Re: [Samba] net vampire accounts of Windows 2000 AD
Le vendredi 11 février 2005 à 09:09 +0200, David Wilson a écrit : Hi guys, We are looking at migrating a Windows 2000 AD domain controller to Samba. Can the same net vampire procedure be used to migrate user accounts and passwords to the new Samba domain controller ? Any other pitfalls which you can think of off hand ? yes, i have succesfully done such a migration, in a test environnment. it is almost the same as with nt4 PDC migration. i followed http://samba.idealx.org/smbldap-howto.fr.html#htoc75 most difficult part is migrating user profiles, policies and such. good luck Many thanks. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- Thomas Constans http://www.opendoor.fr 04 78 68 17 34 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Free space calculation gets it wrong
Thomas M. Skeren III schrieb: Probably the only way you will get what you want. No. I don't think Windows can understand how a directory on a drive can be larger than the drive itself. Yes, it can. We have a DFS Share called apps assigned to our AD called EUROPE. C:\dir \\europe\apps Volume in Laufwerk \\europe\apps: hat keine Bezeichnung. Volumeseriennummer: EC62-031C Verzeichnis von \\europe\apps 2005-01-04 06:44DIR . 2005-01-04 06:44DIR .. 2004-01-05 03:27DIR Apps [...] 1 Datei(en) 2.284 Bytes 13 Verzeichnis(se), 3.711.651.328 Bytes frei C:\dir \\europe\apps\Apps Volume in Laufwerk \\europe\apps: hat keine Bezeichnung. Volumeseriennummer: EC62-031C Verzeichnis von \\europe\apps\Apps 2005-02-10 09:22DIR . 2005-02-10 09:22DIR .. 2004-11-19 14:46DIR 3DXWare_3515 [...] 0 Datei(en) 0 Bytes 117 Verzeichnis(se), 366.936.690.688 Bytes frei As you can see, in the directory apps there's about 3,7 GiB of free space. In the directory apps\Apps, there's about 366 GiB of free space. When I connect \\EUROPE\apps to R: and do a dir R:\ command, I also see 3,7 GiB of free space. Doing dir R:\Apps shows 366 GiB of free space. So, obviously there has to be a way to determine the free space available in a directory, as you can see in the examples shown above. Anyone out there, who might have an idea about how I can make Samba return the free space available in a given directory instead of in the top level directory of a share? Thanks a lot, Alexander Skwar -- Wonder is the feeling of a philosopher, and philosophy begins in wonder. -- Socrates, quoting Plato [Huh? That's like Johnson quoting Boswell] _ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net vampire accounts of Windows 2000 AD
Hi Thomas, Thanks for your reply. Ok excellent ! I'll give it a try. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: thomas constans [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED] Cc: samba samba@lists.samba.org Sent: Friday, February 11, 2005 10:21 AM Subject: Re: [Samba] net vampire accounts of Windows 2000 AD Le vendredi 11 février 2005 à 09:09 +0200, David Wilson a écrit : Hi guys, We are looking at migrating a Windows 2000 AD domain controller to Samba. Can the same net vampire procedure be used to migrate user accounts and passwords to the new Samba domain controller ? Any other pitfalls which you can think of off hand ? yes, i have succesfully done such a migration, in a test environnment. it is almost the same as with nt4 PDC migration. i followed http://samba.idealx.org/smbldap-howto.fr.html#htoc75 most difficult part is migrating user profiles, policies and such. good luck Many thanks. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- Thomas Constans http://www.opendoor.fr 04 78 68 17 34 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind authentification problem
Hi, I try to use samba with an nt4 domain and to enable the ACL. I can't change the rights from a windows machine with the gui... I think the problem might be by the authentification, because also on the linux machine the smbclient function doesn't work properly with domain users : -- borealis:~# wbinfo -a renee%taupe plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc064) error messsage was: No such user Could not authenticate user renee%secret with plaintext password challenge/response password authentication succeeded -- borealis:~# wbinfo -a NT1/renee%taupe plaintext password authentication succeeded challenge/response password authentication succeeded -- borealis:~# smbclient -L //borealis -Urenee Password: session setup failed: NT_STATUS_LOGON_FAILURE -- borealis:~# smbclient -L //borealis -UNT1/renee Password: session setup failed: NT_STATUS_LOGON_FAILURE Also when I try to connect from windows, samba is asking me login and password !!, but I'm connected on windows as Administrator... Only output from /var/log/samba/log.winbind is : [2005/02/11 11:05:33, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032) user 'root' does not exist Is it because I've joined the domain with net rpc join -Uroot -SNT1 ? In the past I've also tried with Administrator, but there were also problems... smb.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Doubt
On Thursday 10 February 2005 22:33, Jorge Bastos wrote: Howdy people, How can i resolv a little thing that i have here. Why findsmb doesn't show me the computer if it is using the SP2 (win xp) ? I use findsmb alot. Jorge Bastos I think its probably the firewall - disable it on the xp machine and try again and I think it will work. Not sure how to get around this. pgpYIWN8UokTQ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ACL MIGRATION : copy from nt4 to samba preserving the rights
Hi, I think I've now managed to configure samba successfully to support acls, but I need to know how to copy the shares from my ntserver to the samba machine, without loosing the rights... Other problem is with the backup, is it possible to normaly backup the files and directory from an other windows server, or should I write to the medium directly form linux... I fear that the dummy users (root and so on) may cause problem when recovering files ? Am I wrong ? Somebody already perform backup ? Thanks, Sébastien -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Doubt
Of course it's not the firewall, i'm not that dumb, firewall's disabled. I can do a nmblookup machine_name Jorge Bastos On Thursday 10 February 2005 22:33, Jorge Bastos wrote: Howdy people, How can i resolv a little thing that i have here. Why findsmb doesn't show me the computer if it is using the SP2 (win xp) ? I use findsmb alot. Jorge Bastos I think its probably the firewall - disable it on the xp machine and try again and I think it will work. Not sure how to get around this. - Original Message - From: Hamish [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, February 11, 2005 10:34 AM Subject: Re: [Samba] Doubt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.10 - Error With Latest Win2K Patches
When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba und dreambox
Hallo Gentlemen Would you like to introduce me in the technic of usin samba with a Dreambox receiver which uses a linux programm? Thank you in adnance Gertza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Doubt
On Friday 11 February 2005 10:41, Jorge Bastos wrote: Of course it's not the firewall, i'm not that dumb, firewall's disabled. I can do a nmblookup machine_name I was trying to help by giving info that I though was useful, sorry it didnt work out. If I turn off my firewalls or configure them properly, findsmb works perfectly. You obviously are too clever for that though. It seems there are so many angry people on this list lately! pgpBI2M0LdDEJ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Doubt
Err it doesn't have nothing to have with angry or i'm clover than anybody else, i'm just me and that's it. You're seeing that in a wrong way. Jorge Bastos On Friday 11 February 2005 10:41, Jorge Bastos wrote: Of course it's not the firewall, i'm not that dumb, firewall's disabled. I can do a nmblookup machine_name I was trying to help by giving info that I though was useful, sorry it didnt work out. If I turn off my firewalls or configure them properly, findsmb works perfectly. You obviously are too clever for that though. It seems there are so many angry people on this list lately! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't change password with Windows XP (Change passwordfeature)
Thanks, I'll give this a try. Ganeshram Iyer lt;[EMAIL PROTECTED]gt; wrote: On Fri, 11 Feb 2005 00:29:51 -, James Marcinek [EMAIL PROTECTED] wrote: Hello Everyone, I've been trying to figure out why I can't change passwords with my windows clients. I thought that at when I first built my smb.conf I could. I'm running RHEL3 (I also have another system at a different location running FC3 with the same problem ). I've been looking through my smb.conf (see excerpts): # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd passdb backend = tdbsam # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only #the encrypted SMB passwords. They allow the Unix password #to be kept in sync with the SMB password. unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* We get an error now that states not authorized (or something like that) to change password. These are Windows XP Pro systems. The version of Samba is: samba-3.0.9-1 This is driving me crazy. Can anyone help me out? Thanks, James Hey James, I just recently played with this setup. I finally got it to work after debugging the output of the passwd command. Try this: passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* Keep in mind that this all has to be on one line. I have not included any line break stuff in there. Of course I must mention that I tried these on RedHat Enterprise Linux AS 3 with Samba 3.0.9-1.3E.2 and it work fine. If this does not work then you could try setting log level to 100 and passwd chat debug to yes and searching the log files for possible errors. Ganesh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Delayed Write Failed and other similar errors on Windows machines
On 02/03/2005 06:39 PM, Michael J. Welch, Ph.D. wrote: I am experiencing an error which has been reported on the internet since Samba 2.2.7 and Windows 2000. There are many suggestions as ... [An attempt to open a VS C++ project with no .NCB file. VS tries to build another file, but fails during the write.] Windows - Delayed Write Failed Windows was unable to save all the data for the file \\Server\icr\active\Copy of Ctrl 4-3-1-33\SKAN_Talk.ncb. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save the file elsewhere. [The file is partially created.] I am running Samba 3.0.10 on a Sun 420R under Solaris 9. To try to cut down the size of some user's roaming profiles I tried to re-direct the location Mozilla Mail uses to store *.msf files from the roaming profile to the user's UNIX home directory that we have mounted as h:\. I was doing this in preparation to redirect more of the roaming profile files to the UNIX home directory - I was just starting small. Anyhow, for the users that were changed I have see many Windows Delayed Write Failed error messages. I cannot provide any additional useful information right now - variants of SDBOT have been rampant on campus for weeks, and while the machines I administer have not been infected, attempts to infect them have kept us all busy - and put the load average on my Samba PDC through the roof - here putting local firewall rules on the Windows 2000 machines (our networking group is unwilling to block the ports I want blocked between my networks and the rest of campus.) Thus I've not had time to look for clues in the log files. I had thought that it might be due to the unusually high load averages we have been running and once that was under control the problem would go away. -Bob Martel -- *** Bob Martel,System Administrator I met someone who looks a lot like you Levin College of Urban Affairs She does the things you do Cleveland State University But she is an IBM (216) 687-2214 [EMAIL PROTECTED]-Jeff Lynne *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba und dreambox
On Fri, 11 Feb 2005, Ger. Tzan. wrote: Date: Fri, 11 Feb 2005 13:39:33 +0200 From: Ger. Tzan. [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] samba und dreambox Hallo Gentlemen All your base are belong to us. (Sorry, couldn't resist) ;) -- J. L. Blank, Systems Administrator, twu.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches
Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Not all users listed in 'Select Users or Groups'
When I try to add users or groups in Win2K via the Security tab -- Select Users or Groups, not all users or groups are displayed. Any account created since 1 January isn't showing up. I patched the Win2K server just before this date. All accounts that were creaated prior to this date still appear. On the Linux system which is acting as the Samba PDC (and is using ldap), pdbedit -l doesn't return a complete list of users either, so I don't think it is the patches that caused the issue. I have changed sizelimit in sladp.conf ldap.conf files, but this is driving me crazy. I have a total of 962 users, but only 806 show up. If I delete a user that currently shows up, then the number returned is decremented by one (e.g. 805). I have tried stopping/starting smb/nmd, nscd, and ldap/slapd but it doesn't make any difference. Any help is appreciated. I have googled for the answer without luck. I had previously sent this as a pdbedit problem but perhaps with the additional information, someone may be able to suggest a solution? Sincerely, Dave Hopkins Newark Charter School Newark Delaware 19713 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches
Yes i have the ServicePack 4 on my Win2K, and is works fine. Set your debug Level to 10 and debug it... I have not this Problem and the same Server and Client. I Think Win2K have a security-user Patch in the Service Pack 4 and this make your Problems. You must debug your Problem, or i hope other People can you help :-( Testing your Config with security = share or don't use the socket options Andreas Am Freitag, den 11.02.2005, 09:24 -0500 schrieb Justin Piszcz: Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net ads join requires full domain admin account?
* [EMAIL PROTECTED] schrieb am 10.02.05 um 21:35 Uhr: Problem: I have an account that allows me to join an AD domain, this works fine from any win box. However it fails with ads_add_machine_acct (client_name): Insufficient access when I do a net ads join from a linux box. To get samba to join the domain, I have to use an account with full domain admin privs. (ie net ads join -Ufull_domain_admin) Is this expected behavior? I just wanted to confirm that. I saw the same while I was trying to add my Samba machine to an AD. -Marc -- °M3rlin- what is the legal age to buy alcoholic in england ? ° ° p5Ds13a06 you cant buy alcoholics ° ° p5Ds13a06 but if you wink the right way, ° ° some of them will follow you home for free ° -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Prints ok, but says Access denied, unable to connect. win2k and samba 2.2.1a
I have a small Samba 2.2.1a plus Win2k workgroup. Samba is running on Redhat 7.2. There is a networked laserjet 5000 using a static IP which I can print to successfuly from the linux box, and from the win2k workstations via the queue on the linux box. The weird thing is that, on the win2k worksations, if I double click on the printer icon the status of the printer is reported as Access denied, unable to connect. Yet it works??? Hello, I've been having this same problem with several of our laserjet 5000s on our network. Did you find the cause of the problem? Any help would be appreciated. Thanks Joshua Ainsworth Colorado Christian University Tech Support [EMAIL PROTECTED] 303-963-3444 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] problem creating trusts between NT4 and samba
Thank you, Christoph. For anyone else silly enough to not only misread the documentation but misread the error messages too, Christoph's reply is the correct solution. ;) Paul -Original Message- From: Christoph Scheeder [mailto:[EMAIL PROTECTED] Sent: Friday, February 11, 2005 12:56 AM To: Paul Smith Cc: samba@lists.samba.org Subject: Re: [Samba] problem creating trusts between NT4 and samba Hi, [...] However, when I run smbpasswd -a -i rumba I get the following: phoenix:~ # smbpasswd -a -i ada New SMB password: Retype new SMB password: Failed to initialise SAM_ACCOUNT for user ada$. Does this user exist in the UNIX password database ? Failed to modify password entry for user ada$ ^ You see this? the user you have to create is ada$ not ada as this is the username for a machine-account, not a normal user Hope it helps... Christoph -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Prints ok, but says Access denied, unable to connect. win2k and samba 2.2.1a
Members of the Domain Admin Group will not have this issue. You may or may not want to resolve it this way, since it does elevate regular users priveledges. If its a small install of responsible users, it may not matter. see man smb.conf domain admin group =. g Ainsworth, Joshua B. wrote: I have a small Samba 2.2.1a plus Win2k workgroup. Samba is running on Redhat 7.2. There is a networked laserjet 5000 using a static IP which I can print to successfuly from the linux box, and from the win2k workstations via the queue on the linux box. The weird thing is that, on the win2k worksations, if I double click on the printer icon the status of the printer is reported as Access denied, unable to connect. Yet it works??? Hello, I've been having this same problem with several of our laserjet 5000s on our network. Did you find the cause of the problem? Any help would be appreciated. Thanks Joshua Ainsworth Colorado Christian University Tech Support [EMAIL PROTECTED] 303-963-3444 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SID (problem)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ldap# net getlocalsid [2005/02/11 12:40:13, 0] lib/smbldap.c:smbldap_search_suffix(1155) ~ smbldap_search_suffix: Problem during the LDAP search: (No such object) [2005/02/11 12:40:13, 0] utils/net.c:net_getlocalsid(494) ~ Can't fetch domain SID for name: SRV-PDC ldap# What's this problem? Help me!!! []'s __ Márcio Luciano Donada mdonada at auroraalimentos dot com dot br FreeBSD - The uptime is mesuared in years! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCDM+dyJq2hZEymxcRAqMfAJwIkJ7E1ur2CBXlPNclmX1KyCwyhwCgo3wz 0ZVC6AItYxVaXwz5P/9pH8Q= =1LnO -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SID (problem)
ldap# net getlocalsid [2005/02/11 12:40:13, 0] lib/smbldap.c:smbldap_search_suffix(1155) ~ smbldap_search_suffix: Problem during the LDAP search: (No such object) [2005/02/11 12:40:13, 0] utils/net.c:net_getlocalsid(494) ~ Can't fetch domain SID for name: SRV-PDC ldap# Sounds like you don't have the sambaDomain object located anywhere in you DIT. Do you? If you do, then I'd check your smb.conf re: base dn and whatnot. What's this problem? Help me!!! []'s __ Márcio Luciano Donada mdonada at auroraalimentos dot com dot br FreeBSD - The uptime is mesuared in years! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCDM+dyJq2hZEymxcRAqMfAJwIkJ7E1ur2CBXlPNclmX1KyCwyhwCgo3wz 0ZVC6AItYxVaXwz5P/9pH8Q= =1LnO -END PGP SIGNATURE- -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Incorrect disk size reported at 20.0 MB
All, I'm recently seeing an issue with how Samba is reporting the disk space available from a NFS share. Checking the properties from a PC system displays all mapped network drives as having 20.0 MB size with zero free disk space available. We updated to Samba version 3.0.11 this morning with no change in results. I have checked the bug reports and haven't found anything that resembles this problem. Any ideas where I might look? Richard. Richard L. Felkins SAIC Systems 10260 Campus Point Dr. MS-A Email: [EMAIL PROTECTED] San Diego, CA 92121 Phone: 858-826-3321 Cell: 858-354-4563 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net ads join requires full domain admin account?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marc Schiffbauer wrote: | Problem: I have an account that allows me to join | an AD domain, this works fine from any win box. However | it fails with ads_add_machine_acct (client_name): | Insufficient access when I do a net ads join from a linux | box. To get samba to join the domain, I have to use | an account with full domain admin privs. (ie net | ads join -Ufull_domain_admin) | | Is this expected behavior? | | I just wanted to confirm that. I saw the same while | I was trying to add my Samba machine to an AD. The acls on you machine object or parent OU in AD are wrong then. I can successfully join Samba boxes to an AD domain without being a domain admin. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCDNnSIR7qMdg1EfYRAm+NAJ4tTHU1ULsnf6VCIBUlUBRFNRFaNACfWDlj IXmrB82nkQ6LYqFxAW9w0IA= =oT/C -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbfs hard links
When I mount an smbfs file system from a Samba server, I am able to create both symbolic and hard links in it with ln. However, while the hard links are real hard links on the server, they do not appear as such on the client because they have different inode numbers: [EMAIL PROTECTED]:~$ mkdir mountpoint [EMAIL PROTECTED]:~$ smbmount //henry/testuser mountpoint Password: [EMAIL PROTECTED]:~$ cd mountpoint [EMAIL PROTECTED]:~/mountpoint$ touch x [EMAIL PROTECTED]:~/mountpoint$ ln x y [EMAIL PROTECTED]:~/mountpoint$ ls -li total 0 1484 -rw-r--r-- 1 testuser testuser 0 Feb 11 15:38 x 1485 -rw-r--r-- 1 testuser testuser 0 Feb 11 15:38 y [EMAIL PROTECTED]:~/mountpoint$ ssh henry ls -li total 0 5308465 -rw-r--r-- 2 testuser testuser 0 Feb 11 15:38 x 5308465 -rw-r--r-- 2 testuser testuser 0 Feb 11 15:38 y Would it be possible to use the unique ID in the attributes returned by the server to set the inode number on the client, instead of generating a new inode for every dirent? smbd sets the unique ID using the inode number on the server, so this ought to get hard links right. I can see that this could potentially return the same inode number for distinct files if the share crosses multiple filesystems on the server. However, I think inode numbers only really looked at when creating temporary/lock files and only on hard links within the same directory. -- Martin Orr Linux Administrator, Methodist College Belfast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Prints ok, but says Access denied, unable to connect. win2k and samba 2.2.1a
I have a small Samba 2.2.1a plus Win2k workgroup. Samba is running on Redhat 7.2. There is a networked laserjet 5000 using a static IP which I can print to successfuly from the linux box, and from the win2k workstations via the queue on the linux box. The weird thing is that, on the win2k worksations, if I double click on the printer icon the status of the printer is reported as Access denied, unable to connect. Yet it works??? I have the exact same message in XP with my HP LJ4 on a Suse 9.0 box. All the printing works, but the printer status reports Access denied, unable to connect, but yes, it works? Solution: IGNORE IT ; -)It is something funky on the XP, win2K side. If you find out what it is, let me know -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 2/10/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb log error-Transport end point/getpeername
david rankin wrote: Well, no, I'm not positive, but when whatever hangs, I get a big slowdown in file access, file open, etc.. from XP. When I then go and check the logs the transport end point and getpeername is the only thing that shows up in the log. I admit I haven't had time to put up a console and check in the past few days. It is definately an XP issue. It occurs on both Suse 9.0 and Mandrake 7.2 with 3.0.7. It occurred with all the 2.0 and 2.2 sambas as well. I'll keep an eye on it and report back. This is a bit of a shot in the dark, but do you have port 80 firewalled off on your Samba server? It's my understanding that by default, XP will try to access network drives via WebDAV before trying SMB, and a firewall that drops attempted connections to port 80 or that doesn't respond with a TCP reset can cause noticeable slowdowns in connections from XP. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Not all users listed in 'Select Users or Groups'
Update on this. I can use pdbedit to modify or list information for a specific user, but then pdbedit -l doesn't list that user in the output for what should be all users. What setting is limiting the output that pdbedit receives/supplies? When I try to add users or groups in Win2K via the Security tab -- Select Users or Groups, not all users or groups are displayed. Any account created since 1 January isn't showing up. I patched the Win2K server just before this date. All accounts that were creaated prior to this date still appear. On the Linux system which is acting as the Samba PDC (and is using ldap), pdbedit -l doesn't return a complete list of users either, so I don't think it is the patches that caused the issue. I have changed sizelimit in sladp.conf ldap.conf files, but this is driving me crazy. I have a total of 962 users, but only 806 show up. If I delete a user that currently shows up, then the number returned is decremented by one (e.g. 805). I have tried stopping/starting smb/nmd, nscd, and ldap/slapd but it doesn't make any difference. Any help is appreciated. I have googled for the answer without luck. I had previously sent this as a pdbedit problem but perhaps with the additional information, someone may be able to suggest a solution? Sincerely, Dave Hopkins Newark Charter School Newark Delaware 19713 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming profiles sometimes stop updating
I have a generally stable and well-working Samba configuration on a few servers but I have noticed one recurring problem that crops up from time to time on at least two different systems. The Samba version is '3.0.9-1.3E.2' (from the Red Hat RPM release), it is configured as a PDC, and NT profile updating generally works fine. However, I've noticed that on two completely separate networks (configured in a similar manner) certain Windows 2K/XP stations just stop updating profiles though the rest are still updating regularly upon logout. In a new Samba install I performed a few months ago some of the existing 2K/XP machines have never updated the roaming profile. Once a station stops updating user profiles it seems that the only fix is to reinstall Windows. It sounds like this is probably a Windows client problem and nothing Samba specific. However, as most of my PDC experience these days is with Samba I was wondering if anyone else has seen this behavior and maybe has some suggestions on tweaks to Samba to keep this from happening or maybe a Windows tweak to make it work again without requiring a reinstall. I checked the Samba How-To and did some googling and didn't find anything that seemed to match my problem but perhaps I wasn't picking the right keywords :) In case it helps, here is my profiles share definition: [profiles] comment = Windows Profiles path = /vol/samba/profiles read only = no create mask = 0611 directory mask = 0700 map system = yes map hidden = yes root preexec = mkdir -p /vol/samba/profiles/%u ; chown % u /vol/samba/profiles/%u ; chmod 700 /vol/samba/profiles/%u profile acls = yes Thanks, Sean signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profiles sometimes stop updating
However, I've noticed that on two completely separate networks (configured in a similar manner) certain Windows 2K/XP stations just stop updating profiles though the rest are still updating regularly upon logout. In a new Samba install I performed a few months ago some of the existing 2K/XP machines have never updated the roaming profile. I know you're saying workstation here, but since most of the time a workstation is person specific and for general clarification: Is this a user problem or a workstation problem? If you log in with a different random user does it update ok and/or does the problem follow a user around to different workstations? -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb log error-Transport end point/getpeername
From: Josh Kelley [EMAIL PROTECTED] david rankin wrote: Well, no, I'm not positive, but when whatever hangs, I get a big slowdown in file access, file open, etc.. from XP. When I then go and check the logs the transport end point and getpeername is the only thing that shows up in the log. I admit I haven't had time to put up a console and check in the past few days. It is definately an XP issue. It occurs on both Suse 9.0 and Mandrake 7.2 with 3.0.7. It occurred with all the 2.0 and 2.2 sambas as well. I'll keep an eye on it and report back. This is a bit of a shot in the dark, but do you have port 80 firewalled off on your Samba server? It's my understanding that by default, XP will try to access network drives via WebDAV before trying SMB, and a firewall that drops attempted connections to port 80 or that doesn't respond with a TCP reset can cause noticeable slowdowns in connections from XP. Thanks for the 'shot', but in my case, port 80 is wide open -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 2/10/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RID question. Samba 3.0.11
I have a RHAS3 test server (3.0.11) with a single XP 5 ws connected. I also have a high school RHAS3/3.0.11 server going into production (as a PDC) next week or thereabout. With mostly Windows 2000 workstations. In the Samba HOWTO the well-known RIDs are detailed, with numeric values. It is stressed (in the HOWTO) that Windows workstations take note of well-known RIDs (appended to localsids). However, when I install a new domain workstation on my test rig: 1: from the HOWTO the RID is supposed to e 515; however: 2: when the trust account is installed by the NT4 SRVMGR.EXE on my XP client, the RID gets to be 513; 3: when installed using 'smbpasswd -a -m' Samba creates its own algorithmic RID. My XP client doesn't seem to take the blindest bit of notice of the RID. The machine trust account is accepted, whatever the value of the RID is. 4: the same applies to the Administrator RID. It's supposed to be 500, but the XP machine accepts DOMAIN\Administrator as God, whatever his RID is, even if it's 3. What gives? --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.11 on Red Hat RHAS3
To answer my own question of a week or so ago, as to whether RHAS3 users had got 3.0.11 to compile and execute (I had a plethora of errors): The Red Hat 3.0.11 SRPM from the Samba site compiled cleanly and runs fine (daemons and utilities) on my RHAS3 test rig, and on a RHAS3 update 4 production NAS server doubling as a Samba 3 server with 1150+ users of Unix/Linux and soon PDC Windows services. Jerry Carter has done a magnificent job with the SRPM, thanks a million, Jerry :) I have no idea why the source code compile should have gone so haywire, yet the SRPM should perform, they both use the same libraries. All the users are in an Openldap DB on another server. Having read the WHATSNEW.txt, I wasn't surprised to find out that I had to set 'ldap user suffix = ' in smb.conf (they are in different containers directly under the root suffix). It was set to the ldap suffix in the previous (3.0.7) version. Once again, thanks for a magnificent product that should cut down our Windows (2000) administration appreciably (the Linux administration (including full e-mail) is already part-time - just about nothing ever goes wrong ;) --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can't map group domain share from ADS
I've set up the following and can open a home share
for me (sylveg). I've created a group on W2KADS and on
OURSAMBALINUX called oadmin and added me as a member
in both. I created a samba share called o_drive (see
smb.conf below) w/ the linux dir /home/o_drive and
valid users = %D+oadmnin. The /home dir is:
drwxr-xr-x 2 root root4096 2004-09-03 15:16
ftp/
drwx-- 2 root root 16384 2005-02-03 07:55
lost+found/
drwxrwxrwx 2 root oadmin 4096 2005-02-10 11:15
o_drive/
drwx--x--x 2 sylveg users 4096 2005-02-10 12:00
sylveg/
In the security tab of W2KADS OURSAMBALINUX account I
gave sylveg and oadmin full rights.
I haven't run net groupmap (do I need to?)
When I try to map to \\OURSAMBALINUX IP\o_drive from
my W2K workstation (joined to the domain as sylveg), I
get prompted for username and password. Log (level 3)
file shows:
user 'sylveg' (from session setup) not permitted to
access this share (o_drive)
I also would like to know how to set up automatic user
and group creation from the W2KADS to OURSAMBALINUX. I
tried what I found so far (add machine script =
/usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M
%u) in smb.conf, but it doesnt work.
SYSTEM INFO FOLLOWS:
W2K ADServer = W2KADS.OURORG.OURDOMAIN.ORG
__
Slackware/Samba server = OURSAMBASERVER
HP570ML G3 w/Compaq Smart array 640
Slackware 10.1
2.4.29 kernel
Scsi.s boot kernel
___
Add entrys to /hosts
Samba machine
/etc/hosts
127.0.0.1 localhost
localhost.localdomain
(our W2KADS IP) W2KADS
W2KADS.OURORG.OURDOMAIN.ORG
(OURSAMBALINUX IP) OURSAMBALINUX
URSAMBALINUX.OURORG.OURDOMAIN.ORG
Windows Active Directory server
(%Systemroot%\System32\drivers\etc\hosts)
127.0.0.1 localhost
localhost.localdomain
(our W2KADS IP) W2KADS
W2KADS.OURORG.OURDOMAIN.ORG
(OURSAMBALINUX IP) OURSAMBALINUX
OURSAMBALINUX.OURORG.OURDOMAIN.ORG
__
# etc/resolv.conf
search OURORG.OURDOMAIN.ORG
domain OURORG.OURDOMAIN.ORG
nameserver OURNAMESERVER1
nameserver OURNAMESERVER2
nameserver OURNAMESERVER3
nameserver OURNAMESERVER4
nameserver (our W2KADS IP)
_
# date (MMDDHHMM) same time as W2KADS
(syncs OURSAMBALINUX time to W2KADS server)
_
Kerboros krb5-1.4
#./configure
#make
# more /etc/krb5.conf
[libdefaults]
default_realm = OURORG.OURDOMAIN.ORG
[realms]
OURORG.OURDOMAIN.ORG = {
kdc = W2KADS.OURORG.OURDOMAIN.ORG:88
admin_server =
W2KADS.OURORG.OURDOMAIN.ORG:749
default_domain = OURORG.OURDOMAIN.ORG
}
[domain_realm]
.ourorg.ourdomain.org = OURORG.OURDOMAIN.ORG
ourorg.ourdomain.org = OURORG.OURDOMAIN.ORG
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
# /etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
hosts: files dns wins
networks: files dns
services: files
protocols: files
rpc:files
ethers: files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases:files
OpenLDAP openldap-2.2.23
(Loaded for libraries)
#./configure
#make depend
#make
#make test
#make install
# kinit [EMAIL PROTECTED]
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@ OURORG.OURDOMAIN.ORG
Valid starting ExpiresService
principal
01/10/05 10:36:06 01/10/05 20:37:39 krbtgt/
OURORG.OURDOMAIN.ORG @ OURORG.OURDOMAIN.ORG
renew until 01/10/05 10:36:06
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
Samba 3.0.11
(patch for clitar error #patch p0 clitar.patch)
Build from source so it picks up krb5 and ldap
# ./configure --with-acl-support
#make
#make install
#make installbin
#make installman
# cp
/usr/local/samba-3.0.10/source/nsswitch/libnss_winbind.so
/lib
# cp /usr/local/samba/sbin/* /usr/sbin
# cp /usr/local/samba/bin/* /usr/bin
Check w/ #smbd b|grep KRB
And #smbd b|grep LDAP
Set up as a member server in smb.conf
# /usr/local/samba/lib/smb.conf
# Global parameters
[global]
unix charset = LOCALE
workgroup = OURORG
netbios name =
[Samba] Problem compiling samba 3.0.11
Hello, I have a samba server running samba 3.0.10 compiled from source with this configuration options: ./configure --with-ldap --with-smbmount --with-pam --with-quotas --with-utmp --with-acl-support --with-winbind It's running on a redhat 7.1, the kernel is 2.2.20 with acl. Samba is authenticating to OpenLDAP 2.2.20. I think this is what you need to know about my server. Here comes the problem, when I try to compile samba 3.0.11 with this same options I get no error or warning running configure but I get a lot of undefined reference to in various modules and warnings when compiling. I think there is something I need to update but I don't know what. I really need the new privilege feature! Can someone help me to find what I must do to be able to compile samba 3.0.11? TIA, Bruno Gimenes Pereti. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 10/02/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pdc (acess denied)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Good Mornig, I am configuring the samba to be the PDC of my net using LDAP (OpenLDAP), following the documentation of http://www.idealx.org/prj/samba/smbldap-howto.en.html. Good to carry through the test I am using one windows XP. At the moment that I go to mapaear the unit of the server in windows I obtain to thus validate in a good using o and password in ldap liberating the sharing of the samba. But when I try to logar the same in the domain using using and password that is in the base ldap it says me: Denied Access. This I do not know because. Perhaps the colleagues of the list already had passed therefore can give one to me help. []'s __ Márcio Luciano Donada mdonada at auroraalimentos dot com dot br FreeBSD - The uptime is mesuared in years! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCDQSvyJq2hZEymxcRAt6mAJ4uOgZPKcDxaIeIup7bG2WG1tkb7wCgj3Pt 5s9RMdLtIVrD008RJERPjxw= =9zCc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0.10 - Error With Latest Win2K Patches
I really don't think Samba has anything to do with it as when I drag the cursor over the Window (in Windows) which contains the SMB share, Windows itself does not let me even copy or do anything over that window! Does anyone else have this problem? On Fri, 11 Feb 2005, Andreas Koch wrote: Yes i have the ServicePack 4 on my Win2K, and is works fine. Set your debug Level to 10 and debug it... I have not this Problem and the same Server and Client. I Think Win2K have a security-user Patch in the Service Pack 4 and this make your Problems. You must debug your Problem, or i hope other People can you help :-( Testing your Config with security = share or don't use the socket options Andreas Am Freitag, den 11.02.2005, 09:24 -0500 schrieb Justin Piszcz: Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profiles sometimes stop updating
On Fri, 2005-02-11 at 11:39 -0600, Paul Gienger wrote: However, I've noticed that on two completely separate networks (configured in a similar manner) certain Windows 2K/XP stations just stop updating profiles though the rest are still updating regularly upon logout. In a new Samba install I performed a few months ago some of the existing 2K/XP machines have never updated the roaming profile. I know you're saying workstation here, but since most of the time a workstation is person specific and for general clarification: Is this a user problem or a workstation problem? If you log in with a different random user does it update ok and/or does the problem follow a user around to different workstations? It seems to be specific to an individual workstation (or in this case, a number of them). In this environment it is generally one user to one workstation so you are right, they don't travel much. However: - On one such XP workstation I tried logging in a newly created user and on log out no profile was stored to the server. I just tested this to be sure. - In the past, when we have reloaded the workstation from scratch profile operations start working from that point forward without modification to the user. We saw this behavior as recently as last week. One user's station needed to be reloaded, profiles had never worked for them before, and once the reload was done the first logout successfully stored the profile. Thanks, Sean signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Inconsistant write access to SAMBA share
Running Redhat 2.4.21 with Samba 3.0.9. My share is readable ok but while write access will work when i've booted from a dos environment (Bart's boot Disk http://www.nu2.nu/bootdisk/ which is a marvelous free product that i'm happy to plug) When i authenticate from a windows XP or 2000 desktop i can read but have no write access with the same account. The folder permissions all seem to match my windows user and windows group and i'm stumped as to why this all works from the dos prompt but not from windows. Any ideas? Here is my smb.conf config [global] workgroup = MYDOMAINNAME netbios name = MYSERVERNAME realm = MYDOMAINNAME.MY.DOMAIN security = ads encrypt passwords = yes password server = MY_ADDC.MY.DOMAIN wins server = MY_ADDC.MY.DOMAIN name resolve order = lmhosts host wins bcast log file = /var/log/samba/%m.log server string = RedHat Samba Server log level = 2 winbind cache time = 10 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/%D/%U idmap uid = 1-5 idmap gid = 1-2 # Share Definitions == # A publicly accessible directory, but read only, except for staff [SubShare1] path = /data/RootShare/SubShare1 browseable = no read only = no write list = @techs read list = @ausergroup [SubShare2] path = /data/RootShare/SubShare2 browseable = no read only = no write list = @techs, @mitsadmin read list = @techs, serviceaccount [SubShare3] path = /data/RootShare/SubShare3 browseable = no read only = no write list = @techs read list = @techs [SubShare4] path = /data/RootShare/SubShare4 browseable = no read only = no write list = @administrators, @mitsadmin [RootShare] path = /data/RootShare browseable = no read only = @techs write list = @administrators -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Win2k Server won't join domain
This isn't looking like a samba problem, but thought I'd ask just in case. I'm running samba 3.0.10 on Debian stable as a PDC. I have a Windows 2000 Server which was happily part of the domain until this morning. This morning users couldn't use an application whose database files are on the w2k machine, the symptoms looking like the users weren't authenticating to the w2k machine. Looking into the issue they could browse the database files through network neighbourhood, but the application couldn't find them. I decided to try to remove the w2k from the domain and rejoin it. Now it will not rejoin the domain. I've now deleted the machine from the tdbsam. I get the following error message when trying to join: The following error occurred attempting to the join the domain cleartech: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. The event log says: The session setup to the Windows NT or Windows 2000 Domain Controller \\SERVER for the domain CLEARTECH failed because the computer MAX does not have a local security database account. Other w2k servers can join the domain fine. There is no sign that the local security database is having problems, or the samba one. Any suggestions? Thank you. -- Steven Kurylo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joining Samba to a non-Samba,non-AD, NT4 Domain
I am a Unix Admin, trying to join a NT4 domain. I do not have access to the PDC. When setting up a new machine, either Windows or Unix, on the domain, I ask the NT admins to create a new machine account on the domain for my machine. I then associate my machine with that machine account. I say associate because I'm not exactly sure what happens, something about trading secrets and negotiating machine passwords I think. For my windows machine, this was a very easy process of supplying the domain name, machine name, and my own personal domain login. For my UNIX machines (both Solaris and Linux), I supplied the domain name, machine name, and my personal login but was denied. I had to get an NT admin to put in the Domain Administrator password for it to work. I used the command # net rpc join MEMBER -W DLSMIS -U my username gave my password, and got this back: Create of workstation account failed User specified does not have administrator privileges Unable to join domain DLSMIS. I'm not surprised the create failed, since its already been created before my attempt to join. Samba should not be trying to create it again, although that is what it seems to be doing. When I got an NT admin to come over, I used # net rpc join MEMBER -W DLSMIS -U Administrator got the NT admin to put in their password, and it joined successfully. This doesn't make sense since I don't need an NT admin's help to join my Windows PC to the domain. I've seen numerous others with a similar problem but they usually involve either a Samba PDC or Windows AD, so I don't see how they apply to me. -- /* wes hardin */ wes[dot]hardin[at]dalsemi[dot]com UNIX System Admin Dallas Semiconductor/Maxim Integrated Products -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [ANNOUNCE] New stable release of Samba Console (1.1.23)
Mark Sarria wrote: do you know where the install docs are located? Look at /usr/share/doc/packages/samba-console/INSTALL.SambaConsole when you install from RPM. This file is located at the top of the tarball if you just get the source archive. -- dbarth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining Samba to a non-Samba,non-AD, NT4 Domain
Wes Hardin írta: I am a Unix Admin, trying to join a NT4 domain. I do not have access to the PDC. When setting up a new machine, either Windows or Unix, on the domain, I ask the NT admins to create a new machine account on the domain for my machine. I then associate my machine with that machine account. I say associate because I'm not exactly sure what happens, something about trading secrets and negotiating machine passwords I think. For my windows machine, this was a very easy process of supplying the domain name, machine name, and my own personal domain login. For my UNIX machines (both Solaris and Linux), I supplied the domain name, machine name, and my personal login but was denied. I had to get an NT admin to put in the Domain Administrator password for it to work. I used the command # net rpc join MEMBER -W DLSMIS -U my username gave my password, and got this back: Create of workstation account failed User specified does not have administrator privileges Unable to join domain DLSMIS. I'm not surprised the create failed, since its already been created before my attempt to join. Samba should not be trying to create it again, although that is what it seems to be doing. When I got an NT admin to come over, I used # net rpc join MEMBER -W DLSMIS -U Administrator got the NT admin to put in their password, and it joined successfully. This doesn't make sense since I don't need an NT admin's help to join my Windows PC to the domain. I've seen numerous others with a similar problem but they usually involve either a Samba PDC or Windows AD, so I don't see how they apply to me. To join Samba to an NT4 domain there are now two methods 1. Create machine accont on the fly, requires ad machine to domain priviledge, for the account doing it works with net rpc join 2. Use a previously created machine account, requires no special piviledges works with net rpc oldjoin For further details see: man net Cheers Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Questions on build farm
Hi all, I've been looking at the samba build farm code and hope you can help with a couple questions... First, is the build_farm code usable under an open source license? Second, does the build_farm currently run any network tests between a client and server on separate machines? Thanks, Bryce -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions on build farm
On Fri, 2005-02-11 at 14:03 -0800, Bryce Harrington wrote: Hi all, I've been looking at the samba build farm code and hope you can help with a couple questions... First, is the build_farm code usable under an open source license? I think most of it is tagged GPL. It is all in subversion - http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/?root=build-farm Let me know if there is anything you can't find a valid licence for, it's probably just been overlooked. Second, does the build_farm currently run any network tests between a client and server on separate machines? No, we avoid this to reduce the security impact of a build farm installation on those who supply machines to us. All tests are done on localhost, in such a way that other processes cannot interfere with the tests. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions on build farm
On Sat, 12 Feb 2005, Andrew Bartlett wrote: On Fri, 2005-02-11 at 14:03 -0800, Bryce Harrington wrote: Hi all, I've been looking at the samba build farm code and hope you can help with a couple questions... First, is the build_farm code usable under an open source license? I think most of it is tagged GPL. It is all in subversion - http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/?root=build-farm Let me know if there is anything you can't find a valid licence for, it's probably just been overlooked. Ok great, yeah I was just looking in the directory at http://www.samba.org/ftp/unpacked/build_farm/ but didn't spot a license file so figured I should ask. I did notice that the scripts under /web have Perl GPL/Artistic boilerplate. Second, does the build_farm currently run any network tests between a client and server on separate machines? No, we avoid this to reduce the security impact of a build farm installation on those who supply machines to us. All tests are done on localhost, in such a way that other processes cannot interfere with the tests. Ok, gotcha. Thanks for the quick reply! Bryce -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [SPAM] Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches
I have found the problem; it was a single patch from microsoft, remove it and fixed! :) On Fri, 11 Feb 2005, Andreas Koch wrote: Yes i have the ServicePack 4 on my Win2K, and is works fine. Set your debug Level to 10 and debug it... I have not this Problem and the same Server and Client. I Think Win2K have a security-user Patch in the Service Pack 4 and this make your Problems. You must debug your Problem, or i hope other People can you help :-( Testing your Config with security = share or don't use the socket options Andreas Am Freitag, den 11.02.2005, 09:24 -0500 schrieb Justin Piszcz: Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [SPAM] Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches
[SPAM]? Ur, what spam is this in response to? On Fri, 11 Feb 2005, Justin Piszcz wrote: Date: Fri, 11 Feb 2005 18:38:01 -0500 (EST) From: Justin Piszcz [EMAIL PROTECTED] To: Andreas Koch [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: Re: [SPAM] Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches I have found the problem; it was a single patch from microsoft, remove it and fixed! :) On Fri, 11 Feb 2005, Andreas Koch wrote: Yes i have the ServicePack 4 on my Win2K, and is works fine. Set your debug Level to 10 and debug it... I have not this Problem and the same Server and Client. I Think Win2K have a security-user Patch in the Service Pack 4 and this make your Problems. You must debug your Problem, or i hope other People can you help :-( Testing your Config with security = share or don't use the socket options Andreas Am Freitag, den 11.02.2005, 09:24 -0500 schrieb Justin Piszcz: Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- J. L. Blank, Systems Administrator, twu.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Any ideas - samba3+openldap2.2.15-5: problems loggin users onto domain
Hi, I've got this cenario in my Suse 9.2 box: samba-3.0.7-5 openldap2-2.2.15-5 smbldap-tools-0.8.4-1 So when I try to logon with a defaul user (winnt) I receive C001 error code (unsuficient auth). Here the logs for this request: #/var/log /messages Feb 11 19:59:36 glasgow slapd[6674]: conn=583 op=4 SRCH base=dc=labredes,dc=tre-sc,dc=gov,dc=br scope=2 deref=0 filter=((uid=andre)(objectClass=sambaSamAccount)) Feb 11 19:59:36 glasgow slapd[6674]: conn=583 op=4 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp Feb 11 19:59:36 glasgow slapd[6674]: conn=583 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 11 19:59:36 glasgow slapd[6674]: conn=581 op=3 UNBIND Feb 11 19:59:36 glasgow slapd[6674]: conn=581 fd=23 closed Feb 11 19:59:36 glasgow slapd[6674]: conn=585 fd=23 ACCEPT from IP=127.0.0.1:41679 (IP=0.0.0.0:389) Feb 11 19:59:36 glasgow slapd[6674]: conn=585 op=0 BIND dn= method=128 Feb 11 19:59:37 glasgow slapd[6674]: conn=585 op=0 RESULT tag=97 err=0 text= Feb 11 19:59:37 glasgow slapd[6674]: conn=585 op=1 SRCH base=ou=Users,dc=labredes,dc=tre-sc,dc=gov,dc=br scope=1 deref=0 filter=((objectClass=posixAccount)(uid=andre)) Feb 11 19:59:37 glasgow slapd[6674]: conn=585 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Feb 11 19:59:37 glasgow slapd[6674]: conn=585 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 11 19:59:37 glasgow slapd[6674]: conn=586 fd=29 ACCEPT from IP=127.0.0.1:41680 (IP=0.0.0.0:389) Feb 11 19:59:37 glasgow slapd[6674]: conn=585 op=2 UNBIND Feb 11 19:59:37 glasgow slapd[6674]: conn=585 fd=23 closed Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=0 BIND dn=cn=Manager,dc=labredes,dc=tre-sc,dc=gov,dc=br method=128 Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=0 BIND dn=cn=Manager,dc=labredes,dc=tre-sc,dc=gov,dc=br mech=SIMPLE ssf=0 Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=0 RESULT tag=97 err=0 text= Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=1 SRCH base=ou=Users,dc=labredes,dc=tre-sc,dc=gov,dc=br scope=1 deref=0 filter=((objectClass=posixAccount)(uid=andre)) Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=2 SRCH base=ou=Groups,dc=labredes,dc=tre-sc,dc=gov,dc=br scope=1 deref=0 filter=((objectClass=posixGroup)(|(memberUid=andre) (uniqueMember=uid=andre,ou=users,dc=labredes,dc=tre-sc,dc=gov,dc=br))) Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 11 19:59:37 glasgow slapd[6674]: conn=586 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Here user attribs: # andre, Users, labredes.tre-sc.gov.br dn: uid=andre,ou=Users,dc=labredes,dc=tre-sc,dc=gov,dc=br objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: andre sn: andre uid: andre uidNumber: 1008 gidNumber: 513 homeDirectory: /home//andre loginShell: /bin/bash gecos: System User description: System User sambaSID: S-1-5-21-1320336019-1651555980-3662787651-3016 sambaPrimaryGroupSID: S-1-5-21-72881033-379349262-1855928443-512 displayName: System User sambaPwdMustChange: 2147483647 sambaPasswordHistory: sambaAcctFlags: [U ] sambaProfilePath: \\glasgow\profilesandre sambaHomePath: \\glasgow\homes sambaPwdCanChange: 1108157871 sambaLMPassword: 0182BD0BDBF836077A718CCDF409 sambaNTPassword: 259745CB123A52AA2E693AAACCA2DB52 sambaPwdLastSet: 1108157871 userPassword:: e01ENX1KZFZhMG9PcVFBcjBaTWR0Y1R3SHJRPT0= Any ideas Thanks in advance, -- Marcelo M. Lopes Tribunal Regional Eleitoral de Santa Catarina SIE/CI/Redes e Comunicação de Dados E-mail: [EMAIL PROTECTED] Fone/Fax: 55 48 251-3700 Site: www.tre-sc.gov.br Follow my conf files: #slapd.conf include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/rfc2307bis.schema include /etc/openldap/schema/yast.schema include /etc/openldap/schema/samba3.schema pidfile /var/run/slapd/slapd.pid argsfile/var/run/slapd/slapd.args modulepath /usr/lib/openldap/modules access to dn.base= by * read
[Samba] Re: Samba 3.0.10 - Error With Latest Win2K Patches
Bogofilter needs to be trained. On Fri, 11 Feb 2005, JLB wrote: [SPAM]? Ur, what spam is this in response to? On Fri, 11 Feb 2005, Justin Piszcz wrote: Date: Fri, 11 Feb 2005 18:38:01 -0500 (EST) From: Justin Piszcz [EMAIL PROTECTED] To: Andreas Koch [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: Re: [SPAM] Re: Re: [Samba] Samba 3.0.10 - Error With Latest Win2K Patches I have found the problem; it was a single patch from microsoft, remove it and fixed! :) On Fri, 11 Feb 2005, Andreas Koch wrote: Yes i have the ServicePack 4 on my Win2K, and is works fine. Set your debug Level to 10 and debug it... I have not this Problem and the same Server and Client. I Think Win2K have a security-user Patch in the Service Pack 4 and this make your Problems. You must debug your Problem, or i hope other People can you help :-( Testing your Config with security = share or don't use the socket options Andreas Am Freitag, den 11.02.2005, 09:24 -0500 schrieb Justin Piszcz: Just a note: It has _ALWAYS_ worked, I applied the patches on Windows 2000 yesterday and it stopped working after that. Perhaps a Windows 2000 problem? Do you use Windows 2000 and have updated to the latest patches? *THAT* is when the error began! Here it is: # The global is required for all global virables. [global] # We want the workgroup set to WORKGROUP. workgroup = WORKGROUP # Set the server string to describe the machine. server string = %h - Pentium III 500MHZ # Set the interface so Samba only works with the LAN. interfaces = 192.168.0.0/24 # Make sure it only binds to this interface. bind interfaces only = yes # Set the security to user. security = user # Make sure encrypt passwords is on! encrypt passwords = yes # Increase overall throughput of samba. socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=32768 SO_RCVBUF=8192 # Set max xmit size. max xmit = 8192 [x] comment = x path= /d1/x writable= yes valid users = jpiszcz create mask = 644 On Fri, 11 Feb 2005, Andreas Koch wrote: Hi Justin, i have also W2K and samba 3.0.8-2 It's work fine. Send me please your smb.conf Andreas Am Freitag, den 11.02.2005, 06:20 -0500 schrieb Justin Piszcz: When Microsoft released their 8-9 new patches this week, around Tuesday, 02/08/05; I can no longer copy files to any of my samba shares. Before Microsoft's patches, everything worked OK; I have multiple Linux SAMBA servers and two separate Windows 2000 Professional SP4 machines; each were patched. Trying to connect to any of the Samba servers I am running Samba 3.0.10 with Debian Sarge and kernel 2.6.10. When I try to drag any file over an (explorer window) with a (samba share) open it puts a circle with a (/) slash through it. When I run xcopy file.zip \\ip\share, it works. 1) I can remove a directory on my Samba share. 2) I can remove a file on my Samba share. 3) I can make a directory on my Samba share. 4) I cannot copy anything over to the Samba share (file, link or directory). Has anyone experienced these problems with the latest Windows 2000 Professional patches? What is the recommended fix? Please CC me as I am not on the list, thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- J. L. Blank, Systems Administrator, twu.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.11 torrent available
On Fri, 2005-02-04 at 11:14 -0600, Gerald (Jerry) Carter wrote: Download Details The uncompressed tarball and patch file have been signed using GnuPG (ID F17F9772). The source code can be downloaded from: http://download.samba.org/samba/ftp/ I've created a .torrent file for the 3.0.11 release. Please try downloading from http://download.samba.org/samba/ftp/samba-3.0.11.tar.gz.torrent and help us reduce the load on our servers. Tim. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] cannot locate roaming profile
I've just edited smb.conf to make it a PDC on my SuSE 9.1 machine. I can add other machines to the domain but when I try to log on, I get the message Windows cannot locate your roaming profile...blah blah My config file is below. # smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SuSE # Date: 2004-04-06 [global] workgroup = TranFamily os level = 64 passdb backend = smbpasswd interfaces = 127.0.0.1 eth0 bind interfaces only = true printing = cups printcap name = cups printer admin = @ntadmin, root, administrator map to guest = Bad User security = user encrypt passwords = yes server string = Samba netbios name = dragonite add machine script = domain master = yes domain logons = yes local master = yes preferred master = yes logon path = \\%N\profiles\%u logon drive = H: logon home = \\homeserver\%u logon script = logon.cmd ldap suffix = dc=example,dc=com [netlogon] path = /usr/local/samba/lib/netlogon read only = yes write list = ntadmin [profiles] path = /export/smb/ntprofile read only = no create mask = 0600 directory mask = 0700 The local log in and the domain log in usernames are different. I created the directory /export/smb/ntprofile as root but change mod to 777. Beside that, I haven't done much else. Can someone please help? Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r5329 - in branches/SAMBA_4_0/source/nbt_server: .
Author: tridge
Date: 2005-02-11 08:18:55 + (Fri, 11 Feb 2005)
New Revision: 5329
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5329
Log:
made the nbt server case sensitive
Modified:
branches/SAMBA_4_0/source/nbt_server/interfaces.c
branches/SAMBA_4_0/source/nbt_server/register.c
Changeset:
Modified: branches/SAMBA_4_0/source/nbt_server/interfaces.c
===
--- branches/SAMBA_4_0/source/nbt_server/interfaces.c 2005-02-11 07:54:20 UTC
(rev 5328)
+++ branches/SAMBA_4_0/source/nbt_server/interfaces.c 2005-02-11 08:18:55 UTC
(rev 5329)
@@ -79,7 +79,7 @@
struct nbtd_iface_name *iname;
for (iname=iface-names;iname;iname=iname-next) {
if (iname-name.type == name-type
- StrCaseCmp(name-name, iname-name.name) == 0
+ strcmp(name-name, iname-name.name) == 0
((iname-nb_flags nb_flags) == nb_flags)) {
return iname;
}
Modified: branches/SAMBA_4_0/source/nbt_server/register.c
===
--- branches/SAMBA_4_0/source/nbt_server/register.c 2005-02-11 07:54:20 UTC
(rev 5328)
+++ branches/SAMBA_4_0/source/nbt_server/register.c 2005-02-11 08:18:55 UTC
(rev 5329)
@@ -170,7 +170,7 @@
iname-name.name = strupper_talloc(iname, name);
iname-name.type = type;
if (scope *scope) {
- iname-name.scope = talloc_strdup(iname, scope);
+ iname-name.scope = strupper_talloc(iname, scope);
} else {
iname-name.scope = NULL;
}
svn commit: samba r5332 - in trunk/source: auth lib nsswitch param
Author: vlendec
Date: 2005-02-11 10:35:41 + (Fri, 11 Feb 2005)
New Revision: 5332
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5332
Log:
Support SIDs as %s replacements in the afs username map parameter.
Add 'log nt token command' parameter. If set, %s is replaced with the user
sid, and %t takes all the group sids.
Volker
Modified:
trunk/source/auth/auth_util.c
trunk/source/lib/afs.c
trunk/source/nsswitch/winbindd_pam.c
trunk/source/param/loadparm.c
Changeset:
Modified: trunk/source/auth/auth_util.c
===
--- trunk/source/auth/auth_util.c 2005-02-11 10:32:46 UTC (rev 5331)
+++ trunk/source/auth/auth_util.c 2005-02-11 10:35:41 UTC (rev 5332)
@@ -592,6 +592,39 @@
debug_nt_user_token(DBGC_AUTH, 10, ptoken);
+ if ((lp_log_nt_token_command() != NULL)
+ (strlen(lp_log_nt_token_command()) 0)) {
+ TALLOC_CTX *mem_ctx;
+ char *command;
+ fstring sidstr;
+ char *user_sidstr, *group_sidstr;
+
+ mem_ctx = talloc_init(setnttoken);
+ if (mem_ctx == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ sid_to_string(sidstr, ptoken-user_sids[0]);
+ user_sidstr = talloc_strdup(mem_ctx, sidstr);
+
+ group_sidstr = talloc_strdup(mem_ctx, );
+ for (i=1; iptoken-num_sids; i++) {
+ sid_to_string(sidstr, ptoken-user_sids[i]);
+ group_sidstr = talloc_asprintf(mem_ctx, %s %s,
+ group_sidstr, sidstr);
+ }
+
+ command = strdup(lp_log_nt_token_command());
+ command = realloc_string_sub(command, %s, user_sidstr);
+ command = realloc_string_sub(command, %t, group_sidstr);
+ DEBUG(8, (running command: [%s]\n, command));
+ if (smbrun(command, NULL) != 0) {
+ DEBUG(0, (Could not log NT token\n));
+ nt_status = NT_STATUS_ACCESS_DENIED;
+ }
+ talloc_destroy(mem_ctx);
+ SAFE_FREE(command);
+ }
+
*token = ptoken;
return nt_status;
Modified: trunk/source/lib/afs.c
===
--- trunk/source/lib/afs.c 2005-02-11 10:32:46 UTC (rev 5331)
+++ trunk/source/lib/afs.c 2005-02-11 10:35:41 UTC (rev 5332)
@@ -214,12 +214,16 @@
char *cell;
BOOL result;
char *ticket_str;
+ DOM_SID user_sid;
struct ClearToken ct;
pstrcpy(afs_username, lp_afs_username_map());
standard_sub_conn(conn, afs_username, sizeof(afs_username));
+ if (NT_STATUS_IS_OK(uid_to_sid(user_sid, conn-uid)))
+ pstring_sub(afs_username, %s, sid_string_static(user_sid));
+
/* The pts command always generates completely lower-case user
* names. */
strlower_m(afs_username);
Modified: trunk/source/nsswitch/winbindd_pam.c
===
--- trunk/source/nsswitch/winbindd_pam.c2005-02-11 10:32:46 UTC (rev
5331)
+++ trunk/source/nsswitch/winbindd_pam.c2005-02-11 10:35:41 UTC (rev
5332)
@@ -467,10 +467,22 @@
afsname = realloc_string_sub(afsname, %u, name_user);
afsname = realloc_string_sub(afsname, %U, name_user);
+ {
+ DOM_SID user_sid;
+ fstring sidstr;
+
+ sid_copy(user_sid, info3.dom_sid.sid);
+ sid_append_rid(user_sid, info3.user_rid);
+ sid_to_string(sidstr, user_sid);
+ afsname = realloc_string_sub(afsname, %s, sidstr);
+ }
+
if (afsname == NULL) goto no_token;
strlower_m(afsname);
+ DEBUG(10, (Generating token for user %s\n, afsname));
+
cell = strchr(afsname, '@');
if (cell == NULL) goto no_token;
Modified: trunk/source/param/loadparm.c
===
--- trunk/source/param/loadparm.c 2005-02-11 10:32:46 UTC (rev 5331)
+++ trunk/source/param/loadparm.c 2005-02-11 10:35:41 UTC (rev 5332)
@@ -130,6 +130,7 @@
char *szRealm;
char *szAfsUsernameMap;
int iAfsTokenLifetime;
+ char *szLogNtTokenCommand;
char *szUsernameMap;
char *szLogonScript;
char *szLogonPath;
@@ -1135,6 +1136,7 @@
{homedir map, P_STRING, P_GLOBAL, Globals.szNISHomeMapName, NULL,
NULL, FLAG_ADVANCED},
{afs username map, P_STRING, P_GLOBAL, Globals.szAfsUsernameMap,
NULL, NULL, FLAG_ADVANCED},
{afs token lifetime, P_INTEGER, P_GLOBAL, Globals.iAfsTokenLifetime,
NULL, NULL,
svn commit: samba r5333 - in branches/SAMBA_4_0/source/torture/nbt: .
Author: tridge
Date: 2005-02-11 10:37:59 + (Fri, 11 Feb 2005)
New Revision: 5333
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5333
Log:
weird, w2k3 always sends a positive name release response, even for names that
have never been registered. I wonder if there is some reason?
Modified:
branches/SAMBA_4_0/source/torture/nbt/wins.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/nbt/wins.c
===
--- branches/SAMBA_4_0/source/torture/nbt/wins.c2005-02-11 10:35:41 UTC
(rev 5332)
+++ branches/SAMBA_4_0/source/torture/nbt/wins.c2005-02-11 10:37:59 UTC
(rev 5333)
@@ -71,6 +71,28 @@
printf(scope is %s\n, name-scope);
}
+ printf(release the name\n);
+ release.in.name = *name;
+ release.in.dest_addr = address;
+ release.in.address = myaddress;
+ release.in.nb_flags = NBT_NODE_H;
+ release.in.broadcast = False;
+ release.in.timeout = 3;
+ release.in.retries = 0;
+
+ status = nbt_name_release(nbtsock, mem_ctx, release);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+ printf(No response from %s for name release\n, address);
+ return False;
+ }
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(Bad response from %s for name query - %s\n,
+ address, nt_errstr(status));
+ return False;
+ }
+ CHECK_VALUE(release.out.rcode, 0);
+
+ printf(register the name\n);
io.in.name = *name;
io.in.wins_servers = str_list_make(mem_ctx, address, NULL);
io.in.addresses = str_list_make(mem_ctx, myaddress, NULL);
svn commit: samba r5334 - in branches/SAMBA_4_0/source/include: .
Author: abartlet Date: 2005-02-11 10:50:54 + (Fri, 11 Feb 2005) New Revision: 5334 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5334 Log: Bah, it's all to hard... Andrew Bartlett Modified: branches/SAMBA_4_0/source/include/includes.h Changeset: Modified: branches/SAMBA_4_0/source/include/includes.h === --- branches/SAMBA_4_0/source/include/includes.h2005-02-11 10:37:59 UTC (rev 5333) +++ branches/SAMBA_4_0/source/include/includes.h2005-02-11 10:50:54 UTC (rev 5334) @@ -51,6 +51,7 @@ #include stdio.h #include stdlib.h #include stddef.h +#include sys/time.h #ifdef HAVE_STDINT_H #include stdint.h
svn commit: samba r5335 - in branches/SAMBA_4_0/source/scripting/swig: .
Author: tpot
Date: 2005-02-11 11:18:19 + (Fri, 11 Feb 2005)
New Revision: 5335
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5335
Log:
Add a Close() method to SamrHandle object.
Add methods for {Query,Set}Security, Shutdown, CreateUser,
Open{User,Group,Alias} and RidToSid.
Time for a torture test I think!
Modified:
branches/SAMBA_4_0/source/scripting/swig/samr.py
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/swig/samr.py
===
--- branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-11 10:50:54 UTC
(rev 5334)
+++ branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-11 11:18:19 UTC
(rev 5335)
@@ -98,12 +98,35 @@
def __del__(self):
+if self.handle is not None:
+self.Close()
+
+def Close(self):
+
r = dcerpc.samr_Close()
r.data_in.handle = self.handle
dcerpc.dcerpc_samr_Close(self.pipe, r)
+self.handle = None
+def QuerySecurity(self, sec_info = 7):
+
+r = dcerpc.samr_QuerySecurity()
+r.data_in.handle = self.handle
+r.data_in.sec_info = sec_info
+
+result = dcerpc.dcerpc_samr_QuerySecurity(self.pipe, r)
+
+return r.data_out.sdbuf.sd
+
+def SetSecurity(self, sec_info = 7):
+
+r = dcerpc.samr_SetSecurity()
+r.data_in.handle = self.handle
+r.data_in.sec_info = sec_info
+
+
class ConnectHandle(SamrHandle):
def EnumDomains(self):
@@ -151,7 +174,14 @@
return DomainHandle(self.pipe, r.data_out.domain_handle)
+def Shutdown(self):
+r = dcerpc.samr_Shutdown()
+r.data_in.connect_handle = self.handle
+
+result = dcerpc.dcerpc_samr_Shutdown(self.pipe, r)
+
+
class DomainHandle(SamrHandle):
def QueryDomainInfo(self, level = 2):
@@ -231,8 +261,75 @@
return users
+def CreateUser(self, account_name, access_mask = 0x0200):
-def Connect(pipe, system_name = '', access_mask = 0x0200):
+r = dcerpc.samr_CreateUser()
+r.data_in.domain_handle = self.handle
+r.data_in.account_name = dcerpc.samr_String()
+r.data_in.account_name.string = account_name
+r.data_in.access_mask = access_mask
+
+result = dcerpc.dcerpc_samr_CreateUser(self.pipe, r)
+
+return (r.data_out.user_handle,
+dcerpc.uint32_array_getitem(r.data_out.rid, 0))
+
+def OpenUser(self, rid, access_mask = 0x0200):
+
+r = dcerpc.samr_OpenUser()
+r.data_in.domain_handle = self.handle
+r.data_in.access_mask = access_mask
+r.data_in.rid = rid
+
+result = dcerpc.dcerpc_samr_OpenUser(self.pipe, r)
+
+return UserHandle(pipe, r.data_out.user_handle)
+
+def OpenGroup(self, rid, access_mask = 0x0200):
+
+r = dcerpc.samr_OpenGroup()
+r.data_in.domain_handle = self.handle
+r.data_in.access_mask = access_mask
+r.data_in.rid = rid
+
+result = dcerpc.dcerpc_samr_OpenGroup(self.pipe, r)
+
+return GroupHandle(pipe, r.data_out.group_handle)
+
+def OpenAlias(self, rid, access_mask = 0x0200):
+
+r = dcerpc.samr_OpenAlias()
+r.data_in.domain_handle = self.handle
+r.data_in.access_mask = access_mask
+r.data_in.rid = rid
+
+result = dcerpc.dcerpc_samr_OpenAlias(self.pipe, r)
+
+return AliasHandle(pipe, r.data_out.group_handle)
+
+def RidToSid(self, rid):
+
+r = dcerpc.samr_RidToSid()
+r.data_in.domain_handle = self.handle
+
+result = dcerpc.dcerpc_samr_RidToSid(self.pipe, r)
+
+return sid_to_string(r.data_out.sid)
+
+
+class UserHandle(SamrHandle):
+pass
+
+
+class GroupHandle(SamrHandle):
+pass
+
+
+class AliasHandle(SamrHandle):
+pass
+
+
+def Connect2(pipe, system_name = '', access_mask = 0x0200):
Connect to the SAMR pipe.
r = dcerpc.samr_Connect2()
@@ -242,3 +339,53 @@
result = dcerpc.dcerpc_samr_Connect2(pipe, r)
return ConnectHandle(pipe, r.data_out.connect_handle)
+
+# CreateDomainGroup
+# CreateDomAlias
+# GetAliasMembership
+# LookupNames
+# QueryGroupInfo
+# SetGroupInfo
+# AddGroupMember
+# DeleteDomainGroup
+# DeleteGroupMember
+# QueryGroupMember
+# SetMemberAttributesofGroup
+# QueryAliasInfo
+# SetAliasInfo
+# DeleteDomAlias
+# AddAliasMember
+# DeleteAliasMember
+# GetMembersinAlias
+# DeleteUser
+# QueryUserInfo
+# SetUserInfo
+# ChangePasswordUser
+# GetGroupsForUser
+# QueryDisplayInfo
+# GetDisplayEnumerationIndex
+# TestPrivateFunctionsDomain
+# TestPrivateFunctionsUser
+# GetUserPwInfo
+# RemoveMemberFromForeignDomain
+# QueryDomainInfo2
+# QueryUserInfo2
+# QueryDisplayInfo2
+# GetDisplayEnumerationIndex2
+# CreateUser2
+# QueryDisplayInfo3
+# AddMultipleMembersToAlias
+# RemoveMultipleMembersFromAlias
+# OemChangePasswordUser2
+# ChangePasswordUser2
+# GetDomPwInfo
+#
svn commit: samba r5336 - in branches/SAMBA_3_0/source: libads nsswitch
Author: jerry Date: 2005-02-11 14:31:14 + (Fri, 11 Feb 2005) New Revision: 5336 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5336 Log: BUG 2329: fix to re-enable winbindd to locate DC's when 'disable netbios = yes' Modified: branches/SAMBA_3_0/source/libads/ldap.c branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c branches/SAMBA_3_0/source/nsswitch/winbindd_util.c Changeset: Sorry, the patch is too large (253 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5336
svn commit: samba r5337 - in branches/SAMBA_3_0/source/passdb: .
Author: jerry Date: 2005-02-11 14:58:33 + (Fri, 11 Feb 2005) New Revision: 5337 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5337 Log: BUG 1439: make sure to initialize pointer to prevent invalide free()'s on exit Modified: branches/SAMBA_3_0/source/passdb/passdb.c Changeset: Modified: branches/SAMBA_3_0/source/passdb/passdb.c === --- branches/SAMBA_3_0/source/passdb/passdb.c 2005-02-11 14:31:14 UTC (rev 5336) +++ branches/SAMBA_3_0/source/passdb/passdb.c 2005-02-11 14:58:33 UTC (rev 5337) @@ -1379,18 +1379,18 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; - char *username; - char *domain; - char *nt_username; - char *dir_drive; - char *unknown_str; - char *munged_dial; - char *fullname; - char *homedir; - char *logon_script; - char *profile_path; - char *acct_desc; - char *workstations; + char *username = NULL; + char *domain = NULL; + char *nt_username = NULL; + char *dir_drive = NULL; + char *unknown_str = NULL; + char *munged_dial = NULL; + char *fullname = NULL; + char *homedir = NULL; + char *logon_script = NULL; + char *profile_path = NULL; + char *acct_desc = NULL; + char *workstations = NULL; uint32 username_len, domain_len, nt_username_len, dir_drive_len, unknown_str_len, munged_dial_len, fullname_len, homedir_len, logon_script_len, @@ -1399,8 +1399,8 @@ uint32 user_rid, group_rid, remove_me, hours_len, unknown_6; uint16 acct_ctrl, logon_divs; uint16 bad_password_count, logon_count; - uint8 *hours; - uint8 *lm_pw_ptr, *nt_pw_ptr; + uint8 *hours = NULL; + uint8 *lm_pw_ptr = NULL, *nt_pw_ptr = NULL; uint32 len = 0; uint32 lm_pw_len, nt_pw_len, hourslen; BOOL ret = True; @@ -1558,18 +1558,18 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; - char *username; - char *domain; - char *nt_username; - char *dir_drive; - char *unknown_str; - char *munged_dial; - char *fullname; - char *homedir; - char *logon_script; - char *profile_path; - char *acct_desc; - char *workstations; + char *username = NULL; + char *domain = NULL; + char *nt_username = NULL; + char *dir_drive = NULL; + char *unknown_str = NULL; + char *munged_dial = NULL; + char *fullname = NULL; + char *homedir = NULL; + char *logon_script = NULL; + char *profile_path = NULL; + char *acct_desc = NULL; + char *workstations = NULL; uint32 username_len, domain_len, nt_username_len, dir_drive_len, unknown_str_len, munged_dial_len, fullname_len, homedir_len, logon_script_len, @@ -1578,8 +1578,8 @@ uint32 user_rid, group_rid, remove_me, hours_len, unknown_6; uint16 acct_ctrl, logon_divs; uint16 bad_password_count, logon_count; - uint8 *hours; - uint8 *lm_pw_ptr, *nt_pw_ptr; + uint8 *hours = NULL; + uint8 *lm_pw_ptr = NULL, *nt_pw_ptr = NULL; uint32 len = 0; uint32 lm_pw_len, nt_pw_len, hourslen; BOOL ret = True; @@ -1744,18 +1744,18 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; - char *username; - char *domain; - char *nt_username; - char *dir_drive; - char *unknown_str; - char *munged_dial; - char *fullname; - char *homedir; - char *logon_script; - char *profile_path; - char *acct_desc; - char *workstations; + char *username = NULL; + char *domain = NULL; + char *nt_username = NULL; + char *dir_drive = NULL; + char *unknown_str = NULL; + char *munged_dial = NULL; + char *fullname = NULL; + char *homedir = NULL; + char *logon_script = NULL; + char *profile_path = NULL; + char *acct_desc = NULL; + char *workstations = NULL; uint32 username_len, domain_len, nt_username_len, dir_drive_len, unknown_str_len, munged_dial_len, fullname_len, homedir_len, logon_script_len, @@ -1764,8 +1764,8 @@ uint32 user_rid, group_rid, hours_len, unknown_6; uint16 acct_ctrl, logon_divs; uint16 bad_password_count, logon_count; - uint8 *hours; - uint8 *lm_pw_ptr, *nt_pw_ptr, *nt_pw_hist_ptr; + uint8 *hours = NULL; + uint8 *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL; uint32 len = 0; uint32 lm_pw_len, nt_pw_len,
svn commit: samba r5338 - in branches/SAMBA_4_0/source/build/pidl: .
Author: jelmer Date: 2005-02-11 15:49:15 + (Fri, 11 Feb 2005) New Revision: 5338 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5338 Log: More efforts to handle types similarly. Modified: branches/SAMBA_4_0/source/build/pidl/eparser.pm branches/SAMBA_4_0/source/build/pidl/header.pm branches/SAMBA_4_0/source/build/pidl/idl.pm branches/SAMBA_4_0/source/build/pidl/idl.yp branches/SAMBA_4_0/source/build/pidl/ndr.pm branches/SAMBA_4_0/source/build/pidl/needed.pm branches/SAMBA_4_0/source/build/pidl/validator.pm Changeset: Sorry, the patch is too large (292 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5338
svn commit: samba r5339 - in branches/SAMBA_3_0/source/rpc_client: .
Author: jmcd
Date: 2005-02-11 16:03:40 + (Fri, 11 Feb 2005)
New Revision: 5339
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5339
Log:
Fix 'net rpc trustdom establish'. Use the right pipe name, therefore the
right pipe FID. Fixes NT_STATUS_INVALID_HANDLE error.
Modified:
branches/SAMBA_3_0/source/rpc_client/cli_wkssvc.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_client/cli_wkssvc.c
===
--- branches/SAMBA_3_0/source/rpc_client/cli_wkssvc.c 2005-02-11 15:49:15 UTC
(rev 5338)
+++ branches/SAMBA_3_0/source/rpc_client/cli_wkssvc.c 2005-02-11 16:03:40 UTC
(rev 5339)
@@ -61,7 +61,7 @@
}
/* actual rpc call over \PIPE\wkssvc */
- if (!rpc_api_pipe_req(cli, PI_SRVSVC, WKS_QUERY_INFO, buf, rbuf)) {
+ if (!rpc_api_pipe_req(cli, PI_WKSSVC, WKS_QUERY_INFO, buf, rbuf)) {
prs_mem_free(buf);
prs_mem_free(rbuf);
return NT_STATUS_UNSUCCESSFUL;
svn commit: samba r5340 - in trunk/source/rpc_client: .
Author: jmcd
Date: 2005-02-11 16:03:47 + (Fri, 11 Feb 2005)
New Revision: 5340
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5340
Log:
Fix 'net rpc trustdom establish'. Use the right pipe name, therefore the
right pipe FID. Fixes NT_STATUS_INVALID_HANDLE error.
Modified:
trunk/source/rpc_client/cli_wkssvc.c
Changeset:
Modified: trunk/source/rpc_client/cli_wkssvc.c
===
--- trunk/source/rpc_client/cli_wkssvc.c2005-02-11 16:03:40 UTC (rev
5339)
+++ trunk/source/rpc_client/cli_wkssvc.c2005-02-11 16:03:47 UTC (rev
5340)
@@ -61,7 +61,7 @@
}
/* actual rpc call over \PIPE\wkssvc */
- if (!rpc_api_pipe_req(cli, PI_SRVSVC, WKS_QUERY_INFO, buf, rbuf)) {
+ if (!rpc_api_pipe_req(cli, PI_WKSSVC, WKS_QUERY_INFO, buf, rbuf)) {
prs_mem_free(buf);
prs_mem_free(rbuf);
return NT_STATUS_UNSUCCESSFUL;
svn commit: samba r5341 - in trunk/source/lib: .
Author: jra Date: 2005-02-11 19:31:27 + (Fri, 11 Feb 2005) New Revision: 5341 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5341 Log: Reformat some very old code. Jeremy. Modified: trunk/source/lib/time.c Changeset: Sorry, the patch is too large (796 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5341
svn commit: samba r5342 - in branches/SAMBA_3_0/source/lib: .
Author: jra Date: 2005-02-11 19:31:48 + (Fri, 11 Feb 2005) New Revision: 5342 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5342 Log: Reformat some very old code. Jeremy. Modified: branches/SAMBA_3_0/source/lib/time.c Changeset: Sorry, the patch is too large (796 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5342
svn commit: samba r5344 - in trunk/source: lib smbd
Author: jra
Date: 2005-02-11 20:00:31 + (Fri, 11 Feb 2005)
New Revision: 5344
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5344
Log:
Fix for bug#1525. Timestamps interpreted incorrectly on 64-bit time_t values.
Jeremy.
Modified:
trunk/source/lib/time.c
trunk/source/smbd/trans2.c
Changeset:
Modified: trunk/source/lib/time.c
===
--- trunk/source/lib/time.c 2005-02-11 20:00:30 UTC (rev 5343)
+++ trunk/source/lib/time.c 2005-02-11 20:00:31 UTC (rev 5344)
@@ -302,6 +302,8 @@
Interpret an 8 byte filetime structure to a time_t
It's originally in 100ns units since jan 1st 1601
+ An 8 byte value of 0x will be returned as (time_t)0.
+
It appears to be kludge-GMT (at least for file listings). This means
its the GMT you get by taking a localtime and adding the
serverzone. This is NOT the same as GMT in some cases. This routine
@@ -385,6 +387,8 @@
/
Interprets an nt time into a unix time_t.
+ Differs from nt_time_to_unix in that an 8 byte value of 0x
+ will be returned as (time_t)-1, whereas nt_time_to_unix returns 0 in this
case.
/
time_t interpret_long_date(char *p)
@@ -392,6 +396,9 @@
NTTIME nt;
nt.low = IVAL(p,0);
nt.high = IVAL(p,4);
+ if (nt.low == 0x nt.high == 0x) {
+ return (time_t)-1;
+ }
return nt_time_to_unix(nt);
}
Modified: trunk/source/smbd/trans2.c
===
--- trunk/source/smbd/trans2.c 2005-02-11 20:00:30 UTC (rev 5343)
+++ trunk/source/smbd/trans2.c 2005-02-11 20:00:31 UTC (rev 5344)
@@ -802,21 +802,6 @@
}
/
- Checks for SMB_TIME_NO_CHANGE and if not found calls interpret_long_date.
-/
-
-time_t interpret_long_unix_date(char *p)
-{
- DEBUG(10,(interpret_long_unix_date\n));
- if(IVAL(p,0) == SMB_TIME_NO_CHANGE_LO
- IVAL(p,4) == SMB_TIME_NO_CHANGE_HI) {
- return -1;
- } else {
- return interpret_long_date(p);
- }
-}
-
-/
Get a level dependent lanman2 dir entry.
/
@@ -3332,7 +3317,7 @@
tvs.modtime = MIN(write_time, changed_time);
- if (write_time tvs.modtime write_time !=
0x) {
+ if (write_time tvs.modtime write_time !=
(time_t)-1) {
tvs.modtime = write_time;
}
/* Prefer a defined time to an undefined one. */
@@ -3511,8 +3496,8 @@
#endif /* LARGE_SMB_OFF_T */
}
pdata+=24; /* ctime st_blocks are not
changed */
- tvs.actime = interpret_long_unix_date(pdata); /*
access_time */
- tvs.modtime = interpret_long_unix_date(pdata+8); /*
modification_time */
+ tvs.actime = interpret_long_date(pdata); /* access_time
*/
+ tvs.modtime = interpret_long_date(pdata+8); /*
modification_time */
pdata+=16;
set_owner = (uid_t)IVAL(pdata,0);
pdata += 8;
svn commit: samba r5343 - in branches/SAMBA_3_0/source: lib smbd
Author: jra
Date: 2005-02-11 20:00:30 + (Fri, 11 Feb 2005)
New Revision: 5343
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5343
Log:
Fix for bug#1525. Timestamps interpreted incorrectly on 64-bit time_t values.
Jeremy.
Modified:
branches/SAMBA_3_0/source/lib/time.c
branches/SAMBA_3_0/source/smbd/trans2.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/time.c
===
--- branches/SAMBA_3_0/source/lib/time.c2005-02-11 19:31:48 UTC (rev
5342)
+++ branches/SAMBA_3_0/source/lib/time.c2005-02-11 20:00:30 UTC (rev
5343)
@@ -302,6 +302,8 @@
Interpret an 8 byte filetime structure to a time_t
It's originally in 100ns units since jan 1st 1601
+ An 8 byte value of 0x will be returned as (time_t)0.
+
It appears to be kludge-GMT (at least for file listings). This means
its the GMT you get by taking a localtime and adding the
serverzone. This is NOT the same as GMT in some cases. This routine
@@ -385,6 +387,8 @@
/
Interprets an nt time into a unix time_t.
+ Differs from nt_time_to_unix in that an 8 byte value of 0x
+ will be returned as (time_t)-1, whereas nt_time_to_unix returns 0 in this
case.
/
time_t interpret_long_date(char *p)
@@ -392,6 +396,9 @@
NTTIME nt;
nt.low = IVAL(p,0);
nt.high = IVAL(p,4);
+ if (nt.low == 0x nt.high == 0x) {
+ return (time_t)-1;
+ }
return nt_time_to_unix(nt);
}
Modified: branches/SAMBA_3_0/source/smbd/trans2.c
===
--- branches/SAMBA_3_0/source/smbd/trans2.c 2005-02-11 19:31:48 UTC (rev
5342)
+++ branches/SAMBA_3_0/source/smbd/trans2.c 2005-02-11 20:00:30 UTC (rev
5343)
@@ -801,21 +801,6 @@
}
/
- Checks for SMB_TIME_NO_CHANGE and if not found calls interpret_long_date.
-/
-
-time_t interpret_long_unix_date(char *p)
-{
- DEBUG(10,(interpret_long_unix_date\n));
- if(IVAL(p,0) == SMB_TIME_NO_CHANGE_LO
- IVAL(p,4) == SMB_TIME_NO_CHANGE_HI) {
- return -1;
- } else {
- return interpret_long_date(p);
- }
-}
-
-/
Get a level dependent lanman2 dir entry.
/
@@ -3331,7 +3316,7 @@
tvs.modtime = MIN(write_time, changed_time);
- if (write_time tvs.modtime write_time !=
0x) {
+ if (write_time tvs.modtime write_time !=
(time_t)-1) {
tvs.modtime = write_time;
}
/* Prefer a defined time to an undefined one. */
@@ -3510,8 +3495,8 @@
#endif /* LARGE_SMB_OFF_T */
}
pdata+=24; /* ctime st_blocks are not
changed */
- tvs.actime = interpret_long_unix_date(pdata); /*
access_time */
- tvs.modtime = interpret_long_unix_date(pdata+8); /*
modification_time */
+ tvs.actime = interpret_long_date(pdata); /* access_time
*/
+ tvs.modtime = interpret_long_date(pdata+8); /*
modification_time */
pdata+=16;
set_owner = (uid_t)IVAL(pdata,0);
pdata += 8;
svn commit: samba r5346 - in branches/SAMBA_4_0/source: nbt_server param
Author: tridge Date: 2005-02-11 23:54:37 + (Fri, 11 Feb 2005) New Revision: 5346 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5346 Log: - a bit more preparation for the WINS server going in - more NBT packet asserts, to ensure that incoming requests have all the elements we depend on - open the WINS database at startup if we are configured as a WINS server - split out the nbtd server reply packet generation code so it can be shared by the WINS server - re-did the logic of what is answered by the WINS server and what by the B node server. It now always tries to answer by the B node, and only recurses to the WINS server for names that are not found. Modified: branches/SAMBA_4_0/source/nbt_server/defense.c branches/SAMBA_4_0/source/nbt_server/interfaces.c branches/SAMBA_4_0/source/nbt_server/nbt_server.c branches/SAMBA_4_0/source/nbt_server/nbt_server.h branches/SAMBA_4_0/source/nbt_server/nodestatus.c branches/SAMBA_4_0/source/nbt_server/packet.c branches/SAMBA_4_0/source/nbt_server/query.c branches/SAMBA_4_0/source/nbt_server/winsserver.c branches/SAMBA_4_0/source/param/loadparm.c Changeset: Sorry, the patch is too large (585 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5346
svn commit: samba r5347 - in branches/SAMBA_4_0/source/torture/nbt: .
Author: tridge Date: 2005-02-11 23:55:15 + (Fri, 11 Feb 2005) New Revision: 5347 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5347 Log: fixed the NBT-REGISTER test now that the nbt layer is case sensitive Modified: branches/SAMBA_4_0/source/torture/nbt/register.c Changeset: Modified: branches/SAMBA_4_0/source/torture/nbt/register.c === --- branches/SAMBA_4_0/source/torture/nbt/register.c2005-02-11 23:54:37 UTC (rev 5346) +++ branches/SAMBA_4_0/source/torture/nbt/register.c2005-02-11 23:55:15 UTC (rev 5347) @@ -160,7 +160,7 @@ NTSTATUS status; BOOL ret = True; - name.name = lp_parm_string(-1, torture, host); + name.name = strupper_talloc(mem_ctx, lp_parm_string(-1, torture, host)); name.type = NBT_NAME_SERVER; name.scope = NULL;
Build status as of Sat Feb 12 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-02-11 00:00:22.0 + +++ /home/build/master/cache/broken_results.txt 2005-02-12 00:00:38.0 + @@ -1,55 +1,73 @@ -Build status as of Fri Feb 11 00:00:02 2005 +Build status as of Sat Feb 12 00:00:02 2005 Build counts: Tree Total Broken Panic -ccache 37 6 0 -distcc 37 3 0 -ppp 21 5 0 -rsync36 4 0 +ccache 36 4 0 +distcc 37 4 0 +ppp 22 4 0 +rsync37 3 0 samba1 1 1 samba-docs 0 0 0 -samba4 38 10 0 -samba_3_036 10 1 +samba4 38 8 0 +samba_3_036 33 1 Currently broken builds: Host Tree Compiler Status -mungerasamba_3_0gccok/ok/ok/ 2/PANIC -cyberone samba4 gccok/ 2/?/? -cyberone samba_3_0gcc 1/?/?/? +mungerasamba_3_0gccok/ok/ok/ 6/PANIC fusberta samba4 gccok/ 2/?/? +fusberta samba_3_0gccok/ok/ok/ 4 +yurok samba_3_0gcc 127/?/?/? +samba-s390 samba_3_0gccok/ok/ok/ 4 quango ccache gcc 137/?/?/? quango distcc gcc 137/?/?/? quango ppp gccok/ 2/?/? +quango samba_3_0gccok/ok/ok/ 4 +superego samba_3_0gccok/ok/ok/ 4 +cl012 samba_3_0gccok/ok/ok/ 4 gc8samba4 gccok/ 1/?/? +gc8samba_3_0gccok/ok/ok/ 4 +aretnapdistcc gcc 127/?/?/? +aretnapsamba_3_0gccok/ok/ok/ 4 aretnapccache iccok/ok/ok/ 1 aretnapsamba4 iccok/ 1/?/? +aretnapsamba_3_0iccok/ok/ok/ 4 +gc4samba_3_0gccok/ok/ok/ 4 sbfrsyncgccok/ 1/?/? sbfsamba_3_0gccok/ 1/?/? +smartserv1 samba_3_0gccok/ok/ok/ 4 +smartserv1 samba_3_0gcc-4.0ok/ok/ok/ 4 +wetlizard samba_3_0gccok/ok/ok/ 4 +tardis distcc gccok/ 2/?/? +tardis samba_3_0gccok/ok/ok/ 5 us4samba_3_0cc ok/ 1/?/? us4samba_3_0gccok/ 1/?/? flock samba4 gccok/ 1/?/? flock samba_3_0gcc 127/?/?/? +homer samba_3_0gccok/ok/ok/ 4 opisol10 ccache gccok/ok/ok/ 1 opisol10 ppp gccok/ 1/?/? opisol10 samba4 gccok/ 1/?/? opisol10 samba_3_0gccok/ 1/?/? -sol10 ccache gccok/ 1/?/? -sol10 distcc gccok/ 1/?/? -sol10 ppp gccok/ 1/?/? -sol10 rsyncgccok/ 1/?/? -sol10 samba4 gccok/ 1/?/? +sol10 samba_3_0gccok/ok/ok/ 4 +gc20 samba_3_0gccok/ok/ok/ 4 sun1 samba4 cc ok/ 2/?/? sun1 samba_3_0cc ok/ 2/?/? +sun1 samba_3_0gccok/ok/ok/ 5 Isis ccache cc 77/?/?/? Isis distcc cc 77/?/?/? Isis rsynccc 77/?/?/? Isis samba4 cc 77/?/?/? Isis samba_3_0cc 77/?/?/? Isis ppp gccok/ 2/?/? -m30ccache gccok/ok/ok/ 2 +Isis samba_3_0gccok/ok/ok/ 4 +fire1 samba_3_0gccok/ok/ok/ 4 m30rsyncgccok/ok/ok/ 2 m30samba4 gccok/ 2/?/? m30samba_3_0gccok/ok/ok/ 1 metze02sambagccok/ok/ok/ 1/PANIC +metze02samba_3_0gccok/ok/ok/ 4 +metze01samba_3_0gccok/ok/ok/ 4 +PCS1 samba_3_0gccok/ok/ok/ 4 opippp gccok/ 2/?/? +opisamba_3_0gccok/ok/ok/ 4
svn commit: samba r5348 - in branches/SAMBA_4_0/source/scripting/swig: .
Author: tpot
Date: 2005-02-12 00:40:00 + (Sat, 12 Feb 2005)
New Revision: 5348
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5348
Log:
Implement the remaining samr connect functions and fix up setsecurity.
Modified:
branches/SAMBA_4_0/source/scripting/swig/samr.py
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/swig/samr.py
===
--- branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-11 23:55:15 UTC
(rev 5347)
+++ branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-12 00:40:00 UTC
(rev 5348)
@@ -118,15 +118,18 @@
result = dcerpc.dcerpc_samr_QuerySecurity(self.pipe, r)
-return r.data_out.sdbuf.sd
+return r.data_out.sdbuf
-def SetSecurity(self, sec_info = 7):
+def SetSecurity(self, sdbuf, sec_info = 7):
r = dcerpc.samr_SetSecurity()
r.data_in.handle = self.handle
r.data_in.sec_info = sec_info
+r.data_in.sdbuf = sdbuf
+result = dcerpc.dcerpc_samr_SetSecurity(self.pipe, r)
+
class ConnectHandle(SamrHandle):
def EnumDomains(self):
@@ -329,6 +332,17 @@
pass
+def Connect(pipe, access_mask = 0x0200):
+
+r = dcerpc.samr_Connect()
+r.data_in.system_name = dcerpc.new_uint16_array(1)
+dcerpc.uint16_array_setitem(r.data_in.system_name, 0, ord('\\'))
+r.data_in.access_mask = access_mask
+
+result = dcerpc.dcerpc_samr_Connect(pipe, r)
+
+return ConnectHandle(pipe, r.data_out.connect_handle)
+
def Connect2(pipe, system_name = '', access_mask = 0x0200):
Connect to the SAMR pipe.
@@ -340,6 +354,43 @@
return ConnectHandle(pipe, r.data_out.connect_handle)
+def Connect3(pipe, system_name = '', access_mask = 0x0200):
+
+r = dcerpc.samr_Connect3()
+r.data_in.system_name = system_name
+r.data_in.unknown = 0
+r.data_in.access_mask = access_mask
+
+result = dcerpc.dcerpc_samr_Connect3(pipe, r)
+
+return ConnectHandle(pipe, r.data_out.connect_handle)
+
+def Connect4(pipe, system_name = '', access_mask = 0x0200):
+
+r = dcerpc.samr_Connect4()
+r.data_in.system_name = system_name
+r.data_in.unknown = 0
+r.data_in.access_mask = access_mask
+
+result = dcerpc.dcerpc_samr_Connect4(pipe, r)
+
+return ConnectHandle(pipe, r.data_out.connect_handle)
+
+def Connect5(pipe, system_name = '', access_mask = 0x0200):
+
+r = dcerpc.samr_Connect5()
+r.data_in.system_name = system_name
+r.data_in.access_mask = access_mask
+r.data_in.level = 1
+r.data_in.info = dcerpc.new_samr_ConnectInfo_array(1)
+r.data_in.info.unknown1 = 0
+r.data_in.info.unknown2 = 0
+
+result = dcerpc.dcerpc_samr_Connect5(pipe, r)
+
+return ConnectHandle(pipe, r.data_out.connect_handle)
+
+
# CreateDomainGroup
# CreateDomAlias
# GetAliasMembership
@@ -379,13 +430,9 @@
# OemChangePasswordUser2
# ChangePasswordUser2
# GetDomPwInfo
-# Connect
# SetUserInfo2
# SetBootKeyInformation
# GetBootKeyInformation
-# Connect3
-# Connect4
# ChangePasswordUser3
-# Connect5
# SetDsrmPassword
# ValidatePassword
svn commit: samba r5349 - in branches/SAMBA_3_0/source: . include lib passdb rpc_server smbd utils
Author: gd Date: 2005-02-12 00:51:31 + (Sat, 12 Feb 2005) New Revision: 5349 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5349 Log: After talking with Jerry, reverted the addition of account policies to passdb in 3_0 (they are still in trunk). Guenther Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/include/passdb.h branches/SAMBA_3_0/source/include/smbldap.h branches/SAMBA_3_0/source/lib/account_pol.c branches/SAMBA_3_0/source/lib/smbldap.c branches/SAMBA_3_0/source/passdb/passdb.c branches/SAMBA_3_0/source/passdb/pdb_get_set.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/passdb/pdb_ldap.c branches/SAMBA_3_0/source/rpc_server/srv_reg_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/smbd/chgpasswd.c branches/SAMBA_3_0/source/utils/net_rpc_samsync.c branches/SAMBA_3_0/source/utils/pdbedit.c Changeset: Sorry, the patch is too large (1590 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5349
svn commit: samba r5350 - in branches/SAMBA_4_0/source/scripting/swig: .
Author: tpot
Date: 2005-02-12 00:53:32 + (Sat, 12 Feb 2005)
New Revision: 5350
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5350
Log:
Implement an input typemap for NTSTATUS.
Modified:
branches/SAMBA_4_0/source/scripting/swig/samba.i
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/swig/samba.i
===
--- branches/SAMBA_4_0/source/scripting/swig/samba.i2005-02-12 00:51:31 UTC
(rev 5349)
+++ branches/SAMBA_4_0/source/scripting/swig/samba.i2005-02-12 00:53:32 UTC
(rev 5350)
@@ -46,6 +46,17 @@
$result = PyLong_FromUnsignedLong($1);
}
+%typemap(in) NTSTATUS {
+ if (PyLong_Check($input))
+ $1 = NT_STATUS(PyLong_AsUnsignedLong($input));
+ else if (PyInt_Check($input))
+ $1 = NT_STATUS(PyInt_AsLong($input));
+ else {
+ PyErr_SetString(PyExc_TypeError, Expected a long or an int);
+ return NULL;
+ }
+}
+
%typemap(out) NTSTATUS {
$result = PyLong_FromUnsignedLong(NT_STATUS_V($1));
}
svn commit: samba r5351 - in branches/SAMBA_4_0/source/scripting/swig: .
Author: tpot Date: 2005-02-12 00:54:11 + (Sat, 12 Feb 2005) New Revision: 5351 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5351 Log: Add wrapper for nt_errstr and array functions for samr_ConnectInfo. Modified: branches/SAMBA_4_0/source/scripting/swig/dcerpc.i Changeset: Modified: branches/SAMBA_4_0/source/scripting/swig/dcerpc.i === --- branches/SAMBA_4_0/source/scripting/swig/dcerpc.i 2005-02-12 00:53:32 UTC (rev 5350) +++ branches/SAMBA_4_0/source/scripting/swig/dcerpc.i 2005-02-12 00:54:11 UTC (rev 5351) @@ -169,6 +169,8 @@ const char *dcerpc_server_name(struct dcerpc_pipe *p); +char *nt_errstr(NTSTATUS nt_code); + /* Some typemaps for easier access to resume handles. Really this can also be done using the uint32 carray functions, but it's a bit of a hassle. TODO: Fix memory leak here. */ @@ -228,6 +230,7 @@ them all by hand. */ %array_functions(struct samr_SamEntry, samr_SamEntry_array); +%array_functions(union samr_ConnectInfo, samr_ConnectInfo_array); %include librpc/gen_ndr/misc.i %include librpc/gen_ndr/security.i
svn commit: samba r5352 - in branches/SAMBA_4_0/source: libcli/nbt nbt_server torture/nbt
Author: tridge Date: 2005-02-12 01:00:15 + (Sat, 12 Feb 2005) New Revision: 5352 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5352 Log: added a function nbt_name_string() that formats a nbt_name structure as a human readable string. The format is designed to be able to be used as the DN for the WINS database as well, while coping with arbitrary bytes in the name (except nul bytes) Modified: branches/SAMBA_4_0/source/libcli/nbt/nameregister.c branches/SAMBA_4_0/source/libcli/nbt/nbtname.c branches/SAMBA_4_0/source/nbt_server/defense.c branches/SAMBA_4_0/source/nbt_server/nodestatus.c branches/SAMBA_4_0/source/nbt_server/packet.c branches/SAMBA_4_0/source/nbt_server/query.c branches/SAMBA_4_0/source/nbt_server/register.c branches/SAMBA_4_0/source/nbt_server/winsclient.c branches/SAMBA_4_0/source/nbt_server/winsserver.c branches/SAMBA_4_0/source/torture/nbt/wins.c Changeset: Sorry, the patch is too large (369 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5352
svn commit: samba r5353 - in branches/SAMBA_4_0/source/scripting/swig: .
Author: tpot Date: 2005-02-12 01:05:16 + (Sat, 12 Feb 2005) New Revision: 5353 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5353 Log: Throw a NTSTATUS exception if a NT error code is returned. Modified: branches/SAMBA_4_0/source/scripting/swig/samr.py Changeset: Modified: branches/SAMBA_4_0/source/scripting/swig/samr.py === --- branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-12 01:00:15 UTC (rev 5352) +++ branches/SAMBA_4_0/source/scripting/swig/samr.py2005-02-12 01:05:16 UTC (rev 5353) @@ -89,6 +89,16 @@ return sid +def call_fn(fn, pipe, args): +Wrap up a RPC call and throw an exception is an error was returned. + +result = fn(pipe, args); +if result 0xc000: +raise dcerpc.NTSTATUS(result, dcerpc.nt_errstr(result)); + +return result; + + class SamrHandle: def __init__(self, pipe, handle): @@ -106,7 +116,7 @@ r = dcerpc.samr_Close() r.data_in.handle = self.handle -dcerpc.dcerpc_samr_Close(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_Close, self.pipe, r) self.handle = None @@ -116,7 +126,7 @@ r.data_in.handle = self.handle r.data_in.sec_info = sec_info -result = dcerpc.dcerpc_samr_QuerySecurity(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_QuerySecurity, self.pipe, r) return r.data_out.sdbuf @@ -127,7 +137,7 @@ r.data_in.sec_info = sec_info r.data_in.sdbuf = sdbuf -result = dcerpc.dcerpc_samr_SetSecurity(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_SetSecurity, self.pipe, r) class ConnectHandle(SamrHandle): @@ -143,7 +153,7 @@ while 1: -result = dcerpc.dcerpc_samr_EnumDomains(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_EnumDomains, self.pipe, r) for i in range(r.data_out.sam.count): domains.append(dcerpc.samr_SamEntry_array_getitem( @@ -162,7 +172,7 @@ r.data_in.domain = dcerpc.samr_String() r.data_in.domain.string = domain_name -result = dcerpc.dcerpc_samr_LookupDomain(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_LookupDomain, self.pipe, r) return sid_to_string(r.data_out.sid); @@ -173,7 +183,7 @@ r.data_in.access_mask = access_mask r.data_in.sid = string_to_sid(domain_sid) -result = dcerpc.dcerpc_samr_OpenDomain(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_OpenDomain, self.pipe, r) return DomainHandle(self.pipe, r.data_out.domain_handle) @@ -182,7 +192,7 @@ r = dcerpc.samr_Shutdown() r.data_in.connect_handle = self.handle -result = dcerpc.dcerpc_samr_Shutdown(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_Shutdown, self.pipe, r) class DomainHandle(SamrHandle): @@ -193,7 +203,7 @@ r.data_in.domain_handle = self.handle r.data_in.level = level -result = dcerpc.dcerpc_samr_QueryDomainInfo(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_QueryDomainInfo, self.pipe, r) return getattr(r.data_out.info, 'info%d' % level) @@ -203,7 +213,7 @@ r.data_in.domain_handle = self.handle r.data_in.level = level -result = dcerpc.dcerpc_samr_QueryDomainInfo2(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_QueryDomainInfo2, self.pipe, r) return getattr(r.data_out.info, 'info%d' % level) @@ -214,7 +224,7 @@ r.data_in.resume_handle = 0 r.data_in.max_size = 1000 -result = dcerpc.dcerpc_samr_EnumDomainGroups(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_EnumDomainGroups, self.pipe, r) groups = [] @@ -234,7 +244,7 @@ # no meaning so use 0x like W2K r.data_in.acct_flags = 0xL -result = dcerpc.dcerpc_samr_EnumDomainAliases(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_EnumDomainAliases, self.pipe, r) aliases = [] @@ -253,7 +263,7 @@ r.data_in.acct_flags = user_account_flags r.data_in.max_size = 1000 -result = dcerpc.dcerpc_samr_EnumDomainUsers(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_EnumDomainUsers, self.pipe, r) users = [] @@ -272,7 +282,7 @@ r.data_in.account_name.string = account_name r.data_in.access_mask = access_mask -result = dcerpc.dcerpc_samr_CreateUser(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_CreateUser, self.pipe, r) return (r.data_out.user_handle, dcerpc.uint32_array_getitem(r.data_out.rid, 0)) @@ -284,7 +294,7 @@ r.data_in.access_mask = access_mask r.data_in.rid = rid -result = dcerpc.dcerpc_samr_OpenUser(self.pipe, r) +call_fn(dcerpc.dcerpc_samr_OpenUser, self.pipe, r) return UserHandle(pipe, r.data_out.user_handle) @@ -295,7 +305,7 @@
svn commit: samba r5354 - in trunk/source/smbd: .
Author: jra
Date: 2005-02-12 01:05:27 + (Sat, 12 Feb 2005)
New Revision: 5354
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5354
Log:
Fill in the access check code for POSIX ACLs to *really* fix bug #2227.
Jeremy.
Modified:
trunk/source/smbd/posix_acls.c
Changeset:
Modified: trunk/source/smbd/posix_acls.c
===
--- trunk/source/smbd/posix_acls.c 2005-02-12 01:05:16 UTC (rev 5353)
+++ trunk/source/smbd/posix_acls.c 2005-02-12 01:05:27 UTC (rev 5354)
@@ -3755,12 +3755,158 @@
}
/
+ Check for POSIX group ACLs. If none use stat entry.
+/
+
+static int check_posix_acl_group_write(connection_struct *conn, const char
*dname, SMB_STRUCT_STAT *psbuf)
+{
+ extern struct current_user current_user;
+ SMB_ACL_T posix_acl = NULL;
+ int entry_id = SMB_ACL_FIRST_ENTRY;
+ SMB_ACL_ENTRY_T entry;
+ int i;
+ int ret = -1;
+
+ if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, dname,
SMB_ACL_TYPE_ACCESS)) == NULL) {
+ goto check_stat;
+ }
+
+ /* First ensure the group mask allows group read. */
+ while ( SMB_VFS_SYS_ACL_GET_ENTRY(conn, posix_acl, entry_id, entry) ==
1) {
+ SMB_ACL_TAG_T tagtype;
+ SMB_ACL_PERMSET_T permset;
+
+ /* get_next... */
+ if (entry_id == SMB_ACL_FIRST_ENTRY)
+ entry_id = SMB_ACL_NEXT_ENTRY;
+
+ if (SMB_VFS_SYS_ACL_GET_TAG_TYPE(conn, entry, tagtype) == -1) {
+ goto check_stat;
+ }
+
+ if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, entry, permset) == -1) {
+ goto check_stat;
+ }
+
+ switch(tagtype) {
+ case SMB_ACL_MASK:
+ if (!SMB_VFS_SYS_ACL_GET_PERM(conn, permset,
SMB_ACL_WRITE)) {
+ /* We don't have group write
permission. */
+ ret = -1; /* Allow caller to check
other permissions. */
+ goto done;
+ }
+ break;
+ default:
+ continue;
+ }
+ }
+
+ /* Now check all group entries. */
+ entry_id = SMB_ACL_FIRST_ENTRY;
+ while ( SMB_VFS_SYS_ACL_GET_ENTRY(conn, posix_acl, entry_id, entry) ==
1) {
+ SMB_ACL_TAG_T tagtype;
+ SMB_ACL_PERMSET_T permset;
+ int have_write = -1;
+
+ /* get_next... */
+ if (entry_id == SMB_ACL_FIRST_ENTRY)
+ entry_id = SMB_ACL_NEXT_ENTRY;
+
+ if (SMB_VFS_SYS_ACL_GET_TAG_TYPE(conn, entry, tagtype) == -1) {
+ goto check_stat;
+ }
+
+ if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, entry, permset) == -1) {
+ goto check_stat;
+ }
+
+ have_write = SMB_VFS_SYS_ACL_GET_PERM(conn, permset,
SMB_ACL_WRITE);
+ if (have_write == -1) {
+ goto check_stat;
+ }
+
+ switch(tagtype) {
+ case SMB_ACL_USER:
+ {
+ /* Check against current_user.uid. */
+ uid_t *puid = (uid_t
*)SMB_VFS_SYS_ACL_GET_QUALIFIER(conn, entry);
+ if (puid == NULL) {
+ goto check_stat;
+ }
+ if (current_user.uid == *puid) {
+ /* We're done now we have a uid
match. */
+ ret = have_write;
+ goto done;
+ }
+ }
+ break;
+ case SMB_ACL_MASK:
+ {
+ gid_t *pgid = (gid_t
*)SMB_VFS_SYS_ACL_GET_QUALIFIER(conn, entry);
+ if (pgid == NULL) {
+ goto check_stat;
+ }
+ for (i = 0; i current_user.ngroups;
i++) {
+ if (current_user.groups[i] ==
*pgid) {
+ /* We're done now we
have a gid match. */
+ ret = have_write;
+
svn commit: samba r5355 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-02-12 01:05:49 + (Sat, 12 Feb 2005)
New Revision: 5355
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5355
Log:
Fill in the access check code for POSIX ACLs to *really* fix bug #2227.
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/posix_acls.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c
===
--- branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-02-12 01:05:27 UTC (rev
5354)
+++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-02-12 01:05:49 UTC (rev
5355)
@@ -3755,12 +3755,158 @@
}
/
+ Check for POSIX group ACLs. If none use stat entry.
+/
+
+static int check_posix_acl_group_write(connection_struct *conn, const char
*dname, SMB_STRUCT_STAT *psbuf)
+{
+ extern struct current_user current_user;
+ SMB_ACL_T posix_acl = NULL;
+ int entry_id = SMB_ACL_FIRST_ENTRY;
+ SMB_ACL_ENTRY_T entry;
+ int i;
+ int ret = -1;
+
+ if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, dname,
SMB_ACL_TYPE_ACCESS)) == NULL) {
+ goto check_stat;
+ }
+
+ /* First ensure the group mask allows group read. */
+ while ( SMB_VFS_SYS_ACL_GET_ENTRY(conn, posix_acl, entry_id, entry) ==
1) {
+ SMB_ACL_TAG_T tagtype;
+ SMB_ACL_PERMSET_T permset;
+
+ /* get_next... */
+ if (entry_id == SMB_ACL_FIRST_ENTRY)
+ entry_id = SMB_ACL_NEXT_ENTRY;
+
+ if (SMB_VFS_SYS_ACL_GET_TAG_TYPE(conn, entry, tagtype) == -1) {
+ goto check_stat;
+ }
+
+ if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, entry, permset) == -1) {
+ goto check_stat;
+ }
+
+ switch(tagtype) {
+ case SMB_ACL_MASK:
+ if (!SMB_VFS_SYS_ACL_GET_PERM(conn, permset,
SMB_ACL_WRITE)) {
+ /* We don't have group write
permission. */
+ ret = -1; /* Allow caller to check
other permissions. */
+ goto done;
+ }
+ break;
+ default:
+ continue;
+ }
+ }
+
+ /* Now check all group entries. */
+ entry_id = SMB_ACL_FIRST_ENTRY;
+ while ( SMB_VFS_SYS_ACL_GET_ENTRY(conn, posix_acl, entry_id, entry) ==
1) {
+ SMB_ACL_TAG_T tagtype;
+ SMB_ACL_PERMSET_T permset;
+ int have_write = -1;
+
+ /* get_next... */
+ if (entry_id == SMB_ACL_FIRST_ENTRY)
+ entry_id = SMB_ACL_NEXT_ENTRY;
+
+ if (SMB_VFS_SYS_ACL_GET_TAG_TYPE(conn, entry, tagtype) == -1) {
+ goto check_stat;
+ }
+
+ if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, entry, permset) == -1) {
+ goto check_stat;
+ }
+
+ have_write = SMB_VFS_SYS_ACL_GET_PERM(conn, permset,
SMB_ACL_WRITE);
+ if (have_write == -1) {
+ goto check_stat;
+ }
+
+ switch(tagtype) {
+ case SMB_ACL_USER:
+ {
+ /* Check against current_user.uid. */
+ uid_t *puid = (uid_t
*)SMB_VFS_SYS_ACL_GET_QUALIFIER(conn, entry);
+ if (puid == NULL) {
+ goto check_stat;
+ }
+ if (current_user.uid == *puid) {
+ /* We're done now we have a uid
match. */
+ ret = have_write;
+ goto done;
+ }
+ }
+ break;
+ case SMB_ACL_MASK:
+ {
+ gid_t *pgid = (gid_t
*)SMB_VFS_SYS_ACL_GET_QUALIFIER(conn, entry);
+ if (pgid == NULL) {
+ goto check_stat;
+ }
+ for (i = 0; i current_user.ngroups;
i++) {
+ if (current_user.groups[i] ==
*pgid) {
+ /* We're done now we
have a gid match. */
+ ret
svn commit: samba r5356 - in branches/SAMBA_4_0/source/libcli/nbt: .
Author: tridge
Date: 2005-02-12 03:10:50 + (Sat, 12 Feb 2005)
New Revision: 5356
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5356
Log:
fixed the hex coding for nbt names
Modified:
branches/SAMBA_4_0/source/libcli/nbt/nbtname.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/nbt/nbtname.c
===
--- branches/SAMBA_4_0/source/libcli/nbt/nbtname.c 2005-02-12 01:05:49 UTC
(rev 5355)
+++ branches/SAMBA_4_0/source/libcli/nbt/nbtname.c 2005-02-12 03:10:50 UTC
(rev 5356)
@@ -346,7 +346,7 @@
if (isalnum(s[i]) || strchr(valid_chars, s[i])) {
ret[len++] = s[i];
} else {
- snprintf(ret[len], 3, %02x, s[i]);
+ snprintf(ret[len], 4, %%%02x, (unsigned char)s[i]);
len += 3;
}
}
