this but I don't remember the details.
 
 
 I'm also thinking to remember (may be this is very bad english ;o) the
 question on this list and someone, who wants to look into it for 2.2.6.
 But the behavior is the same as in 2.2.5.

That probably would have been me.  I think it just fell off the plate as a 
non-essential feature for 2.2.6.  We should make sure this works in 3.0.

 Is it possible, to bundle/deliver printer drivers in an tarfile, whith
 their relationships to predefined shares?

Theoretically yes.  But Probably not really a good idead since it would 
involve messing with the tdb files directory.  The other problem is that 
printer information can only be initialized (Device Mode  Printer data)
by running the driver bound to the printer.  Really messy.  Then there is 
the EULA as well.

If you could get around the EULA, then you could package preinitialized 
drivers and write the information to smbd's tdbs.  We have support for 
storing driver initialization data already.

 I'm the maintainer of a Samba package for the GPL project eisfair
 (www.eisfair.org), an easy to use internet server. In my package,
 currently based on Samba 2.2.6, it is possible to print to an virtual
 printer for creating PDF files and to a virtual printer for the fax
 package (installed ghostscript package is needed) . On the windows
 clients a postscript printer driver must be installed for each of this
 virtual printers.

Sounds interesting.  Hmmmwish I could read German :-)

 It will be nice, if the driver installation is so easy as possible for
 the user. Thats why I'm interested in an automatic driver installation
 based on the print$ share. But I can see any problems with this:
 
 If I want to deliver drivers for nt/w2k/xp and win9x/me in the package,
 I think I have to include in the package not only the complete directory
 predefined in [print$] with the drivers. I think I have also to deliver
 the tdb-files
 
 ntdrivers.tdb
 ntforms.tdb
 ntprinters.tdb
 printing.tdb
 
 because anywhere here the relationship between printershare and driver
 (format and so on...) is saved. But how can this be done without
 breaking existing relationships with existing drivers and printers in
 the existing configuration on user side?

You don't need printing.tdb.  That's a volatile tdb used to cache jobs 
listed in the queue.  The rest of your assessment is correct.








cheers, jerry
 -
 Hewlett-Packard   - http://www.hp.com
 SAMBA Team-- http://www.samba.org
 GnuPG Key  http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed
 I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9xTYZIR7qMdg1EfYRAtRyAKC6cQDqb1UmZl+YcYMEpM1eS253jgCfXVVi
KVgUygxAGvrBfS27kxjF1rg=
=OKLh
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Unable to open passdb???

2002-11-03 Thread John H Terpstra
On Sat, 2 Nov 2002, smw wrote:

 Hello John,

 My apologies, I should have mentioned that this is on a RedHat 7.3 platform,
 however I downloaded the RPMs from the Samba site and installed it that way.
 I will give that a shot as well, and see what I can come up with.

In that case, you need to add your root account to smbpasswd. The way to
do this is from a root login shell:
smbpasswd -a root

Let me know how you go.

- John T.


 Thanks,
 Scott

 - Original Message -
 From: John H Terpstra [EMAIL PROTECTED]
 To: smw [EMAIL PROTECTED]
 Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Sent: Saturday, November 02, 2002 8:37 PM
 Subject: Re: [Samba] Unable to open passdb???


  On Sat, 2 Nov 2002, smw wrote:
 
   Hi Noel,
  
   Thanks for the tip, but I've run into an issue now with that..  The
   directory /usr/local/samba/private doesn't exist.  Do I need to create
 that
   directory then as well?
 
  That would help. What platform is this on? Did you build the binaries
  yourself? If you did then the likely location for the smbpasswd file is as
  Scott suggested. If you are on a Linux system and you are using an RPM
  package then the likely place is /etc/samba/smbpasswd.
 
  - John T.
 
  
   Thanks for the assistance!
  
   Scott
   - Original Message -
   From: Noel Kelly [EMAIL PROTECTED]
   To: 'smw' [EMAIL PROTECTED]; [EMAIL PROTECTED]
   Sent: Saturday, November 02, 2002 5:03 PM
   Subject: RE: [Samba] Unable to open passdb???
  
  
Scott,
   
You hopefully just need to manually create the smbpasswd file in
/usr/local/samba/private/.
   
Just do a 'touch /usr/local/samba/private/smbpasswd' and retry.
   
Noel
   
-Original Message-
From: smw [mailto:kc8lir;yahoo.com]
Sent: 02 November 2002 17:13
To: [EMAIL PROTECTED]
Subject: [Samba] Unable to open passdb???
   
   
Hello,
   
Getting this error:
   
[2002/11/02 12:55:16, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/11/02 12:55:16, 0] smbd/chgpasswd.c:check_oem_password(761)
  check_oem_password: getsmbpwnam returned NULL
[2002/11/02 12:55:16, 0] passdb/passdb.c:pdb_free_sam(210)
  pdb_free_sam: SAM_ACCOUNT was NULL[2002/11/02 12:55:16, 0]
passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/11/02 12:55:16, 0] smbd/chgpasswd.c:check_oem_password(761)
  check_oem_password: getsmbpwnam returned NULL
[2002/11/02 12:55:16, 0] passdb/passdb.c:pdb_free_sam(210)
  pdb_free_sam: SAM_ACCOUNT was NULL
   
Now, I've tried changing passwords via smbpasswd for a couple of
 different
accounts, and for whatever reason it can't change them.  I'm trying to
 set
up my Samba box as a PDC.  So far I haven't even been able to join the
domain.
   
Here's my smb.conf file:
   
[global]
   
  netbios name = roswell
  workgroup = AREA51
   
  os level = 64
  preferred master = yes
  domain master = yes
  local master = yes
   
  security = user
   
  encrypt passwords = yes
   
  domain logons = yes
  domain admin group = root swrosch inferno
   
  add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
 /bin/false -M
%u
   
  allow hosts = 192.168.0. 127.
   
# SHARE DEFINITIONS
   
[netlogon]
path = /home/netlogon
read only = yes
guest ok = no
write list = root swrosch inferno
   
I'm running Samba 2.2.6, and trying to join with my Win2k box.  But,
 every
time I try to change passwords or anything, I get unable to open
 passdb
errors.
   
Any assistance would be much appreciated.  I've been trying to follow
 the
directions in the Samba howto
(http://us6.samba.org/samba/docs/Samba-HOWTO-Collection.html), and I'm
getting completely confused.


-- 
John H Terpstra
Email: [EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Unable to open passdb???

2002-11-03 Thread smw
Hi John,

That worked beautifully.  The user is added, and things are great.

Now, I'm having issues joining the domain.  It seems like it's finding the
user information, but when I try to add the computer, it's telling me that
it's not finding the domain.  Any hints on that note?

Thanks,
Scott

- Original Message -
From: John H Terpstra [EMAIL PROTECTED]
To: smw [EMAIL PROTECTED]
Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, November 03, 2002 9:48 AM
Subject: Re: [Samba] Unable to open passdb???


 On Sat, 2 Nov 2002, smw wrote:

  Hello John,
 
  My apologies, I should have mentioned that this is on a RedHat 7.3
platform,
  however I downloaded the RPMs from the Samba site and installed it that
way.
  I will give that a shot as well, and see what I can come up with.

 In that case, you need to add your root account to smbpasswd. The way to
 do this is from a root login shell:
 smbpasswd -a root

 Let me know how you go.

 - John T.

 
  Thanks,
  Scott
 
  - Original Message -
  From: John H Terpstra [EMAIL PROTECTED]
  To: smw [EMAIL PROTECTED]
  Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Sent: Saturday, November 02, 2002 8:37 PM
  Subject: Re: [Samba] Unable to open passdb???
 
 
   On Sat, 2 Nov 2002, smw wrote:
  
Hi Noel,
   
Thanks for the tip, but I've run into an issue now with that..  The
directory /usr/local/samba/private doesn't exist.  Do I need to
create
  that
directory then as well?
  
   That would help. What platform is this on? Did you build the binaries
   yourself? If you did then the likely location for the smbpasswd file
is as
   Scott suggested. If you are on a Linux system and you are using an RPM
   package then the likely place is /etc/samba/smbpasswd.
  
   - John T.
  
   
Thanks for the assistance!
   
Scott
- Original Message -
From: Noel Kelly [EMAIL PROTECTED]
To: 'smw' [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Saturday, November 02, 2002 5:03 PM
Subject: RE: [Samba] Unable to open passdb???
   
   
 Scott,

 You hopefully just need to manually create the smbpasswd file in
 /usr/local/samba/private/.

 Just do a 'touch /usr/local/samba/private/smbpasswd' and retry.

 Noel

 -Original Message-
 From: smw [mailto:kc8lir;yahoo.com]
 Sent: 02 November 2002 17:13
 To: [EMAIL PROTECTED]
 Subject: [Samba] Unable to open passdb???


 Hello,

 Getting this error:

 [2002/11/02 12:55:16, 0]
passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
   unable to open passdb database.
 [2002/11/02 12:55:16, 0] smbd/chgpasswd.c:check_oem_password(761)
   check_oem_password: getsmbpwnam returned NULL
 [2002/11/02 12:55:16, 0] passdb/passdb.c:pdb_free_sam(210)
   pdb_free_sam: SAM_ACCOUNT was NULL[2002/11/02 12:55:16, 0]
 passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
   unable to open passdb database.
 [2002/11/02 12:55:16, 0] smbd/chgpasswd.c:check_oem_password(761)
   check_oem_password: getsmbpwnam returned NULL
 [2002/11/02 12:55:16, 0] passdb/passdb.c:pdb_free_sam(210)
   pdb_free_sam: SAM_ACCOUNT was NULL

 Now, I've tried changing passwords via smbpasswd for a couple of
  different
 accounts, and for whatever reason it can't change them.  I'm
trying to
  set
 up my Samba box as a PDC.  So far I haven't even been able to join
the
 domain.

 Here's my smb.conf file:

 [global]

   netbios name = roswell
   workgroup = AREA51

   os level = 64
   preferred master = yes
   domain master = yes
   local master = yes

   security = user

   encrypt passwords = yes

   domain logons = yes
   domain admin group = root swrosch inferno

   add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
  /bin/false -M
 %u

   allow hosts = 192.168.0. 127.

 # SHARE DEFINITIONS

 [netlogon]
 path = /home/netlogon
 read only = yes
 guest ok = no
 write list = root swrosch inferno

 I'm running Samba 2.2.6, and trying to join with my Win2k box.
But,
  every
 time I try to change passwords or anything, I get unable to open
  passdb
 errors.

 Any assistance would be much appreciated.  I've been trying to
follow
  the
 directions in the Samba howto
 (http://us6.samba.org/samba/docs/Samba-HOWTO-Collection.html), and
I'm
 getting completely confused.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] call_trans2qfsinfo, Signal 11,smb_panic, internal error

2002-11-03 Thread Gerald (Jerry) Carter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, 3 Nov 2002, Mike Junghanns wrote:

 Hallo,
 
 i have a problem with samba 2.2.6 and SuSE linux 8.0
 smbd receives a signal 11. Client is WinXP. 

Can you try to reproduce this against a pristince source 
version of 2.2.6 built on a SuSE 8.0 box ?  I need to find out 
if this is a SuSE package issue or a generic 2.2.6 issue.

Also try to get a backtrace is gdb (see panic action in 
smb.conf(5)).



cheers, jerry
 -
 Hewlett-Packard   - http://www.hp.com
 SAMBA Team-- http://www.samba.org
 GnuPG Key  http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed
 I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9xTqlIR7qMdg1EfYRAk0hAKCIdyrAyH6effbVHiwC7DnIdaR7SQCfdFmT
pBjnox2LrVwQZNQFoH4aTek=
=E6T6
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



NIS automounts in 2.2.6 [was Re: [Samba] Bug report]

2002-11-03 Thread Gerald (Jerry) Carter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

btw...we really need interested parties to test the NIS automount 
functionality in the SAMBA_3_0 tree else it might get broken.


On Fri, 1 Nov 2002, Steve Salvini wrote:

 Hi - I'm trying to get samba set up as a PDC using automounted home 
 directories, the automount maps being served by NIS.  After a bit of 
 hacking I think I've found a bug in the latest release (2.2.6) that I 
 downloaded yesterday.  It's in ($SAMBA_SRC_DIR)/source/param/loadparm.c
 and it means that lp_nis_home_map can never return a valid map name 
 under NIS; it would've been fine under NIS+ but let's face it, we're 
 dinosaurs here ;-)

Do you mean lp_nis_home_map_name() or really lp_nis_home_map()?  The 
former is a string containing the map name and the latter is a boolean 
flag.  I'm not following you.

 
 Here's the diff:

As a general rule, it's better to send patches in diff -u format.

 It would also be useful to (to me, at least) if szNISHomeMapName could
 be set through configure rather than it being hard-wired into the
 code.  We're probably not the only site to have our own name for this
 map.

There's a parameter in smb.conf homedir map that allows you to set the 
map name.  Does this not work currently in 2.2.6 ?

#if (defined(HAVE_NETGROUP)  defined(WITH_AUTOMOUNT))
Globals.bNISHomeMap = False;
#ifdef WITH_NISPLUS_HOME
string_set(Globals.szNISHomeMapName, auto_home.org_dir);
#else
string_set(Globals.szNISHomeMapName, auto.home);
#endif
#endif


 And finally a quick word of thanks as you wouldn't believe what it means
 to an aging Unix dinosaur be able to investigate problems with an NT
 PDC by setting debug statements in the code, etc. rather than searching
 TechNet and praying - goodbye horrible black box aka Microsoft NT server
 software! ;-)

Glad you like it. :-)




cheers, jerry
 -
 Hewlett-Packard   - http://www.hp.com
 SAMBA Team-- http://www.samba.org
 GnuPG Key  http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed
 I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9xTi1IR7qMdg1EfYRAngRAJ9NFe3fqX/WYXV8YXb1ytnzpwbxYACgno6/
dku3KHlxrdsm+804N8j7KFo=
=xobU
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Can't join the domain now.. (Was: Re: [Samba] Unable to open passdb???)

2002-11-03 Thread smw
Okay, more details on this one.  Here's the error:

Your computer could not be joined to the domain because the following error
has occured:

The account used is a computer account.  Use your global user account or
local user account to access this server.


I'm getting that with whichever user I try to use.  Any help would be great.
Again, I have tried following the PDC howto, but not much luck so far.

Thanks,
Scott

- Original Message -
From: smw [EMAIL PROTECTED]
To: John H Terpstra [EMAIL PROTECTED]
Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, November 03, 2002 9:54 AM
Subject: Re: [Samba] Unable to open passdb???


 Hi John,

 That worked beautifully.  The user is added, and things are great.

 Now, I'm having issues joining the domain.  It seems like it's finding the
 user information, but when I try to add the computer, it's telling me that
 it's not finding the domain.  Any hints on that note?

 Thanks,
 Scott

 - Original Message -
 From: John H Terpstra [EMAIL PROTECTED]
 To: smw [EMAIL PROTECTED]
 Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Sent: Sunday, November 03, 2002 9:48 AM
 Subject: Re: [Samba] Unable to open passdb???


  On Sat, 2 Nov 2002, smw wrote:
 
   Hello John,
  
   My apologies, I should have mentioned that this is on a RedHat 7.3
 platform,
   however I downloaded the RPMs from the Samba site and installed it
that
 way.
   I will give that a shot as well, and see what I can come up with.
 
  In that case, you need to add your root account to smbpasswd. The way to
  do this is from a root login shell:
  smbpasswd -a root
 
  Let me know how you go.
 
  - John T.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] RE: Clarifying CUPS Printing

2002-11-03 Thread Ulrich Kohlhase
Kurt,

Thanks for pointing to the samba docs, last time I read the relevant
parts regarding printing and cups is a couple of months ago ;-). We did
have a working configuration already, but I changed smb.conf slightly
just in case ...

Setup: SuSE Linux, XFS, 2.4.18 kernel, cups 1.1.16
smb.conf:
...
load printers = Yes 
printcap name = cups 
lpq cache time = 10 
lpq command = /usr/bin/lpq -P%p 
lprm command = /usr/bin/lprm -P%p %j 
lppause command = /usr/bin/lp -i %p-%j -H hold
lpresume command = /usr/bin/lp -i %p-%j -H resume
queuepause command = /usr/sbin/reject %p
queueresume command = /usr/sbin/accept %p
...
printer name = ljfach2
print command = 
/usr/bin/perl /usr/local/samba/lib/printhp2100.pl %p %s %u %m %I %T
...

We now have
--a: Samba linked against libcups
--c: printcap = cups in smb.conf
--d: Printcap /etc/printcap in cupsd.conf
and omitted
--b: printing = cups in smb.conf
to make sure our custom print commands are used.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



RE: [Samba] Samba wins

2002-11-03 Thread Gerald (Jerry) Carter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, 1 Nov 2002, Noel Kelly wrote:

 From my understanding Samba WINS can only be a standalone server - there is
 no code to communicate with other WINS servers.

Correct.  There is some experimental WINS replication code in HEAD.
Feel free to play around with it.



cheers, jerry
 -
 Hewlett-Packard   - http://www.hp.com
 SAMBA Team-- http://www.samba.org
 GnuPG Key  http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed
 I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9xTlsIR7qMdg1EfYRAigPAKCIxZWI8Ed3MfXWfmabPL2flgShkwCeLhbT
FIegNMOMQlh+dUUVoTqDZI4=
=JQk9
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: Can't join the domain now.. (Was: Re: [Samba] Unable to open passdb???)

2002-11-03 Thread smw
Okay, update time:

I've been tinkering with it, and I've been able to join the domain.  The
issue that I'm having is that the add user script option isn't functioning
for me for some reason.  I was able to do the same thing manually, and it
worked like a charm though.  Strange stuff.

I'm going to play with it a little bit more as I have one other machine that
I need to join the domain.  Very strange problem, but then again, I may be
doing something incorrectly.

Thanks for the help though with the passdb problem.  That was driving me
nuts.

Cheers!
Scott

- Original Message -
From: smw [EMAIL PROTECTED]
To: smw [EMAIL PROTECTED]; John H Terpstra [EMAIL PROTECTED]
Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, November 03, 2002 10:18 AM
Subject: Can't join the domain now.. (Was: Re: [Samba] Unable to open
passdb???)


 Okay, more details on this one.  Here's the error:

 Your computer could not be joined to the domain because the following
error
 has occured:

 The account used is a computer account.  Use your global user account or
 local user account to access this server.


 I'm getting that with whichever user I try to use.  Any help would be
great.
 Again, I have tried following the PDC howto, but not much luck so far.

 Thanks,
 Scott

 - Original Message -
 From: smw [EMAIL PROTECTED]
 To: John H Terpstra [EMAIL PROTECTED]
 Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Sent: Sunday, November 03, 2002 9:54 AM
 Subject: Re: [Samba] Unable to open passdb???


  Hi John,
 
  That worked beautifully.  The user is added, and things are great.
 
  Now, I'm having issues joining the domain.  It seems like it's finding
the
  user information, but when I try to add the computer, it's telling me
that
  it's not finding the domain.  Any hints on that note?
 
  Thanks,
  Scott
 
  - Original Message -
  From: John H Terpstra [EMAIL PROTECTED]
  To: smw [EMAIL PROTECTED]
  Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Sent: Sunday, November 03, 2002 9:48 AM
  Subject: Re: [Samba] Unable to open passdb???
 
 
   On Sat, 2 Nov 2002, smw wrote:
  
Hello John,
   
My apologies, I should have mentioned that this is on a RedHat 7.3
  platform,
however I downloaded the RPMs from the Samba site and installed it
 that
  way.
I will give that a shot as well, and see what I can come up with.
  
   In that case, you need to add your root account to smbpasswd. The way
to
   do this is from a root login shell:
   smbpasswd -a root
  
   Let me know how you go.
  
   - John T.

 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] RE: firewall

2002-11-03 Thread Ulrich Kohlhase
Justin,

 -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 139 --syn -j ACCEPT
 -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 137 -j ACCEPT
 -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 138 -j ACCEPT

Did you specify OUTPUT rules also ? You may want to try the following
lines taken from a working server config. keep_state is a special
chain for stateful inspection and logging purposes:

-A INPUT   -p tcp -s 192.168.1.0/24 --sport 1024: --dport 137:139 -j
ACCEPT
-A OUTPUT  -p tcp -d 192.168.1.0/24 --sport 137:139 --dport 1024: -j
keep_state
-A OUTPUT  -p tcp -d 192.168.1.0/24 --sport 1024: --dport 137:139 -j
ACCEPT
-A INPUT   -p tcp -s 192.168.1.0/24 --sport 137:139 --dport 1024: -j
keep_state
-A INPUT   -p udp -s 192.168.1.0/24 --dport 137:139 -j ACCEPT
-A OUTPUT  -p udp -d 192.168.1.0/24 --dport 137:139 -j ACCEPT

-N keep_state
-A keep_state -m state --state INVALID -j DROP
-A keep_state -m state --state RELATED,ESTABLISHED -j ACCEPT
# debug, info, notice, warning, err, crit, alert und emerg
-A keep_state -m limit --limit 10/minute --limit-burst 10 -j LOG
--log-level notice --log-prefix Packets dropped: 
-A keep_state -j DROP


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] libsmbclient bug ?

2002-11-03 Thread Bogdan Harjoc

Hello, 

I've tried using libsmbclient from the 2.2.6 samba package (on a slackware 8.1,
compiled --with-libsmbclient --with-sendfile-support --enable-debug (without 
debug also) ) and it segfaults when I call smbc_stat() (or smbc_fstat() ) on a
file. I'm sorry I'm not able to find out the problem with gdb, the output (with
the library compiled with debugging enabled) is:

Starting program: /.tmp/tst 

Program received signal SIGSEGV, Segmentation fault.
0x in ?? ()
(gdb) 


The source file that causes this is:
 tst.c 
#include stdio.h
#include libsmbclient.h

void auth_fn(const char *server, const char *share, char *workgroup, 
 int wgmaxlen, char *username, int unmaxlen,
 char *password, int pwmaxlen)
{
password[0] = 0;
}

int main()
{
struct stat stat_buf;

if (0  smbc_init(auth_fn, 0)) {
perror(smbc_init());
return 0;
}

if (0  (smbc_stat(smb://b0di/Muzica/lista, stat_buf))) {
perror(smbc_stat());
return 0;
}

return 0;
}
--
If there's no smb://b0di/Muzica/lista file, the call works (ENOENT). I'm using
the gcc from the distribution (gcc-2.95.3)


thanks for reading, any pointer to fixing this (or what i'm missing here) 
would be appreciated

Bogdan Harjoc


__
Do you want a free e-mail for life ? Get it at http://www.email.ro/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: Can't join the domain now.. (Was: Re: [Samba] Unable to openpassdb???)

2002-11-03 Thread John H Terpstra
On Sun, 3 Nov 2002, smw wrote:

 Okay, more details on this one.  Here's the error:

 Your computer could not be joined to the domain because the following error
 has occured:

 The account used is a computer account.  Use your global user account or
 local user account to access this server.


 I'm getting that with whichever user I try to use.  Any help would be great.
 Again, I have tried following the PDC howto, but not much luck so far.

Launch SWAT. Point your browser at http://localhost:901 on the Samba
server. Visit the Entire HOWTO Collection at the bottom of the home
page. You will find all you need there.

Cheers,
John T.


 Thanks,
 Scott

 - Original Message -
 From: smw [EMAIL PROTECTED]
 To: John H Terpstra [EMAIL PROTECTED]
 Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Sent: Sunday, November 03, 2002 9:54 AM
 Subject: Re: [Samba] Unable to open passdb???


  Hi John,
 
  That worked beautifully.  The user is added, and things are great.
 
  Now, I'm having issues joining the domain.  It seems like it's finding the
  user information, but when I try to add the computer, it's telling me that
  it's not finding the domain.  Any hints on that note?
 
  Thanks,
  Scott
 
  - Original Message -
  From: John H Terpstra [EMAIL PROTECTED]
  To: smw [EMAIL PROTECTED]
  Cc: Noel Kelly [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Sent: Sunday, November 03, 2002 9:48 AM
  Subject: Re: [Samba] Unable to open passdb???
 
 
   On Sat, 2 Nov 2002, smw wrote:
  
Hello John,
   
My apologies, I should have mentioned that this is on a RedHat 7.3
  platform,
however I downloaded the RPMs from the Samba site and installed it
 that
  way.
I will give that a shot as well, and see what I can come up with.
  
   In that case, you need to add your root account to smbpasswd. The way to
   do this is from a root login shell:
   smbpasswd -a root
  
   Let me know how you go.
  
   - John T.


-- 
John H Terpstra
Email: [EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] Roaming profiles - How to turn them off?

2002-11-03 Thread smw



Is there anything simple to turn them off? 
Normally I don't mind roaming profiles, but considering how large mine have a 
tendency to get, I'm not waiting an hour (exaggerated, but close enough) to log 
in. So, just wondering if there's anything simple to turn them off. 
I haven't been able to find anything looking through the various texts I've been 
reading. Now that I've got the actual connecting to the domain issues 
resolved, I'm attempting to tackle customizing..

Thanks!
Scott


[Samba] PDC and logon script

2002-11-03 Thread Darin Bawden
Hi everyone,
I have a question about the logon script command.  I've read and read and
read the man page for smb.conf.  In essence, I've duplicated the settings on
the PDC how-to document to create a PDC with a logon script.  However, when
I log in, the scrips doesn't run.  The only thing I don't have enabled, like
the how-to, is roaming profiles.  I'll include my smb.conf for review.  I'm
running 2.2.5 at work.  I have a second Samba at home, with roaming
profiles, but it doesn't work there, either (it's running 2.2.6).  Any help
would be much appreciated.

Darin Bawden
[EMAIL PROTECTED]

smb.conf:
[global]
coding system =
client code page = 850
code page directory = /usr/share/samba/codepages
workgroup = TEAMDME
netbios name = LINUX1
netbios aliases =
netbios scope =
server string = Linux Server
interfaces =
bind interfaces only = No
security = USER
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = Yes
password server =
smb passwd file = /etc/samba/smbpasswd
root directory =
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
passwd chat debug = No
username map =
password level = 0
username level = 0
unix password sync = Yes
restrict anonymous = No
lanman auth = Yes
use rhosts = No
log level = 2
syslog = 1
syslog only = No
log file = /var/log/samba/%m.log
max log size = 0
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
large readwrite = No
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
announce version = 4.5
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = lmhosts host wins bcast
max packet = 65535
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = Yes
unix extensions = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max smbd processes = 0
max disk size = 0
max open files = 1
read size = 16384
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
stat cache size = 50
use mmap = Yes
total print jobs = 0
load printers = Yes
printcap name = /etc/printcap
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
strip dot = No
character set =
mangled stack = 50
stat cache = Yes
domain admin group = @root
domain guest group =
machine password timeout = 604800
add user script = /usr/sbin/adduser -d /dev/null -g 100 -s
/bin/false -M %m$
delete user script =
logon script = logon.cmd
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = Yes
os level = 99
lm announce = Auto
lm interval = 60
preferred master = True
local master = Yes
domain master = True
browse list = Yes
enhanced browsing = Yes
dns proxy = No
wins proxy = No
wins server =
wins support = No
wins hook =
kernel oplocks = Yes
oplock break wait time = 0
add share command =
change share command =
delete share command =
config file =
preload =
lock dir = /var/cache/samba
utmp directory =
wtmp directory =
utmp = No
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
time offset = 0
NIS homedir = No
source environment =
panic action =
hide local users = No
host msdfs = No
winbind uid =
winbind gid =
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
comment =
path =
alternate permissions = No
username =
guest account = 

Re: [Samba] call_trans2qfsinfo, Signal 11,smb_panic, internal error

2002-11-03 Thread jra
On Sun, Nov 03, 2002 at 12:13:23PM +0100, Mike Junghanns wrote:
 Hallo,
 
 i have a problem with samba 2.2.6 and SuSE linux 8.0
 smbd receives a signal 11. Client is WinXP. 

Please can you add the line :

panic action = /bin/sleep 999

to the [global] section of smb.conf, reproduce the
crash and then attach to the crashed process with gdb
and send a backtrace (using the bt gdb command).

Thanks,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Roaming profiles - How to turn them off?

2002-11-03 Thread mark
On Sunday 03 November 2002 6:28 pm, smw wrote:
 Is there anything simple to turn them off?  Normally I don't mind roaming
 profiles, but considering how large mine have a tendency to get, I'm not
 waiting an hour (exaggerated, but close enough) to log in.  So, just
 wondering if there's anything simple to turn them off.  I haven't been able
 to find anything looking through the various texts I've been reading.  Now
 that I've got the actual connecting to the domain issues resolved, I'm
 attempting to tackle customizing..

 Thanks!
 Scott
Try the following in your smb.conf

logon path = 
logon home = 

mark

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



RE: [Samba] AutoCAD temp file error

2002-11-03 Thread Rich Forman
I continue to have this problem w/ LDD and it occurred even before I
switched from an NT server to Samba.  I'm fairly certain it's an Autodesk
problem.

-Original Message-
From: [EMAIL PROTECTED] [mailto:samba-admin;lists.samba.org]On
Behalf Of Brock Nanson
Sent: Friday, November 01, 2002 8:31 PM
To: Jay Ts
Cc: [EMAIL PROTECTED]
Subject: Re: [Samba] AutoCAD temp file error


Hi Jay,

 Brock Nanson wrote:
  I rather doubt this is a samba problem, but perhaps someone can offer a
  hint to solve the issue...

 It's very unlikely to be a Samba bug, but may very well be
 a Samba misconfiguration.

Perhaps.  But the config hasn't been touched in 2 years and the WinXX
workstations have never had the problem.

  The win2k box fails, saying the file could not be found on the path (and
  dumps a listing of the paths checked).  The path exists in the list, and
  the file has been written to the directory!  When the user responds to
the
  error and the command completes, the file is successfully deleted from
the
  server.  So, it is doing everything except finding and inserting the
file
  (which is there!).

 Exactly what is the name of the file, and are you using any foreign
 languages in file names?  If you are using anything other than English,
 be aware that support for internationalization in Samba 2.2 is a little
 complicated to set up, and may be the source of your problem.

 Even if your file names are in the American/English character set,
 there are differences between how Unix and Windows handle filenames.
 A common source of trouble is case sensitivity in filenames. There
 are parameters that can be set in the Samba configuration file (smb.conf)
 to help deal with this.

The filename looks like this: $abc$de.dwg

The letters aren't right (I can't recall them exactly right now), but the
file does start with a '$' and has a second on part way through as shown.

I think the key to this is hidden in the way I can 'seed' the directory with
this file once and have the command work until a new drawing is opened after
doing so.  Note that the file is deleted as a matter of course and that the
file is not there the second, third,... time the command is used and it will
work.  But I need the file there the first time!!

  The temp file on the server is being saved with rwxrw-rw- attributes,
  although all the other files are rw-rw-rw-.

 That is because Samba's default is 'map archive = yes'.  When the
 archive bit is set on a file from MS-DOS/Windows, Samba will keep
 track of it using the owner's execute bit.  It will look like an
 executable file to a Unix user.  If you don't like this, then set

 map archive = no

 in smb.conf.  After doing this, MS-DOS backup software may not work
 right, because it won't see any archive attributes set for files to
 incrementally back up.

Yeah, can't do this as I do use a Windows based backup utility.  Funny that
this file is the only one saved with the execute bit toggled.  The other
files AutoCAD creates don't have the execute bit set.

  I had wondered briefly if the speed with which the file is saved, then
  requested could be a problem.

 In a word: no.  In three words: I highly doubt it!

That's actually four words, but I do agree ;-)

  Any guesses?  Or even a confirmation that the problem is with Win2k and
  NOT the samba box?

 I certainly wouldn't guarantee it's not a Windows bug. ;-)
 If you haven't fixed the problem by now, try providing a little
 more information, specifically, the _exact_ name of a temporary
 file that is problematic -- didn't you think of including that
 in your question? :)

I did think of it but as I'm writing these postings away from the system
couldn't remember the exact file name.  I'm not very familiar with win2k but
found it strange that it differentiates between 'Nobody' and 'nobody'.  That
has me a little worried, but as I can use the work around described above, I
don't think the 'N' vs. 'n' is a problem.  I do think it is a win2k issue,
but it is odd that the problem can't be recreated when using a local drive.

Any other ideas??

Thanks,

Brock


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] 2.2.6 and printer questions

2002-11-03 Thread Thomas Bork
Hallo Gerald (Jerry) Carter,

you wrote:

 If printers served from Samba it is nessesary to double click the
 netbios name of the samba server to see printershares. Why?

 Unknown.  Tim had looked into this but I don't remember the
details.


 I'm also thinking to remember (may be this is very bad english ;o)
 the question on this list and someone, who wants to look into it for
 2.2.6. But the behavior is the same as in 2.2.5.

 That probably would have been me.  I think it just fell off the plate
 as a non-essential feature for 2.2.6.  We should make sure this works
 in 3.0.

Thanks you for that  :o)

 Is it possible, to bundle/deliver printer drivers in an tarfile,
 whith their relationships to predefined shares?

 Theoretically yes.  But Probably not really a good idead since it
 would involve messing with the tdb files directory.  The other
 problem is that printer information can only be initialized (Device
 Mode  Printer data) by running the driver bound to the printer.
 Really messy.  Then there is the EULA as well.

I think, there is a free postscript driver included in cups.

 If you could get around the EULA, then you could package
 preinitialized drivers and write the information to smbd's tdbs.  We
 have support for storing driver initialization data already.

Where can I get more informations about that?

 Sounds interesting.  Hmmmwish I could read German :-)

Sorry, this is a very new project and the english version of the page
is not completly done and existing parts are outdated.

 You don't need printing.tdb.  That's a volatile tdb used to cache
jobs
 listed in the queue.  The rest of your assessment is correct.

Thanks again.

But another question:

Is it correct, that the automatic download of printer drivers is only
possible for printers, which are associated with an printcap entry?
When I'm uploading a postscript driver for a *virtuell* printer, which
is not associated with an printcap entry and then making an automatic
installation of the driver on w2k, the status of this printer is always
Failure.
The definition in smb.conf is:

[pdf]
   comment = pdf-service on %h
   browseable = yes
   printable = yes
   path = /tmp
   print command = ( /usr/local/bin/samba-print-pdf %s ~%u %L\\%u
%m %I ) 
   public = yes
   create mode = 0700

The driver is not the reason because I tested it also with a normal
driver for the HP Laserjet 4 Plus, for which the automatic installation
for non-virtuell printers works fine, if the sharename will be found in
/etc/printcap or if in the share a statement like

printer = printername in printcap

exists. I think, automatic installation of printer drivers would be
also usefull for virtuell printers, if there are for instance 200
workstations, which want to print to pdf-service...
I looked into the tdb-files but could not find any associations with
the printcap entries?

Here are the other informations about my printing situation:

[global]
   printing = lprng
   printcap name = /etc/printcap
   printer admin = root, eis
   load printers = no
   print command = chmod 666 %s;\
   name=`echo '%J' | sed s/^.*- //` ;\
   /usr/bin/lpr -P%p -J$name %s;\
   rm %s
   lpq command = /usr/bin/lpq -P%p -L
   lpq cache time = 4
   lprm command = /usr/bin/lprm -P%p %j
   lppause command = /usr/sbin/lpc hold %p %j
   lpresume command = /usr/sbin/lpc release %p %j
   queuepause command = /usr/sbin/lpc stop %p
   queueresume command = /usr/sbin/lpc start %p

Share definitions, where automatic download works:

[pr1]
   comment = local printer pr1 on %h
   browseable = yes
   printable = yes
   public = yes
   create mode = 0700
   path = /tmp

[pr2]
   comment = local printer pr2 on %h
   browseable = yes
   printable = yes
   public = yes
   create mode = 0700
   path = /tmp

[repr1]
   comment = remote printer repr1 on %h
   browseable = yes
   printable = yes
   public = yes
   create mode = 0700
   path = /tmp

[repr2]
   comment = remote printer repr2 on %h
   browseable = yes
   printable = yes
   public = yes
   create mode = 0700
   path = /tmp

[repr3]
   comment = remote printer repr3 on %h
   browseable = yes
   printable = yes
   public = yes
   create mode = 0700
   path = /tmp


Share for printer drivers:

[print$]
   comment = samba printer drivers on %h
   browseable = yes
   writeable = no
   path = /samba_printer_drivers
   public = yes
   write list = root, eis


/etc/printcap

#--
--
# Lprng configuration file generated by /var/install/config.d/lprng.sh
#
# Version of Lprng for eisfair is 1.0.1
#
# Do not edit this file, use
#
# 'Edit Lprng Configuration'
#
# in Printer Services Menu !
#
# Creation date: Sat Oct 26 20:39:37
#--
--

#--
--
# Configuration for local Printer

[Samba] Not visable server

2002-11-03 Thread HÃ¥kan
Hi list

I have a problem.
Running Samba 2.2.1a on a Redhat Linux 7.2 kernel 2.4.18
Client is a Microsoft Windows2000pro

I can connect to all shares but I can not see my server in network
neighborhood.
I can see the the clients but not the server???
What have I missed? Some configuration I can test

Thanks
HÃ¥kan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Not visable server

2002-11-03 Thread Joel Hammer
Have you walked through  DIAGNOSIS.txt in the source docs?
On Sun, Nov 03, 2002 at 11:36:49PM +0100, HÃ¥kan wrote:
 Hi list
 
 I have a problem.
 Running Samba 2.2.1a on a Redhat Linux 7.2 kernel 2.4.18
 Client is a Microsoft Windows2000pro
 
 I can connect to all shares but I can not see my server in network
 neighborhood.
 I can see the the clients but not the server???
 What have I missed? Some configuration I can test
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] 2.2.6+acl - strange behaviour

2002-11-03 Thread Wolfgang Pichler

intro:

i use a heavily customized arch-linux clone, so this is no newbie stuff.
except root all linux users are auth'ed via winbind/w2kdc's.
for windoze-user-convenience i have to use
winbind use default domain == yes
and installed ext3-acl support.
acls are working ok, if managed via get/setfacl an also samba honours 
them correctly.

for windoze-user-convenience acls should also be managable via 
win-client properties-security dialog.

but all i saw, was strange behaviour from win-clients (here: w2k prof) :

if i want to add acls, enumeration of users/groups (look in) in the 
add users dialog will let me select only from the samba server and not 
from the domain.

if this is a feature, not a bug, there is the MAIN PROBLEM #1 in eyesight :

*** all users are simply missing in this whilst all possible groups are 
present. ***

but there are also problems on the samba end (see below) :

FYI : samba version is 2.2.6

see the characteristics and the 2 tests below, where i checked name 
lookup service with 1 user and 1 group :

- samba

rootwolf # -bash 500 ~
rootwolf # cat /usr/src/samba-2.2.6-config
  ./configure --prefix=/usr --with-smbmount --with-fhs \
--with-configdir=/etc/samba --with-lockdir=/var/run/samba \
--with-privatdir=/etc/samba/private --with-lockdir=/var/run/samba \
--with-swatdir=/var/samba/swat --with-logfilebase=/var/log/samba \
--with-pam  --with-pam_smbpass \
--with-tdbsam \
--with-ssl --with-syslog --with-quotas \
--with-spinlocks \
--with-msdfs \
--with-winbind --with-winbind-auth-challenge \
--with-acl-support \
--with-libsmbclient \

rootwolf # -bash 502 ~
rootwolf # ldd `which smbd`
libacl.so.1 = /usr/lib/libacl.so.1 (0x4001b000)
libssl.so.0.9.6 = /usr/lib/libssl.so.0.9.6 (0x40022000)
libcrypto.so.0.9.6 = /usr/lib/libcrypto.so.0.9.6 (0x4004f000)
libcups.so.2 = /usr/local/lib/libcups.so.2 (0x4010c000)
libnsl.so.1 = /lib/libnsl.so.1 (0x40126000)
libpam.so.0 = /lib/libpam.so.0 (0x4013c000)
libpopt.so.0 = /usr/local/lib/libpopt.so.0 (0x40146000)
libc.so.6 = /lib/libc.so.6 (0x4014e000)
libdl.so.2 = /lib/libdl.so.2 (0x40277000)
libattr.so.1 = /usr/lib/libattr.so.1 (0x4027b000)
/lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000)

- test 1

rootwolf # -bash 513 ~
rootwolf # sh /rbin/test
---
w2kdomain  == dom
w2kpdc == e231pdc
sambahost  == wolf
winbind separator  == +
winbind use default domain == no
---
= getent group dom+e231
DOM+e231:x:24006:DOM+pichwo,DOM+atest
- rpcclient e231pdc
cmd = lookupnames e231
e231 S-1-5-21-507921405-1957994488-839522115-1109 (2)
-- rpcclient wolf
cmd = lookupnames e231
result was NT_STATUS_NONE_MAPPED
- rpcclient e231pdc
cmd = lookupnames dom\e231
dom\e231 S-1-5-21-507921405-1957994488-839522115-1109 (2)
-- rpcclient wolf
cmd = lookupnames dom\e231
result was NT_STATUS_NONE_MAPPED
- rpcclient wolf
cmd = lookupnames dom+e231
result was NT_STATUS_NONE_MAPPED
- rpcclient e231pdc
cmd = lookupnames wolf\e231
result was NT_STATUS_NONE_MAPPED
-- rpcclient wolf
cmd = lookupnames wolf\e231
result was NT_STATUS_NONE_MAPPED
---
= getent passwd dom+pichwo
DOM+pichwo:x:24023:24006:test1:/tmp:/bin/bash
- rpcclient e231pdc
cmd = lookupnames pichwo
pichwo S-1-5-21-507921405-1957994488-839522115-1130 (1)
-- rpcclient wolf
cmd = lookupnames pichwo
result was NT_STATUS_NONE_MAPPED
- rpcclient e231pdc
cmd = lookupnames dom\pichwo
dom\pichwo S-1-5-21-507921405-1957994488-839522115-1130 (1)
-- rpcclient wolf
cmd = lookupnames dom\pichwo
result was NT_STATUS_NONE_MAPPED
- rpcclient wolf
cmd = lookupnames dom+pichwo
dom+pichwo S-1-5-21-507921405-1957994488-839522115-1130 (1)
- rpcclient e231pdc
cmd = lookupnames wolf\pichwo
result was NT_STATUS_NONE_MAPPED
-- rpcclient wolf
cmd = lookupnames wolf\pichwo
result was NT_STATUS_NONE_MAPPED

- test 2

rootwolf # -bash 526 ~
rootwolf # sh /rbin/test
---
w2kdomain  == dom
w2kpdc == e231pdc
sambahost  == wolf
winbind separator  == +
winbind use default domain == yes
---
= getent group e231
e231:x:24006:pichwo,atest
= getent group dom+e231
e231:x:24006:pichwo,atest
- rpcclient e231pdc
cmd = lookupnames e231
e231 S-1-5-21-507921405-1957994488-839522115-1109 (2)
-- rpcclient wolf
cmd = lookupnames e231
e231 S-1-5-21-3906623103-4098751207-3827622673-49013 (4)
- rpcclient e231pdc
cmd = lookupnames dom\e231
dom\e231 S-1-5-21-507921405-1957994488-839522115-1109 (2)
-- rpcclient wolf
cmd = lookupnames dom\e231
dom\e231 S-1-5-21-3906623103-4098751207-3827622673-49013 (4)
- rpcclient wolf
cmd = lookupnames dom+e231
dom+e231 S-1-5-21-3906623103-4098751207-3827622673-49013 (4)
- rpcclient e231pdc
cmd = lookupnames wolf\e231
result was NT_STATUS_NONE_MAPPED
-- rpcclient wolf
cmd = lookupnames 

Re: [Samba] Port 139 versus Port 445

2002-11-03 Thread Glen Gibb
 Anyone have a sample line from inetd.conf that gets smbd to start on
 port 445 when smbd is already running on 139 from the samba startup
 script?  I haven't had any luck yet?

The following works for me: (sorry abt the line break)


microsoft-dsstream  tcp nowait  root/usr/local/samba/bin/smbd
smbd -d 1


Glen Gibb
Ridley College

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Port 139 versus Port 445

2002-11-03 Thread Joel Hammer
Just make sure that the /etc/services file has microsoft-ds defined in it.
Mine doesn't.
Joel
On Mon, Nov 04, 2002 at 11:51:54AM +1100, Glen Gibb wrote:
  Anyone have a sample line from inetd.conf that gets smbd to start on
  port 445 when smbd is already running on 139 from the samba startup
  script?  I haven't had any luck yet?
 
 The following works for me: (sorry abt the line break)
 
 
 microsoft-dsstream  tcp nowait  root/usr/local/samba/bin/smbd
 smbd -d 1
 
 
 Glen Gibb
 Ridley College
 
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] RE: firewall

2002-11-03 Thread Justin Georgeson
Well, still no go. I've attached the script I used to create the 
firewall. Tcpdump still shows an icmp packet going back to the queried 
machine to say the UDP port is unreachable. Also, I don't see anything 
in any files in /var/log (I grepped for Packets).

Can anyone comment on what the -m flag is for?

Ulrich Kohlhase wrote:

Justin,


-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 139 --syn -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 138 -j ACCEPT


Did you specify OUTPUT rules also ? You may want to try the following
lines taken from a working server config. keep_state is a special
chain for stateful inspection and logging purposes:

-A INPUT   -p tcp -s 192.168.1.0/24 --sport 1024: --dport 137:139 -j
ACCEPT
-A OUTPUT  -p tcp -d 192.168.1.0/24 --sport 137:139 --dport 1024: -j
keep_state
-A OUTPUT  -p tcp -d 192.168.1.0/24 --sport 1024: --dport 137:139 -j
ACCEPT
-A INPUT   -p tcp -s 192.168.1.0/24 --sport 137:139 --dport 1024: -j
keep_state
-A INPUT   -p udp -s 192.168.1.0/24 --dport 137:139 -j ACCEPT
-A OUTPUT  -p udp -d 192.168.1.0/24 --dport 137:139 -j ACCEPT

-N keep_state
-A keep_state -m state --state INVALID -j DROP
-A keep_state -m state --state RELATED,ESTABLISHED -j ACCEPT
# debug, info, notice, warning, err, crit, alert und emerg
-A keep_state -m limit --limit 10/minute --limit-burst 10 -j LOG
--log-level notice --log-prefix Packets dropped: 
-A keep_state -j DROP




--
Justin Georgeson
UnBound Technologies, Inc.
http://www.unboundtech.com
Main   713.329.9330
Fax713.460.4051
Mobile 512.789.1962

5295 Hollister Road
Houston, TX 77040
Real Applications using Real Wireless Intelligence(tm)



fw.sh
Description: Bourne shell script


[Samba] swat tool

2002-11-03 Thread Ian C Roberts
Im trying to enable the swat utility so that I can manipulate the
smb.conf file.  I have done this on my PowerMac G4 computer, and now Im
trying to set it up on my iBook -  but it gives me the following error,

 xinetd[pid]: bind failed (address already in use (errno = 48).
service = swat

 xinetd[pid]: {init_services} no services. Exiting...


I have no idea what is going on, Im doing nothing different now that
before?!?!?

Please can someone help?

Ian

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Not visable server

2002-11-03 Thread Joel Hammer
If you installed samba from sources, in the docs/text directory, you will
find this useful troubleshooting document.
If not, you'll have to go to the samba web site and look around for it.
Joel
On Mon, Nov 04, 2002 at 01:43:18AM +0100, HÃ¥kan wrote:
 Sorry but what answer is that??
 The thing is that the system is small! and a do not have tha doc
 installed...
 I using the web as my doc
 /HÃ¥kan
 
  Have you walked through  DIAGNOSIS.txt in the source docs?
  On Sun, Nov 03, 2002 at 11:36:49PM +0100, HÃ¥kan wrote:
   Hi list
  
   I have a problem.
   Running Samba 2.2.1a on a Redhat Linux 7.2 kernel 2.4.18
   Client is a Microsoft Windows2000pro
  
   I can connect to all shares but I can not see my server in network
   neighborhood.
   I can see the the clients but not the server???
   What have I missed? Some configuration I can test
  --
  To unsubscribe from this list go to the following URL and read the
  instructions:  http://lists.samba.org/mailman/listinfo/samba
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] swat tool

2002-11-03 Thread Joel Hammer
I am not entirely sure of what this error is saying.
That is to say, I don't know what address is really referring to.
xinetd, which monitors many ports and starts the
appropriate daemon for each request, thinks it is supposed to be running
swat for you. Which is correct. swat only runs from inetd or xinetd.
However, the address is in use. They may mean the port, which is 901 I
think, by default.
I don't know what an iBook is. Have you a command like:
netstat -anp | grep 901
to see if anything is binding to that port?
I strongly suggest that you learn to edit your smb.conf file by hand. swat
can really mess it up for you, or at least previous versions of swat would.
swat is great for documentation, though.
Joel


On Mon, Nov 04, 2002 at 01:31:03AM +, Ian C Roberts wrote:
 Im trying to enable the swat utility so that I can manipulate the
 smb.conf file.  I have done this on my PowerMac G4 computer, and now Im
 trying to set it up on my iBook -  but it gives me the following error,
 
   xinetd[pid]: bind failed (address already in use (errno = 48).
 service = swat
 
   xinetd[pid]: {init_services} no services. Exiting...
 
 
 I have no idea what is going on, Im doing nothing different now that
 before?!?!?
 
 Please can someone help?
 
 Ian
 
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] Problems connecting to Samba through windows

2002-11-03 Thread Justin



I just started using Linux a couple of weeks ago 
and have been trying to setup samba.
I have a couple of text books I have been following 
which have helped me be able to run the 
smbclient from Linux to view both the shares on my 
Linux and xp machine.

The problemis thatI can notaccess 
theLinux files from my xp machine. I can ping the machine
without a problem and can also view the machine 
through network neighbourhood. However when I 
double click the Linux machine in network 
neighbourhood I receive the error:

\\linuxis not 
accessible. you might not have permissions to use this network 
resource.
No service is operating at the destination network 
endpoint on the remote system.

I havegone through all the documentation I 
can find but nothing seems to help.Could someone please advise me on what 
I am doing wrong or not doing at all. I am still learning so the more 
explanatory the better.

I look forward to your response
Justin


[Samba] RE: RE: firewall

2002-11-03 Thread Ulrich Kohlhase
Justin,

 Well, still no go. I've attached the script I used to create the 
 firewall. Tcpdump still shows an icmp packet going back to 
 the queried machine to say the UDP port is unreachable.
...

 /sbin/iptables -A INPUT -i lo -j ACCEPT
 /sbin/iptables -A INPUT -i wlan0 -m state --state 
 ESTABLISHED,RELATED -j ACCEPT
 /sbin/iptables -A INPUT -p tcp -m tcp --syn -j REJECT
^^^
 /sbin/iptables -A INPUT -p udp -m udp -j REJECT
^

Ooops ;-)), you're sure you want to have these rules at the end of your
script ??

 Can anyone comment on what the -m flag is for?

Quoting from the iptables man page:
---
MATCH EXTENSIONS
iptables can use extended packet matching modules. These
are  loaded in two ways: implicitly, when -p or --protocol
is specified, or with the -m or --match options,  followed
by  the  matching  module name; after these, various extra
command line options become available,  depending  on  the
specific  module.
---

Please have a look at the following website for a couple of great
tutorials and FW script examples. I'd personally recommend reading Oskar
Andreasson's tutorial also:
www.netfilter.org/documentation/index.html#tutorials
www.netfilter.org/documentation/tutorials/blueflux/iptables-tutorial.htm
l

Good luck,
Uli


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Problems connecting to Samba through windows

2002-11-03 Thread Joel Hammer
Have you walked through DIAGNOSIS.txt in the docs/text section with the
samba sources.
Is samba running on the linux box?
Joel
On Mon, Nov 04, 2002 at 12:16:53PM +1000, Justin wrote:
 I just started using Linux a couple of weeks ago and have been trying to setup samba.
 I have a couple of text books I have been following which have helped me be able to 
run the 
 smbclient from Linux to view both the shares on my Linux and xp machine.
 
 The problem is that I can not access the Linux files from my xp machine. I can ping 
the machine
 without a problem and can also view the machine through network neighbourhood. 
However when I 
 double click the Linux machine in network neighbourhood I receive the error:
 
 \\linux is not accessible. you might not have permissions to use this network 
resource.
 No service is operating at the destination network endpoint on the remote system.
 
 I have gone through all the documentation I can find but nothing seems to help. 
Could someone please advise me on what I am doing wrong or not doing at all. I am 
still learning so the more explanatory the better. 
 
 I look forward to your response
 Justin
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Problems connecting to Samba through windows

2002-11-03 Thread Justin Edwards
Test 5 of the diagnostics.txt failed. SWAT is telling me that nmbd is
running though.

- Original Message -
From: Joel Hammer [EMAIL PROTECTED]
To: Justin [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, November 04, 2002 12:28 PM
Subject: Re: [Samba] Problems connecting to Samba through windows


 Have you walked through DIAGNOSIS.txt in the docs/text section with the
 samba sources.
 Is samba running on the linux box?
 Joel
 On Mon, Nov 04, 2002 at 12:16:53PM +1000, Justin wrote:
  I just started using Linux a couple of weeks ago and have been trying to
setup samba.
  I have a couple of text books I have been following which have helped me
be able to run the
  smbclient from Linux to view both the shares on my Linux and xp machine.
 
  The problem is that I can not access the Linux files from my xp machine.
I can ping the machine
  without a problem and can also view the machine through network
neighbourhood. However when I
  double click the Linux machine in network neighbourhood I receive the
error:
 
  \\linux is not accessible. you might not have permissions to use this
network resource.
  No service is operating at the destination network endpoint on the
remote system.
 
  I have gone through all the documentation I can find but nothing seems
to help. Could someone please advise me on what I am doing wrong or not
doing at all. I am still learning so the more explanatory the better.
 
  I look forward to your response
  Justin

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: Can't join the domain now.. (Was: Re: [Samba] Unable to openpassdb???)

2002-11-03 Thread Andrew Bartlett
On Mon, 2002-11-04 at 02:18, smw wrote:
 Okay, more details on this one.  Here's the error:
 
 Your computer could not be joined to the domain because the following error
 has occured:
 
 The account used is a computer account.  Use your global user account or
 local user account to access this server.

Just a note for the archives.

This is a bug in Samba 2.2, it returns an incorrect error code.  It
should give back a boring 'access denied'.  However given that, this
message means that you don't have a machine account yet - you will
either need to add one with smbpasswd -m, or setup (as per the HOWTO) to
add the machine on the fly.

Andrew Bartlett
-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] Imprints Problem

2002-11-03 Thread Chris Caston
Hello,

I've been playing around with an old Win95 box and my Debian machine
using samba + cups + imprints. I'm stuck at installing the Windows 9x
printer.

I've been able to create two .tar.gz files one for the windows 9x
printer and one for the NT printer using the mkprintpkg perl script.

The NT print driver installs fine. Trying to then install the windows 9x
printer driver complains of there being no NT driver in the package.

I assume I need to create a package with both the NT and the win 9x
driver??

Its not clearly stated how to use two or more inf files at once for the
one package.

I'm using the Imprints Installation Client Howto and Invoking the
package Creation Tool
(http://imprints.sourceforge.net/packages-manual/x44.html)

thanks,

Chris Caston  



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] MySQL authentication kickoff time?

2002-11-03 Thread xfesty
Hiya.

I'm in the middle of (re)developing a authentication system for an 
internet cafe here in Sydney.

By complete accident I discovered the PDB MySQL plugin for samba 
yesterday in CVS - amazing.  Haven't tried this yet (waiting for samba 
to compile on a really slow machine, heh) but it looks great.

Is anybody using this?  Would you recommend it for use in a heavy use 
type environment?

I've noticed in the README for this there's identifiers for logoff 
time and kickoff time.  Hmm.  Basically, the clients are Windows XP 
machines, and previously I had written a Windows client / UNIX server 
infastructure to do this logging off.

Can samba actually kick users off after a certain amount of time?

Wow.

If it can, someone let me know how :)

R

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Problems connecting to Samba through windows

2002-11-03 Thread Joel Hammer
Please provide more detail.
What is the error message you are getting?
Which machine are you running the command on? Which machine are you trying
to find with nmblookup?
Forget swat. If you mention it once more I'll hang up.
What do you see with:
ps ax | grep mbd | grep -v grep
at the linux server?
Joel

On Mon, Nov 04, 2002 at 01:29:05PM +1000, Justin Edwards wrote:
 Test 5 of the diagnostics.txt failed. SWAT is telling me that nmbd is
 running though.
 
 - Original Message -
 From: Joel Hammer [EMAIL PROTECTED]
 To: Justin [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Sent: Monday, November 04, 2002 12:28 PM
 Subject: Re: [Samba] Problems connecting to Samba through windows
 
 
  Have you walked through DIAGNOSIS.txt in the docs/text section with the
  samba sources.
  Is samba running on the linux box?
  Joel
  On Mon, Nov 04, 2002 at 12:16:53PM +1000, Justin wrote:
   I just started using Linux a couple of weeks ago and have been trying to
 setup samba.
   I have a couple of text books I have been following which have helped me
 be able to run the
   smbclient from Linux to view both the shares on my Linux and xp machine.
  
   The problem is that I can not access the Linux files from my xp machine.
 I can ping the machine
   without a problem and can also view the machine through network
 neighbourhood. However when I
   double click the Linux machine in network neighbourhood I receive the
 error:
  
   \\linux is not accessible. you might not have permissions to use this
 network resource.
   No service is operating at the destination network endpoint on the
 remote system.
  
   I have gone through all the documentation I can find but nothing seems
 to help. Could someone please advise me on what I am doing wrong or not
 doing at all. I am still learning so the more explanatory the better.
  
   I look forward to your response
   Justin
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] samba not showing all files.

2002-11-03 Thread awesome-dave1
Hello,
I've got a web server with samba running on it. The idea is i have a
samba web share to which users can put web pages. My problem is none of
the files are being shown, i have 5 folders and 24 files, only the five
folders show up in a network neighborhood view. I've checked permissions,
all the users can place content in that location, but the files are not
visible. samba 2.2.6, any ideas?
Thanks.
Dave.



Sign Up for Juno Platinum Internet Access Today
Only $9.95 per month!
Visit www.juno.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] pdb_mysql compile failure

2002-11-03 Thread xfesty
Hiya...

Compiling the mysql module (cvs) isn't working too well.

I modify srcdir in the Makefile to /usr/src/samba/source (as per 
README instructions), and I get the following:

rootserber[/usr/src/samba/examples/pdb/mysql]# make
libtool gcc -O   -Iinclude -I/usr/src/samba/source/include 
-I/usr/src/samba/source/ubiqx -I/usr/src/samba/source/smbwrapper  -I. 
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE   
-I/usr/src/samba/source -c pdb_mysql.c
rm -f .libs/pdb_mysql.lo
gcc -O -Iinclude -I/usr/src/samba/source/include 
-I/usr/src/samba/source/ubiqx -I/usr/src/samba/source/smbwrapper -I. 
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE 
-I/usr/src/samba/source -c pdb_mysql.c  -fPIC -DPIC -o 
.libs/pdb_mysql.lo
pdb_mysql.c: In function `row_to_sam_account':
pdb_mysql.c:232: too few arguments to function 
`pdb_set_pass_last_set_time'
pdb_mysql.c:235: too few arguments to function `pdb_set_username'
pdb_mysql.c:236: too few arguments to function `pdb_set_domain'
pdb_mysql.c:237: too few arguments to function `pdb_set_nt_username'
pdb_mysql.c:238: too few arguments to function `pdb_set_fullname'
pdb_mysql.c:243: too few arguments to function `pdb_set_acct_desc'
pdb_mysql.c:244: too few arguments to function `pdb_set_workstations'
pdb_mysql.c:245: too few arguments to function `pdb_set_unknown_str'
pdb_mysql.c:246: too few arguments to function `pdb_set_munged_dial'
pdb_mysql.c:249: too few arguments to function `pdb_set_uid'
pdb_mysql.c:251: too few arguments to function `pdb_set_gid'
pdb_mysql.c:254: too few arguments to function `pdb_set_user_sid'
pdb_mysql.c:256: too few arguments to function `pdb_set_group_sid'
pdb_mysql.c:259: too few arguments to function `pdb_set_lanman_passwd'
pdb_mysql.c:261: too few arguments to function `pdb_set_nt_passwd'
pdb_mysql.c:268: too few arguments to function `pdb_set_acct_ctrl'
pdb_mysql.c:269: too few arguments to function `pdb_set_unknown_3'
pdb_mysql.c:270: too few arguments to function `pdb_set_logon_divs'
pdb_mysql.c:271: too few arguments to function `pdb_set_hours_len'
pdb_mysql.c:272: too few arguments to function `pdb_set_unknown_5'
pdb_mysql.c:273: too few arguments to function `pdb_set_unknown_6'
pdb_mysql.c: In function `mysqlsam_replace_sam_account':
pdb_mysql.c:698: `FLAG_SAM_LOGONTIME' undeclared (first use in this 
function)
pdb_mysql.c:698: (Each undeclared identifier is reported only once
pdb_mysql.c:698: for each function it appears in.)
pdb_mysql.c:706: `FLAG_SAM_LOGOFFTIME' undeclared (first use in this 
function)
pdb_mysql.c:714: `FLAG_SAM_KICKOFFTIME' undeclared (first use in this 
function)
pdb_mysql.c:722: `FLAG_SAM_CANCHANGETIME' undeclared (first use in this 
function)
pdb_mysql.c:730: `FLAG_SAM_MUSTCHANGETIME' undeclared (first use in 
this function)
pdb_mysql.c:762: `FLAG_SAM_UID' undeclared (first use in this function)
pdb_mysql.c:769: `FLAG_SAM_GID' undeclared (first use in this function)
make: *** [pdb_mysql.lo] Error 1

The system is running Debian unstable (woody).

Cheers

R

On Monday, November 4, 2002, at 02:56 PM, xfesty wrote:

Hiya.

I'm in the middle of (re)developing a authentication system for an 
internet cafe here in Sydney.

By complete accident I discovered the PDB MySQL plugin for samba 
yesterday in CVS - amazing.  Haven't tried this yet (waiting for samba 
to compile on a really slow machine, heh) but it looks great.

Is anybody using this?  Would you recommend it for use in a heavy use 
type environment?

I've noticed in the README for this there's identifiers for logoff 
time and kickoff time.  Hmm.  Basically, the clients are Windows XP 
machines, and previously I had written a Windows client / UNIX server 
infastructure to do this logging off.

Can samba actually kick users off after a certain amount of time?

Wow.

If it can, someone let me know how :)

R


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] samba modifies permissions when reading them

2002-11-03 Thread lutz . niederer
hello,

it may sound strange but samba modifies permissions when reading them using
xp explorer.
redhat 7.3, samba 2.2.6-1 rpm (from samba site), windows xp (non-sp1)
client.
file aaa is owned by user john and group john.  permissions are 0600.
open the explorer's properties dialog and look at the secutity settings.
the group john suddenly got the w rights.  say ok and now your file got
the
permissions of 0620.  strange!  and now go into properties again and switch
off
the w rights for the group.  save it.  now you got 0600 again.  now i
thought
i could start again the chain of doing this.  but this is not true!  if you
now open
the properties again, you got no w rights and the properties are left at
0600.
strange !!!   any ideas?   or even more: ideas what to change in the sources
to
get rid of this behaviour?
and another thing:  if the permissions are set to 0664, the corresponding
check
boxes in the properties window are gayed.  set full access, save and then
you
are able to change the formerly grayed check boxes again and modify the 0640
settings.  what has happened to the permission stuff?  is there a
configuration
fault?

thanks,
L*


-- 
+++ GMX - Mail, Messaging  more  http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



Re: [Samba] Error joining Win2K domain: ads_connect: DSA is unavailable

2002-11-03 Thread Matt Sapp
I had changed my administrator password on the Win2K server prior to doing the net 
ads join.  'kinit [EMAIL PROTECTED]' is successful.  I went ahead and pulled down 
the krb5-current snapshot from MIT, and samba3.0alpha wont build with it.  30 some 
lines of errors when 'Linking bin/smbd', if anyone is interested.  Looks like 
brokenness in krb5 though.  Is there a snapshot out there known to work with 
samba+win2k kdc?  Or any other idea?  Is there no one running samba as a member in a 
Active directory? :)

-Matt
MNU Internet System Administrator
MNU Network Security Administrator


--- Original Message Below ---

From: Andrew Bartlett [EMAIL PROTECTED]
To: Matt Sapp [EMAIL PROTECTED]
Subject: Re: [Samba] Error joining Win2K domain: ads_connect: DSA is unavailable
Date: Thu, 31 Oct 2002 11:57:22 +

On Thu, Oct 31, 2002 at 05:14:19AM -0500, Matt Sapp wrote:
 I'm running 3.0alpha (both current CVS pull and alpha20 from dist) and trying to 
have my samba server join our already in place Win2K ADS domain.  I am able to 'kinit 
user@DOMAIN' and auth successfully, but upon attempting 'net ads join', I get the 
following:
 
 # net ads join -Uadministrator
 administrator password:
 [2002/10/31 05:11:19, 1] libsmb/clikrb5.c:krb5_mk_req2(63)
   krb5_get_credentials failed for mnu-server$@MNU.EDU (No credentials found with 
supported encryption types)
 [2002/10/31 05:11:19, 1] utils/net_ads.c:ads_startup(148)
   ads_connect: DSA is unavailable

You have not got the latest MIT kerberos (you need a snapshot, the 
releases don't seem to support it) and your Administrator password
has not been changed since you upgraded to ADS.  As such the only
password is the MD4 based password from pre-ads, which MIT can't 
use.

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



[Samba] problem getting printing started via CUPS

2002-11-03 Thread Ernst Cozijnsen
Title: [Samba] problem getting printing started via CUPS





I'm using cups for printing and when i try to share a printer with samba i get the msg on my win2000 wks that access is denied, unable to connect

my smb.conf looks like this:


[global]
 workgroup = kerkenkruis
 netbios name = kruimel
 server string = Samba server running on Redhat %L:%h
 interfaces = eth0
 dns proxy = yes
 domain master = yes
 preferred master= yes
 socket options = IPTOS_LOWDELAY TCP_NODELAY
 os level  = 65
 update encrypted= yes
 unix password sync = yes
 encrypt passwords = yes
 printcap name = cups
 
[public]
 hide dot files = yes
 path  = /tmp
[printers]
 browseable = yes
 printing  = cups
 lpq command = /usr/bin/lpstat -o%p
 lprm command = /usr/bin/cancel %p-%j
 print command = /usr/bin/lp -d%p -orwa %s; rm %s
 queuepause command  = /usr/bin/disable %p
 queueresume command = /usr/bin/enable %p
 public  = yes
 printable  = yes
# valid users = 
 printer name  = test


What could be the problem???


Gr,


Ernst Cozijnsen


--

This message contains information that may be privileged or confidential and
is the property of the Cap Gemini Ernst  Young Group. It is only intended
for the person to whom it is addressed. If you are not the intended
recipient, you are not authorized to read, print, retain, copy disseminate,
distribute, or use this message or any part thereof. If you receive this
message in error, please notify the sender immediately and delete all copies
of this message.






Re: [Samba] 2.2.6 and printer questions

2002-11-03 Thread Volker.Lendecke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 If you could get around the EULA, then you could package preinitialized 
 drivers and write the information to smbd's tdbs.  We have support for 
 storing driver initialization data already.

Have you heard that you can get CUPS printer drivers exactly for that
from cups.org? If they are good drivers, this could be very interesting.

 Sounds interesting.  Hmmmwish I could read German :-)

Part of that site is translated :-)

Volker
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Key-ID D32186CF, Fingerprint available: phone +49 551 370

iD8DBQE9xieXOmSXH9Mhhs8RAkMvAJ9sigDXJi9n2njyO2+0EVsFnDNkXACeOqz3
G1Ta4CGXvmhc2ZUp8Nff7fg=
=zlGF
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



_net_trust_dom_list() needs actual trustdom implementation.

2002-11-03 Thread Andrew Bartlett
Mimir:  When you get your trustdom patch together, don't forget that:

srv_netlog_nt.c:_net_trust_dom_list()

also needs to be picked up for the DC side. - so far we are only getting
it right in the SAMR call.  Now that seems to be the one that's actually
called, but anyway...

Andrew Bartlett
-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net




Re: Backup browser question.

2002-11-03 Thread John H Terpstra
On Sat, 2 Nov 2002, Christopher R. Hertel wrote:

 The rule of thumb, as I've seen it stated in some olde Windows95
 documentation, is that following the election of the Local Master Browser,
 one of the other Potential Browsers is selected to be a Backup Browser.
 For every 32 nodes on the subnet (how is this determined) there is supposed
 to be yet another Backup Browser.

This is correct. Certainly up to NT3.51 Microsoft maintained that NT did
the same as WfW networking in respect of Backup Master Browser / Potential
master browser behaviour.

 That's what the docs say anyway.  What I find annoying is that I cannot
 get W/NT4 to select another node as a backup browser.  This suggests that
 the real formula is

   Backup Browser count = 0 + trunc( nodes / 32 )

No matter what, you must have at least one BMB.

PS: I recall in the WfW resource kit reading that WfW elects a BMB for
every 15 nodes. NT3.1 changed this to 1 in 32 as I recall.


 instead of

   Backup Browser count = 1 + trunc( nodes / 32 )

 Thing is, I want to take a look at the protocol used to update the Backup
 Browsers from the LMB's list.

 Any clues anyone?

Don't know if my comments help.

- John T.

-- 
John H Terpstra
Email: [EMAIL PROTECTED]




Re: make 'ldap trust ids' the default?

2002-11-03 Thread Markus Schabel
Andrew Bartlett wrote:


I've just committed a patch that adds a new 'ldap trust ids' smb.conf
option.

Currently defaulting to off, this option allows pdb_ldap to use the ldap
server directly to determine if a user 'exists' in unix.

This gives us a performance boost, particularly on enumerations: 
(Removes the extra lookup per record).  

The logic is such that if there are no posixAccount attributes for a
user, we try getpwnam(), it's just that we look in LDAP first.

As such, do people think we should have this by default?  

This was a fix to solve some particular problems that metze had, and
I'll see if I can get some feedback on exactly how much this helps.

Andrew Bartlett

That sounds like a good idea, to do it as default or not is a good 
question, when you have a little user database it isn't really helpfull, 
but I think it should be on by default. If I could only find some time 
somewhere, I'll take a look at this.

regards

--
Markus Schabel
|-
| TGM - Die Schule der Technik   |
| IT-Service |
| A-1200 Wien, Wexstrasse 19-23  |
| Tel.: +43(1)33126/316 Fax: +43(1)33126/154 |
| eMail: [EMAIL PROTECTED]|
-|




Re: _net_trust_dom_list() needs actual trustdom implementation.

2002-11-03 Thread Rafal Szczesniak
On Mon, Nov 04, 2002 at 01:06:49AM +1100, Andrew Bartlett wrote:
 Mimir:  When you get your trustdom patch together, don't forget that:
 
 srv_netlog_nt.c:_net_trust_dom_list()
 
 also needs to be picked up for the DC side. - so far we are only getting
 it right in the SAMR call.  Now that seems to be the one that's actually
 called, but anyway...

Indeed. Thanks for point. I missed that one and it certainly needs
updating to our new trustdom code.


-- 
cheers,
++
|Rafal 'Mimir' Szczesniak [EMAIL PROTECTED]   |
|*BSD, GNU/Linux and Samba  /
|__/



namecache updates and trustdom patch n+4

2002-11-03 Thread Rafal Szczesniak
These are namecache fixes and n+4 update to trusted domains:
Changes include:
 - namecache uses now new ipstr_list_* functions to operate
   on lists of IP addresses converted to string
   It doesn't use (yet) str_list_make routine since it lacks
   support for expandable strings (ie. you cannot add another
   address to a list)
 - implemented ipstr_list_make, ipstr_list_add, ipstr_list_parse
   and ipstr_list_free functions and, I suspect this code will
   be modified to cooperate with str_list_make;
   one step at a time, however...
 - updated 'net cache' code to improve displaying cache contents'
   readability
 - trustdom_cache implementation extended to use by ADS environments
   as well (alt_name and friends...)
 - small update of rpcclient to make trusted domains enumeration
   command more flexible about parameters


This part works for me, but it wasn't extensively tested, so
comments and fixes (memleaks in paricular) are welcome.



-- 
cheers,
++
|Rafal 'Mimir' Szczesniak [EMAIL PROTECTED]   |
|*BSD, GNU/Linux and Samba  /
|__/

Index: Makefile.in
===
RCS file: /cvsroot/samba/source/Makefile.in,v
retrieving revision 1.555
diff -u -r1.555 Makefile.in
--- Makefile.in 1 Nov 2002 05:41:56 -   1.555
+++ Makefile.in 3 Nov 2002 19:04:02 -
@@ -173,7 +173,7 @@
  libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
 libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \
 libsmb/passchange.o libsmb/unexpected.o libsmb/doserr.o \
-libsmb/namecache.o $(RPC_PARSE_OBJ1)
+libsmb/namecache.o libsmb/trustdom_cache.o $(RPC_PARSE_OBJ1)
 
 LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \
   rpc_client/cli_netlogon.o rpc_client/cli_srvsvc.o \
Index: lib/gencache.c
===
RCS file: /cvsroot/samba/source/lib/gencache.c,v
retrieving revision 1.1
diff -u -r1.1 gencache.c
--- lib/gencache.c  11 Sep 2002 14:07:15 -  1.1
+++ lib/gencache.c  3 Nov 2002 19:04:03 -
@@ -92,7 +92,6 @@
 
 /**
  * Add one entry to the cache file.
- * (it part of tridge's proposed API)
  *
  * @param key string that represents a key of this entry
  * @param value text representation value being cached
@@ -133,7 +132,6 @@
 
 /**
  * Set existing entry to the cache file.
- * (it part of tridge's proposed API)
  *
  * @param key string that represents a key of this entry
  * @param value text representation value being cached
@@ -189,7 +187,6 @@
 
 /**
  * Delete one entry from the cache file.
- * (it part of tridge's proposed API)
  *
  * @param key string that represents a key of this entry
  *
@@ -219,11 +216,10 @@
 
 /**
  * Get existing entry from the cache file.
- * (it part of tridge's proposed API)
  *
  * @param key string that represents a key of this entry
  * @param value buffer that is allocated and filled with the entry value
- *buffer's disposing is done outside
+ *buffer's disposing must be done outside
  * @param timeout pointer to a time_t that is filled with entry's
  *timeout
  *
@@ -269,12 +265,14 @@
  *
  * @param fn pointer to the function that will be supplied with each single
  *matching cache entry (key, value and timeout) as an arguments
+ * @param data void pointer to an arbitrary data that is passed directly to the fn
+ *function on each call
  * @param keystr_pattern pattern the existing entries' keys are matched to
  *
  **/
 
-void gencache_iterate(void (*fn)(const char* key, const char *value, time_t timeout),
-  const char* keystr_pattern)
+void gencache_iterate(void (*fn)(const char* key, const char *value, time_t timeout, 
+void* dptr),
+  void* data, const char* keystr_pattern)
 {
TDB_LIST_NODE *node, *first_node;
TDB_DATA databuf;
@@ -286,7 +284,7 @@
 
if (!gencache_init()) return;
 
-   DEBUG(5, (Searching cache keys with pattern %s, keystr_pattern));
+   DEBUG(5, (Searching cache keys with pattern %s\n, keystr_pattern));
node = tdb_search_keys(cache, keystr_pattern);
first_node = node;

@@ -306,7 +304,7 @@

DEBUG(10, (Calling function with arguments (key = %s, value = %s, 
timeout = %s)\n,
   keystr, valstr, ctime(timeout)));
-   fn(keystr, valstr, timeout);
+   fn(keystr, valstr, timeout, data);

SAFE_FREE(valstr);
SAFE_FREE(entry);
@@ -315,5 +313,4 @@

tdb_search_list_free(first_node);
 }
-
 
Index: lib/util_str.c
===
RCS file: /cvsroot/samba/source/lib/util_str.c,v
retrieving 

Re: Backup browser question.

2002-11-03 Thread Christopher R. Hertel
John H Terpstra wrote:
 
 On Sat, 2 Nov 2002, Christopher R. Hertel wrote:
 
  The rule of thumb, as I've seen it stated in some olde Windows95
  documentation, is that following the election of the Local Master
  Browser, one of the other Potential Browsers is selected to be a
  Backup Browser.  For every 32 nodes on the subnet (how is this
  determined) there is supposed to be yet another Backup Browser.
 
 This is correct. Certainly up to NT3.51 Microsoft maintained that NT did
 the same as WfW networking in respect of Backup Master Browser /
 Potential master browser behaviour.
 
  That's what the docs say anyway.  What I find annoying is that I cannot
  get W/NT4 to select another node as a backup browser.  This suggests
  that the real formula is
 
Backup Browser count = 0 + trunc( nodes / 32 )
 
 No matter what, you must have at least one BMB.

One backup... Yes, I thought about it a lot last night and I *think* that
the Backup Browser selects itself during the election by sending an election
packet with the Backup Browser bit set.

 PS: I recall in the WfW resource kit reading that WfW elects a BMB for
 every 15 nodes. NT3.1 changed this to 1 in 32 as I recall.

Makes sense.  They were probably afraid that being a Browser node would
put a strain on the system (we are talking 386's running Windows, after
all).  Once the 486's started coming out, and they had a bit more experience
with it, they probably upped the number.

 
  instead of
 
Backup Browser count = 1 + trunc( nodes / 32 )
 
  Thing is, I want to take a look at the protocol used to update the
  Backup Browsers from the LMB's list.
 
  Any clues anyone?
 
 Don't know if my comments help.

They confirm my read of the documentation.  Thing is:

1) When I capture a browser lookup, I am seeing that the GetBackupList
   request, and the reply (both from Samba and from Windows) shows only
   one name in the Backup Browser list.  That name is the name of the
   Local Master Browser.

2) I don't know how the LMB goes about counting the nodes on the LAN.
   I suppose it's looking at the announce messages.

3) I don't know how the LMB goes about telling a node that it should be
   a Backup Browser.

These are things that I want to learn so that I can document them.
Once again, all clues are helpful.

Thanks!

Chris -)-

-- 
Samba Team -- http://www.samba.org/ -)-   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)-   [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)-   [EMAIL PROTECTED]



First draft libsmbclient test program

2002-11-03 Thread Fabien Chevalier

Hello,

I wrote this afternoon this small test program.
It does not do all what i would have liked, but it does enough to 
begin to compare libsmbclient releases.

What it tests:
  -listing workgroups
  -listing computers
  -listing shares

With an automated way

What it does not yet:
  -all what remains

I will go on and implement all what is missing if you feel it 
will be useful for you.

Attached is the output generated by various libsmbclient releases 
+ the current program sources.

The first regression is between 2.2.2 and 2.2.3
The second is somewhere i don't know, but is there in 3.0alpha20

Cheers.

Fabien.


PS:
  I can make it to dlopen libsmbclient if you need it ...but I 
use only linux and i have no idea if it will work elsewhere.

PS(2):
  What do you mean, Andrew, by making it scriptable ?

--
Samba v2.2.1

[fabientux libsmb]$ lsmbctest
 Now running test smbc_init...
Calling int smbc_init(mbc_get_auth_data_fn, int debug=0)
Result : 0
 Test smbc_init OK
 Now running test workgroups listing...
Calling int smbc_opendir(const char *durl=smb://)
Authentification required for SERVER CUTBIDISH SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named MDKGROUP
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named REZ
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named WORKGROUP
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test workgroups listing OK
 Now running test smbc_closedir...
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Test smbc_closedir OK
 Now running test machines in workgroup listing...
Calling int smbc_opendir(const char *durl=smb://MDKGROUP)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 2, named SHADOW
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test machines in workgroup listing OK
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Now running test shares on a machine listing...
Calling int smbc_opendir(const char *durl=smb://SHADOW)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 6, named IPC$
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 3, named ADMIN$
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test shares on a machine listing OK
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]

Test summary:

smbc_init   Ok
smbc_closedir   Ok
workgroups listing  Ok
machines in workgroup listing   Ok
shares on a machine listing Ok

--
Samba v2.2.2

[fabientux libsmb]$ lsmbctest
 Now running test smbc_init...
Calling int smbc_init(mbc_get_auth_data_fn, int debug=0)
Result : 0
 Test smbc_init OK
 Now running test workgroups listing...
Calling int smbc_opendir(const char *durl=smb://)
Authentification required for SERVER CUTBIDISH SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named MDKGROUP
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named REZ
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named WORKGROUP
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test workgroups listing OK
 Now running test smbc_closedir...
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Test smbc_closedir OK
 Now running test machines in workgroup listing...
Calling int smbc_opendir(const char *durl=smb://MDKGROUP)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 2, named SHADOW
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test machines in workgroup listing OK
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Now running test shares on a machine listing...
Calling int smbc_opendir(const char *durl=smb://SHADOW)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]

[Fwd: Re: Backup browser question.]

2002-11-03 Thread Christopher R. Hertel
John H Terpstra wrote:
 
 On Sat, 2 Nov 2002, Christopher R. Hertel wrote:
 
  The rule of thumb, as I've seen it stated in some olde Windows95
  documentation, is that following the election of the Local Master
  Browser, one of the other Potential Browsers is selected to be a
  Backup Browser.  For every 32 nodes on the subnet (how is this
  determined) there is supposed to be yet another Backup Browser.
 
 This is correct. Certainly up to NT3.51 Microsoft maintained that NT did
 the same as WfW networking in respect of Backup Master Browser /
 Potential master browser behaviour.
 
  That's what the docs say anyway.  What I find annoying is that I cannot
  get W/NT4 to select another node as a backup browser.  This suggests
  that the real formula is
 
Backup Browser count = 0 + trunc( nodes / 32 )
 
 No matter what, you must have at least one BMB.

One backup... Yes, I thought about it a lot last night and I *think* that
the Backup Browser selects itself during the election by sending an election
packet with the Backup Browser bit set.

 PS: I recall in the WfW resource kit reading that WfW elects a BMB for
 every 15 nodes. NT3.1 changed this to 1 in 32 as I recall.

Makes sense.  They were probably afraid that being a Browser node would
put a strain on the system (we are talking 386's running Windows, after
all).  Once the 486's started coming out, and they had a bit more experience
with it, they probably upped the number.

 
  instead of
 
Backup Browser count = 1 + trunc( nodes / 32 )
 
  Thing is, I want to take a look at the protocol used to update the
  Backup Browsers from the LMB's list.
 
  Any clues anyone?
 
 Don't know if my comments help.

They confirm my read of the documentation.  Thing is:

1) When I capture a browser lookup, I am seeing that the GetBackupList
   request, and the reply (both from Samba and from Windows) shows only
   one name in the Backup Browser list.  That name is the name of the
   Local Master Browser.

2) I don't know how the LMB goes about counting the nodes on the LAN.
   I suppose it's looking at the announce messages.

3) I don't know how the LMB goes about telling a node that it should be
   a Backup Browser.

These are things that I want to learn so that I can document them.
Once again, all clues are helpful.

Thanks!

Chris -)-

-- 
Samba Team -- http://www.samba.org/ -)-   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)-   [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)-   [EMAIL PROTECTED]



RE: First draft libsmbclient test program

2002-11-03 Thread Ulf Bertilsson
Could we avoid the use of fork() ? :)

By script useage I could enjoy small separte tools with clean output for
web interface integration/GUI kit.

Use plain txt files for scripting events or task to run as argument ?

--
Ulf

-Original Message-
From: Fabien Chevalier [mailto:fchevali;supelec-rennes.fr]
Sent: Sunday, November 03, 2002 11:10 PM
To: [EMAIL PROTECTED]
Subject: First draft libsmbclient test program



Hello,

I wrote this afternoon this small test program.
It does not do all what i would have liked, but it does enough to 
begin to compare libsmbclient releases.

What it tests:
  -listing workgroups
  -listing computers
  -listing shares

With an automated way

What it does not yet:
  -all what remains

I will go on and implement all what is missing if you feel it 
will be useful for you.

Attached is the output generated by various libsmbclient releases 
+ the current program sources.

The first regression is between 2.2.2 and 2.2.3
The second is somewhere i don't know, but is there in 3.0alpha20

Cheers.

Fabien.


PS:
  I can make it to dlopen libsmbclient if you need it ...but I 
use only linux and i have no idea if it will work elsewhere.

PS(2):
  What do you mean, Andrew, by making it scriptable ?

--
Samba v2.2.1

[fabien@tux libsmb]$ lsmbctest
 Now running test smbc_init...
Calling int smbc_init(mbc_get_auth_data_fn, int debug=0)
Result : 0
 Test smbc_init OK
 Now running test workgroups listing...
Calling int smbc_opendir(const char *durl=smb://)
Authentification required for SERVER CUTBIDISH SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named MDKGROUP
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named REZ
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 1, named WORKGROUP
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test workgroups listing OK
 Now running test smbc_closedir...
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Test smbc_closedir OK
 Now running test machines in workgroup listing...
Calling int smbc_opendir(const char *durl=smb://MDKGROUP)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 2, named SHADOW
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test machines in workgroup listing OK
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Now running test shares on a machine listing...
Calling int smbc_opendir(const char *durl=smb://SHADOW)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 6, named IPC$
Calling int smbc_readdir(int dh=11024)
Result : 0x400a6da0, errno=0[Success]
Found entry type 3, named ADMIN$
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test shares on a machine listing OK
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]

Test summary:

smbc_init   Ok
smbc_closedir   Ok
workgroups listing  Ok
machines in workgroup listing   Ok
shares on a machine listing Ok

--
Samba v2.2.2

[fabien@tux libsmb]$ lsmbctest
 Now running test smbc_init...
Calling int smbc_init(mbc_get_auth_data_fn, int debug=0)
Result : 0
 Test smbc_init OK
 Now running test workgroups listing...
Calling int smbc_opendir(const char *durl=smb://)
Authentification required for SERVER CUTBIDISH SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named MDKGROUP
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named REZ
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 1, named WORKGROUP
Calling int smbc_readdir(int dh=11024)
Result : (nil), errno=0[Success]
 Test workgroups listing OK
 Now running test smbc_closedir...
Calling int smbc_closedir(int dh=11024)
Result : 0, errno=0[Success]
 Test smbc_closedir OK
 Now running test machines in workgroup listing...
Calling int smbc_opendir(const char *durl=smb://MDKGROUP)
Authentification required for SERVER SHADOW SHARE IPC$ in 
WORKGROUP WORKGROUP.
Returning 
Result : 11024, errno=0[Success]
Calling int smbc_readdir(int dh=11024)
Result : 0x400a83e0, errno=0[Success]
Found entry type 2, 

Re: libsmbclient status

2002-11-03 Thread Richard Sharpe
On Sat, 2 Nov 2002, Fabien Chevalier wrote:

 
 Hi all.
 I'm curently playing with KDE smb slave, to try to improve it. It 
 is based on libsmbclient, so... i am playing with libsmbclient 
 too.
 
 I found some strange things with libsmbclient.
 -The first version i tried, 2.2.6, had a problem listing 
 workgroups on the network. All the rest worked fine.

OK, you need to initialize your workgroup to something in ~/.smb/smb.conf, 
and then it will list workgroups. At least that is how it works at the 
moment in head.

This restriction could be lifted, but would require two changes:

1. The code that gets unhappy if smb.conf fails to load will need to 
change.

2. If a master browser for workgroup cannot be found, then we could do a 
name status query on the local node, which is not guaranteed to work, or 
we could prompt for a name.

 - I then tried 3.0 alpha 20. It had the same problem. And 
 moreover, it could not list the shares on a host anymore.
 - I then tried 2.2.2...and it seems to work fine.

I will have a look at what is wrong in head and see what needs fixing and 
then commit some code.

 What's the current status of libsmbclient development ?
 Is there anything i can do to help solving these problems?
 
 [I thought of writing a complete benchmark test program for the 
 lib could be usefull to easily detect regressions...it could the 
 first thing i can do.]
 
 
 

-- 
Regards
-
Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], 
[EMAIL PROTECTED], http://www.richardsharpe.com




Re: libsmbclient status

2002-11-03 Thread Richard Sharpe
On Sat, 2 Nov 2002, Fabien Chevalier wrote:

 
 Hi all.
 I'm curently playing with KDE smb slave, to try to improve it. It 
 is based on libsmbclient, so... i am playing with libsmbclient 
 too.
 
 I found some strange things with libsmbclient.
 - I then tried 3.0 alpha 20. It had the same problem. And 
 moreover, it could not list the shares on a host anymore.

I have tried the following with the patches that Tom Jansen sent along 
with a minor fix of mine:

  smb://
  smb://workgroup
  smb://server

And they all work.

 - I then tried 2.2.2...and it seems to work fine.
 
 What's the current status of libsmbclient development ?
 Is there anything i can do to help solving these problems?
 
 [I thought of writing a complete benchmark test program for the 
 lib could be usefull to easily detect regressions...it could the 
 first thing i can do.]
 
 
 

-- 
Regards
-
Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], 
[EMAIL PROTECTED], http://www.richardsharpe.com




Re: libsmbclient status

2002-11-03 Thread Christopher R. Hertel
Richard Sharpe wrote:
 
 On Sat, 2 Nov 2002, Fabien Chevalier wrote:
 
 
  Hi all.
  I'm curently playing with KDE smb slave, to try to improve it. It
  is based on libsmbclient, so... i am playing with libsmbclient
  too.
 
  I found some strange things with libsmbclient.
  -The first version i tried, 2.2.6, had a problem listing
  workgroups on the network. All the rest worked fine.
 
 OK, you need to initialize your workgroup to something in
 ~/.smb/smb.conf, and then it will list workgroups. At least that is how
 it works at the moment in head.

 This restriction could be lifted, but would require two changes:
 
 1. The code that gets unhappy if smb.conf fails to load will need to
 change.
 
 2. If a master browser for workgroup cannot be found, then we could do a
 name status query on the local node, which is not guaranteed to work, or
 we could prompt for a name.

If you are given smb://, then just look for the __MSBROWSE__ name.  You
may get multiple replies (a good thing).  Try each of those until you can
get a list of workgroups.  If *that* fails, you can go as far as doing an
adapter status on each of the responding __MSBROWSE__ nodes and listing
their 1D names.  You shouldn't need a default workgroup in order to find
the workgroup list, though.  (Yes, it's kludgy, but this is CIFS!)

Chris -)-

-- 
Samba Team -- http://www.samba.org/ -)-   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)-   [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)-   [EMAIL PROTECTED]



Re: First draft libsmbclient test program

2002-11-03 Thread Richard Sharpe
On Sun, 3 Nov 2002, Fabien Chevalier wrote:

 
 Hello,
 
 I wrote this afternoon this small test program.
 It does not do all what i would have liked, but it does enough to 
 begin to compare libsmbclient releases.

One minor fix. In standard C you can't declare a variable after the first 
executable statement in a function.

However, here is the result of running it against my copy of samba-head:

./lsmbctest 
 Now running test smbc_init...
Calling int smbc_init(mbc_get_auth_data_fn, int debug=0)
Result : 0
 Test smbc_init OK
 Now running test workgroups listing...
Calling int smbc_opendir(const char *durl=smb://)
Authentification required for SERVER SERVER2 SHARE IPC$ in WORKGROUP 
SAMBANET.
Returning 
Result : 1, errno=0[Success]
Calling int smbc_readdir(int dh=1)
Result : 0x804bb44, errno=0[Success]
Found entry type 1, named SAMBANET
Calling int smbc_readdir(int dh=1)
Result : (nil), errno=0[Success]
 Test workgroups listing OK
 Now running test smbc_closedir...
Calling int smbc_closedir(int dh=1)
Result : 0, errno=0[Success]
 Test smbc_closedir OK
 Now running test machines in workgroup listing...
Calling int smbc_opendir(const char *durl=smb://SAMBANET)
Authentification required for SERVER SERVER2 SHARE IPC$ in WORKGROUP 
SAMBANET.
Returning 
Result : 10001, errno=0[Success]
Calling int smbc_readdir(int dh=10001)
Result : 0x804bb44, errno=0[Success]
Found entry type 2, named N6A3B8
Calling int smbc_readdir(int dh=10001)
Result : 0x804bb44, errno=0[Success]
Found entry type 2, named SAMBA1
Calling int smbc_readdir(int dh=10001)
Result : 0x804bb44, errno=0[Success]
Found entry type 2, named SERVER2
Calling int smbc_readdir(int dh=10001)
Result : (nil), errno=0[Success]
 Test machines in workgroup listing OK
Calling int smbc_closedir(int dh=10001)
Result : 0, errno=0[Success]
 Now running test shares on a machine listing...
Calling int smbc_opendir(const char *durl=smb://N6A3B8)
Authentification required for SERVER N6A3B8 SHARE IPC$ in WORKGROUP 
SAMBANET.
Returning 
Result : 10002, errno=0[Success]
Calling int smbc_readdir(int dh=10002)
Result : 0x804bb44, errno=0[Success]
Found entry type 6, named IPC$
Calling int smbc_readdir(int dh=10002)
Result : (nil), errno=0[Success]
 Test shares on a machine listing OK
Calling int smbc_closedir(int dh=10002)
Result : 0, errno=0[Success]

Test summary:

smbc_init   Ok
smbc_closedir   Ok
workgroups listing  Ok
machines in workgroup listing   Ok
shares on a machine listing Ok

Regards
-
Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], 
[EMAIL PROTECTED], http://www.richardsharpe.com




Re: First draft libsmbclient test program

2002-11-03 Thread Christopher R. Hertel
Richard Sharpe wrote:
 
 On Sun, 3 Nov 2002, Fabien Chevalier wrote:
 
 
  Hello,
 
  I wrote this afternoon this small test program.
  It does not do all what i would have liked, but it does enough to
  begin to compare libsmbclient releases.
 
 One minor fix. In standard C you can't declare a variable after the first
 executable statement in a function.

Um... Taken literally, that's not quite true.  You can define a variable
at the top of any block.  The thing is, the variable is only usable within
that block.

You can even create blocks without having any function, while, for, whatever
to initiate them.  Just:

  {
  long l;

  /* stuff */
  }

...anywhere within a function.

The variable 'l' is good until the closing brace.

Captain Pedantic -)-

-- 
Samba Team -- http://www.samba.org/ -)-   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)-   [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)-   [EMAIL PROTECTED]



Re: libsmbclient status

2002-11-03 Thread Christopher R. Hertel
Richard Sharpe wrote:
: 
 Hmmm, but that name is \000\001MSBROWSE\001\000, I think, and you have to
 send name requests to a workgroup, don't you?
 
 Hmmm, a minute's checking with Ethereal shows that this is not true.

I figured you'd clear that up really quickly.  Just for the archive's
sake, it's:

  \x01\x02__MSBROWSE__\x02\0x01

...where that last '\0x01' is the suffix byte.  It is registered as a
group name by all Local Master Browsers, no matter what the workgroup.
They use that name to announce themselves to one-another.  That's how the
workgroup list gets shared around.

 That would indeed be the easiest way to do it. I will leave it as an
 exercise for the students, unless I get around to it first.

If you don't know any workgroup names, it's the only way to do it I'm
'fraid.  It's what Mike does in jCIFS, btw.  If you *do* know a workgroup
name (a good reason to have a local NetBIOS name cache, I suppose) then you
can try the LMB and/or the DMB for that workgroup.

One more problem that was raised on the jCIFS list is that some browsers
will not allow you to access the browse list if you're not authenticated.
(Which is silly, IMHO.)  That's why you might want to gather the list of all
IPs that respond to the __MSBROWSE__ name query (the hex codes are too
annoying to type all the time) and try them in sequence until you get a
usable response.

Mike found that LMBs are more likely to allow an anonymous connection (not
sure if it's 100%) than they are a guest connection.

This came up just a week or so ago.

Chris -)-

-- 
Samba Team -- http://www.samba.org/ -)-   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)-   [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)-   [EMAIL PROTECTED]



Re: libsmbclient status

2002-11-03 Thread Richard Sharpe
On Sun, 3 Nov 2002, Christopher R. Hertel wrote:

 Richard Sharpe wrote:
 : 
  Hmmm, but that name is \000\001MSBROWSE\001\000, I think, and you have to
  send name requests to a workgroup, don't you?
  
  Hmmm, a minute's checking with Ethereal shows that this is not true.
 
 I figured you'd clear that up really quickly.  Just for the archive's
 sake, it's:
 
   \x01\x02__MSBROWSE__\x02\0x01
 
 ...where that last '\0x01' is the suffix byte.  It is registered as a
 group name by all Local Master Browsers, no matter what the workgroup.
 They use that name to announce themselves to one-another.  That's how the
 workgroup list gets shared around.

I knew I could count on you :-)

Regards
-
Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], 
[EMAIL PROTECTED], http://www.richardsharpe.com




Re: make 'ldap trust ids' the default?

2002-11-03 Thread Steve Langasek
On Sat, Nov 02, 2002 at 06:36:47PM +1100, Andrew Bartlett wrote:
 I've just committed a patch that adds a new 'ldap trust ids' smb.conf
 option.

 Currently defaulting to off, this option allows pdb_ldap to use the ldap
 server directly to determine if a user 'exists' in unix.

 This gives us a performance boost, particularly on enumerations: 
 (Removes the extra lookup per record).  

 The logic is such that if there are no posixAccount attributes for a
 user, we try getpwnam(), it's just that we look in LDAP first.

 As such, do people think we should have this by default?  

 This was a fix to solve some particular problems that metze had, and
 I'll see if I can get some feedback on exactly how much this helps.

This seems terribly kludgy to me.  There's a lot that can be done to
optimize unix username lookups without violating the abstraction (e.g.,
nscd).  I particularly don't think this should be used for anything that
involves *enumerating* users, as the most frequent NSS configuration
involving LDAP is to reference both LDAP *and* local files; so
enumerating via the Unix calls may give different results than doing so
via the LDAP calls.

Steve Langasek
postmodern programmer



msg04254/pgp0.pgp
Description: PGP signature


CVS update: samba/source/passdb

2002-11-03 Thread vlendec

Date:   Sun Nov  3 12:54:12 2002
Author: vlendec

Update of /data/cvs/samba/source/passdb
In directory dp.samba.org:/tmp/cvs-serv12832/passdb

Modified Files:
passdb.c 
Log Message:
Force algorithmic rid base to sane values and talk about it.

Volker


Revisions:
passdb.c1.178 = 1.179

http://www.samba.org/cgi-bin/cvsweb/samba/source/passdb/passdb.c?r1=1.178r2=1.179



CVS update: samba/source/utils

2002-11-03 Thread vlendec

Date:   Sun Nov  3 12:54:12 2002
Author: vlendec

Update of /data/cvs/samba/source/utils
In directory dp.samba.org:/tmp/cvs-serv12832/utils

Modified Files:
testparm.c 
Log Message:
Force algorithmic rid base to sane values and talk about it.

Volker


Revisions:
testparm.c  1.53 = 1.54

http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/testparm.c?r1=1.53r2=1.54



Re: CVS update: samba/source/passdb

2002-11-03 Thread Andrew Bartlett
On Sun, 2002-11-03 at 23:54, [EMAIL PROTECTED] wrote:
 
 Date: Sun Nov  3 12:54:12 2002
 Author:   vlendec
 
 Update of /data/cvs/samba/source/passdb
 In directory dp.samba.org:/tmp/cvs-serv12832/passdb
 
 Modified Files:
   passdb.c 
 Log Message:
 Force algorithmic rid base to sane values and talk about it.
 
 Volker
 
 
 Revisions:
 passdb.c  1.178 = 1.179
   
http://www.samba.org/cgi-bin/cvsweb/samba/source/passdb/passdb.c?r1=1.178r2=1.179

Nice patch!

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net




CVS update: samba/source/auth

2002-11-03 Thread tridge

Date:   Sun Nov  3 13:33:00 2002
Author: tridge

Update of /home/cvs/samba/source/auth
In directory dp.samba.org:/tmp/cvs-serv14999

Modified Files:
auth_builtin.c 
Log Message:
make_server_info_guest() can need root for the ldapsam backend


Revisions:
auth_builtin.c  1.15 = 1.16

http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c?r1=1.15r2=1.16



CVS update: samba/source/passdb

2002-11-03 Thread abartlet

Date:   Sun Nov  3 14:10:32 2002
Author: abartlet

Update of /data/cvs/samba/source/passdb
In directory dp.samba.org:/tmp/cvs-serv17132/passdb

Modified Files:
passdb.c 
Log Message:
Extra little fix to vl's patch.  Make sure the passdb and testparm messages
say exactly the same thing - in particular that we can algorithmic rid base ==
1000, and use the BASE_RID macro to avoid the use of magic numbers.

Andrew Bartlett


Revisions:
passdb.c1.179 = 1.180

http://www.samba.org/cgi-bin/cvsweb/samba/source/passdb/passdb.c?r1=1.179r2=1.180



CVS update: samba/source/utils

2002-11-03 Thread abartlet

Date:   Sun Nov  3 14:13:43 2002
Author: abartlet

Update of /data/cvs/samba/source/utils
In directory dp.samba.org:/tmp/cvs-serv17350/utils

Modified Files:
testparm.c 
Log Message:
Extra little fix to vl's patch.  Make sure the passdb and testparm messages
say exactly the same thing - in particular that we can algorithmic rid base ==
1000, and use the BASE_RID macro to avoid the use of magic numbers.

Andrew Bartlett


Revisions:
testparm.c  1.54 = 1.55

http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/testparm.c?r1=1.54r2=1.55



CVS update: samba/source

2002-11-03 Thread sharpe

Date:   Mon Nov  4 02:01:48 2002
Author: sharpe

Update of /data/cvs/samba/source
In directory dp.samba.org:/tmp/cvs-serv2607

Modified Files:
Makefile.in 
Log Message:

The fixes from Tom plus a minor update from me.


Revisions:
Makefile.in 1.555 = 1.556
http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in?r1=1.555r2=1.556



CVS update: samba/source/libsmb

2002-11-03 Thread sharpe

Date:   Mon Nov  4 02:01:49 2002
Author: sharpe

Update of /data/cvs/samba/source/libsmb
In directory dp.samba.org:/tmp/cvs-serv2607/libsmb

Modified Files:
libsmb_compat.c libsmbclient.c 
Log Message:

The fixes from Tom plus a minor update from me.


Revisions:
libsmb_compat.c 1.3 = 1.4

http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/libsmb_compat.c?r1=1.3r2=1.4
libsmbclient.c  1.60 = 1.61

http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/libsmbclient.c?r1=1.60r2=1.61



CVS update: samba/source

2002-11-03 Thread abartlet

Date:   Mon Nov  4 02:49:20 2002
Author: abartlet

Update of /data/cvs/samba/source
In directory dp.samba.org:/tmp/cvs-serv8243

Modified Files:
Makefile.in 
Log Message:
Any conversion to POPT must *always* add BUILD_POPT or it just won't work on
systems other than linux.

Andrew Bartlett


Revisions:
Makefile.in 1.556 = 1.557
http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in?r1=1.556r2=1.557