Re: [Samba] Cann't get Windows XP system to find Samba printers
We had also this problem with Samba and Cups. What I did: In the system's /etc/rc5.d I inserted in S99local: # Problem with Samba und Cups (sleep 60; /etc/init.d/smb restart) this means: after the normal startup I restart the samba daemon. So it worked. I found this solution somewhere! You can try it by just doing a smb restart Hope it helps Walter tj schrieb: I'll give this a try when I get a chance. ALso, cups is working perfectly, no problem printing to laser on the Linux machine and accessing via localhost:631. Just need to get it accessable by XP box over network via samba. tj David Rankin wrote: Jeff, I have my laserjet working well. I have pasted bits and pieces of my config for comparison below: I have a Brothre HL-1440 laser on my Linux system I wish to share. But, I can not get the Windows system to see it. I already have disk shares That the windows system can access, so something is working Here is my entries in smb.conf load printers = yes printcap name = cups printing = cups security = share [printers] comment = All Printers browseable = yes printable = yes public = yes create mode = 0700 guest only = yes use client driver = yes guest account = smbprint path = /home/smbprint Try [printers] comment = The Printers path = /var/spool/samba guest ok = Yes public = Yes writeable = no printable = Yes browseable = no in cups.conf Location /printers # # You may wish to limit access to printers and classes, either with Allow # and Deny lines, or by requiring a username and password. # AuthType None Order Deny,Allow Deny From None Allow From All /Location mine.convs application/octet-streamapplication/vnd.cups-raw 0 - mime.types application/octet-stream But, when I try to add a network printer on the XP system it lists the network and the name of the Linux system. But, no printers under the Linux system. Running cups adminisration shows the printer named 1440 and ready for jobs. What else do I need to do? tj Mine works like this: Location / Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 127.0.0.2 Allow From @LOCAL /Location #Location /printers # # You may wish to limit access to printers and classes (I don't use this at all) # #/Location Make sure cups has created the printers.conf for your printer (example): # Printer configuration file for CUPS v1.1.19 # Written by cupsd on Mon 17 May 2004 06:57:09 PM CDT DefaultPrinter HP_LJ4 Info HP Laserjet 4 Location DeviceURI parallel:/dev/lp0 State Idle Accepting Yes JobSheets none none QuotaPeriod 0 PageLimit 0 KLimit 0 /Printer Also, are you able to access cups via http://localhost:631 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Preventing Samba from acting as a domain controller
On Sunday 28 November 2004 16:51, Chris Vaughan wrote: Greetings, I have Samba 3.0.9 configured to authenticate a squid proxy using ntlm and for file shares on a particular linux host. However, it appears that this host is interfering in our Active Directory domain. In smb.conf, I have set the parameter preferred master = no. domain logons = No - John T. How do I ensure this samba machine will not act as a domain controller or try to. Chris Vaughan *** This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of the Department of Lands. This email message has been swept by MIMEsweeper for the presence of computer viruses. *** -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Virus détecté dans le message Delivery Protection
Norton AntiVirus a détecté un virus dans une pièce jointe que vous ([EMAIL PROTECTED]) avez envoyée à Partnerships. Pour garantir que les destinataires pourront utiliser les fichiers envoyés, lancez une analyse des virus sur votre ordinateur, nettoyez les fichiers infectés, puis renvoyez cette pièce jointe. Pièce jointe : readme.zip Nom du virus :[EMAIL PROTECTED] Opération effectuée : Nettoyer - échec : Quarantaine - réussite : Etat du fichier : Infectés - This Message and any attachments are confidential and intended solely for the addressees. And unauthorised use or dissemination are prohibited. Emails are suceptible to alteration. Therefore neither SWAPCOM nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] win 2000 and active directory
Hello! I am trying to use samba 3.0 as a domain controller in a win2000 network. When I get to the user administration however I run in to huge problems. I try to open the Active Directory Users and Computers in order to set path to the profile directory for the users. This is not possible because the winn2000 client does not recognize the samba domain as a win2000 domain. I also have these error messages in /var/log/messages: get_domain_user_groups: primary gid of user [user] is not a Domain group ! I have the samba-3 howto and reference guide and understand from this that it cannot act as win2000 domain controller. Is there a way to fix this problem? I have read something about Kerberos, but have not been able to find any howtos on this. Thanks! Bjorn _ MSN Messenger http://www.msn.no/messenger Den korteste veien mellom deg og dine venner -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Compile error with 3.0.8
We are compiling samba on AIX 5.1 with export CC=gcc export CPPFLAGS=-I/usr/local/include -I/usr/local/ssl/lib/include export LDFLAGS=-L/usr/local/lib -L/usr/local/ssl/lib ./configure --enable-shared=no --enable-static=yes we get the following error when using make: Compiling libsmb/clifile.c libsmb/clifile.c: In function `cli_unix_stat` libsmb/clifile.c:216: error `STAT_ST_BLOCKSIZE' undeclared Can someone help regards Mathias -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc shutdown not working
hi jI'm trying to shutdown some windows XP clients with net rpc shutdown -S name -U administrator%password but all i get is this error [2004/11/26 10:44:32, 0] utils/net_rpc.c:rpc_shutdown_internals(4113) Shutdown of remote machine failed! I'm using Version 3.0.8-Debian and le client are using winXP SP2 (the firewall is not activated) if someone can help thank cyril -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] delay in winbindd user/group lookups with many users/groups in domain
Hi! I have the following problem: winbindd getgrnam/getpwnam/lookupname calls do not return for a long time ( 30 seconds) which is obviously quite annoying to the users. This usually happens at the first login, i.e. subsequent connections are not delayed until a (probably cache) timeout. I've failed to determine who is responsible for the caching yet. I'll provide version and configuration details below. First, here are some examples from log.winbindd: [2004/11/29 09:02:19, 3] nsswitch/winbindd_sid.c:winbindd_lookupname(96) [28927]: lookupname MY_DOMAIN/HOST_FOO1 [2004/11/29 09:02:56, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261) ... [2004/11/29 09:28:17, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(243) [21242]: getgrnam MY_DOMAIN/GROUP_BAR23 [2004/11/29 09:28:54, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261) ... [2004/11/29 09:45:15, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(126) [21242]: getpwnam MY_DOMAIN/USER_JOE232 [2004/11/29 09:45:51, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261) See the delays? Short question: How can I eliminate that? Searching the mailing-list and the web did turn up any evident solution. I did mess with 'winbind cache time', turned off winbindd enumeration and even increased nscd's cache size and timeouts. Unfortunately the delays persisted. Also, it seems that not all users suffer from the delays, only some despite the fact that _all_ are members of the same domain group (see smb.conf example below). I'm sorry, but I would like to have a more reproducable behaviour too! But then, perhaps it isn't even a Samba issue since getpwnam/getgrnam are plain system calls... Still any way to speed the lookups up? All of the above happens with Samba 3.0.9 under SuSE Linux 9.1 (RPMs installed from ftp.suse.com:/projects/samba), SuSE Linux kernel 2.6.5-7.111-default on a P-II/400 with 512MB (doesn't do anything else but running Samba). It runs as a NT4 domain client. The domain is _large_: almost 2 users and 17 groups (yes, no error: 170 thousend! Please don't ask me why so many groups, I'm _not_ the domain admin...) smb.conf: security = domain workgroup = MY_DOMAIN password server = * wins server = 10.1.1.1 name resolve order = wins bcast ... idmap uid = 10-50 idmap gid = 10-50 winbind enum users = no winbind enum groups = no # try a big cache timeout value winbind cache time = 86400 winbind enable local accounts = no winbind use default domain = yes template shell = /bin/false template homedir = /tmp preferred master = No local master = No domain master = No os level = 0 [share] path = /opt/shared_dir # It seems that Samba is slow in determining if the connecting # user is in the GROUP_BAR23 domain group... valid users = +MY_DOMAIN/GROUP_BAR23 MY_DOMAIN/USER_JOE232 read only = yes ... Hope I've provided enough configuration details. If not, please tell me! One last thing: When searching the mailing-list, I found a getpwnam-cache patch: http://lists.samba.org/archive/samba-cvs/2004-November/052998.html Would this help me? But then, what about a group cache? Any hints to solve the above problem are _very_ appreciated! Thanks in advance! Regards, Walter PS: No errors in the logfiles but this one in the winbind log: winbindd_pam_auth_crap: sam_logon returned ACCESS_DENIED. Maybe the trust account password was changed and we didn't know it. Killing connections to domain MY_DOMAIN Yet, 'wbinfo -t' succeeds. I'm do not know if the error message is related to my problem above and what is causing this (yet). -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How to change workstations parameter with pdbedit
Hi everybody, i'm interested in forcing users to login only to certain machines. I saw in the output of pdbedit -Lv the voice Workstations:, but i can't find a command to change this value Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA 3.0.x and ADS v2.0
Question regarding Samba and ADS v2.0 (Win 2003) Currently we have a NT4 domain and some stores running NT4 Server as BDCs. We need to upgrade to W2003 and ADS and have DC in our stores. Can Samba be installed instead of a BDC/DC and can it act as an authentication server when the PDC/ADS is down ? Regards, -- Luis -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts execute randomly
I use samba 3.0.9 as a pdc with ldapsam. In the ldap entries, for every user there is a logon script sambaLogonScript. I only use two different scripts for 1000 users and 100 computers. The scripts lehrer.bat and schueler.bat reside in the netlogon share and provide more shares with the net use command. From the user's perspective, this often works well. sometimes, however, the script is not executed, without further notice, and the users see only their own home directory. more proficient users still can connect to the server and use the other shares, but the less technically minded fail. If it didn't work at all, I could maybe live with it, but this drives me crazy ;-) The domain has only one server, so it shouldn't be a conflict between two servers. has anybody seen this before? google and a search in bugzilla have not yielded much so far. thanks for any input! mathias schenker informatiker gymnasium liestal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba fc3: accent problem - smbfs vs cifs
I connect a FC3 laptop to a FC3 server thru samba (+other windows pc). Thanks to Raúl D. Pittí Palma in this mailing list, I found a solution to display the non-english characters (é, à, è ...à) correctly in the filenames on the server. Based on the /etc/samba/smb.conf and the /etc/sysconfig/i18n described at the end of this post, I have changed the fstab command line. In some case the accent display properly and in others it does not. Kind of weird... Here are the test results: * if /etc/fstab contains //192.168.0.4/bg /mnt/serveurcifs user,rw,uid=bgirin,credentials=/etc/samba/pwd_bg 0 0 -the accent display properly. It also works without the user option. * if /etc/fstab contains //192.168.0.4/bg /mnt/serveur smbfs rw,uid=bgirin,credentials=/etc/samba/pwd_bg,codepage=cp850 0 0 -the accent display properly BUT if /etc/fstab contains //192.168.0.4/bg /mnt/serveur smbfs user,rw,uid=bgirin,credentials=/etc/samba/pwd_bg,codepage=cp850 0 0 - it does not work anymore. In that case Nautilus finds that any filename containing accent is unicode invalid. Note that the when the user option is set-up, gnome automatically displays a shortcut to the mounted file on the desktop. Anyone knows why the 'user' option influences the character display ? Why it does that for smbfs and not cifs ? Bertrand === smb.conf file on the server (fc3) === [global] workgroup = MYGROUP netbios name = SAMBA server string = Samba Server log file = /var/log/samba/%m.log max log size = 1000 unix extensions = No load printers = No hosts allow = 127.0.0.1, 192.168.0. hosts deny = all [homes] comment = Home Directories read only = No = i18n files on both laptop server === LANG=fr_FR.UTF-8 SUPPORTED=fr_FR.UTF-8:fr_FR:fr SYSFONT=latarcyrheb-sun16 = -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and password on command line
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tim Winders wrote: | Hello - | | I see from the 3.0.8 release notes: | | * Remove support for passing the new password to smbpasswd | on the command line without using the -s option. | | I used to use the option: | | smbpasswd -a $user $pass | | to quickly add a new user to the smbpasswd database. | This no longer works in 3.0.8. I have tried every combination | I can think of adding the -s and -L options to the command line (echo $pw; echo $pw ) | smbpasswd -s -a $user cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzYAIR7qMdg1EfYRAj3pAJ4p5hMWGtLHri5vI7PXIB5RRKSbDQCg0nF/ XrGKt26KLi+B1ck+ALDErts= =cWbE -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Dfs Question
Hi all, I'm trying to implement a DFS scenario, but i'm not sure if it possible. What I would like to do is something like this. We have a central office where a PDC is to be located, and other offices with one BDC server each. The Domain uses Samba+LDAP. I want to create a \\netfiles share with dfs links to the other offices. Something like \\netfiles\centraloffice \\netfiles\officeA \\netfiles\officeB My question: Can I create a structure where every server can act as \\netfiles, and in case the local server goes down, the clients go and try to connect to another \\netfiles service providing server? I think this is called DFS DOMAIN ROOT by Microsoft. Is this possible? Will it be possible in a near future? Thanks in advance for any help. Best Regards, Bruno Guerreiro -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba-2.2.x and CAN-2004-0930 CAN-2004-0882 ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ville Herva wrote: | | Judging from http://rhn.redhat.com/errata/RHSA-2004-632.html | 2.2.12 is vulnerable - at least RH includes patches for | both issues in their new RHEL2.1 errata package (I don't know | if they researched whether or not both are exploitable | with 2.2.x code base.) It's possible but we never looked into 2.2.x since that branch reached EOL on October 1, 2004. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzbYIR7qMdg1EfYRAs9AAJ4opk7109r/2ifRL7UPYS0jFV89VACgzZIG t+eXInCNs4JH01zyl+wCKTA= =IFmA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Preventing Samba from acting as a domain controller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John H Terpstra wrote: | On Sunday 28 November 2004 16:51, Chris Vaughan wrote: | |Greetings, | |I have Samba 3.0.9 configured to authenticate a squid proxy using ntlm |and for file shares on a particular linux host. However, it appears that |this host is interfering in our Active Directory domain. In smb.conf, I |have set the parameter preferred master = no. | | | domain logons = No also make sure that 'domain master = no' cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzgqIR7qMdg1EfYRAidCAJ0TkUd2L/naqxlken/mX2ooZU9rbQCg7tQe 5xpQcPVyaFXz3qvruQeCRxI= =s16p -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file_set_dosmode / No data available with 3.0.8
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 evilninja wrote: | hi, | | after upgrading to samba 3.0.8 (debian/unstable, i386) i | too encounter similar problems as reported here: | | http://lists.samba.org/archive/samba/2004-November/095567.html ... | i wonder if the problem from the url above was somehow fixed (3.0.9?) | of if there is a workaround Yes. This was fixed in 3.0.9. I always recommend searching bugzilla and reading the release notes (WHATSNEW.txt) for this kind of information. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqziXIR7qMdg1EfYRAtDEAJ9kt5L09SG3vRIUKIUKg4VFwFpyugCfYRFi LJaISzeEISpL0Iiw87kRE0w= =Umqm -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] split samba/cups into separate machines
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ryan Suarez wrote: | Greetings Admins, | | We use samba 3.0.7 and cups 1.1.20 on debian woody to serve | point'n'print to XP clients. This works great, much kudos to the samba | team! | | We are seeing high load on the printserver and we would like to know if | it's possible to split the samba and cups installation into 2 separate | machines. Yes. The 'cups server' smb.conf(5) parameter was added in a recent release. Might be in 3.0.7. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzkJIR7qMdg1EfYRAmkZAJ4o7L1Xm0st1B65ODVyEeaVMcKmOgCgzmTB xxCeaSJbxvkDJFgytvQiHIE= =yZEw -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Permissions Problem
Hi all, I've got a share called [ACCOUNTING] with the following share definition: [ACCOUNTING] path = /data/samba/shares/Accounting valid users = @acct @Domain Admins browseable = yes public = no read only = no force group = acct Here is the permissions on the directory: oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting drwxrwxr-x 9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting Here is the permissions on a file in the directory: -rwxrwxrwx 1 root acct 904192 Nov 29 09:48 /data/samba/shares/Accounting/Invoice Recap.xls The permissions on this file look fine from within Windows Explorer \ properties \ Security. They look fine on the UNIX side. But in Excel, this file is always opened as read-only. I have verified that the user in question is in the acct group. Also the 'fuser' command does not report anyone using the file. I would appreciate any help in figure out what has gone wrong here. Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [samba] create account that can join machines but not admin access on domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | MaTT wrote: | | Hi Daniel... this is from the Samba Docs... will help | | One of my junior staff needs the ability to add machines to the | Domain, but I do not want to give him root access. How can we do this? | | Users who are members of the Domain Admins group can add machines to | the Domain. This group is mapped to the UNIX group account called root | (or equivalent on wheel on some UNIX systems) that has a GID of 0. | This must be the primary GID of the account of the user who is a | member of the Windows Domain Admins account. The docs are wrong here. You have to have a uid of 0. We're working on fixing this limitation soon. Hang in there. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzrnIR7qMdg1EfYRAmPWAJ9wYm4xV6jqfgg0rBFS1gygUlx/XACfagv+ DlRPrCKAy9IFaVk4G7ABFh4= =X8XF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions Problem
On Monday 29 November 2004 10:03, Misty Stanley-Jones wrote: Hi all, I've got a share called [ACCOUNTING] with the following share definition: [ACCOUNTING] path = /data/samba/shares/Accounting valid users = @acct @Domain Admins browseable = yes public = no read only = no force group = acct Here is the permissions on the directory: oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting drwxrwxr-x 9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting Here is the permissions on a file in the directory: -rwxrwxrwx 1 root acct 904192 Nov 29 09:48 /data/samba/shares/Accounting/Invoice Recap.xls The permissions on this file look fine from within Windows Explorer \ properties \ Security. They look fine on the UNIX side. But in Excel, this file is always opened as read-only. I have verified that the user in question is in the acct group. Also the 'fuser' command does not report anyone using the file. I would appreciate any help in figure out what has gone wrong here. New info to add: If I access the share as \\corpsrv\accounting, I can write to the files. If I access it via its drive letter I cannot. I've just mapped it via the command: net use m: \\corpsrv\accounting Also it is not just Excel. I've tried to open a text file with Notepad and I get the same results. Any ideas? Thanks, Misty Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Permissions Problem
Welcome to the club This I believe is a bug that affected Samba 3.0.4 and 3.0.5 for me whereas if the effective permissions on the Win2K workstation were Administrator level these odd access denied errors would come up but UNC could get around it, etc... Samba 3.0.6 was the answer for us. I still have that level on the production servers, and at this time evaluating 3.0.9 as the next upgrade step. You might put more environment details such as OS/distro and version numbers in future postings. I hope it helps... unlike previous administrations I can honestly say I feel your pain on this one! ;-) -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Shares Not There - More Info
Donald D Henson wrote: (SuSE Linux Pro 9.2, Samba 3.0.9) I have a simple network, 10/100 Ethernet, consisting of a Linux file server/workstation, a WindowsXP workstation, and a laptop dual-booted for Linux and WindowsXP. I have several Samba shares, defined using YaST, on the file server. The problem is: When I access the Samba shares using the laptop WindowsXP, all shares show up and I am able to access them in accordance with the share options. However, when I try to access the same shares using the laptop Linux, only some of the shares show up. Running testparm didn't show any errors and a visual inspection of smb.conf didn't reveal any obvious errors. I searched the release notes and found something about WinBind that indicated my share paths had to be lower case, but all of my paths are already lower case. I thought about spaces in the path names but some of the shares that don't show up have no spaces already. I'm at a loss as to how to proceed. If anyone can offer any insights into solving this problem, I'd appreciate it greatly. Oops. Forgot to include smb.conf. It follows: # smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE # Date: 2004-09-12 [global] workgroup = HOMEOFFICE printing = cups printcap name = cups printcap cache time = 750 cups options = raw printer admin = @ntadmin, root, administrator username map = /etc/samba/smbusers map to guest = Bad User logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: security = user encrypt passwords = yes server string = Samba Server domain master = false domain logons = no local master = no preferred master = auto load printers = no ldap suffix = dc=example,dc=com ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers [profiles] comment = Network Profiles Service path = %H read only = no store dos attributes = yes create mask = 0600 directory mask = 0700 browseable = yes guest ok = no printable = no [users] comment = All users path = /home read only = no inherit permissions = yes veto files = /aquota.user/groups/shares/ browseable = yes guest ok = no printable = no [groups] comment = All groups path = /home/groups read only = no inherit permissions = yes browseable = yes guest ok = no printable = no ;; [pdf] ;; comment = PDF creator ;; path = /var/tmp ;; printable = yes ;; print command = /usr/bin/smbprngenpdf -J '%J' -c %c -s %s -u '%u' -z %z ;; create mask = 0600 ;; browseable = yes ;; guest ok = no ;; [printers] ;; comment = All Printers ;; path = /var/tmp ;; printable = yes ;; create mask = 0600 ;; browseable = no ;; guest ok = no [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 browseable = yes guest ok = no printable = no [music library] browseable = yes comment = Music Library guest ok = yes path = /public/musiclib/ read only = yes printable = no [family photos] browseable = yes comment = Family Photos guest ok = yes path = /public/photolib/Family Photos/ read only = yes printable = no writeable = yes [ms money] browseable = yes comment = MS Money guest ok = yes path = /public/msmoney/ read only = yes printable = no [mystery shopping] browseable = yes comment = Mystery Shopping guest ok = yes path = /public/photolib/Mystery Shopping/ read only = yes printable = no [mystery shopping orig] browseable = yes comment = Mystery Shopping - Orig guest ok = yes path = /public/photolib/Mystery Shopping - Orig/ read only = yes printable = no [uop] browseable = yes comment = UOP path = /public/uop/ printable = no read only = yes guest ok = yes [windows resources] browseable = yes comment = Windows Resources create mask = 0777 guest ok = yes path = /public/windowsresources/ printable = no -- Donald D. Henson, Managing Director West El Paso Information Network The Non-Initiation of Force Principle Rules -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba-2.2.x and CAN-2004-0930 CAN-2004-0882 ?
On Mon, Nov 29, 2004 at 08:48:56AM -0600, you [Gerald (Jerry) Carter] wrote: Ville Herva wrote: | | Judging from http://rhn.redhat.com/errata/RHSA-2004-632.html | 2.2.12 is vulnerable - at least RH includes patches for | both issues in their new RHEL2.1 errata package (I don't know | if they researched whether or not both are exploitable | with 2.2.x code base.) It's possible but we never looked into 2.2.x since that branch reached EOL on October 1, 2004. Ok, thanks. I took the RHEL2.1 update src.rpm just to be safe. -- v -- [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions Problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 29 November 2004 09:19, Misty Stanley-Jones wrote: On Monday 29 November 2004 10:03, Misty Stanley-Jones wrote: Hi all, I've got a share called [ACCOUNTING] with the following share definition: [ACCOUNTING] path = /data/samba/shares/Accounting valid users = @acct @Domain Admins browseable = yes public = no read only = no force group = acct Here is the permissions on the directory: oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting drwxrwxr-x 9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting Here is the permissions on a file in the directory: -rwxrwxrwx 1 root acct 904192 Nov 29 09:48 /data/samba/shares/Accounting/Invoice Recap.xls The permissions on this file look fine from within Windows Explorer \ properties \ Security. They look fine on the UNIX side. But in Excel, this file is always opened as read-only. I have verified that the user in question is in the acct group. Also the 'fuser' command does not report anyone using the file. I would appreciate any help in figure out what has gone wrong here. New info to add: If I access the share as \\corpsrv\accounting, I can write to the files. If I access it via its drive letter I cannot. I've just mapped it via the command: net use m: \\corpsrv\accounting Also it is not just Excel. I've tried to open a text file with Notepad and I get the same results. Any ideas? Thanks, Misty Thanks, Misty Well, two ideas. First try shortening the share name. I've seen problems on some clients (you didn't say which client you are using) with the longer share names and ones that use a hyphen (not the case here). Second, I did find a KB article 838895 (http://support.microsoft.com/default.aspx?scid=kb;en-us;838895) which may describe your problem. Even if that's not the version of excel you are using, it might still be accurate (M$ doesn't always issue articles for bugs they know about). - -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. Public key is at http://home.swbell.net/berzerke/robert.key Fingerprint: 0D70 9ADF B5A7 45E7 A853 4B1C 8E0F 4324 C39D 44A2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBq0XAjg9DJMOdRKIRAoSDAKCOHhqCjB3/U8Qdqq19lTu7/k/KwwCfZYG6 +oTQ2TXiNmS9Zdhp0LGjDf8= =uz0u -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions Problem
On Monday 29 November 2004 10:52, robert wrote: Well, two ideas. First try shortening the share name. I've seen problems on some clients (you didn't say which client you are using) with the longer share names and ones that use a hyphen (not the case here). Second, I did find a KB article 838895 (http://support.microsoft.com/default.aspx?scid=kb;en-us;838895) which may describe your problem. Even if that's not the version of excel you are using, it might still be accurate (M$ doesn't always issue articles for bugs they know about). I might buy it, but: 1. The problem is also exhibited with Notepad. 2. The share name is only 10 letters long. I have not heard of problems with shares that long, especially with WinXP and Win2K clients. Still looking, Misty -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. Public key is at http://home.swbell.net/berzerke/robert.key Fingerprint: 0D70 9ADF B5A7 45E7 A853 4B1C 8E0F 4324 C39D 44A2 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Filesystem Corruption
Since upgrading to RedHat 9 and Samba 2.2.8 to Fedora Core 2 and Samba 3, I have had filesystem corruption which may or not be related to Samba. Our current configuration is FC2, Samba 3.0.7-2.FC2, Kernel 2.6.8-1.521smp. The filesystem is LVM and ext3. When a file becomes corrupt, the uid, gid and file size are huge and any attempt to work with the file fails. Here is an example: ll 18889452.IMG -rwxrw-rw- 1 1516382365 2303928080 24576 Dec 31 1969 1889452.IMG The corruption occurs for different file types on different volumes and I have not been able to find any similarities among the files. Any tips would be greatly appreciated. -- Matt Perkins RHCE, MCSE Lattimore Black Morgan Cain, P.C. 5250 Virginia Way Brentwood, TN 37024-1869 e-mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] authentication problem pam_mount
The setup is a samba server with mixed clients (samba clients and windows clients). The problem, I want the linux client to mount there home to their home share on the server. The problem is, I have followed the guide mentioned below and everything works except that the linux usernames have the format domeinnaam+username as a result of which pam_mount wants to mount \\server\domeinnaam+username which naturally should be \\server\username, can you think of a manner to solve this issue or know of another way to solve this problem? GUIDE: http://www.hants.lug.org.uk/cgi-bin/wiki.pl?LinuxHints/SambaAuth Nov 29 14:08:17 xandros login[1050]: pam_mount: about to perform mount operations Nov 29 14:08:17 xandros login[1050]: pam_mount: information for mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: (defined by globalconf) Nov 29 14:08:17 xandros login[1050]: pam_mount: user: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: server: server Nov 29 14:08:17 xandros login[1050]: pam_mount: volume: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: mountpoint: /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: options: uid=AEGIDIUS+norman,gid=AEGIDIUS+norman,dmask=0750,workgroup=AEGIDIUS Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_cipher: Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_path: Nov 29 14:08:17 xandros login[1050]: pam_mount: use_fstab: 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: checking to see if //server/AEGIDIUS+norman is already mounted at /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: checking for encrypted filesystem key configuration Nov 29 14:08:17 xandros login[1050]: pam_mount: about to start building mount command Nov 29 14:08:17 xandros login[1050]: pam_mount: command: /usr/bin/smbmount //server/AEGIDIUS+norman /home/AEGIDIUS/norman -o username=AEGIDIUS+norman,uid=AEGIDIUS+norman,gid=AEGIDIUS+ Nov 29 14:08:17 xandros login[1050]: pam_mount: mount errors (should be empty): Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: setting uid to 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: real and effective user ID are 0 and 0. Nov 29 14:08:17 xandros login[1050]: 2197: tree connect failed: ERRDOS - ERRnosuchshare (You specified an invalid share name) Nov 29 14:08:18 xandros login[1050]: pam_mount: SMB connection failed An here is the configuration rule from pam_mount.conf # If user is *, will be replaced by name of the user logging on in the # volume, mount point, mount options and fs key path fields. ~/* will be # replaced with user's homedir/*. # Format: # volume user [smb|ncp|nfs|local] server volume mount point mount options fs key cipher fs key path volume * smb server ~ uid=,gid=,dmask=0750,workgroup=AEGIDIUS - - I have been at this for a week now and still haven't found a solution, big problems because this week I have to deploy the workstations :( Best regards, Norman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA 3.0.9 - Password Change
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gianluca Tranelli wrote: | I have LDAP backend and in my smb.conf I put ldap passwd sync = | Yes so to syncronize LM/NT/UserPassword when a user is | changing his passoword. But it doesn't work. It only updates | NT/LM password but not the field userPassword. | In the log it gives me backup this message: | ldap password change requested, but LDAP server does not support | it -- ignoring | I use OpenLdap 2.0.xx, and if I remember well before the | update from 3.0.4 to 3.0.9 it worked well. I thought the LDAP password modify exop was added in OpenLDAP 2.1? Don't see how this worked before the upgrade to Samba 3.0.9. We didn't previoulsy log an error when the server didn't support the exop though. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBq02QIR7qMdg1EfYRArCiAJ0RIpP+pz2M/WdujTw56TDEK7V8ngCg7Pg0 pPmKYido22dfVfDSJy+GNrE= =ruqc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] authentication problem pam_mount
Try using: volume * smb server homes ~ uid=,gid=,dmask=0750,workgroup=AEGIDIUS - - --- Emerson Henrique Kfuri Pereira Divisão de Atendimento e Consultoria CECOM - Reitoria - UFMG Telefone: 34994009 --- Norman Uittenbogaart [EMAIL PROTECTED]Para .nl [EMAIL PROTECTED] Enviado Por: cc samba-bounces+dav [EMAIL PROTECTED] Assunto ts.samba.org [Samba] authentication problem pam_mount 29/11/2004 14:20 The setup is a samba server with mixed clients (samba clients and windows clients). The problem, I want the linux client to mount there home to their home share on the server. The problem is, I have followed the guide mentioned below and everything works except that the linux usernames have the format domeinnaam+username as a result of which pam_mount wants to mount \\server\domeinnaam+username which naturally should be \\server\username, can you think of a manner to solve this issue or know of another way to solve this problem? GUIDE: http://www.hants.lug.org.uk/cgi-bin/wiki.pl?LinuxHints/SambaAuth Nov 29 14:08:17 xandros login[1050]: pam_mount: about to perform mount operations Nov 29 14:08:17 xandros login[1050]: pam_mount: information for mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: (defined by globalconf) Nov 29 14:08:17 xandros login[1050]: pam_mount: user: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: server: server Nov 29 14:08:17 xandros login[1050]: pam_mount: volume: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: mountpoint: /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: options: uid=AEGIDIUS+norman,gid=AEGIDIUS+norman,dmask=0750,workgroup=AEGIDIUS Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_cipher: Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_path: Nov 29 14:08:17 xandros login[1050]: pam_mount: use_fstab: 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: checking to see if //server/AEGIDIUS+norman is already mounted at /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: checking for encrypted filesystem key configuration Nov 29 14:08:17 xandros login[1050]: pam_mount: about to start building mount command Nov 29 14:08:17 xandros login[1050]: pam_mount: command: /usr/bin/smbmount //server/AEGIDIUS+norman /home/AEGIDIUS/norman -o username=AEGIDIUS+norman,uid=AEGIDIUS+norman,gid=AEGIDIUS+ Nov 29 14:08:17 xandros login[1050]: pam_mount: mount errors (should be empty): Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: setting uid to 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: real and effective user ID are 0 and 0. Nov 29 14:08:17 xandros login[1050]: 2197: tree connect failed: ERRDOS - ERRnosuchshare (You specified an invalid share name) Nov 29 14:08:18 xandros login[1050]: pam_mount: SMB connection failed An here is the configuration rule from pam_mount.conf # If user is *, will be replaced by name of the user logging on in the # volume, mount point, mount options and fs key path fields. ~/* will be # replaced with user's homedir/*. # Format: # volume user [smb|ncp|nfs|local] server volume mount point mount options fs key cipher fs key path volume * smb server ~ uid=,gid=,dmask=0750,workgroup=AEGIDIUS - - I have been at this for a week now and still haven't found a solution, big problems because this week I have to deploy the workstations :( Best regards, Norman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ntlm_auth
Hi All! I think this question refers to developers of ntlm_auth helper. I'm running Samba 3.0.8 and Squid Version 2.5.STABLE6-CVS I have several Active Direcotry domains. Samba is a member of one of them, which we'll name Primary. And other domains are trusted for him. Users from all domains connected to internet via Squid, which uses ntlm_auth helper to authentificate them. Usernames from all domains exept Primary are logged in access.log in DOMAIN\username format, and from Primary only in username format. How can I (Can I?) force ntlm_auth helper to log usernames from Primary domain in the same format as others. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] File Creation Error on an SMB Volume
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matthias Heckmann Sent: Wednesday, November 24, 2004 10:44 AM To: '[EMAIL PROTECTED]' Subject: [Samba] File Creation Error on an SMB Volume Hi folks, My SMB server is a Helios Ethershare 3.1 on a Tru64 Alpha machine. We are now integrating more and more gentoo-Linux Servers. These are the SMB Clients. On Obelix (one of our gentoo-Servers) I can mount the SMB Volume from the Ethershare Server. obelix nc4smb # whoami root obelix # mount -t smbfs -o username=m.heckmann //192.9.100.32/MIB_Pat_01 /mnt/nc4smb i can also: obelix # cd /mnt/nc4smb obelix nc4smb # ls -al total 44 drwxr-xr-x 1 root root 4096 Nov 23 10:20 . drwxr-xr-x 5 root root 144 Nov 23 10:19 .. -rwxr--r-- 1 root root 20183 Oct 6 14:32 excuses -rwxr--r-- 1 root root 5011 Apr 15 2002 java.jpg drwxr-xr-x 1 root root 4096 Nov 23 10:32 layouts -rwxr--r-- 1 root root99 Nov 23 2004 todo.txt -rwxr--r-- 1 root root 10560 Nov 16 2001 tomcatlogo.jpg obelix nc4smb # cat todo.txt TODO - hover the garden - make sandwich - brush my teeth - kidnap my neighbours dog obelix nc4smb # echo - grease my bikes chain todo.txt obelix nc4smb # cat todo.txt TODO - hover the garden - make sandwich - brush my teeth - kidnap my neighbours dog - grease my bikes chainobelix nc4smb # but: obelix nc4smb # echo i want to create a file new.txt -bash: new.txt: Input/output error also: obelix nc4smb # cp /tmp/cptofile.txt /mnt/nc4smb/ cp: cannot create regular file `/mnt/nc4smb/cptofile.txt': Input/output error So you see the problem. Can mount, can read can write to an existing file. But _Cant_ create a file. By the way: On the Helios Ethershare Server i did: chmod -R 777 /data/MIB_Pat_01 (which is the smb share) but the ls -al on obelix shows -rwxr--r-- further Infos: obelix nc4smb # uname -a Linux obelix 2.6.9-gentoo-r1 #1 SMP Wed Nov 3 15:27:32 CET 2004 i686 Intel(R) Xeon(TM) CPU 3.06GHz GenuineIntel GNU/Linux obelix nc4smb # smbstatus Samba version 3.0.7 obelix nc4smb # cat /etc/samba/smb.conf [global] workgroup = ncag server string = show add printer wizard = no local master = no domain master = no preferred master = no os level = 0 [just_a_few_shares] . . . . My Windoze has no problem with this share, everything works fine. Tell me what additional infos you need to get along the problem. I have everything. Debug outputs, ethereal caps (window$ connect,create. successing. / linux mount,create. failing. ). Thanks for your help, in advance. I would really welcome a solution for this. It is a crucial criterion for the future of LiNUX in our company. ;-) Matthias Heckmann - Matthias Heckmann Systemadministrator n c ag In der Luberzen 25 8902 Urdorf - t:+41 1 735 38 38 t dir:+41 1 735 38 10 - Web: www.ncag.ch E-mail:[EMAIL PROTECTED] - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba Unfortunetely, I can not say that I have found the solution to this problem yet, but I can say that I am experiencing it over multiple samba versions (including RPMs) on Tao Linux 1.0u3 (RHEL3 clone). I'd add more information, but Mr. Heckmann did a very through job of explaining the problem in detail. I am currently having the problem with samba-3.0.7-1.3E.1; however, it has happened for 3 or 4 RPM updates (and reinstalls) as well as custom compiled versions as well... All the exact same problems. Any help would be appreciated! Toby Schaefer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA 3.0.9 - Password Change
SOLVED, it was a problem with ldap acl. Thank you - Messaggio da [EMAIL PROTECTED] - Date: Mon, 29 Nov 2004 10:25:52 -0600 From: Gerald (Jerry) Carter [EMAIL PROTECTED] Reply-To: Gerald (Jerry) Carter [EMAIL PROTECTED] To: Gianluca Tranelli [EMAIL PROTECTED] Subject: Re: [Samba] SAMBA 3.0.9 - Password Change -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gianluca Tranelli wrote: | I have LDAP backend and in my smb.conf I put ldap passwd sync = | Yes so to syncronize LM/NT/UserPassword when a user is | changing his passoword. But it doesn't work. It only updates | NT/LM password but not the field userPassword. | In the log it gives me backup this message: | ldap password change requested, but LDAP server does not support | it -- ignoring | I use OpenLdap 2.0.xx, and if I remember well before the | update from 3.0.4 to 3.0.9 it worked well. I thought the LDAP password modify exop was added in OpenLDAP 2.1? Don't see how this worked before the upgrade to Samba 3.0.9. We didn't previoulsy log an error when the server didn't support the exop though. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBq02QIR7qMdg1EfYRArCiAJ0RIpP+pz2M/WdujTw56TDEK7V8ngCg7Pg0 pPmKYido22dfVfDSJy+GNrE= =ruqc -END PGP SIGNATURE- - Fine messaggio da [EMAIL PROTECTED] - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file_set_dosmode / No data available with 3.0.8
On Sun, Nov 28, 2004 at 07:38:57PM +0100, evilninja wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, after upgrading to samba 3.0.8 (debian/unstable, i386) i too encounter similar problems as reported here: http://lists.samba.org/archive/samba/2004-November/095567.html upon logoff from a win2k(sp4) client, the profile cannot be saved and the samba logfile from the client (prinz) gives: [2004/11/26 17:57:06, 2] smbd/trans2.c:call_trans2setfilepathinfo(3681) file_set_dosmode of evil/Lokale Einstellungen/Anwendungsdaten failed (No data available) here's a complete log: http://nerdbynature.de/bits/sheep/samba/3.0.8/prinz.log.bz2 my smb.conf is here: http://nerdbynature.de/bits/sheep/samba/3.0.8/smb.conf i've set profile acls = no in the [profile] section, but it dit not help. i've suspected charset issues, but changing the charset did not help either. i wonder if the problem from the url above was somehow fixed (3.0.9?) of if there is a workaround. This is a known bug that was fixed in Samba 3.0.9. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] split samba/cups into separate machines
Hi Jerry, Great, thanks for the tip. Does that mean that new installs of samba require installing cups on the local machine first, then removing cups and setting the 'cups server' directive? much appreciated, Ryan | We use samba 3.0.7 and cups 1.1.20 on debian woody to serve | point'n'print to XP clients. This works great, much kudos to the samba | team! | | We are seeing high load on the printserver and we would like to know if | it's possible to split the samba and cups installation into 2 separate | machines. Yes. The 'cups server' smb.conf(5) parameter was added in a recent release. Might be in 3.0.7. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzkJIR7qMdg1EfYRAmkZAJ4o7L1Xm0st1B65ODVyEeaVMcKmOgCgzmTB xxCeaSJbxvkDJFgytvQiHIE= =yZEw -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] logon scripts execute randomly
I have a similar problem since upgrade to Samba 3.0.x - must admit I've not tried debugging the problem yet. Have around 1500 users across ~50 XP (SP2) workstations - problem tends to occur ~2 in every 30 users. Logon script does seem to execute though - it's just the drives that don't map. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mathias schenker Sent: 29 November 2004 14:33 To: [EMAIL PROTECTED] Subject: [Samba] logon scripts execute randomly I use samba 3.0.9 as a pdc with ldapsam. In the ldap entries, for every user there is a logon script sambaLogonScript. I only use two different scripts for 1000 users and 100 computers. The scripts lehrer.bat and schueler.bat reside in the netlogon share and provide more shares with the net use command. From the user's perspective, this often works well. sometimes, however, the script is not executed, without further notice, and the users see only their own home directory. more proficient users still can connect to the server and use the other shares, but the less technically minded fail. If it didn't work at all, I could maybe live with it, but this drives me crazy ;-) The domain has only one server, so it shouldn't be a conflict between two servers. has anybody seen this before? google and a search in bugzilla have not yielded much so far. thanks for any input! mathias schenker informatiker gymnasium liestal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] split samba/cups into separate machines
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ryan Suarez wrote: | Hi Jerry, | | Great, thanks for the tip. | Does that mean that new installs of samba require | installing cups on the local machine first, then removing | cups and setting the 'cups server' directive? You nee dthe cups development files (headers and libs) but not the server. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBq1vMIR7qMdg1EfYRAljtAJ9Z//wKdX5gkb8LqE/vP6hsDGyrtgCg5lmh QLkZCB/cfl0SoDYruuBfPNg= =gNZ4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Able to read directory as the correct user, but unable to write to the directory even though I have permissions
Samba version: 3.0.8-0.pre1.3 Fedora Core 3 Kernel: 2.6.9-1.667 I am able to authenticate as a valid user on the system, mount my home directory and look inside of directories that have been set to 700 and read files set to 600. But I am not able to write to ANY folder or file on the share. I have one directory set to 777 and one file set to 4777 but that does not seem to matter. I cannot, for example, copy a file from my local computer to the mounted share. I authenticate correctly as my user, but the copy still reports permission denied. my smb.conf looks like: [global] server string = Samba test box log file = /var/log/samba/log.%m log level = 5 max log size = 50 dns proxy = No obey pam restrictions = Yes encrypt passwords = no security = user default = homes [homes] comment = %S's Home Directory browseable = no end smb.conf testparm returns no errors my log reports the following when I attempt to copy the file DRUN.GIF into the root of my home directory share. -- /var/log/samba/log.junkx0r --- size=62 smb_com=0x3 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=32769 smb_tid=1 smb_pid=1 smb_uid=100 smb_mid=76 smt_wct=3 smb_vwv[ 0]= 32 (0x20) smb_vwv[ 1]= 1939 (0x793) smb_vwv[ 2]=16811 (0x41AB) smb_bcc=21 [2004/11/29 11:27:20, 3] smbd/process.c:switch_message(887) switch message SMBcreate (pid 3393) conn 0xb90dac48 [2004/11/29 11:27:20, 4] smbd/uid.c:change_to_user(194) change_to_user: Skipping user change - already user [2004/11/29 11:27:20, 5] smbd/filename.c:unix_convert(108) unix_convert called on file DRUN.GIF [2004/11/29 11:27:20, 5] smbd/filename.c:unix_convert(179) unix_convert begin: name = DRUN.GIF, dirpath = , start = DRUN.GIF [2004/11/29 11:27:20, 3] smbd/dosmode.c:unix_mode(111) unix_mode(DRUN.GIF) returning 0744 [2004/11/29 11:27:20, 5] smbd/files.c:file_new(122) allocated file structure 7859, fnum = 11955 (1 used) [2004/11/29 11:27:20, 4] smbd/open.c:open_file_shared1(1244) calling open_file with flags=0x2 flags2=0x0 mode=0744 [2004/11/29 11:27:20, 3] smbd/open.c:open_file(115) Permission denied opening DRUN.GIF [2004/11/29 11:27:20, 3] smbd/open.c:open_file(178) Error opening file DRUN.GIF (No such file or directory) (local_flags=0) (flags=0) [2004/11/29 11:27:20, 5] smbd/files.c:file_free(385) freed files structure 11955 (0 used) [2004/11/29 11:27:20, 3] smbd/error.c:error_packet(105) error string = No such file or directory [2004/11/29 11:27:20, 3] smbd/error.c:error_packet(145) error packet at smbd/trans2.c(2229) cmd=3 (SMBcreate) eclass=1 ecode=2 [2004/11/29 11:27:20, 5] lib/util.c:show_msg(461) [2004/11/29 11:27:20, 5] lib/util.c:show_msg(471) size=35 smb_com=0x3 smb_rcls=1 smb_reh=0 smb_err=2 smb_flg=128 smb_flg2=32769 smb_tid=1 smb_pid=1 smb_uid=100 smb_mid=76 smt_wct=0 smb_bcc=0 -- end log file as you can see with change_to_user: Skipping user change - already user it believes that I already am myself, but with the Permission denied opening DRUN.GIF there is something funky going on as I know that my user has persmission to write to my home directory ( chmod 711). I get the same result from a directory set to 777. On a possibly unrelated issue, I can only connect to the server from mac os X. smbclient, windows NT, 2000, and XP report login errors. While I am aware that the windows versions listed want encryped passwords, smbclient wants plain text ones. The above generated problem did, in fact, come from the mac. I can use three different macs to connect, so I do not believe it to be a localized configuration on my test mac. What have I missed? I can provide any information you require that I have left out. thank you for your help pat -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How to access samba directory on WinXP via ssh tunnel
hi, Does anywone succeed to access samba shared directories on WinXP Pro SP1 through a ssh tunnel, i.e. using Putty ? Samba is on a solaris 8 box. There's no problem for the ssh session, neither for ssh tunnel that I also use for CVS access, on solaris too. Without ssh tunnel, there no problem to connect the samba shared directory. any help would be welcome ... thanks in advance, sharlee33. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] authentication problem pam_mount
Hmm unfortunally it didn't work it tried mounting \\server\homes [EMAIL PROTECTED] wrote, On 29-11-2004 17:28: Try using: volume * smb server homes ~ uid=,gid=,dmask=0750,workgroup=AEGIDIUS - - --- Emerson Henrique Kfuri Pereira Divisão de Atendimento e Consultoria CECOM - Reitoria - UFMG Telefone: 34994009 --- Norman Uittenbogaart [EMAIL PROTECTED]Para .nl [EMAIL PROTECTED] Enviado Por: cc samba-bounces+dav [EMAIL PROTECTED] Assunto ts.samba.org [Samba] authentication problem pam_mount 29/11/2004 14:20 The setup is a samba server with mixed clients (samba clients and windows clients). The problem, I want the linux client to mount there home to their home share on the server. The problem is, I have followed the guide mentioned below and everything works except that the linux usernames have the format domeinnaam+username as a result of which pam_mount wants to mount \\server\domeinnaam+username which naturally should be \\server\username, can you think of a manner to solve this issue or know of another way to solve this problem? GUIDE: http://www.hants.lug.org.uk/cgi-bin/wiki.pl?LinuxHints/SambaAuth Nov 29 14:08:17 xandros login[1050]: pam_mount: about to perform mount operations Nov 29 14:08:17 xandros login[1050]: pam_mount: information for mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: (defined by globalconf) Nov 29 14:08:17 xandros login[1050]: pam_mount: user: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: server: server Nov 29 14:08:17 xandros login[1050]: pam_mount: volume: AEGIDIUS+norman Nov 29 14:08:17 xandros login[1050]: pam_mount: mountpoint: /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: options: uid=AEGIDIUS+norman,gid=AEGIDIUS+norman,dmask=0750,workgroup=AEGIDIUS Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_cipher: Nov 29 14:08:17 xandros login[1050]: pam_mount: fs_key_path: Nov 29 14:08:17 xandros login[1050]: pam_mount: use_fstab: 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: Nov 29 14:08:17 xandros login[1050]: pam_mount: checking to see if //server/AEGIDIUS+norman is already mounted at /home/AEGIDIUS/norman Nov 29 14:08:17 xandros login[1050]: pam_mount: checking for encrypted filesystem key configuration Nov 29 14:08:17 xandros login[1050]: pam_mount: about to start building mount command Nov 29 14:08:17 xandros login[1050]: pam_mount: command: /usr/bin/smbmount //server/AEGIDIUS+norman /home/AEGIDIUS/norman -o username=AEGIDIUS+norman,uid=AEGIDIUS+norman,gid=AEGIDIUS+ Nov 29 14:08:17 xandros login[1050]: pam_mount: mount errors (should be empty): Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: setting uid to 0 Nov 29 14:08:17 xandros login[1050]: pam_mount: pam_mount: real and effective user ID are 0 and 0. Nov 29 14:08:17 xandros login[1050]: 2197: tree connect failed: ERRDOS - ERRnosuchshare (You specified an invalid share name) Nov 29 14:08:18 xandros login[1050]: pam_mount: SMB connection failed An here is the configuration rule from pam_mount.conf # If user is *, will be replaced by name of the user logging on in the # volume, mount point, mount options and fs key path fields. ~/* will be # replaced with user's homedir/*. # Format: # volume user [smb|ncp|nfs|local] server volume mount point mount options fs key cipher fs key path volume * smb server ~ uid=,gid=,dmask=0750,workgroup=AEGIDIUS - - I have been at this for a week now and still haven't found a solution, big problems because this week I have to deploy the workstations :( Best regards, Norman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL
[Samba] Re: SAMBA / LDAP / Domain Password change problem
Do a tail -25 location of nmbd.log file, likely /usr/local/samba/var/log.nmbd. This will give you the last 25 lines of the nmbd log file. See if there are any error messages relating to name resolution problems or errors registering domain names. If you are having such errors, stop smbd nmbd, remove wins.dat (probably /usr/local/samba/var/locks/wins.dat), then restart smbd nmbd. Best of luck -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] root ownership on some profile files cause login errors
On a newly migrated profile (migrated onto Samba server, from local) some files/dirs get root ownership. How can I stop this from happening, without having to manually adjust the permissions? Should I use force create mode = 0600 or force directory mode = 0700? If so, then where? For example drwx--2 root daemon4096 Nov 12 14:58 S-1-5-21-515... Windows cannot copy file \\netapp\profiles\user\Application Data\Microsoft\Protect\S-1-5-21-515...\ to location C:\Documents and Settings\user.FOOBAR\Application Data\Microsoft\Protect\S-1-5-21-515...\. Contact your network administrator. DETAIL - Access is denied. Windows cannot load the profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. smb.conf-- [global] # -- BEGIN PDC -- domain logons = yes logon path = \\netapp\profiles\%u logon drive = H: logon home = \\netapp\%u\.winprofile logon script = logon.bat add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/adduser --firstuid 9001 \ --lastuid 9500 \ --gid 9000 --home /dev/null --shell /bin/false \ --no-create-home \ --disabled-password --gecos %u Samba Machine Account \ --force-badname %u admin users = @ntadmins workgroup = FOOBAR # -- END PDC -- invalid users = root snip (many misc settings here -- omitted for ease of reading) [netlogon] comment = Network Logon Service browseable = no path = /var/lib/samba/netlogon read only = yes write list = @ntadmins #[profiles] #path = /var/lib/samba/profiles # path = /netapp/profiles ??? #read only = no #create mask = 0600 #directory mask = 0700 [homes] comment = Home Directories browseable = no force create mode = 0755 force directory mode = 0755 writable = yes Thanks in advance JAZ == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] [newbie] SQUID/SAMBA problems with NTLM_Auth
Hello, I havn't gotten an answer over on the squid usergroup - so I'm hoping someone can help me here. SUSE - 9.1 SQUID - 2.5.STABLE5 SAMBA - 3.0.2a-SUSE (the one that came with SUSE Installer by YAST) I have set up squid, samba, got the winbind to work great Wbinfo -t, -u, -g all work great Squid also worked great until I tried to tie in NTLM_Auth If I authenticate using /usr/bin/ntlm_auth --username=administrator It authenticates perfectly. I have this in my squid.conf auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 45 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours And my ACL's acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 http_access allow localhost acl AuthorizedUsers proxy_auth REQUIRED http_access allow all AuthorizedUsers http_access deny all http_reply_access allow all And if I try to browse anywebsite at all, the squid access.log shows TCP_DENIED/407 In the squid cache.log I can see it authenticateValidateUser: Validating Auth_user request '0x8487f80' Then authenticateValidateUser: Validated Auth_user request '0x8487f80' Then User not fully authenticated It will continue like that counting 4,3,2,1 And will eventually say The request GET http://www.yahoo.com/ is DENIED, because it matched 'AuthorizedUsers' Access Denied: http://www.yahoo.com AciMatchedName = AuthorizedUsers Proxy Auth message = NULL Later down the log I'll see Creating entry 0x832c000: near 'X-Squid-Error: ERR_CACHE_ACCESS DENIED 0' Creating entry 0x832c000' near 'Proxy-Authenticate: NTLM - a whole bunch of letters, then trying more lookups. Any ideas where I seem to be going awry here? Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root ownership on some profile files cause login errors
Here's another question related to how to use masks -- In my PDC area I specify: logon path = \\netapp\profiles\%u This puts server-based (roaming) profiles on my Network Appliance (which itself is an SMB/PDC client). A previous admin here left this commented section: #[profiles] # path = /var/lib/samba/profiles # path = /netapp/profiles ??? # read only = no # create mask = 0600 # directory mask = 0700 So, is this the sytax for masks? Do I add create mask = 0744 -OR- force create mask = 0744? Where do I put it? Anywhere in smb.conf? Should the mask be 0077? (it's a mask, not chown notation, right??) PS, When I had Windows login trouble, these perms tweaks fixed it: /home/profiles# chown -R user user /home/profiles# chmod -R 700 user NOTE: We're using Samba as a PDC fine with the below smb.conf. So I don't want to muck up permission by adding an improper mask statement. So Again, this permissions issue only came up when I copied a profile from a local Win2K box to the PDC profile dir using local administrator Copy To... feature under System | User Profiles (control panel). Thanks again! -JAZ joec wrote: Try this: net mask = 0744 (or 755 depending on what you want the permissions to be) directory mask = 0755 Check a samba book for the correct options, but that is how I did the trick on my network at home. Joe Justin Zachor [EMAIL PROTECTED] wrote : On a newly migrated profile (migrated onto Samba server, from local) some files/dirs get root ownership. How can I stop this from happening, without having to manually adjust the permissions? Should I use quot;force create mode = 0600quot; or quot;force directory mode = 0700quot;? If so, then where? For example drwx--2 root daemon4096 Nov 12 14:58 S-1-5-21-515... quot;Windows cannot copy file \\netapp\profiles\user\Application Data\Microsoft\Protect\S-1-5-21-515...\ to location C:\Documents and Settings\user.FOOBAR\Application Data\Microsoft\Protect\S-1-5-21-515...\. Contact your network administrator. DETAIL - Access is denied.quot; quot;Windows cannot load the profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.quot; smb.conf-- [global] # -- BEGIN PDC -- domain logons = yes logon path = \\netapp\profiles\%u logon drive = H: logon home = \\netapp\%u\.winprofile logon script = logon.bat add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/adduser --firstuid 9001 \ --lastuid 9500 \ --gid 9000 --home /dev/null --shell /bin/false \ --no-create-home \ --disabled-password --gecos quot;%u Samba Machine Accountquot; \ --force-badname %u admin users = @ntadmins workgroup = FOOBAR # -- END PDC -- invalid users = root lt;snipgt; (many misc settings here -- omitted for ease of reading) [netlogon] comment = Network Logon Service browseable = no path = /var/lib/samba/netlogon read only = yes write list = @ntadmins #[profiles] #path = /var/lib/samba/profiles # path = /netapp/profiles ??? #read only = no #create mask = 0600 #directory mask = 0700 [homes] comment = Home Directories browseable = no force create mode = 0755 force directory mode = 0755 writable = yes Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] AD member ticket verify errors
I installed samba-3.0.9-1 on RedHat-AS3, configured it as a member server, and joined the domain. wbinfo -u and -g work. When I brows to the samba share from Windows XP client, I see the shares, and my home directory is listed, but I am prompted for a password when I try to use the share. No password works. The samba log for the client session shows: 'smbd/sesssetup.c:reply_spnego_kerberose(173) Failed to verify incoming ticket!' Is this a common problem? The system has RedHat rpm's: krb5-libs-1.2.7-28 krb5-workstation-1.2.7-28 krb5-devel-1.2.7-28 -- ._. | \0/John Stile | | UniX Administration | | / \ 510-305-3800 | | [EMAIL PROTECTED] | .-. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SuSE 9.2 - Browsing Windows Network
I installed SuSE 9.2 on a development workstation over the weekend. After the install completed, I was able to view my network, both at home and at work (via VPN), with no problems. I later updated my Samba installation to 3.0.9 and that seemed to break my ability to browse the network. I downgraded Samba back to the original 3.0.7 that loaded in the original install, but that didn't make any difference. I can mount network shares, but just can't browse them. Is there a patch available that would solve this problem? Thanks! David Christensen Brokers International, Ltd. 1200 E Main St Panora, IA 50216 Phone: (641) 755-2775 Ext 1032 Cell: (515) 490-3936 Fax: (641) 755-2381 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Compile problem on Solaris 8
We are trying to get samba comiled with ldap support on Solaris 8. We're compiling version 3.0.9 with gcc 3.3. Here's the error that we get: Using FLAGS = -O -I./popt -Iinclude -I/nau/src/Net/samba-3.0.9/source/include -I/nau/src/Net/samba-3.0.9/source/ubiqx -I/nau/src/Net/samba-3.0.9/source/smbwrapper -I. -D_LARGEFILE_SOURCE -D_REENTRANT -D_FILE_OFFSET_BITS=64 -I/nau/src/Net/samba-3.0.9/source LIBS = -lsendfile -lsec -lgen -lresolv -lsocket -lnsl -ldl LDSHFLAGS = -G -lthread LDFLAGS = -lthread Generating smbd/build_options.c Building include/proto.h creating /nau/src/Net/samba-3.0.9/source/include/proto.h Building include/wrepld_proto.h creating /nau/src/Net/samba-3.0.9/source/include/wrepld_proto.h Building include/build_env.h creating /nau/src/Net/samba-3.0.9/source/nsswitch/winbindd_proto.h creating /nau/src/Net/samba-3.0.9/source/web/swat_proto.h creating /nau/src/Net/samba-3.0.9/source/client/client_proto.h creating /nau/src/Net/samba-3.0.9/source/utils/net_proto.h Compiling dynconfig.c In file included from include/includes.h:926, from dynconfig.c:21: include/proto.h:587: error: parse error before LDAP_CONST *** Error code 1 make: Fatal error: Command failed for target `dynconfig.o' We configured with the following: ./configure --without-bdb --disable-bdb --enable-null --prefix=/nau/local/samba We've also tried: ./configure --prefix=/nau/local/samba --with-ldap --with-ldapsam The configure always completes but the compiles always end up with the error given above. Thanks for any help. ** * William Wilson - Northern AZ Univ * [EMAIL PROTECTED] *** http://jan.ucc.nau.edu/~wew -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] OS X Server (Samba 3.0.5) and Windows clients logging on with cached credentials
I am having some issues with my Windows clients (2000 SP4 and XP SP2) authenticating to my Mac OS X server running Samba 3.0.5. The OS X server is configured as a PDC for the Windows domain. Clients are able to log on and map drives when wired to the network, but when the net connection is unavailable, they cannot log on using cached credentials. This is an issue for my laptop users who need the ability to log on when not in the office. The error message displayed when attempting to log on is The system cannot log you on now because the domain OFFICE is not available. Upon review of the log files it appears as if the clients are authenticating using NTLM. Is there a setting that I can modify in the smb.conf which will trigger the clients to allow offline access? Here are the contents of smb.conf: [global] workgroup = OFFICE display charset = UTF-8-MAC print command = /usr/sbin/PrintServiceAccess printps %p %s lprm command = /usr/sbin/PrintServiceAccess remove %p %j security = user guest account = unknown encrypt passwords = yes printing = BSD allow trusted domains = no preferred master = yes lppause command = /usr/sbin/PrintServiceAccess hold %p %j netbios name = officeserver wins support = no add machine script = /usr/bin/opendirectorypdbconfig -c create_computer_account -r %u -n /LDAPv3/127.0.0.1 max smbd processes = 0 printcap = server string = Office Server lpresume command = /usr/sbin/PrintServiceAccess release %p %j logon drive = H: client ntlmv2 auth = no domain logons = yes lpq command = /usr/sbin/PrintServiceAccess jobs %p admin users = @admin passdb backend = opendirectorysam guest dos charset = CP437 unix charset = UTF-8-MAC auth methods = guest opendirectory local master = yes use spnego = no domain master = yes logon path = \\%N\profiles\%u printer admin = @admin, @staff map to guest = Never log level = 2 Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba, nss and openldap
Hello list! I would like to setup up a PDC based on openldap. I am running Debian Testing with Samba 3.0.7-Debian and OpenLDAP 2.1.30-3. But i got stuck with one problem: I cant join a Domain if i haven`t added a unix machine$. If i use: add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u /usr/sbin/smbldap-useradd -w %u then i can join a domain without problems! slapd.conf: suffix dc=IDEALX,dc=ORG rootdn cn=Manager,dc=IDEALX,dc=ORG samba.conf: ; SAMBA-LDAP declarations passdb backend = ldapsam:ldap://127.0.0.1 #ldap filter = ((objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Manager,dc=IDEALX,dc=ORG ldap suffix = dc=IDEALX,dc=ORG ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers Error in log: Nov 30 00:04:45 localhost smbd[955]: [2004/11/30 00:04:45, 0] auth/auth_sam.c:check_sam_security(306) Nov 30 00:04:45 localhost smbd[955]: check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' Nov 30 00:04:45 localhost slapd[709]: bind: invalid dn (cn=Manager,dc=IDEALX,dc=ORG) Nov 30 00:04:46 localhost slapd[709]: bind: invalid dn (cn=Manager,dc=IDEALX,dc=ORG) Nov 30 00:04:46 localhost smbd[956]: [2004/11/30 00:04:46, 0] auth/auth_sam.c:check_sam_security(306) Nov 30 00:04:46 localhost smbd[956]: check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' Nov 30 00:04:46 localhost slapd[715]: bind: invalid dn (cn=Manager,dc=IDEALX,dc=ORG) # /etc/nsswitch.conf passwd: compat ldap group: compat ldap shadow: compat ldap hosts: files dns ldap networks: files ldap protocols: db files services: db files ethers: db files rpc:db files netgroup: nis #/etc/libnss-ldap.conf host 127.0.0.1 base dc=IDEALX,dc=ORG ldap_version 3 bindpw mysecretpwd rootbinddn cn=Manager,dc=IDEALX,dc=ORG pam_password crypt Does anybody know why my samba box does not find or add the machine$ to the openldap data base? Please let me know if you need more infos/configs or logs. Thanks a lot, Mario -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD member ticket verify errors
On Mon, Nov 29, 2004 at 01:26:36PM -0800, John Stile wrote: I installed samba-3.0.9-1 on RedHat-AS3, configured it as a member server, and joined the domain. wbinfo -u and -g work. When I brows to the samba share from Windows XP client, I see the shares, and my home directory is listed, but I am prompted for a password when I try to use the share. No password works. The samba log for the client session shows: 'smbd/sesssetup.c:reply_spnego_kerberose(173) Failed to verify incoming ticket!' Is this a common problem? The system has RedHat rpm's: krb5-libs-1.2.7-28 krb5-workstation-1.2.7-28 krb5-devel-1.2.7-28 You're going to need krb5 1.3 or later for the correct enctype. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD member ticket verify errors
On Mon, 2004-11-29 at 16:48 -0800, Jeremy Allison wrote: On Mon, Nov 29, 2004 at 01:26:36PM -0800, John Stile wrote: I installed samba-3.0.9-1 on RedHat-AS3, configured it as a member server, and joined the domain. wbinfo -u and -g work. When I brows to the samba share from Windows XP client, I see the shares, and my home directory is listed, but I am prompted for a password when I try to use the share. No password works. The samba log for the client session shows: 'smbd/sesssetup.c:reply_spnego_kerberose(173) Failed to verify incoming ticket!' Is this a common problem? The system has RedHat rpm's: krb5-libs-1.2.7-28 krb5-workstation-1.2.7-28 krb5-devel-1.2.7-28 You're going to need krb5 1.3 or later for the correct enctype. Is there an rpm available for RedHat AS? signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Using winbind in PDC
Hi. in my pcd with the following config: [global] workgroup = DOMAIN netbios name = brain server string = Controlador de dominio passdb backend = tdbsam os level = 35 debug level = 10 max log size = 50 log file = /var/log/samba/%m.log # PDC domain logons = Yes preferred master = yes domain master = Yes logon drive = H: logon home = \\%L\%u\.w9xprfl # Usuarios y passwords smb passwd file = /etc/samba/smbpasswd encrypt passwords = yes username map = /etc/samba/smbusers unix password sync = Yes # Programas auxiliares y scripts passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false \ -d /dev/null %u # Note: The following specifies the default logon script. logon script = %G.bat # This sets the default profile path. Set per user paths with pdbedit logon path = \\%L\profiles\mswprfl # Impresi'on printcap name = cups cups options = raw printing = cups load printers = no printer admin = xavier,@root, root, @ntadmin, administrator # Winbind idmap uid = 15000-2 idmap gid = 15000-2 # winbind separator = + #winbind enable local accounts = no #winbind trusted domains only = yes #template primary group = Domain Users # Misc. #admin users = xavier,root, @root #security = user #getwd cache = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 nt status support = yes template shell = /bin/bash wins support = yes #template homedir = /home/winnt/%D/%U ... when I run the following cmds. in this server then a mssg. like this appear: [EMAIL PROTECTED] samba]# net rpc join Password: Joined domain DOMAIN. [EMAIL PROTECTED] samba]# net rpc testjoin Join to 'IBCINC' is OK but when I do: [EMAIL PROTECTED] samba]# wbinfo -t checking the trust secret via RPC calls failed error code was (0x0) Could not check secret WINBINDD is not running, should I run winbind in this server well, when I run winbind then: [EMAIL PROTECTED] samba]# service winbind start Iniciando servicios Winbind: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -t checking the trust secret via RPC calls succeeded OK, but then I do: [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Why? I need to use ntlm_auth in squid, do I need winbindd running in the server??? squid and samba (PDC) are running in the same server. Thank you very much. -- Xavier Callejas - Open your Mind, use Open Source. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Viewing ACL permissions via windows kills smbd (help)
Hello all, I have a Fedora 2 server running as a file server. Security = DOMAIN and using winbindd successfully (so I think). Also the shared partitions are formated using XFS so acls should be good to go. However, whenever I use a windows machine and try to view the ACL permissions on a file/folder, the windows dialog box say Unable to display security information. Then I look at the smbd log file for that windows machine, and it says the following: [2004/11/29 21:44:52, 0] lib/fault.c:fault_report(36) === [2004/11/29 21:44:52, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 3727 (3.0.9) Please read the appendix Bugs of the Samba HOWTO collection [2004/11/29 21:44:52, 0] lib/fault.c:fault_report(39) === [2004/11/29 21:44:52, 0] lib/util.c:smb_panic2(1403) PANIC: internal error [2004/11/29 21:44:52, 0] lib/util.c:smb_panic2(1411) BACKTRACE: 14 stack frames: #0 /usr/sbin/smbd(smb_panic2+0x111) [0x81d8541] #1 /usr/sbin/smbd(smb_panic+0x1a) [0x81d842a] #2 /usr/sbin/smbd [0x81c5f58] #3 /lib/tls/libc.so.6 [0xc06f48] #4 /usr/sbin/smbd(get_nt_acl+0xba9) [0x80cf089] #5 /usr/sbin/smbd [0x809bad4] #6 /usr/sbin/smbd(reply_nttrans+0x9df) [0x809e00f] #7 /usr/sbin/smbd [0x80d1a76] #8 /usr/sbin/smbd [0x80d1d00] #9 /usr/sbin/smbd(process_smb+0x8c) [0x80d1f0c] #10 /usr/sbin/smbd(smbd_process+0x168) [0x80d2c48] #11 /usr/sbin/smbd(main+0x4ea) [0x824c5da] #12 /lib/tls/libc.so.6(__libc_start_main+0xe4) [0xbf4ad4] #13 /usr/sbin/smbd [0x80788e1] Below is my smb.conf file [global] workgroup = MWTP server string = File Server security = DOMAIN password server = 192.168.1.7 username map = /etc/samba/smbusers log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = No local master = No domain master = No enhanced browsing = No dns proxy = No wins server = 192.168.1.7 ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 template homedir = /home/%U template shell = /bin/bash admin users = MWTP\mlee, jsimon, administrator, mwtp\administrator map acl inherit = Yes Below is my /etc/fstab file: LABEL=/ / ext3defaults1 1 LABEL=/boot /boot ext3defaults1 2 none/dev/ptsdevpts gid=5,mode=620 0 0 none/dev/shmtmpfs defaults0 0 LABEL=/home /home xfs defaults1 2 none/proc procdefaults0 0 none/syssysfs defaults0 0 /dev/sda3 swapswapdefaults0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0/mnt/floppy autonoauto,owner,kudzu 0 0 /dev/sdb1 /mnt/usb-backup xfs defaults1 2 I suspect the error messages are why I can't view the ACLs. However, a couple of days prior, everything worked fine. I am so close to moving my entire office to a ldap+samba backend, but I would like to get things like these worked out first. Any thoughts? Thanks so much in advance. Mike Lee-- Director - The NewMedia Group [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] profiles and home directories
Howdy All, I have read with interest the problems that some people have with profiles and XP ( service pack 2 included ) in getting them to work. I, however, have not had any such trauma's ( thank goodness) and the smb.conf file listed below works a treat. The problem I have is people using profiles over several vpn connections ( just to slow ). So now I am in the situation of wanting to turn off profiles. Ha Ha I hear people say, thats simple, just set logon home = and logon path = and leave them blank and bingo no profiles. Absolutely correct. There is however one small problem. When I do this I also lose the users home directories.:( I have read the appropriate section in the HOW-TO book and it says that using [homes] section in the conf file with facilitate the use of net use h: /home in the logon script. Alas no. I have either stuffed something else up or samba is not playing the game according to the book of words ( many thanks to John Terpstra and his efforts). I fear its the former. Basically I need to be able to run only local profiles ( yes I know there are registry hacks to do this, but server level commands are so much neater ) but still have the users run login scripts . I have listed below my smb.conf file ( the one that works with profiles ) and also my very simple logon.bat file ( which also runs well ) for any gurus out there who may be able to help. If I set the logon home = and logon path = then the logon.bat file works for all of the mappings except the home directory mapping.!!! It has to be simple but I just cant see it. Any and all help appreciated Greg Andrews ps testparm says everything is OK and there is an I cant find the path error when the logon script is run for the home directories. [global] log file = /var/log/samba/log.%m load printers = no name resolve order = wins bcast lmhosts host admin users = @admingrp socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 obey pam restrictions = Yes lm announce = True domain master = True username map = /etc/samba/user.map encrypt passwords = yes passwd program = /usr/bin/passwd %u wins support = true time server = Yes dns proxy = No netbios name = SAMBASERVER server string = sambaserver logon script = logon.bat unix password sync = yes workgroup = PINARC os level = 255 security = user preferred master = yes max log size = 50 domain logons = yes logon drive = h: logon home =\\%N\%U logon path = \\%L\profiles\%u\%m add user script = /usr/sbin/useradd -d /dev/null -g 400 -s /bin/false -M /%u [profiles] comment = Profiles Directory path = /SYS/profiles read only = No create mask = 0775 directory mask = 0775 profile acls = Yes [netlogon] comment = For Administration Use path = /etc/samba/netlogon valid users = %U write list = @admingrp read only = no create mask = 0644 [homes] comment = %U home directory path = /SYS/home/%U valid users = %S read only = No create mask = 0600 directory mask = 0700 browseable = No locking = no [open] comment = Pinarc Readable Share path = /SYS/world/open read only = No create mask = 0664 directory mask = 0775 valid users = @ebody echo Mapping Home directories net use h: /home net use o: \\SAMBASERVER\open net use l: \\SAMBASERVER\lukeman net use i: \\SAMBASERVER\inter net use m: \\SAMBASERVER\mad -- Greg Andrews System Manager RGTechnologies Pty Ltd 606 Skipton Street Ballarat 3350 613 53363603 0417 511 731 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] query in samba client caching password
Hi I have a samba server in my network, Few of my users connected through a common username called common. I have enabled the option Remember my password in Windows. If the user want to reconnect using his name the password information is never lost. I tried disconnecting the drive information as well. Where are those passwords stored and how do I clear them. Thanks. -- Venkat +65 9855 1209 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help!!!
Hi When I share a linux directory with samba and map this share in windows, it get a volume serial number like it is a partition. Is anyone know how to change this volume serial number for etch share? Thank Oren -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Viewing ACL permissions via windows kills smbd (help)
On Mon, Nov 29, 2004 at 07:56:58PM -0700, Mike Lee wrote: Hello all, I have a Fedora 2 server running as a file server. Security = DOMAIN and using winbindd successfully (so I think). Also the shared partitions are formated using XFS so acls should be good to go. However, whenever I use a windows machine and try to view the ACL permissions on a file/folder, the windows dialog box say Unable to display security information. Then I look at the smbd log file for that windows machine, and it says the following: Can you compile with -g and get a full stack backtrace ? Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT4 replacement + NT4 BDC
Hi all, I've got a customer who has 2 x NT4 servers. They already have quite a few Samba 2 and Samba 3 servers acting in Domain/Winbind role using authentication of the NT4 PDC. I want to replace the PDC with a Samba 3 server and get rid of the aging NT4 PDC. Problem is that there are few (financial) legacy applications that must be run on a Microsoft platform (namely on the BDC server). Should I keep the BDC server and promote it to a PDC, then having all the Samba servers point to it for authentication? Or should I create a new domain with Samba as the master and make the BDC a member of this new domain? Either way it's a migration process, any ideas, suggestions? -- Regards, JB Hewitt Business: http://www.stcpl.com.au Blog: http://blade.lansmash.com Best LAN ever: http://www.lansmash.com How to ask a ?: http://www.catb.org/~esr/faqs/smart-questions.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
svn commit: samba r3999 - in branches/SAMBA_4_0/source: librpc/idl rpc_server/drsuapi
Author: metze Date: 2004-11-29 11:13:56 + (Mon, 29 Nov 2004) New Revision: 3999 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3999 Log: - reply with the same DsBindInfo blob as w2k3 in the server function - add idl for drsuapi_DsReplicaSync() not yet complete - just return WERR_OK for the drsuapi_DsReplicaSync() server function metze Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl === --- branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl2004-11-29 11:08:15 UTC (rev 3998) +++ branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl2004-11-29 11:13:56 UTC (rev 3999) @@ -20,6 +20,18 @@ /* this is a magic guid you need to pass to DsBind to make drsuapi_DsWriteAccountSpn() work */ const string DRSUAPI_DS_BIND_GUID = e24d201a-4fd6-11d1-a3da-f875ae0d; + /* this are the bind info blobs returned (seemed to be const): + w2k37ffbff1f81a6ff5d80139441a372e9b779d70268f801 + w2k 7ffb1f00cb7fb9102391c143bda81fc90e0ff452f400 + */ + const uint8 DRSUAPI_DS_BIND_INFO_RESPONSE_W2K3[] = { 0x7f,0xfb,0xff,0x1f,0x81,0xa6,0xff,0x5d, + 0x80,0x13,0x94,0x41,0xa3,0x72,0xe9,0xb7, + 0x79,0xd7,0x02,0x68,0xf8,0x01,0x00,0x00, + 0x00,0x00,0x00,0x00}; + const uint8 DRSUAPI_DS_BIND_INFO_RESPONSE_W2K[] = { 0x7f,0xfb,0x1f,0x00,0xcb,0x7f,0xb9,0x10, + 0x23,0x91,0xc1,0x43,0xbd,0xa8,0x1f,0xc9, + 0x0e,0x0f,0xf4,0x52,0xf4,0x00,0x00,0x00}; + WERROR drsuapi_DsBind( [in]GUID *bind_guid, [in,out]drsuapi_DsBindInfo *bind_info, @@ -33,9 +45,32 @@ ); /*/ -/* Function 0x02 */ - WERROR DRSUAPI_REPLICA_SYNC(); + /* Function 0x02 */ + typedef struct { + uint32 unknown1; + uint32 unknown2; + GUID guid1; + [size_is(28)] uint8 unknown3[28]; + [flag(STR_LEN4|STR_CHARLEN)] string nc_dn; + } drsuapi_DsReplicaSyncRequest1Info; + typedef struct { + drsuapi_DsReplicaSyncRequest1Info *info; + GUID guid1; + asclstr string1; + uint32 unknown1; + } drsuapi_DsReplicaSyncRequest1; + + typedef union { + [case(1)] drsuapi_DsReplicaSyncRequest1 req1; + } drsuapi_DsReplicaSyncRequest; + + WERROR drsuapi_DsReplicaSync( + [in,ref] policy_handle *bind_handle, + [in] uint32 level, + [in,switch_is(level)] drsuapi_DsReplicaSyncRequest req + ); + /*/ /* Function 0x03 */ WERROR DRSUAPI_GET_NC_CHANGES(); Modified: branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c === --- branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2004-11-29 11:08:15 UTC (rev 3998) +++ branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2004-11-29 11:13:56 UTC (rev 3999) @@ -42,6 +42,8 @@ { struct drsuapi_bind_state *b_state; struct dcesrv_handle *handle; + struct drsuapi_DsBindInfo *bind_info; + const uint8_t bind_info_data[] = DRSUAPI_DS_BIND_INFO_RESPONSE_W2K3; r-out.bind_info = NULL; ZERO_STRUCTP(r-out.bind_handle); @@ -64,6 +66,14 @@ handle-data = b_state; handle-destroy = drsuapi_handle_destroy; + bind_info = talloc_p(mem_ctx, struct drsuapi_DsBindInfo); + WERR_TALLOC_CHECK(bind_info); + + bind_info-length = sizeof(bind_info_data); + bind_info-data = talloc_memdup(mem_ctx, bind_info_data, sizeof(bind_info_data)); + WERR_TALLOC_CHECK(bind_info-data); + + r-out.bind_info = bind_info; *r-out.bind_handle = handle-wire_handle; return WERR_OK; @@ -94,12 +104,15 @@ /* - DRSUAPI_REPLICA_SYNC + drsuapi_DsReplicaSync */ -static WERROR DRSUAPI_REPLICA_SYNC(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct DRSUAPI_REPLICA_SYNC *r) +static WERROR drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsReplicaSync *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + /* TODO: implment this call correct! +* for now we just say yes +*/ + return WERR_OK; }
svn commit: samba r4000 - in branches/SAMBA_4_0/source: auth ldap_server libcli/auth rpc_server torture/local
Author: metze Date: 2004-11-29 12:01:46 + (Mon, 29 Nov 2004) New Revision: 4000 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4000 Log: DATA_BLOB.data is uint8_t * not void * :-) (thanks abartlet for telling me) metze Modified: branches/SAMBA_4_0/source/auth/auth_winbind.c branches/SAMBA_4_0/source/ldap_server/ldap_rootdse.c branches/SAMBA_4_0/source/libcli/auth/ntlmssp_parse.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c branches/SAMBA_4_0/source/torture/local/messaging.c Changeset: Modified: branches/SAMBA_4_0/source/auth/auth_winbind.c === --- branches/SAMBA_4_0/source/auth/auth_winbind.c 2004-11-29 11:13:56 UTC (rev 3999) +++ branches/SAMBA_4_0/source/auth/auth_winbind.c 2004-11-29 12:01:46 UTC (rev 4000) @@ -35,7 +35,7 @@ NTSTATUS status; DATA_BLOB blob; blob.length = len - 4; - blob.data = (void *)(((char *)response-extra_data) + 4); + blob.data = (uint8_t *)(((char *)response-extra_data) + 4); status = ndr_pull_struct_blob(blob, mem_ctx, info3, (ndr_pull_flags_fn_t)ndr_pull_netr_SamInfo3); Modified: branches/SAMBA_4_0/source/ldap_server/ldap_rootdse.c === --- branches/SAMBA_4_0/source/ldap_server/ldap_rootdse.c2004-11-29 11:13:56 UTC (rev 3999) +++ branches/SAMBA_4_0/source/ldap_server/ldap_rootdse.c2004-11-29 12:01:46 UTC (rev 4000) @@ -134,7 +134,7 @@ DATA_BLOB *currentTime = talloc_array_p(mem_ctx, DATA_BLOB, num_currentTime); char *str = ldap_timestring(mem_ctx, time(NULL)); ALLOC_CHECK(str); - currentTime[0].data = (void *)str; + currentTime[0].data = (uint8_t *)str; currentTime[0].length = strlen(str); ATTR_SINGLE_NOVAL(mem_ctx, attrs, currentTime, num_currentTime, currentTime); return NT_STATUS_OK; Modified: branches/SAMBA_4_0/source/libcli/auth/ntlmssp_parse.c === --- branches/SAMBA_4_0/source/libcli/auth/ntlmssp_parse.c 2004-11-29 11:13:56 UTC (rev 3999) +++ branches/SAMBA_4_0/source/libcli/auth/ntlmssp_parse.c 2004-11-29 12:01:46 UTC (rev 4000) @@ -115,7 +115,7 @@ break; case 'C': s = va_arg(ap, char *); - pointers[i].data = (void *)s; + pointers[i].data = (uint8_t *)s; pointers[i].length = strlen(s)+1; head_size += pointers[i].length; break; Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c === --- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c2004-11-29 11:13:56 UTC (rev 3999) +++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c2004-11-29 12:01:46 UTC (rev 4000) @@ -243,7 +243,7 @@ DATA_BLOB *session_key) { /* this took quite a few CPU cycles to find ... */ - session_key-data = discard_const_p(void, SystemLibraryDTC); + session_key-data = discard_const_p(uint8_t, SystemLibraryDTC); session_key-length = 16; return NT_STATUS_OK; } Modified: branches/SAMBA_4_0/source/torture/local/messaging.c === --- branches/SAMBA_4_0/source/torture/local/messaging.c 2004-11-29 11:13:56 UTC (rev 3999) +++ branches/SAMBA_4_0/source/torture/local/messaging.c 2004-11-29 12:01:46 UTC (rev 4000) @@ -91,7 +91,7 @@ DATA_BLOB data; NTSTATUS status1, status2; - data.data = discard_const_p(void, testing); + data.data = discard_const_p(uint8_t, testing); data.length = strlen((const char *)data.data); status1 = messaging_send(msg_ctx, 1, MY_PING, data);
svn commit: samba r4001 - in branches/SAMBA_4_0/source: libcli/auth librpc/rpc
Author: metze Date: 2004-11-29 14:46:17 + (Mon, 29 Nov 2004) New Revision: 4001 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4001 Log: fix segfault fix auth failed metze Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.c === --- branches/SAMBA_4_0/source/libcli/auth/gensec.c 2004-11-29 12:01:46 UTC (rev 4000) +++ branches/SAMBA_4_0/source/libcli/auth/gensec.c 2004-11-29 14:46:17 UTC (rev 4001) @@ -443,6 +443,9 @@ void gensec_end(struct gensec_security **gensec_security) { + if (!*gensec_security) { + return; + } if ((*gensec_security)-ops) { (*gensec_security)-ops-end(*gensec_security); } Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c 2004-11-29 12:01:46 UTC (rev 4000) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c 2004-11-29 14:46:17 UTC (rev 4001) @@ -113,6 +113,7 @@ talloc_destroy(mem_ctx); if (!NT_STATUS_IS_OK(status)) { + gensec_end(p-security_state.generic_state); ZERO_STRUCT(p-security_state); } else { /* Authenticated connections use the generic session key */
svn commit: samba r4002 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: metze Date: 2004-11-29 14:59:33 + (Mon, 29 Nov 2004) New Revision: 4002 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4002 Log: NT 4.0 sp6a can't do schannel 128 metze Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c === --- branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-29 14:46:17 UTC (rev 4001) +++ branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-29 14:59:33 UTC (rev 4002) @@ -1281,7 +1281,7 @@ } b.flags = ~DCERPC_AUTH_OPTIONS; - b.flags |= DCERPC_SCHANNEL_BDC | DCERPC_SIGN | DCERPC_SCHANNEL_128; + b.flags |= DCERPC_SCHANNEL_BDC | DCERPC_SIGN; status = dcerpc_pipe_connect_b(samsync_state-p, b, DCERPC_NETLOGON_UUID, @@ -1310,7 +1310,7 @@ } b_netlogon_wksta.flags = ~DCERPC_AUTH_OPTIONS; - b_netlogon_wksta.flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN | DCERPC_SCHANNEL_128; + b_netlogon_wksta.flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN; status = dcerpc_pipe_connect_b(samsync_state-p_netlogon_wksta, b_netlogon_wksta, DCERPC_NETLOGON_UUID,
svn commit: samba r4003 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: metze Date: 2004-11-29 17:51:13 + (Mon, 29 Nov 2004) New Revision: 4003 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4003 Log: run successful against a nt4 sp6 pdc with one nt4 sp6 trust and a w2k3 trust metze Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/torture/rpc/samsync.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-29 14:59:33 UTC (rev 4002) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-11-29 17:51:13 UTC (rev 4003) @@ -429,7 +429,7 @@ } lsa_TrustDomInfoEnum; typedef struct { - lsa_String domain_name; + lsa_String netbios_name; } lsa_TrustDomainInfoName; typedef struct { @@ -442,13 +442,13 @@ } lsa_TrustDomainInfoPassword; typedef struct { - lsa_String domain_name; + lsa_String netbios_name; dom_sid2*sid; } lsa_TrustDomainInfo5; typedef struct { - lsa_String name; - lsa_String name2; + lsa_String domain_name; + lsa_String netbios_name; dom_sid2*sid; uint32 unknown1; uint32 unknown2; Modified: branches/SAMBA_4_0/source/torture/rpc/samsync.c === --- branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-29 14:59:33 UTC (rev 4002) +++ branches/SAMBA_4_0/source/torture/rpc/samsync.c 2004-11-29 17:51:13 UTC (rev 4003) @@ -555,8 +555,14 @@ } else if (NT_STATUS_IS_OK(nt_status)) { TEST_INT_EQUAL(user-rid, info3-base.rid); TEST_INT_EQUAL(user-primary_gid, info3-base.primary_gid); - TEST_INT_EQUAL(user-acct_flags, info3-base.acct_flags); - TEST_STRING_EQUAL(user-account_name, info3-base.account_name); + /* this is 0x0 from NT4 sp6 */ + if (info3-base.acct_flags) { + TEST_INT_EQUAL(user-acct_flags, info3-base.acct_flags); + } + /* this is NULL from NT4 sp6 */ + if (info3-base.account_name.string) { + TEST_STRING_EQUAL(user-account_name, info3-base.account_name); + } TEST_STRING_EQUAL(user-full_name, info3-base.full_name); TEST_STRING_EQUAL(user-logon_script, info3-base.logon_script); TEST_STRING_EQUAL(user-profile_path, info3-base.profile_path); @@ -574,8 +580,9 @@ * doco I read -- abartlet) */ /* This copes with the two different versions of 0 I see */ + /* with NT4 sp6 we have the || case */ if (!((user-last_logoff == 0) - (info3-base.last_logoff == 0x7fffLL))) { + || (info3-base.last_logoff == 0x7fffLL))) { TEST_TIME_EQUAL(user-last_logoff, info3-base.last_logoff); } return ret; @@ -813,6 +820,10 @@ q.in.level = levels[i]; status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state-p_lsa, mem_ctx, q); if (!NT_STATUS_IS_OK(status)) { + if (q.in.level == 8 NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) { + info[levels[i]] = NULL; + continue; + } printf(QueryInfoTrustedDomain level %d failed - %s\n, levels[i], nt_errstr(status)); return False; @@ -820,9 +831,11 @@ info[levels[i]] = q.out.info; } - TEST_SID_EQUAL(info[8]-full_info.info_ex.sid, dom_sid); - TEST_STRING_EQUAL(info[8]-full_info.info_ex.name, trusted_domain-domain_name); - TEST_STRING_EQUAL(info[1]-name.domain_name, trusted_domain-domain_name); + if (info[8]) { + TEST_SID_EQUAL(info[8]-full_info.info_ex.sid, dom_sid); + TEST_STRING_EQUAL(info[8]-full_info.info_ex.netbios_name, trusted_domain-domain_name); + } + TEST_STRING_EQUAL(info[1]-name.netbios_name, trusted_domain-domain_name); TEST_INT_EQUAL(info[3]-flags.flags, trusted_domain-flags); TEST_SEC_DESC_EQUAL(trusted_domain-sdbuf, lsa, trustdom_handle);
svn commit: samba-web r443 - in trunk: .
Author: deryck Date: 2004-11-29 18:16:49 + (Mon, 29 Nov 2004) New Revision: 443 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=443 Log: Marking CVS source as historical to prevent confusion. (Thanks, Vance, for the great suggestion.) --deryck Modified: trunk/header2.html Changeset: Modified: trunk/header2.html === --- trunk/header2.html 2004-11-28 22:31:38 UTC (rev 442) +++ trunk/header2.html 2004-11-29 18:16:49 UTC (rev 443) @@ -115,7 +115,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul
svn commit: samba-web r444 - in trunk: GUI devel docs download team vendors
Author: deryck Date: 2004-11-29 18:39:22 + (Mon, 29 Nov 2004) New Revision: 444 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=444 Log: Marking CVS Source historical on all headers. --deryck Modified: trunk/GUI/header_gui.html trunk/devel/header_devel.html trunk/docs/header_docs.html trunk/download/header_download.html trunk/team/header_team.html trunk/vendors/header_vendors.html Changeset: Modified: trunk/GUI/header_gui.html === --- trunk/GUI/header_gui.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/GUI/header_gui.html 2004-11-29 18:39:22 UTC (rev 444) @@ -113,7 +113,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul Modified: trunk/devel/header_devel.html === --- trunk/devel/header_devel.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/devel/header_devel.html 2004-11-29 18:39:22 UTC (rev 444) @@ -112,7 +112,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul Modified: trunk/docs/header_docs.html === --- trunk/docs/header_docs.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/docs/header_docs.html 2004-11-29 18:39:22 UTC (rev 444) @@ -113,7 +113,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul Modified: trunk/download/header_download.html === --- trunk/download/header_download.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/download/header_download.html 2004-11-29 18:39:22 UTC (rev 444) @@ -115,7 +115,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org/;Bug Reports/a/li /ul Modified: trunk/team/header_team.html === --- trunk/team/header_team.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/team/header_team.html 2004-11-29 18:39:22 UTC (rev 444) @@ -113,7 +113,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul Modified: trunk/vendors/header_vendors.html === --- trunk/vendors/header_vendors.html 2004-11-29 18:16:49 UTC (rev 443) +++ trunk/vendors/header_vendors.html 2004-11-29 18:39:22 UTC (rev 444) @@ -113,7 +113,7 @@ ul lia href=/samba/devel/Devel Overview/a/li lia href=http://websvn.samba.org;SVN Source/a/li - lia href=http://cvs.samba.org/cgi-bin/cvsweb/;CVS Source/a/li + lia href=http://cvs.samba.org/cgi-bin/cvsweb/;Historical CVS Source/a/li lia href=http://build.samba.org/;Build Farm/a/li lia href=https://bugzilla.samba.org;Bug Reports/a/li /ul
svn commit: samba r4004 - in trunk/source: libsmb rpc_parse
Author: jra Date: 2004-11-29 19:28:04 + (Mon, 29 Nov 2004) New Revision: 4004 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4004 Log: Fix for bug #2071 reported by Jason Mader [EMAIL PROTECTED]. Use correct enum type for comparisons. Jeremy. Modified: trunk/source/libsmb/samlogon_cache.c trunk/source/rpc_parse/parse_misc.c Changeset: Modified: trunk/source/libsmb/samlogon_cache.c === --- trunk/source/libsmb/samlogon_cache.c2004-11-29 17:51:13 UTC (rev 4003) +++ trunk/source/libsmb/samlogon_cache.c2004-11-29 19:28:04 UTC (rev 4004) @@ -136,7 +136,7 @@ /* so we fill it in since winbindd_getpwnam() makes use of it */ if ( !user-uni_user_name.buffer ) { - init_unistr2( user-uni_user_name, username, STR_TERMINATE ); + init_unistr2( user-uni_user_name, username, UNI_STR_TERMINATE ); init_uni_hdr( user-hdr_user_name, user-uni_user_name ); } Modified: trunk/source/rpc_parse/parse_misc.c === --- trunk/source/rpc_parse/parse_misc.c 2004-11-29 17:51:13 UTC (rev 4003) +++ trunk/source/rpc_parse/parse_misc.c 2004-11-29 19:28:04 UTC (rev 4004) @@ -934,7 +934,7 @@ if (buf) { rpcstr_push((char *)str-buffer, buf, len, STR_TERMINATE); num_chars = strlen_w(str-buffer); - if (flags == STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) { + if (flags == UNI_STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) { num_chars++; } }
svn commit: samba r4005 - in branches/SAMBA_3_0/source: libsmb rpc_parse
Author: jra Date: 2004-11-29 19:28:12 + (Mon, 29 Nov 2004) New Revision: 4005 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4005 Log: Fix for bug #2071 reported by Jason Mader [EMAIL PROTECTED]. Use correct enum type for comparisons. Jeremy. Modified: branches/SAMBA_3_0/source/libsmb/samlogon_cache.c branches/SAMBA_3_0/source/rpc_parse/parse_misc.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/samlogon_cache.c === --- branches/SAMBA_3_0/source/libsmb/samlogon_cache.c 2004-11-29 19:28:04 UTC (rev 4004) +++ branches/SAMBA_3_0/source/libsmb/samlogon_cache.c 2004-11-29 19:28:12 UTC (rev 4005) @@ -136,7 +136,7 @@ /* so we fill it in since winbindd_getpwnam() makes use of it */ if ( !user-uni_user_name.buffer ) { - init_unistr2( user-uni_user_name, username, STR_TERMINATE ); + init_unistr2( user-uni_user_name, username, UNI_STR_TERMINATE ); init_uni_hdr( user-hdr_user_name, user-uni_user_name ); } Modified: branches/SAMBA_3_0/source/rpc_parse/parse_misc.c === --- branches/SAMBA_3_0/source/rpc_parse/parse_misc.c2004-11-29 19:28:04 UTC (rev 4004) +++ branches/SAMBA_3_0/source/rpc_parse/parse_misc.c2004-11-29 19:28:12 UTC (rev 4005) @@ -934,7 +934,7 @@ if (buf) { rpcstr_push((char *)str-buffer, buf, len, STR_TERMINATE); num_chars = strlen_w(str-buffer); - if (flags == STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) { + if (flags == UNI_STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) { num_chars++; } }
svn commit: linux-cifs-client r14 - in branches/linux-2.6bk/fs/cifs: .
Author: sfrench Date: 2004-11-29 22:52:05 + (Mon, 29 Nov 2004) New Revision: 14 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=linux-cifs-clientrev=14 Log: Merge svn with 2.6 bk tree Modified: branches/linux-2.6bk/fs/cifs/CHANGES branches/linux-2.6bk/fs/cifs/cifs.mod.c branches/linux-2.6bk/fs/cifs/cifs_debug.c branches/linux-2.6bk/fs/cifs/cifsfs.c branches/linux-2.6bk/fs/cifs/cifsglob.h branches/linux-2.6bk/fs/cifs/cifspdu.h branches/linux-2.6bk/fs/cifs/cifsproto.h branches/linux-2.6bk/fs/cifs/cifssmb.c branches/linux-2.6bk/fs/cifs/connect.c branches/linux-2.6bk/fs/cifs/dir.c branches/linux-2.6bk/fs/cifs/file.c branches/linux-2.6bk/fs/cifs/netmisc.c branches/linux-2.6bk/fs/cifs/smberr.h branches/linux-2.6bk/fs/cifs/xattr.c Changeset: Sorry, the patch is too large (1018 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=linux-cifs-clientrev=14
svn commit: samba r4007 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2004-11-30 00:22:04 + (Tue, 30 Nov 2004) New Revision: 4007 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4007 Log: Fix bug #2088 - ensure inherit permissions is only applied on a new file, not an existing one. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/dosmode.c branches/SAMBA_3_0/source/smbd/fileio.c branches/SAMBA_3_0/source/smbd/nttrans.c branches/SAMBA_3_0/source/smbd/open.c branches/SAMBA_3_0/source/smbd/posix_acls.c branches/SAMBA_3_0/source/smbd/reply.c branches/SAMBA_3_0/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/dosmode.c === --- branches/SAMBA_3_0/source/smbd/dosmode.c2004-11-30 00:22:02 UTC (rev 4006) +++ branches/SAMBA_3_0/source/smbd/dosmode.c2004-11-30 00:22:04 UTC (rev 4007) @@ -23,7 +23,7 @@ / Change a dos mode to a unix mode. Base permission for files: - if inheriting + if creating file and inheriting apply read/write bits from parent directory. else everybody gets read bit set @@ -43,7 +43,7 @@ } / -mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname) +mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname, BOOL creating_file) { mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH); mode_t dir_mode = 0; /* Mode of the parent directory if inheriting. */ @@ -52,7 +52,7 @@ result = ~(S_IWUSR | S_IWGRP | S_IWOTH); } - if (fname lp_inherit_perms(SNUM(conn))) { + if (fname creating_file lp_inherit_perms(SNUM(conn))) { char *dname; SMB_STRUCT_STAT sbuf; @@ -329,7 +329,7 @@ chmod a file - but preserve some bits. / -int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st) +int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st, BOOL creating_file) { SMB_STRUCT_STAT st1; int mask=0; @@ -338,7 +338,7 @@ int ret = -1; DEBUG(10,(file_set_dosmode: setting dos mode 0x%x on file %s\n, dosmode, fname)); - if (!st) { + if (!st || (st !VALID_STAT(*st))) { st = st1; if (SMB_VFS_STAT(conn,fname,st)) return(-1); @@ -359,7 +359,7 @@ return 0; } - unixmode = unix_mode(conn,dosmode,fname); + unixmode = unix_mode(conn,dosmode,fname, creating_file); /* preserve the s bits */ mask |= (S_ISUID | S_ISGID); Modified: branches/SAMBA_3_0/source/smbd/fileio.c === --- branches/SAMBA_3_0/source/smbd/fileio.c 2004-11-30 00:22:02 UTC (rev 4006) +++ branches/SAMBA_3_0/source/smbd/fileio.c 2004-11-30 00:22:04 UTC (rev 4007) @@ -191,7 +191,7 @@ int dosmode = dos_mode(fsp-conn,fsp-fsp_name,st); fsp-size = (SMB_BIG_UINT)st.st_size; if ((lp_store_dos_attributes(SNUM(fsp-conn)) || MAP_ARCHIVE(fsp-conn)) !IS_DOS_ARCHIVE(dosmode)) { - file_set_dosmode(fsp-conn,fsp-fsp_name,dosmode | aARCH,st); + file_set_dosmode(fsp-conn,fsp-fsp_name,dosmode | aARCH,st, False); } /* Modified: branches/SAMBA_3_0/source/smbd/nttrans.c === --- branches/SAMBA_3_0/source/smbd/nttrans.c2004-11-30 00:22:02 UTC (rev 4006) +++ branches/SAMBA_3_0/source/smbd/nttrans.c2004-11-30 00:22:04 UTC (rev 4007) @@ -1661,7 +1661,7 @@ /* Grrr. We have to do this as open_file_shared1 adds aARCH when it creates the file. This isn't the correct thing to do in the copy case. JRA */ - file_set_dosmode(conn, newname, fmode, sbuf2); + file_set_dosmode(conn, newname, fmode, sbuf2, True); if (ret (SMB_OFF_T)sbuf1.st_size) { return NT_STATUS_DISK_FULL; Modified: branches/SAMBA_3_0/source/smbd/open.c === --- branches/SAMBA_3_0/source/smbd/open.c 2004-11-30 00:22:02 UTC (rev 4006) +++ branches/SAMBA_3_0/source/smbd/open.c 2004-11-30 00:22:04 UTC (rev 4007) @@ -979,7 +979,7 @@ struct pending_message_list *pml = NULL; uint16 mid = get_current_mid(); /* We add aARCH to this as this mode is only used if the file is created new. */ - mode_t mode = unix_mode(conn,new_dos_mode | aARCH,fname); + mode_t mode =
svn commit: samba r4006 - in trunk/source/smbd: .
Author: jra Date: 2004-11-30 00:22:02 + (Tue, 30 Nov 2004) New Revision: 4006 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4006 Log: Fix bug #2088 - ensure inherit permissions is only applied on a new file, not an existing one. Jeremy. Modified: trunk/source/smbd/dosmode.c trunk/source/smbd/fileio.c trunk/source/smbd/nttrans.c trunk/source/smbd/open.c trunk/source/smbd/posix_acls.c trunk/source/smbd/reply.c trunk/source/smbd/trans2.c Changeset: Modified: trunk/source/smbd/dosmode.c === --- trunk/source/smbd/dosmode.c 2004-11-29 19:28:12 UTC (rev 4005) +++ trunk/source/smbd/dosmode.c 2004-11-30 00:22:02 UTC (rev 4006) @@ -23,7 +23,7 @@ / Change a dos mode to a unix mode. Base permission for files: - if inheriting + if creating file and inheriting apply read/write bits from parent directory. else everybody gets read bit set @@ -43,7 +43,7 @@ } / -mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname) +mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname, BOOL creating_file) { mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH); mode_t dir_mode = 0; /* Mode of the parent directory if inheriting. */ @@ -52,7 +52,7 @@ result = ~(S_IWUSR | S_IWGRP | S_IWOTH); } - if (fname lp_inherit_perms(SNUM(conn))) { + if (fname creating_file lp_inherit_perms(SNUM(conn))) { char *dname; SMB_STRUCT_STAT sbuf; @@ -329,7 +329,7 @@ chmod a file - but preserve some bits. / -int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st) +int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st, BOOL creating_file) { SMB_STRUCT_STAT st1; int mask=0; @@ -338,7 +338,7 @@ int ret = -1; DEBUG(10,(file_set_dosmode: setting dos mode 0x%x on file %s\n, dosmode, fname)); - if (!st) { + if (!st || (st !VALID_STAT(*st))) { st = st1; if (SMB_VFS_STAT(conn,fname,st)) return(-1); @@ -359,7 +359,7 @@ return 0; } - unixmode = unix_mode(conn,dosmode,fname); + unixmode = unix_mode(conn,dosmode,fname, creating_file); /* preserve the s bits */ mask |= (S_ISUID | S_ISGID); Modified: trunk/source/smbd/fileio.c === --- trunk/source/smbd/fileio.c 2004-11-29 19:28:12 UTC (rev 4005) +++ trunk/source/smbd/fileio.c 2004-11-30 00:22:02 UTC (rev 4006) @@ -191,7 +191,7 @@ int dosmode = dos_mode(fsp-conn,fsp-fsp_name,st); fsp-size = (SMB_BIG_UINT)st.st_size; if ((lp_store_dos_attributes(SNUM(fsp-conn)) || MAP_ARCHIVE(fsp-conn)) !IS_DOS_ARCHIVE(dosmode)) { - file_set_dosmode(fsp-conn,fsp-fsp_name,dosmode | aARCH,st); + file_set_dosmode(fsp-conn,fsp-fsp_name,dosmode | aARCH,st, False); } /* Modified: trunk/source/smbd/nttrans.c === --- trunk/source/smbd/nttrans.c 2004-11-29 19:28:12 UTC (rev 4005) +++ trunk/source/smbd/nttrans.c 2004-11-30 00:22:02 UTC (rev 4006) @@ -1662,7 +1662,7 @@ /* Grrr. We have to do this as open_file_shared1 adds aARCH when it creates the file. This isn't the correct thing to do in the copy case. JRA */ - file_set_dosmode(conn, newname, fmode, sbuf2); + file_set_dosmode(conn, newname, fmode, sbuf2, True); if (ret (SMB_OFF_T)sbuf1.st_size) { return NT_STATUS_DISK_FULL; Modified: trunk/source/smbd/open.c === --- trunk/source/smbd/open.c2004-11-29 19:28:12 UTC (rev 4005) +++ trunk/source/smbd/open.c2004-11-30 00:22:02 UTC (rev 4006) @@ -979,7 +979,7 @@ struct pending_message_list *pml = NULL; uint16 mid = get_current_mid(); /* We add aARCH to this as this mode is only used if the file is created new. */ - mode_t mode = unix_mode(conn,new_dos_mode | aARCH,fname); + mode_t mode = unix_mode(conn,new_dos_mode | aARCH,fname, True); if (oplock_request == INTERNAL_OPEN_ONLY) { internal_only_open = True; @@ -1440,7 +1440,7 @@ if (action == FILE_WAS_OVERWRITTEN || action == FILE_WAS_CREATED) { /* Files should be
svn commit: samba r4008 - in trunk/source/lib: .
Author: jra Date: 2004-11-30 01:01:43 + (Tue, 30 Nov 2004) New Revision: 4008 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4008 Log: Fix from Timur Bakeyev [EMAIL PROTECTED] for bugid #2100, change the way we check for errors after a dlopen (which may set internal warnings which get picked up by mistake in dlsym). Jeremy Modified: trunk/source/lib/module.c Changeset: Modified: trunk/source/lib/module.c === --- trunk/source/lib/module.c 2004-11-30 00:22:04 UTC (rev 4007) +++ trunk/source/lib/module.c 2004-11-30 01:01:43 UTC (rev 4008) @@ -40,9 +40,12 @@ */ handle = sys_dlopen(module_name, RTLD_LAZY); + /* This call should reset any possible non-fatal errors that + occured since last call to dl* functions */ + error = sys_dlerror(); + if(!handle) { int level = is_probe ? 3 : 0; - error = sys_dlerror(); DEBUG(level, (Error loading module '%s': %s\n, module_name, error ? error : )); return NT_STATUS_UNSUCCESSFUL; }
svn commit: samba r4009 - in branches/SAMBA_3_0/source/lib: .
Author: jra Date: 2004-11-30 01:01:43 + (Tue, 30 Nov 2004) New Revision: 4009 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4009 Log: Fix from Timur Bakeyev [EMAIL PROTECTED] for bugid #2100, change the way we check for errors after a dlopen (which may set internal warnings which get picked up by mistake in dlsym). Jeremy Modified: branches/SAMBA_3_0/source/lib/module.c Changeset: Modified: branches/SAMBA_3_0/source/lib/module.c === --- branches/SAMBA_3_0/source/lib/module.c 2004-11-30 01:01:43 UTC (rev 4008) +++ branches/SAMBA_3_0/source/lib/module.c 2004-11-30 01:01:43 UTC (rev 4009) @@ -40,9 +40,12 @@ */ handle = sys_dlopen(module_name, RTLD_LAZY); + /* This call should reset any possible non-fatal errors that + occured since last call to dl* functions */ + error = sys_dlerror(); + if(!handle) { int level = is_probe ? 3 : 0; - error = sys_dlerror(); DEBUG(level, (Error loading module '%s': %s\n, module_name, error ? error : )); return NT_STATUS_UNSUCCESSFUL; }
svn commit: samba r4010 - in branches/SAMBA_4_0/source/lib/ldb: common tests
Author: tridge Date: 2004-11-30 02:15:43 + (Tue, 30 Nov 2004) New Revision: 4010 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4010 Log: fixed parsing of null attributes in the ldb ldif parser Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_ldif.c branches/SAMBA_4_0/source/lib/ldb/tests/init.ldif Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_ldif.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_ldif.c 2004-11-30 01:01:43 UTC (rev 4009) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_ldif.c 2004-11-30 02:15:43 UTC (rev 4010) @@ -128,7 +128,11 @@ unsigned int i; uint8_t *p = val-data; - if (val-length == 0 || p[0] == ' ' || p[0] == ':') { + if (val-length == 0) { + return 0; + } + + if (p[0] == ' ' || p[0] == ':') { return 1; } @@ -377,7 +381,7 @@ *attr = *s; - while (isspace(*p)) { + while (*p == ' ' || *p == '\t') { p++; } Modified: branches/SAMBA_4_0/source/lib/ldb/tests/init.ldif === --- branches/SAMBA_4_0/source/lib/ldb/tests/init.ldif 2004-11-30 01:01:43 UTC (rev 4009) +++ branches/SAMBA_4_0/source/lib/ldb/tests/init.ldif 2004-11-30 02:15:43 UTC (rev 4010) @@ -9,6 +9,7 @@ o: U-M o: U of M description: The University of Michigan at Ann Arbor +seeAlso: postaladdress: University of Michigan $ 535 W. William St. $ Ann Arbor, MI 481 09 $ US telephonenumber: +1 313 764-1817
svn commit: samba r4011 - in branches/SAMBA_4_0/source: include librpc/idl librpc/rpc ntvfs ntvfs/common ntvfs/posix smb_server smbd torture torture/basic torture/nbench torture/raw torture/rpc
Author: tridge Date: 2004-11-30 04:33:27 + (Tue, 30 Nov 2004) New Revision: 4011 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4011 Log: get rid of rpc_secdes.h and replace it with a single sane set of definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. Removed: branches/SAMBA_4_0/source/include/rpc_secdes.h Modified: branches/SAMBA_4_0/source/include/includes.h branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/librpc/idl/security.idl branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c branches/SAMBA_4_0/source/ntvfs/common/opendb.c branches/SAMBA_4_0/source/ntvfs/ntvfs_generic.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_read.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_setfileinfo.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_write.c branches/SAMBA_4_0/source/smb_server/service.c branches/SAMBA_4_0/source/smbd/rewrite.c branches/SAMBA_4_0/source/torture/basic/attr.c branches/SAMBA_4_0/source/torture/basic/charset.c branches/SAMBA_4_0/source/torture/basic/delete.c branches/SAMBA_4_0/source/torture/basic/denytest.c branches/SAMBA_4_0/source/torture/basic/dir.c branches/SAMBA_4_0/source/torture/basic/disconnect.c branches/SAMBA_4_0/source/torture/basic/rename.c branches/SAMBA_4_0/source/torture/basic/scanner.c branches/SAMBA_4_0/source/torture/basic/unlink.c branches/SAMBA_4_0/source/torture/basic/utable.c branches/SAMBA_4_0/source/torture/gentest.c branches/SAMBA_4_0/source/torture/nbench/nbio.c branches/SAMBA_4_0/source/torture/raw/acls.c branches/SAMBA_4_0/source/torture/raw/chkpath.c branches/SAMBA_4_0/source/torture/raw/context.c branches/SAMBA_4_0/source/torture/raw/eas.c branches/SAMBA_4_0/source/torture/raw/mux.c branches/SAMBA_4_0/source/torture/raw/notify.c branches/SAMBA_4_0/source/torture/raw/open.c branches/SAMBA_4_0/source/torture/raw/oplock.c branches/SAMBA_4_0/source/torture/raw/qfileinfo.c branches/SAMBA_4_0/source/torture/raw/rename.c branches/SAMBA_4_0/source/torture/raw/streams.c branches/SAMBA_4_0/source/torture/rpc/samr.c branches/SAMBA_4_0/source/torture/rpc/svcctl.c branches/SAMBA_4_0/source/torture/torture.c branches/SAMBA_4_0/source/torture/torture_util.c Changeset: Sorry, the patch is too large (2417 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4011
svn commit: samba r4012 - in branches/SAMBA_4_0/source/rpc_server/lsa: .
Author: tridge Date: 2004-11-30 04:34:18 + (Tue, 30 Nov 2004) New Revision: 4012 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4012 Log: split out the lsa lookup single name logic into a separate function Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-11-30 04:33:27 UTC (rev 4011) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-11-30 04:34:18 UTC (rev 4012) @@ -1025,6 +1025,38 @@ } /* + lookup a SID for 1 name +*/ +static NTSTATUS lsa_lookup_name(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx, + const char *name, struct dom_sid **sid, uint32_t *atype) +{ + int ret; + struct ldb_message **res; + const char * const attrs[] = { objectSid, sAMAccountType, NULL}; + + ret = samdb_search(state-sam_ctx, mem_ctx, NULL, res, attrs, sAMAccountName=%s, name); + if (ret == 1) { + const char *sid_str = ldb_msg_find_string(res[0], objectSid, NULL); + if (sid_str == NULL) { + return NT_STATUS_INVALID_SID; + } + + *sid = dom_sid_parse_talloc(mem_ctx, sid_str); + if (*sid == NULL) { + return NT_STATUS_INVALID_SID; + } + + *atype = samdb_result_uint(res[0], sAMAccountType, 0); + + return NT_STATUS_OK; + } + + /* need to add a call into sidmap to check for a allocated sid */ + + return NT_STATUS_INVALID_SID; +} + +/* lsa_LookupNames2 */ static NTSTATUS lsa_LookupNames2(struct dcesrv_call_state *dce_call, @@ -1061,11 +1093,7 @@ } for (i=0;ir-in.num_names;i++) { - const char * const attrs[] = { objectSid, sAMAccountType, NULL}; const char *name = r-in.names[i].string; - int ret; - const char *sid_str; - struct ldb_message **res; struct dom_sid *sid; uint32_t atype, rtype, sid_index; NTSTATUS status2; @@ -1078,30 +1106,12 @@ r-out.sids-sids[i].sid_index = 0x; r-out.sids-sids[i].unknown = 0; - ret = samdb_search(state-sam_ctx, mem_ctx, NULL, res, attrs, sAMAccountName=%s, name); - if (ret != 1) { + status2 = lsa_lookup_name(state, mem_ctx, name, sid, atype); + if (!NT_STATUS_IS_OK(status) || sid-num_auths == 0) { status = STATUS_SOME_UNMAPPED; continue; } - sid_str = ldb_msg_find_string(res[0], objectSid, NULL); - if (sid_str == NULL) { - status = STATUS_SOME_UNMAPPED; - continue; - } - - sid = dom_sid_parse_talloc(mem_ctx, sid_str); - if (sid == NULL || sid-num_auths == 0) { - status = STATUS_SOME_UNMAPPED; - continue; - } - - atype = samdb_result_uint(res[0], sAMAccountType, 0); - if (atype == 0) { - status = STATUS_SOME_UNMAPPED; - continue; - } - rtype = samdb_atype_map(atype); if (rtype == SID_NAME_UNKNOWN) { status = STATUS_SOME_UNMAPPED;
svn commit: samba r4013 - in branches/SAMBA_4_0/source: client include libcli torture torture/basic
Author: tridge Date: 2004-11-30 05:37:57 + (Tue, 30 Nov 2004) New Revision: 4013 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4013 Log: got rid of a bunch of unused or unmaintained code - removed the clitar code. It is unmaintained, and a horribly badly done hack - removed client.h as it contained mostly unused definitions - removed the unused clidfs.c code Added: branches/SAMBA_4_0/source/include/clilist.h Removed: branches/SAMBA_4_0/source/client/clitar.c branches/SAMBA_4_0/source/include/client.h branches/SAMBA_4_0/source/libcli/clidfs.c Modified: branches/SAMBA_4_0/source/client/client.c branches/SAMBA_4_0/source/client/config.mk branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/libcli/clideltree.c branches/SAMBA_4_0/source/libcli/clilist.c branches/SAMBA_4_0/source/torture/basic/dir.c branches/SAMBA_4_0/source/torture/masktest.c branches/SAMBA_4_0/source/torture/torture.c Changeset: Sorry, the patch is too large (3171 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4013
svn commit: samba r4015 - in branches/SAMBA_4_0/source/libcli/raw: .
Author: tridge Date: 2004-11-30 05:45:37 + (Tue, 30 Nov 2004) New Revision: 4015 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4015 Log: correct copyright attributions Modified: branches/SAMBA_4_0/source/libcli/raw/libcliraw.h Changeset: Modified: branches/SAMBA_4_0/source/libcli/raw/libcliraw.h === --- branches/SAMBA_4_0/source/libcli/raw/libcliraw.h2004-11-30 05:41:21 UTC (rev 4014) +++ branches/SAMBA_4_0/source/libcli/raw/libcliraw.h2004-11-30 05:45:37 UTC (rev 4015) @@ -1,9 +1,8 @@ /* Unix SMB/CIFS implementation. SMB parameters and setup - Copyright (C) Andrew Tridgell 1992-1998 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - Copyright (C) Jeremy Allison 1998 + + Copyright (C) Andrew Tridgell 2002-2004 Copyright (C) James Myers 2003 [EMAIL PROTECTED] This program is free software; you can redistribute it and/or modify
svn commit: samba r4016 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2004-11-30 06:41:38 + (Tue, 30 Nov 2004) New Revision: 4016 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4016 Log: Fix for bug found by Steve French client code (cifsfs) on POSIX ACL set. You need to *get* a permset_t pointer from the entry before any of the permset code will accept it as a valid value Jeremy. Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c === --- branches/SAMBA_3_0/source/smbd/posix_acls.c 2004-11-30 05:45:37 UTC (rev 4015) +++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2004-11-30 06:41:38 UTC (rev 4016) @@ -3489,12 +3489,21 @@ goto fail; } + /* Get the permset pointer from the new ACL entry. */ + if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, the_entry, the_permset) == -1) { + DEBUG(0,(create_posix_acl_from_wire: Failed to get permset on entry %u. (%s)\n, +i, strerror(errno) )); +goto fail; +} + + /* Map from wire to permissions. */ if (!unix_ex_wire_to_permset(conn, CVAL(pdata,(i*SMB_POSIX_ACL_ENTRY_SIZE)+1), the_permset)) { DEBUG(0,(create_posix_acl_from_wire: invalid permset %u on entry %u.\n, CVAL(pdata,(i*SMB_POSIX_ACL_ENTRY_SIZE) + 1), i )); goto fail; } + /* Now apply to the new ACL entry. */ if (SMB_VFS_SYS_ACL_SET_PERMSET(conn, the_entry, the_permset) == -1) { DEBUG(0,(create_posix_acl_from_wire: Failed to add permset on entry %u. (%s)\n, i, strerror(errno) ));
svn commit: samba r4017 - in trunk/source/smbd: .
Author: jra Date: 2004-11-30 06:41:45 + (Tue, 30 Nov 2004) New Revision: 4017 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4017 Log: Fix for bug found by Steve French client code (cifsfs) on POSIX ACL set. You need to *get* a permset_t pointer from the entry before any of the permset code will accept it as a valid value Jeremy. Modified: trunk/source/smbd/posix_acls.c Changeset: Modified: trunk/source/smbd/posix_acls.c === --- trunk/source/smbd/posix_acls.c 2004-11-30 06:41:38 UTC (rev 4016) +++ trunk/source/smbd/posix_acls.c 2004-11-30 06:41:45 UTC (rev 4017) @@ -3489,12 +3489,21 @@ goto fail; } + /* Get the permset pointer from the new ACL entry. */ + if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, the_entry, the_permset) == -1) { + DEBUG(0,(create_posix_acl_from_wire: Failed to get permset on entry %u. (%s)\n, +i, strerror(errno) )); +goto fail; +} + + /* Map from wire to permissions. */ if (!unix_ex_wire_to_permset(conn, CVAL(pdata,(i*SMB_POSIX_ACL_ENTRY_SIZE)+1), the_permset)) { DEBUG(0,(create_posix_acl_from_wire: invalid permset %u on entry %u.\n, CVAL(pdata,(i*SMB_POSIX_ACL_ENTRY_SIZE) + 1), i )); goto fail; } + /* Now apply to the new ACL entry. */ if (SMB_VFS_SYS_ACL_SET_PERMSET(conn, the_entry, the_permset) == -1) { DEBUG(0,(create_posix_acl_from_wire: Failed to add permset on entry %u. (%s)\n, i, strerror(errno) ));
svn commit: samba r3996 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: metze Date: 2004-11-29 10:54:52 + (Mon, 29 Nov 2004) New Revision: 3996 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3996 Log: add some comments metze Modified: branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl === --- branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl 2004-11-29 06:42:02 UTC (rev 3995) +++ branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl 2004-11-29 10:54:52 UTC (rev 3996) @@ -15,7 +15,7 @@ uint32 attribute_id; uint32 version; NTTIME_1sec orginating_time; - GUID orginating_dsa; + GUID orginating_dsa; /* the 'invocationId' ? */ uint64 orginating_usn; uint64 local_usn; } replPropertyMetaData1; @@ -46,7 +46,7 @@ * w2k3 uses version 2 */ typedef struct { - GUID invocation_id_guid; + GUID invocation_id_guid; /* the 'invocationId' field of the CN=NTDS Settings object */ uint64 highest_usn; /* updated after a full replication cycle */ } replUpToDateVector1; @@ -57,7 +57,7 @@ } replUpToDateVectorCtr1; typedef struct { - GUID invocation_id_guid; + GUID invocation_id_guid; /* the 'invocationId' field of the CN=NTDS Settings object */ uint64 highest_usn; /* updated after a full replication cycle */ NTTIME_1sec last_success; } replUpToDateVector2; @@ -107,8 +107,8 @@ uint64 tmp_highest_usn; /* updated after each object update */ uint64 reserved_usn; uint64 highest_usn; /* updated after a full replication cycle */ - GUID dsa_guid; - GUID invocation_id_guid; + GUID dsa_guid; /* the 'objectGuid' field of the CN=NTDS Settings object */ + GUID invocation_id_guid; /* the 'invocationId' field of the CN=NTDS Settings object */ GUID transport_guid; } repsFromTo1;
svn commit: samba r3997 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2004-11-29 11:04:36 + (Mon, 29 Nov 2004) New Revision: 3997 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3997 Log: fix STR_CHARLEN pull case metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2004-11-29 10:54:52 UTC (rev 3996) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2004-11-29 11:04:36 UTC (rev 3997) @@ -507,6 +507,7 @@ int chset = CH_UTF16; unsigned byte_mul = 2; unsigned flags = ndr-flags; + unsigned c_len_term = 0; if (!(ndr_flags NDR_SCALARS)) { return NT_STATUS_OK; @@ -529,7 +530,10 @@ } flags = ~LIBNDR_FLAG_STR_CONFORMANT; - flags = ~LIBNDR_FLAG_STR_CHARLEN; + if (flags LIBNDR_FLAG_STR_CHARLEN) { + c_len_term = 1; + flags = ~LIBNDR_FLAG_STR_CHARLEN; + } switch (flags LIBNDR_STRING_FLAGS) { case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4: @@ -550,25 +554,25 @@ *s = talloc_strdup(ndr, ); break; } - NDR_PULL_NEED_BYTES(ndr, len2*byte_mul); + NDR_PULL_NEED_BYTES(ndr, (len2 + c_len_term)*byte_mul); ret = convert_string_talloc(ndr, chset, CH_UNIX, ndr-data+ndr-offset, - len2*byte_mul, + (len2 + c_len_term)*byte_mul, (void **)as); if (ret == -1) { return ndr_pull_error(ndr, NDR_ERR_CHARCNV, Bad character conversion); } - NDR_CHECK(ndr_pull_advance(ndr, len2*byte_mul)); + NDR_CHECK(ndr_pull_advance(ndr, (len2 + c_len_term)*byte_mul)); /* this is a way of detecting if a string is sent with the wrong termination */ if (ndr-flags LIBNDR_FLAG_STR_NOTERM) { - if (strlen(as) len2) { + if (strlen(as) (len2 + c_len_term)) { DEBUG(6,(short string '%s'\n, as)); } } else { - if (strlen(as) == len2) { + if (strlen(as) == (len2 + c_len_term)) { DEBUG(6,(long string '%s'\n, as)); } } @@ -578,29 +582,29 @@ case LIBNDR_FLAG_STR_SIZE4: case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM: NDR_CHECK(ndr_pull_uint32(ndr, len1)); - NDR_PULL_NEED_BYTES(ndr, len1*byte_mul); + NDR_PULL_NEED_BYTES(ndr, (len1 + c_len_term)*byte_mul); if (len1 == 0) { *s = talloc_strdup(ndr, ); break; } ret = convert_string_talloc(ndr, chset, CH_UNIX, ndr-data+ndr-offset, - len1*byte_mul, + (len1 + c_len_term)*byte_mul, (void **)as); if (ret == -1) { return ndr_pull_error(ndr, NDR_ERR_CHARCNV, Bad character conversion); } - NDR_CHECK(ndr_pull_advance(ndr, len1*byte_mul)); + NDR_CHECK(ndr_pull_advance(ndr, (len1 + c_len_term)*byte_mul)); /* this is a way of detecting if a string is sent with the wrong termination */ if (ndr-flags LIBNDR_FLAG_STR_NOTERM) { - if (strlen(as) len1) { + if (strlen(as) (len1 + c_len_term)) { DEBUG(6,(short string '%s'\n, as)); } } else { - if (strlen(as) == len1) { + if (strlen(as) == (len1 + c_len_term)) { DEBUG(6,(long string '%s'\n, as)); } } @@ -615,29 +619,29 @@ ndr-flags LIBNDR_STRING_FLAGS); } NDR_CHECK(ndr_pull_uint32(ndr, len1)); - NDR_PULL_NEED_BYTES(ndr, len1*byte_mul); + NDR_PULL_NEED_BYTES(ndr, (len1 + c_len_term)*byte_mul); if (len1 == 0) { *s = talloc_strdup(ndr, ); break; } ret = convert_string_talloc(ndr, chset, CH_UNIX,
svn commit: samba r3998 - in branches/SAMBA_4_0/source/build/pidl: .
Author: metze Date: 2004-11-29 11:08:15 + (Mon, 29 Nov 2004) New Revision: 3998 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3998 Log: allow const arrays (see next commit to drsuapi.idl) metze Modified: branches/SAMBA_4_0/source/build/pidl/header.pm branches/SAMBA_4_0/source/build/pidl/idl.pm branches/SAMBA_4_0/source/build/pidl/idl.yp Changeset: Sorry, the patch is too large (1923 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=3998