Re: [Samba] Mapping Samba Server as a drive?
Nope, just make 1 drive mapping with the right directories below it. it's the same effect. ? so instead of seeing all shares from a server, you have 1 share with all direcrories below it! (and if you have ACL installed, you can also do something with permissions!) Just an option.. Collen Adrian Chow wrote: Hi Matthew, I was talking about mapping a samba server to a drive NOT a share from the samba server to a drive. net use h: \\servername Any way of doing that? Regards, adrian -- Original Message -- From: Matthew White [EMAIL PROTECTED] Date: Thu, 7 Apr 2005 09:43:21 -0700 you can map a samba server to a drive just like you'd map a windows-based server: net use h: \\servername\share or right click on My Network Places and select Map Network Drive... On Fri, Apr 08, 2005 at 12:28:18AM +0800, Adrian Chow ([EMAIL PROTECTED]) wrote: Hi, I was just wondering whether can we map a samba server as a drive? If can, it would be GREAT! This is because we can make users who log on to the server see different directories (like novell) and i thought it would be EXCELLENT if we can map the samba server as a drive itself. If we can, how can we achieve that? Thanks. adrian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Matthew White District Systems Administrator Tigard/Tualatin School District -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Difusión por e-mail masivo
Para sobrevivir los microemprendedores, Pymes y redes de solidaridad social necesitan utilizar el correo electrónico en masa que está siendo combatido con bloqueos y duras sanciones en ves de haber sido técnicamente canalizado. Este estado de guerra contra un medio, como el correo electrónico publicitario, está destruyendo muchos valores entre ellos la certidumbre que poseía el simple email familiar. Para los que adelantándose al futuro, tomaron conciencia del valor social de este poderoso medio de promoción,se continúa brindando: DIFUSIÓN POR MEDIO DE EMAILS EN MASA Para captar nuevos clientes, potenciar nuestra Web, difundir actividades y proyectos. Sortear bloqueos anti-5pam de servidores (censura previa). Evitar conflictos con los proveedores de Internet. Dirigido a micro-emprendedores y Pymes. Seguimiento telefónico por 15 días posteriores a cada evento. Entrenamientos según su necesidad: Modulo 3: ENVÍO Y LLEGADA DE EMAILS EN CANTIDAD PERSONALIZADOS (solicitados) Para enviar newsletters, comunicaciones solicitadas, sorteando bloqueos anti-5pam de envío y llegada. (En estos módulos no se trata el marketing ni la gráfica de un email) DURACIÓN: 8 horas Fechas: Miércoles 12 y Jueves 13 de Abril de 9.30 a 13.30 hs. Condiciones para participar: Muy experimentado en manejo de entorno Windows, haber realizado envíos de correo masivo con programas especiales para esto, distintos al outlook express u otro programa cliente de emails. Leer Inglés Técnico Módulo 4: ENVÍO Y LLEGADA DE EMAILS EN CANTIDAD NO-SOLICITADOS Los emails en cantidad no-solicitados además de llegar evitando bloqueos (1) deben evitar las denuncias que los usuarios y servidores realizan a su servidor de Internet, el cual puede llegar a cortarle la conexión. Por esto se necesitan otros programas y técnicas de envío. No requieren personalizarse. (1) (censura previa que efectúan muchos servidores sin el conocimiento cabal del usuario) Evitar conflictos con los proveedores de Internet. Utilización de servidores proxies. Provisión gratuita de proxies por 15 días. DURACIÓN: 9 horas Fechas: Miércoles 13, Jueves 14 y Viernes 15 de Abril de 9.30 a 13.30 hs. Condiciones para participar: Muy experimentado en manejo de entorno Windows, haber realizado envíos de correo masivo con programas especiales para esto, distintos al outlook express u otro programa cliente de emails. Leer Inglés Técnico El lugar y las fechas pueden modificarse según disponibilidad de equipos y asistentes. Módulo 2: RECOLECCIÓN SEGMENTADA Y MASIVA DE EMAILS PUBLICADOS EN INTERNET DURACIÓN: 7 horas Fechas: Jueves 21 y Viernes 22 de Abril de 9.30 a 13 hs. Aquí no se requiere experiencia con emails en masa, si muy buen manejo de entorno windows y leer inglés técnico. En todos los módulos se brinda APOYO TELEFÓNICO (o por telefonía IP en internet: PC2PC) 15 días posteriores al encuentro. Inscripciones terminan el día anterior a cada evento a las 20 hs condicionado a p.c. disponibles. Residentes en el exterior Infórmensen sobre nuevos entrenamientos / asesoramientos a distancia en tiempo real con interacción audiovisual escribiendo Exterior unicamente a la dirección mencionada en el siguiente párrafo: Si no desea recibir más información envíe un email con sus datos aquí registrados solo a mareliculo@ yahoo.com.ar con el término interrumpir en el asunto. Se informará de más detalles solamente por teléfono comunicándose con el Lic. Alberto Screiber Al TE: 5411 4431_7050_ indicando claramente su apellido, su teléfono de red y correo electrónico, despacio y claramente para poderle enviar un email con detallada información. DEFIENDA EL DERECHO CONSTITUCIONAL DE COMUNICARSE LIBREMENTE POR INTERNET Y LA OBLIGACIÓN DE HACERLO RESPETUOSAMENTE Lo que no está prohibido en la ley es jurídica y socialmente legitimo, esto también abarca al e-mail en masa aquí y en países con rigurosas leyes sobre este tema que (aunque no se menciona en los medios ) también contemplan la figura legal de un e-mail en masa no-solicitado permitido y legítimo. Cordialmente: Alberto Screiber TE: 5411 4431_7050_ Capital Federal Argentina -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining domain across subnet
On Thursday 07 April 2005 18:06, Ephi Dror wrote: Hi All, If I have domain controller on a different subnet than the samba server and I would like to join that domain controller in an environment without WINS, meaning only DNS available. This section will show you what you are asking for and why it doesn't work the way you would like it to. http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2550227 So is it true that in a pure DNS environment without the great help of WINS server around in which the domain controller and the samba server are on a different subnets, I must use domain type ADS? On a windows client, you can preload the domain and specify various other hosts in the lmhosts file. Not sure you can do the same with a samba fileserver. -- my Sonicwall tz170 supports netbios broadcasts across a VPN tunnel. Seems like a lot of work for contiguous subnets in an office building though. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] question about ldap passwd sync
FM rta: Hello for unix sync password we can add a custom script ot sync password : passwd program = Which ldap tool samba is using to sync password ? Is is possible to use a home made script ? My unix password are hardcoded ([EMAIL PROTECTED]) because of kerberos 5 auth so I use a perl script to update the krb5 database thanks ! I'm also intereseted in this topic. Have been anybody successfuly using smbk5pwd openldap loadable module, with/without kerberos/samba. Will using this module remove any need for custom passwd scripts with unix passwd sync = yes, or the ldap passwd sync = yes options? Thanks Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Migrating from NT4 to Samba/LDAP - Demoting PDC to domain member
Ian Clancy wrote: Hello All, I'm looking for some advice \ shared past experiences of users on the list. I am in the process of planning a migration from an existing NT Domain to a Samba 3 / LDAP based domain. However, the existing NT4 PDC is also home to our Exchange 5.5 email server which we would like to keep in service. I imagine what i need to do is add the old NT4 PDC server to the new Samba Domain once i have completed the migration. I am not sure how to do this ?. I have found this software (U Promote ) at http://www.purenetworking.net/Products/UPromote/UPromote.htm that may do the trick. Has anyone out there performed a task similar to this or used this product ? or is it even necessary. Is there another (free) way ?. Thanks, Ian Clancy UPromote worked flawlessly on a machine with NT4 SP6 and Oracle (no exchange server), demoting it from PDC when I set up new domain with samba PDC, 50 users. It was -much- easier and faster then having to call the Oracle staff to perform a complete re-install of Oracle after having re-installed NT4! We had a down time of approx 15 minutes. For safety, beforehand I performed a mirror backup of the system HD just in case anything went wrong. We bought a license of upromote specific to one server (it is bound to the server name). Note that the NT4 was just installed as PDC in the first place, but no workstation was joined to its domain, the network up to that moment was peer to peer. Now we have roaming profiles, netlogons etc, but this was all done AFTER demoting the NT server, and only with samba, so I don't know if there could be issues specific to upromote in un-joining the workstations from your NT4 PDC, and I have no experience of exchange. Also note that the domain name I gave to the new samba server was different from the old domain name of the NT4 PDC - to be on the safe side. Hope this helps With regards, Alan Dodd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Migrating from NT4 to Samba/LDAP - Demoting PDC to domain member
On Fri, 2005-04-08 at 09:21 +0200, Alan Dodd wrote: Ian Clancy wrote: Hello All, I'm looking for some advice \ shared past experiences of users on the list. I am in the process of planning a migration from an existing NT Domain to a Samba 3 / LDAP based domain. However, the existing NT4 PDC is also home to our Exchange 5.5 email server which we would like to keep in service. I imagine what i need to do is add the old NT4 PDC server to the new Samba Domain once i have completed the migration. I am not sure how to do this ?. I have found this software (U Promote ) at http://www.purenetworking.net/Products/UPromote/UPromote.htm that may do the trick. Has anyone out there performed a task similar to this or used this product ? or is it even necessary. Is there another (free) way ?. Thanks, Ian Clancy UPromote worked flawlessly on a machine with NT4 SP6 and Oracle (no exchange server), demoting it from PDC when I set up new domain with samba PDC, 50 users. It was -much- easier and faster then having to call the Oracle staff to perform a complete re-install of Oracle after having re-installed NT4! We had a down time of approx 15 minutes. For safety, beforehand I performed a mirror backup of the system HD just in case anything went wrong. We bought a license of upromote specific to one server (it is bound to the server name). Note that the NT4 was just installed as PDC in the first place, but no workstation was joined to its domain, the network up to that moment was peer to peer. Now we have roaming profiles, netlogons etc, but this was all done AFTER demoting the NT server, and only with samba, so I don't know if there could be issues specific to upromote in un-joining the workstations from your NT4 PDC, and I have no experience of exchange. Also note that the domain name I gave to the new samba server was different from the old domain name of the NT4 PDC - to be on the safe side. I'll second that - I've used UPromote a couple of times to 'demote' a 'retired' NT 4 PDC to a member server. Worked great - alas - not free. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mapping Samba Server as a drive?
Yeah... but the problem is how to you make sure people have permissions can only see that directory? I was using the include option in the global section for every user to limit what they can browse. Thanks for your response. adrian Collen wrote: Nope, just make 1 drive mapping with the right directories below it. it's the same effect. ? so instead of seeing all shares from a server, you have 1 share with all direcrories below it! (and if you have ACL installed, you can also do something with permissions!) Just an option.. Collen Adrian Chow wrote: Hi Matthew, I was talking about mapping a samba server to a drive NOT a share from the samba server to a drive. net use h: \\servername Any way of doing that? Regards, adrian -- Original Message -- From: Matthew White [EMAIL PROTECTED] Date: Thu, 7 Apr 2005 09:43:21 -0700 you can map a samba server to a drive just like you'd map a windows-based server: net use h: \\servername\share or right click on My Network Places and select Map Network Drive... On Fri, Apr 08, 2005 at 12:28:18AM +0800, Adrian Chow ([EMAIL PROTECTED]) wrote: Hi, I was just wondering whether can we map a samba server as a drive? If can, it would be GREAT! This is because we can make users who log on to the server see different directories (like novell) and i thought it would be EXCELLENT if we can map the samba server as a drive itself. If we can, how can we achieve that? Thanks. adrian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Matthew White District Systems Administrator Tigard/Tualatin School District -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.10 and higher
Due the software Ultraedit, it is possible to manipulate the ownership of Files!!! This may be a big securetyhole. A test.txt owner jens:group fish Unixrights 760 opened an manipulated whit ultraedit, saved. ther will be 2 Files one test.txt which is owned by the modifier( e.g hans:fish), and a test.txt.bak which is owened by jens.fish. That's OK. so if i repeat this sequenz again, i will delete the first created test.txt.bak with my own, and destroyed the original File from the original User. How is this possible??? Can I forbid this action??? Thanks Jens -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: Migrating from NT4 to Samba/LDAP - Demoting PDC to domain member
I'll second that - I've used UPromote a couple of times to 'demote' a 'retired' NT 4 PDC to a member server. Worked great - alas - not free. I have even demoted an nt4 pdc exchange 5.5 to a standalone server, and it came up without a problem afterwards. I used compaq servers with the Compaq SMART RAID Disk Controller. Even though I received warnings about possible issues (see http://utools.com/compaq.asp) it worked without a problem. MIND YOU: I did disable the write cache completely prior to the whole operation. mj -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Re: extd_audit log output and documentation
Il 07/04/2005, alle ore 15:52, John H Terpstra ha scritto: On Thursday 07 April 2005 07:35, Marco De Vitis wrote: https://bugzilla.samba.org/show_bug.cgi?id=2349 extd_audit VFS log output problems - unexpected behaviour But nobody seems to have picked it up. What else can I do, as a non-programmer? Please help me to help you. :) Understood. Ehm... sorry, what? Should I mail anyone in particular about it? Thanks. -- Ciao, Marco. ...The Juliet Letters, Elvis Costello The Brodsky Quartet (1993) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Smbd hangs for users...
Hi, I'm new to the list so bare with me! Running samba-3.0.12 on FreeBSD 5.3-STABLE. I did uppgrade from 3.0.10 to 3.0.12 and now lots of my users have problems accesing their home folder on that server. If I look at the users procceses they are running more than one smbd and they are on verry high load, in top: PID USERNAME PRI NICE SIZERES STATE C TIME WCPUCPU COMMAND 12045 user1 1320 8588K 4900K CPU1 0 5:02 72.31% 72.31% smbd 11577 user1 1320 8604K 4680K CPU3 0 20:19 72.17% 72.17% smbd 12101 user1 1320 8884K 5156K RUN0 0:51 69.58% 69.58% smbd In windows the explorer hangs if the access their home folder... -- Microsoft is not the answer. Microsoft is the question. And 'No' is the answer! Anders Trobäck http://www.troback.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] net ads join fails
Hi I have created the machine account on the AD server and did this logged in as Administrator so that should mean that the Administrator account has the correct permissions. I have executed the following command as suggested net ads join [EMAIL PROTECTED] -d 2 The following was output to the screen: [2005/04/08 13:33:38, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.39 bcast=10.0.255.255 nmask=255.255.0.0 [2005/04/08 13:33:41, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/08 13:33:41, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 [2005/04/08 13:33:41, 2] utils/net.c:main(897) return code = -1 Thanks Penny -Original Message- From: Gordon Hopper [mailto:[EMAIL PROTECTED] Sent: 06 April 2005 05:28 To: Penny Willisson Subject: Re: [Samba] net ads join fails [2005/04/05 15:11:44, 3] libsmb/clikrb5.c:ads_krb5_mk_req(381) ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory) [2005/04/05 15:11:44, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/05 15:11:44, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 I suggest you post the output of the command you are running to join the domain (including the command), for example, net ads join -U [EMAIL PROTECTED] -d 2. Also, note that the credentials you use to join the domain are not necessarily the domain Administrator, but they need to be a user who has write privileges to the ads folder where the machine account will be created. (It worked better for me when the machine account was already created in server manager, but according to the docs, that shouldn't be necessary.) It almost looks like the password failed. Or perhaps the folder you specified for the machine account does not exist. Regards, Gordon Hopper -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix to SMB Password Sync using PAM
tor, 07.04.2005 kl. 19.35 skrev Charles I would like to configure PAM to sync Unix passwords to Samba passwords. When I add a new Unix user or change an existing Unix user's password, I want the same password to be stored in /etc/smbpasswd. I'm trying to follow these instructions: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/pam.html#id2606200 It sounds like this is what I want to do: A sample PAM configuration that shows the use of pam_smbpass to make sure private/smbpasswd is kept in sync when /etc/passwd (/etc/shadow) is changed. [...] Then I rebooted and changed my Unix password using passwd, but that didn't change my smbpassd. I checked to make sure I have all of the needed PAM modules, but other than that I don't know what to look for. Am I missing something? Any ideas? This doesn't work for me either. Red Hat RHAS3, so I change things in system-auth, not passwd. However, quick and dirty solution: 'mv /usr/bin/passwd /usr/bin/passwd.orig', 'ln -s /usr/bin/smbpasswd /usr/bin/passwd'. That works for me and even updates my LDAP database, as passwd does. Every user that uses it *must* already be a Samba user, though - in LDAP that means that he has to have a sambaSamAccount objectClass attribute before it will work. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools not playing nice w/ samba ?
tor, 07.04.2005 kl. 20.10 skrev Ben Davis: I tried this and it still did not work. The problem as far as I can tell is that samba is not even attempting to search for the user after it adds it. The very last operations in my slapd.log after the error occured, were: This is not so: conn=20539 op=1 SRCH base=dc=pca-wichita,dc=com scope=2 filter=((objectClass=posixAccount)(uid=melisa$)) This is a search, scope sub, for ((objectClass=posixAccount)(uid=melisa$)) conn=20539 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=20539 op=2 SRCH This is the log entry that says that no object is found. I.e., there is either no combination of objectClass=posixAccount and uid=melisa$, or the LDAP ACL prohibits it being read. Do a search with 'ldapsearch -x' and the same filter. If it doesn't return anything, the object probably doesn't exist. Don't get led astray by nss, it's not used here. The samba ldapsam backend and tools (not idealx) are first class and brilliantly written. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Custom Hidden Files?
tor, 07.04.2005 kl. 23.28 skrev Franco Sensei: A question on a feature that interests me... Can I specify samba to handle the dot files in our linux samba server as hidden files in windows? It's quite ugly seeing all the hidden unix files .* visible on windows... hide dot files ... but some of those files will probably be directories which your users might want.. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba/Cups and printers
tor, 07.04.2005 kl. 18.16 skrev Bernard McAuley: I'm trying to get samba to work with a CUPS printer setup. Unfortuantely I'm falling over at the first hurdle. I've installed samba 3.0.12 from sources and I've a redhat 9.0 box running CUPS 1.1.71. I've installed the following smb.conf file:- [global] load printers=yes printings=cups printcap name=cups passdb backend = tdsam [printers] comment = All Printers path = /var/spool/samba browseable = no public = yes guest ok = yes writable = no printable = yes printer admin = root, @ntadmins If I start samba and run:- Rpcclient server -U root -c enumprinters Then I get returned the message 'No printers returned' This work for me: 1: Make and configure the Cups printer exactly as described in the Samba HOWTO, editing files as documented; 2: Don't put anything in [global] 3: Edit the [printers] section of smb.conf. Mine looks like this and XP can print to it ;) [printers] comment = Epson C42UX path = /var/spool/samba/raw_q printer admin = @domadm guest ok = Yes printable = Yes use client driver = Yes browseable = No 4: Reload or restart smb services. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changing file ownership from Windows
tor, 07.04.2005 kl. 16.22 skrev Marek Drápal: thank you very much for your reply. Actually it seems, that the problem is somewhere else. I'll show why. It's possible you don't have ACL support either in your distro, Samba or both. I think I have both. Here are some proofs: 1) xi:/home/public# mount ... /dev/hda4 on /home type ext3 (rw,acl) 2)xi:/home/public# ll /home/public/ttt.txt -rwxrwxrwx+ 1 root w2k-domain-admins 0 2005-04-07 15:55 /home/public/ttt.txt xi:/home/public# getfacl /home/public/ttt.txt getfacl: Removing leading '/' from absolute path names # file: home/public/ttt.txt # owner: root # group: w2k-domain-admins user::rwx group::rwx group:w2k-zamestnanci:r-x mask::rwx other::rwx 3) The same file after playing with windows exploder xi:/home/public# ll /home/public/ttt.txt -r--rwx---+ 1 root w2k-domain-admins 0 2005-04-07 15:55 /home/public/ttt.txt xi:/home/public# getfacl /home/public/ttt.txt getfacl: Removing leading '/' from absolute path names # file: home/public/ttt.txt # owner: root # group: w2k-domain-admins user::r-- group::r-- group:Ucetnici:r-x mask::rwx other::--- As you can see I was able to change the permissions, ACL group, BUT I am unable to change main owner and group! When I try to change it I get no error, but the group/owner I changed is added via ACL and the main group/owner is unchanged (everything done under root in windows). Turnig off inheritence doesn't help. Any hints? Ah. I see what you mean. I don't think Windows has any concept of file/directory ownership, so changing it from a Windows client is strictly notional. NT simply took over from DOS/FAT and added ACLs. So you can give/change access permissions, but you can't change the ownership, cos there isn't any. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: NT_STATUS_ACCESS_DENIED with winbindd authentication - Probable fix
Hi, I was able to stop the nasty ACCESS_DENIED errors in the winbindd logs by setting client schannel = no in the smb.conf file. Is it possible that this is related to the Windows 2003 sp1 problem ? ( even though our DC is NT4 SP6 ) Sridhar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Mount Windows DFS on linux
Hello , Do you know if it is possible to mount a W2K DFS share on a Linuw server , kernel 2.6 ? Regards __ Salvi Bruno IT Support CGG Marine WEI Tel : +33 (0)1 6447 3188 Mob: +33 (0)6 8923 3415 www.cgg.com http://www.cgg.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind on Solaris8 problem concerning Domain Users
Hello. (BI am in a trouble. (BActiveDirectory(joind Domain Users in secoundry group) user can not use (Bterminal in X. (BIf use,X session is freeze. (B (BBut,ActiveDirectory(not joind Domain Users in secoundry group) user can use (Bterminal in X. (BX session is not freeze. (B (BWhy? (Banyone,please tell me how to work well. (B(That is,X session is not freeze evenif ActiveDirectory is joind Domain Users (Bin secoundry group) (B (BMy environment (Bsolaris8, (Bsamba3.0.10(winbind) on solaris8, (BActiveDirectory user number is about 5,000. (BAll ActiveDirectory user is set Domain Users group. (BBut Domain Users group is all secoundry group. (B (B (B (B (B (B (B (B (B (B (B (B (B-- (BTo unsubscribe from this list go to the following URL and read the (Binstructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net ads join fails
On Friday 08 April 2005 07:46 am, Penny Willisson wrote: Hi I have created the machine account on the AD server and did this logged in as Administrator so that should mean that the Administrator account has the correct permissions. I have executed the following command as suggested net ads join [EMAIL PROTECTED] -d 2 The following was output to the screen: [2005/04/08 13:33:38, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.39 bcast=10.0.255.255 nmask=255.255.0.0 [2005/04/08 13:33:41, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/08 13:33:41, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 [2005/04/08 13:33:41, 2] utils/net.c:main(897) return code = -1 Thanks Penny -Original Message- From: Gordon Hopper [mailto:[EMAIL PROTECTED] Sent: 06 April 2005 05:28 To: Penny Willisson Subject: Re: [Samba] net ads join fails [2005/04/05 15:11:44, 3] libsmb/clikrb5.c:ads_krb5_mk_req(381) ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory) [2005/04/05 15:11:44, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/05 15:11:44, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 I suggest you post the output of the command you are running to join the domain (including the command), for example, net ads join -U [EMAIL PROTECTED] -d 2. Also, note that the credentials you use to join the domain are not necessarily the domain Administrator, but they need to be a user who has write privileges to the ads folder where the machine account will be created. (It worked better for me when the machine account was already created in server manager, but according to the docs, that shouldn't be necessary.) It almost looks like the password failed. Or perhaps the folde r you specified for the machine account does not exist. Regards, Gordon Hopper Try the command kinit Administrator (or [EMAIL PROTECTED]). You should be prompted for a password. If, after entering the password, you're returned to a prompt with no further output then, in theory at least, your Kerberos setup is OK. If you get errors, well ... Run that first, then try net ads join -U [EMAIL PROTECTED] A good how-to can be found at: http://www.ulug.org.nz/ActiveDirectorySamba. HTH. Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows Server 2003 SP 1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dimitri Yioulos wrote: | I applied it to my DC that is playing the PDC role | today and all of a sudden Winbind could not | enumerate any Active Directory information. Mind you, | I'm not joined to the domain using Kerberos/ADS; | As to your problem, you might want to read this: | | http://lists.samba.org/archive/samba-technical/2005-April/040187.html Here's 2 more threads. The second one applies to you I believe. http://lists.samba.org/archive/samba-technical/2005-April/040316.html http://lists.samba.org/archive/samba-technical/2005-April/040322.html We are planning a 3.0.14 patch release to deal with the Win2003 sp1 issues early next week. If you need a immediate workaround for the current code, you can set 'client schannel = no' in smb.conf and then set the credentials to use when connecting by calling 'wbinfo --set-auth-user='domain\user%pw'. See the wbinfo/winbind man page for more details. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCVn0YIR7qMdg1EfYRAkcyAKCET2mCriFwhw6JkvFVDg5e+lKCfwCfYtiv D2vEPb9cq0RIPrD7t6gKcAY= =i5AS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Authenticating samba users from LDAP
Hi There, I would like to restrict \\myserver\myshare to only people from my LDAP server. I just need to have samba check login/password for this user. What is the recommended documentation ? ps : All docs i've found are building a complex PDC, which, AFAICU much more that what I want ! Thanx. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, ADS and Failed to verify incoming ticket!
Hello I have Samba that joined Windows 2003 based ADS. At least net ads testjoin and net rpc testjoin gives that Join is OK. Alas clients can't connect to Samba server. In a log I see following messages : [2005/04/08 14:51:41, 0] tdb/tdbutil.c:(725) tdb(/web/opt/etc/smbprivate//secrets.tdb): tdb_lock failed on list 2 ltype=2 (Resource temporarily unavailable) [2005/04/08 14:51:41, 1] libads/kerberos_verify.c:(312) ads_verify_ticket: unable to protect replay cache with mutex. [2005/04/08 14:51:41, 1] smbd/sesssetup.c:(173) Failed to verify incoming ticket! [2005/04/08 14:51:41, 3] smbd/error.c:(105) error string = Resource temporarily unavailable [2005/04/08 14:51:41, 3] smbd/error.c:(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2005/04/08 14:51:41, 3] smbd/process.c:(1334) timeout_processing: End of file from client (client has disconnected). Other net ads based commands are working fine. I can get ads status displayed without any suspicious entries, I can get users/groups lists. But client (that is member of same domain) connections always end with above shown entries in log file. Any ideas what can be wrong ? With best regards Martynas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Nagging error
Hello to all. I keep getting the same error in the logs of all my Samba boxes: Apr 8 09:00:19 hanover smbd[19917]: [2005/04/08 09:00:19, 0] lib/util_sock.c:read_socket_data(384) Apr 8 09:00:19 hanover smbd[19917]: read_socket_data: recv failure for 4. Error = Connection reset by peer If this has been posted before, my apologies. I've RTFM, and I've googled for a solution, and while I've seen a few suggestions (actually, very few, although many have requested a solution), none has worked for me. Can anyone help? Many thanks. Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows Server 2003 SP 1
On Friday 08 April 2005 08:46 am, you wrote: Dimitri Yioulos wrote: | I applied it to my DC that is playing the PDC role | today and all of a sudden Winbind could not | enumerate any Active Directory information. Mind you, | I'm not joined to the domain using Kerberos/ADS; | As to your problem, you might want to read this: | | http://lists.samba.org/archive/samba-technical/2005-April/040187.html Here's 2 more threads. The second one applies to you I believe. http://lists.samba.org/archive/samba-technical/2005-April/040316.html http://lists.samba.org/archive/samba-technical/2005-April/040322.html We are planning a 3.0.14 patch release to deal with the Win2003 sp1 issues early next week. If you need a immediate workaround for the current code, you can set 'client schannel = no' in smb.conf and then set the credentials to use when connecting by calling 'wbinfo --set-auth-user='domain\user%pw'. See the wbinfo/winbind man page for more details. cheers, jerry Jerry, Many thanks. Not only did SP1 break Samba, but it also wreaked havoc with our Dell server running Dell OpenManage. That problem was confirmed by Microsoft support personnel. Now, slightly aside, in the past, I would never add a patch or service pack without letting it mellow out in the world for a while. But something overtook me, and I went ahead and added it immediately. Results - chaos. Let that be a lesson to you wacky kids out there :-) Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows 9x error!
Hi for all... Well, I think that this question have appear in this lists, but here we go... I upgrade my samba server, for samba 3.0.13 Fater this, my MSWindows 9x clients, don´t get copying any files from samba share to C: disk local... When I try create some directory in some samba share, my client have a crash and I have to reboot the machine. Some tips? Thanks -- Gilberto Nunes Administrador de Rede/Sistemas Fone: 433-0155 - Ramal 235 Bom Jesus/IELUSC (www.bomjesusielusc.edu.br) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compiling on Tru64
I have a Dec/Compaq/HP system that I have loaded a fresh copy of the OS on, v5.1-b2. Configure runs fine but when I try to compile samba I get the following error(s). Linking bin/smbd ld: Unresolved: __unsafe_string_function_usage_here__ __unsafe_string_function_usage_here_size_t__ *** Exit 1 Stop. It looks like the different programs compile but when it tries to link it fails. It also does this for nmbd. I apparently must have not loaded some subset when I installed the OS, or maybe not. Which one or should I try to load gcc? Thanks for your help. Paul Crittenden Computer System Manager Simpson College email: [EMAIL PROTECTED] Phone: (515)961-1680 One only needs 2 tools in life. WD40 to make things go. Duct tape to make them stop. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] windows copy versus move
Running 3.0.4 on FreeBSD 5.2.1... I have two directories... drwxrwxr-x root data_current /usr/vol1/current drwxrwx--- root data_current /usr/vol1/hold If a file is in /usr/vol1/hold with the following attributes... -rwxrwx--- root data_hold file1 ...and a user MOVES it to /usr/vol1/current it has the following attributes... -rwxrwx--- root data_hold file1 ...if the user COPIES (then deletes the original) it to /usr/vol1/current it has the following attributes... -rwxrw-r-- root data_current file1 (I'm not sure why the execute bit disappears but I think that is ok) Is there any way I can make the windows MOVE command work like COPY/DELETE? config file below [global] workgroup = ENDOR time server = Yes add user script = pw useradd %u -g nt_domain_users -c %c delete user script = pw userdel %u add group script = pw groupadd %g delete group script = pw groupdel %g add user to group script = pw groupmod %g -m %u delete user from group script = /usr/sbin/delete_user_from_group %g %u set primary group script = pw usermod %u -g %g add machine script = pw useradd %u -g samba_machine_id -s /sbin/nologin -d /nonexistant shutdown script = x abort shutdown script = x logon script = logon.bat logon path = logon drive = G: logon home = \\%L\%u\.profiles\%m domain logons = Yes os level = 65 preferred master = Yes domain master = Yes ldap ssl = no admin users = root write list = root printer admin = jim create mask = 0750 print command = lpr -r -P%p %s oplocks = No level2 oplocks = No [VOL1] path = /usr/vol1 read only = No inherit permissions = Yes [netlogon] path = /usr/vol1/netlogon browseable = No [homes] read only = No create mask = 0740 browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with ie-cookies
hello, we run an win2k-domain with samba-servers on solaris 8 the win2k serves only as logon-servers, userdata incl profiles are delivered from samba. we chaneged these days from 2.2.8a to 3.0.11 and have now a problem with ie-cookies on winxp-clients (sp1). cookies are not stored after the first time the profile is roamed. (even on same winxp-box) we can see, that ms did something strange with cookie-folders in local settings, that is overlayed or linked to the folder cookies in profile.pds, but after the first logout-logon that link/overlay (or what ever) seems not longer functional. if i change the profile acls = yes to no the cookie-problem is solved, but we run in the good known profile-problems. any hints? regards andreas -- Andreas Burger Eidgenoessische Technische Hochschule Zuerich Departement AgrL ISG LFW A2 8092 Zuerich +41 1 632 68 54 [EMAIL PROTECTED] _ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba, ADS and Failed to verify incoming ticket!
Hello I think I found problem. When I put secrets.tdb and lock directory NOT on NFS share it worked ! Isn't possible to put all SAMBA running files on NFS share ? Any comments ? With best regards Martynas -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Buozis, Martynas Sent: Friday, April 08, 2005 3:06 PM To: samba@lists.samba.org Subject: [Samba] Samba, ADS and Failed to verify incoming ticket! Hello I have Samba that joined Windows 2003 based ADS. At least net ads testjoin and net rpc testjoin gives that Join is OK. Alas clients can't connect to Samba server. In a log I see following messages : [2005/04/08 14:51:41, 0] tdb/tdbutil.c:(725) tdb(/web/opt/etc/smbprivate//secrets.tdb): tdb_lock failed on list 2 ltype=2 (Resource temporarily unavailable) [2005/04/08 14:51:41, 1] libads/kerberos_verify.c:(312) ads_verify_ticket: unable to protect replay cache with mutex. [2005/04/08 14:51:41, 1] smbd/sesssetup.c:(173) Failed to verify incoming ticket! [2005/04/08 14:51:41, 3] smbd/error.c:(105) error string = Resource temporarily unavailable [2005/04/08 14:51:41, 3] smbd/error.c:(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2005/04/08 14:51:41, 3] smbd/process.c:(1334) timeout_processing: End of file from client (client has disconnected). Other net ads based commands are working fine. I can get ads status displayed without any suspicious entries, I can get users/groups lists. But client (that is member of same domain) connections always end with above shown entries in log file. Any ideas what can be wrong ? With best regards Martynas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, ADS and Failed to verify incoming ticket!
I think I found problem. When I put secrets.tdb and lock directory NOT on NFS share it worked ! Isn't possible to put all SAMBA running files on NFS share ? Any comments ? What would you hope to gain by doing this? Please say you aren't trying to run several servers with the same backend data files... (hitting reply to all is good ;) apparenlty I am not) With best regards Martynas -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Buozis, Martynas Sent: Friday, April 08, 2005 3:06 PM To: samba@lists.samba.org Subject: [Samba] Samba, ADS and Failed to verify incoming ticket! Hello I have Samba that joined Windows 2003 based ADS. At least net ads testjoin and net rpc testjoin gives that Join is OK. Alas clients can't connect to Samba server. In a log I see following messages : [2005/04/08 14:51:41, 0] tdb/tdbutil.c:(725) tdb(/web/opt/etc/smbprivate//secrets.tdb): tdb_lock failed on list 2 ltype=2 (Resource temporarily unavailable) [2005/04/08 14:51:41, 1] libads/kerberos_verify.c:(312) ads_verify_ticket: unable to protect replay cache with mutex. [2005/04/08 14:51:41, 1] smbd/sesssetup.c:(173) Failed to verify incoming ticket! [2005/04/08 14:51:41, 3] smbd/error.c:(105) error string = Resource temporarily unavailable [2005/04/08 14:51:41, 3] smbd/error.c:(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2005/04/08 14:51:41, 3] smbd/process.c:(1334) timeout_processing: End of file from client (client has disconnected). Other net ads based commands are working fine. I can get ads status displayed without any suspicious entries, I can get users/groups lists. But client (that is member of same domain) connections always end with above shown entries in log file. Any ideas what can be wrong ? With best regards Martynas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba, ADS and Failed to verify incoming ticket!
For ability to failover from one machine to another in case of hardware failures I put whole SAMBA installation on highly available NAS. Isn't that possible ? I am not trying to run several servers, just have all files on NAS to have ability actually run on any machine in cluster. Martynas -Original Message- From: Paul Gienger [mailto:[EMAIL PROTECTED] Sent: Friday, April 08, 2005 4:19 PM To: Buozis, Martynas Subject: Re: [Samba] Samba, ADS and Failed to verify incoming ticket! I think I found problem. When I put secrets.tdb and lock directory NOT on NFS share it worked ! Isn't possible to put all SAMBA running files on NFS share ? Any comments ? What would you hope to gain by doing this? Please say you aren't trying to run several servers with the same backend data files... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to turn off roaming profiles while holding ontologon scripts.
I just added the line: logon path= to the config. There is no paramater. --Mark On Apr 8, 2005 6:52 AM, Jason Balicki [EMAIL PROTECTED] wrote: Mark Ratering wrote: nevermind, I will google before posting next time. As an aside, it's common courtesy that if you've posted to the list and found an answer yourself, you post your answer as well. That way, the next poor soul who searches for turn off roaming profiles logon scripts won't find your message and see oh, I found it with no answer and be forced to curse you from afar why didn't he just put the damn answer in his message, or at least a link? Would that have been too much to ask? Argh! I say this from experience. :) Oh, and, client side. :) --J(K) -- Mark Ratering A+, CCNP 248-437-1938 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: How to turn off roaming profiles while holdingontologon scripts.
Mark Ratering wrote: I just added the line: logon path= to the config. There is no paramater. On XP and 2k (at least) roaming profiles can be turned off client side as well (right click my computer, go to properties, advanced, profiles, settings.) You can set profiles to be local here and mix local/roaming profiles if need be. --J(K) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] net ads join fails
Thanks When I run 'kinit administrator' I get the following error kinit: krb5_get_init_creds: unable to reach any KDC in realm ellisonslegal.com any ideas??? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dimitri Yioulos Sent: 08 April 2005 13:30 To: samba@lists.samba.org Subject: Re: [Samba] net ads join fails On Friday 08 April 2005 07:46 am, Penny Willisson wrote: Hi I have created the machine account on the AD server and did this logged in as Administrator so that should mean that the Administrator account has the correct permissions. I have executed the following command as suggested net ads join [EMAIL PROTECTED] -d 2 The following was output to the screen: [2005/04/08 13:33:38, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.39 bcast=10.0.255.255 nmask=255.255.0.0 [2005/04/08 13:33:41, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/08 13:33:41, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 [2005/04/08 13:33:41, 2] utils/net.c:main(897) return code = -1 Thanks Penny -Original Message- From: Gordon Hopper [mailto:[EMAIL PROTECTED] Sent: 06 April 2005 05:28 To: Penny Willisson Subject: Re: [Samba] net ads join fails [2005/04/05 15:11:44, 3] libsmb/clikrb5.c:ads_krb5_mk_req(381) ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory) [2005/04/05 15:11:44, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/05 15:11:44, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 I suggest you post the output of the command you are running to join the domain (including the command), for example, net ads join -U [EMAIL PROTECTED] -d 2. Also, note that the credentials you use to join the domain are not necessarily the domain Administrator, but they need to be a user who has write privileges to the ads folder where the machine account will be created. (It worked better for me when the machine account was already created in server manager, but according to the docs, that shouldn't be necessary.) It almost looks like the password failed. Or perhaps the folde r you specified for the machine account does not exist. Regards, Gordon Hopper Try the command kinit Administrator (or [EMAIL PROTECTED]). You should be prompted for a password. If, after entering the password, you're returned to a prompt with no further output then, in theory at least, your Kerberos setup is OK. If you get errors, well ... Run that first, then try net ads join -U [EMAIL PROTECTED] A good how-to can be found at: http://www.ulug.org.nz/ActiveDirectorySamba. HTH. Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Re: Re: extd_audit log output and documentation
On Friday 08 April 2005 04:10, Marco De Vitis wrote: Il 07/04/2005, alle ore 15:52, John H Terpstra ha scritto: On Thursday 07 April 2005 07:35, Marco De Vitis wrote: https://bugzilla.samba.org/show_bug.cgi?id=2349 extd_audit VFS log output problems - unexpected behaviour But nobody seems to have picked it up. What else can I do, as a non-programmer? Please help me to help you. :) Understood. Ehm... sorry, what? Should I mail anyone in particular about it? I understand that you are not a programmer and therefore can not write the updates to the documentation without much hit and miss pain. Whoever did the last update to this module did not document the changes and most likelt will not either. I originated the extd_audit module and thus I think it will fall to me to update the docs. That will have to wait until I get current priorities out of the way. It will be at least 4 months before I will get to this. If anyone else can do this earlier I am sure it will be appreciated. - John T. Thanks. -- Ciao, Marco. ..The Juliet Letters, Elvis Costello The Brodsky Quartet (1993). -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.10 and higher
Hi We noticed this as well. This is because ultraedit effectively moves the original file to the bak file first and then create a NEW file (with indeed the rights of the current user). Because of the group writable bit this is completely legal. The only thing you can do is remove the group writable bit, but then users in the same group can not edit each other files. I consider this more a bug in UltraEdit (it should create a new bak file iso moving the original file) kind regards Willem Jaap Kramer Jens ZFF ISAC said: Due the software Ultraedit, it is possible to manipulate the ownership of Files!!! This may be a big securetyhole. A test.txt owner jens:group fish Unixrights 760 opened an manipulated whit ultraedit, saved. ther will be 2 Files one test.txt which is owned by the modifier( e.g hans:fish), and a test.txt.bak which is owened by jens.fish. That's OK. so if i repeat this sequenz again, i will delete the first created test.txt.bak with my own, and destroyed the original File from the original User. How is this possible??? Can I forbid this action??? Thanks Jens -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net ads join fails
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dimitri Yioulos Sent: 08 April 2005 13:30 To: samba@lists.samba.org Subject: Re: [Samba] net ads join fails On Friday 08 April 2005 07:46 am, Penny Willisson wrote: Hi I have created the machine account on the AD server and did this logged in as Administrator so that should mean that the Administrator account has the correct permissions. I have executed the following command as suggested net ads join [EMAIL PROTECTED] -d 2 The following was output to the screen: [2005/04/08 13:33:38, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.39 bcast=10.0.255.255 nmask=255.255.0.0 [2005/04/08 13:33:41, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/08 13:33:41, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 [2005/04/08 13:33:41, 2] utils/net.c:main(897) return code = -1 Thanks Penny -Original Message- From: Gordon Hopper [mailto:[EMAIL PROTECTED] Sent: 06 April 2005 05:28 To: Penny Willisson Subject: Re: [Samba] net ads join fails [2005/04/05 15:11:44, 3] libsmb/clikrb5.c:ads_krb5_mk_req(381) ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory) [2005/04/05 15:11:44, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown code krb5 156 [2005/04/05 15:11:44, 0] utils/net_ads.c:ads_startup(191) ads_connect: Unknown code krb5 156 I suggest you post the output of the command you are running to join the domain (including the command), for example, net ads join -U [EMAIL PROTECTED] -d 2. Also, note that the credentials you use to join the domain are not necessarily the domain Administrator, but they need to be a user who has write privileges to the ads folder where the machine account will be created. (It worked better for me when the machine account was already created in server manager, but according to the docs, that shouldn't be necessary.) It almost looks like the password failed. Or perhaps the folde r you specified for the machine account does not exist. Regards, Gordon Hopper Try the command kinit Administrator (or [EMAIL PROTECTED]). You should be prompted for a password. If, after entering the password, you're returned to a prompt with no further output then, in theory at least, your Kerberos setup is OK. If you get errors, well ... Run that first, then try net ads join -U [EMAIL PROTECTED] A good how-to can be found at: http://www.ulug.org.nz/ActiveDirectorySamba. HTH. Dimitri On Friday 08 April 2005 10:41 am, you wrote: Thanks When I run 'kinit administrator' I get the following error kinit: krb5_get_init_creds: unable to reach any KDC in realm ellisonslegal.com any ideas??? You probably don't have Kerberos configured correctly. Check your krb5.conf and kdc.conf files. Refer to the how-to I mentioned earlier, and also http://web.mit.edu/kerberos/www/krb5-1.4/krb5-1.4/doc/krb5-install.html, if you're using MIT Kerberos. Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrade Samba 3.0.9 (Suse 9.2) = Samba 3.0.13 Or newer
Hi, If I upgrade my PDC with samba 3.0.13 (RPM) will I have something to do on config file / openldap ? Thanks, Have a nice weekend. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] AIX
Can you tell me if there's an available Samba download for AIX Version 5.2 on your website. Thank you, Rosalie Socci This email including any attachments may contain confidential/ or priveleged information. It is for the sole use of the intended receipient . If you are not said receipient, please notify the sender immediately and destroy this email. Any unauthorized copying , disclosure , distribution, use or retention of this email or the information in it is strictly forbidden. Please be aware that the entire content of this email and replies to it may be monitored by the senders company for quality assurance, policy compliance and/or security purposes.. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Custom Hidden Files?
Tony Earnshaw wrote: hide dot files ... but some of those files will probably be directories which your users might want.. My purpose is giving on every platform the same home direcory. Relying on afs, kerberos and ldap every os other than windows can have the same things. Now I'm finding a way to have the same things on ms products (2000 and later). -- Sensei mailto:[EMAIL PROTECTED] pgp:8998A2DB icqnum:241572242 yahoo!:sensei_sen msn-id:[EMAIL PROTECTED] signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 16-bit Application Compatibility
I have samba running on an XServe under OS X 10.3.8. Recently moved some files over from a Compag server which were created and accessed by a 16-bit application originally written for Windows 3.1.1. The application sees all of the previously created file names truncated and doesn't recognize links to embedded image files. I have searched the documentation and can't find a specific parameter setting to fix this issue and was wondering if anyone has a solution aside from updating to a 32-bit version of the application which is on order. TIA -- Frank Marder -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba, ADS and Failed to verify incoming ticket!
fre, 08.04.2005 kl. 16.23 skrev Buozis, Martynas: For ability to failover from one machine to another in case of hardware failures I put whole SAMBA installation on highly available NAS. Isn't that possible ? I am not trying to run several servers, just have all files on NAS to have ability actually run on any machine in cluster. NAS is not SAN. NAS is *not*,necessarily, permanently available. SAN is. If you want your files to be permanently available, whether through an Act of God, or whatever, you might consider SAN with accompanying backup routines, collocations, etc. I hope that your pocket book is suitably fat. Because this is going to *squeez* it. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba, ADS and Failed to verify incoming ticket!
Tony I clearly understand what is SAN and what is NAS. I have both here from EMC. And our NAS based on Cellera never had NFS outages because of hardware failures. Also I use two Cisco switches with dual paths on SUN box (using IP Multipathing) to protect against network failures. So believe me - NAS in some cases is highly available storage. And, openly, I see no difference from HA point of view between NAS and SAN - it only depends what you use and how you design infrastructure. But sorry - this is not advertisement. I simply would like to have ability and run Samba from NFS, but it looks like this is not option and at least something should be stored on local disks. Well, I think I can live with this. With best regards Martynas -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Earnshaw Sent: Friday, April 08, 2005 5:52 PM To: samba@lists.samba.org Subject: RE: [Samba] Samba, ADS and Failed to verify incoming ticket! fre, 08.04.2005 kl. 16.23 skrev Buozis, Martynas: For ability to failover from one machine to another in case of hardware failures I put whole SAMBA installation on highly available NAS. Isn't that possible ? I am not trying to run several servers, just have all files on NAS to have ability actually run on any machine in cluster. NAS is not SAN. NAS is *not*,necessarily, permanently available. SAN is. If you want your files to be permanently available, whether through an Act of God, or whatever, you might consider SAN with accompanying backup routines, collocations, etc. I hope that your pocket book is suitably fat. Because this is going to *squeez* it. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools not playing nice w/ samba ?
Tony Earnshaw wrote: tor, 07.04.2005 kl. 20.10 skrev Ben Davis: I tried this and it still did not work. The problem as far as I can tell is that samba is not even attempting to search for the user after it adds it. The very last operations in my slapd.log after the error occured, were: This is not so: onn=20539 op=1 SRCH base=dc=pca-wichita,dc=com scope=2 filter=((objectClass=posixAccount)(uid=melisa$)) This is a search, scope sub, for ((objectClass=posixAccount)(uid=melisa$)) onn=20539 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=20539 op=2 SRCH This is the log entry that says that no object is found. I.e., there is either no combination of objectClass=posixAccount and uid=melisa$, or the LDAP ACL prohibits it being read. Right, but that is only the FIRST operation for that connection. Read that log again. The LAST operation is where it adds the entry. Therefore it is my understanding that samba (or the idealx script) is searching for the entry which doesn't exist (as expected, because this is the first time the machine has joined) and then adding it... My point was that the very LAST thing that happened is the machine user gets added, and then nothing else (so searches or anything) happens after that. My question is why isn't samba doing anything _after_ the user gets added to LDAP? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Re: Re: extd_audit log output and documentation
Il 08/04/2005, alle ore 16:41, John H Terpstra ha scritto: Whoever did the last update to this module did not document the changes and most likelt will not either. I originated the extd_audit module and thus I think it will fall to me to update the docs. That will have to wait until I get current priorities out of the way. It will be at least 4 months before I will get to this. Oh, I see, thank you for the explanation. I had a look at the code and it doesn't seem too complex (I have very very basic programming knowledge), who knows, maybe I'll take courage and give it a try in the next months. ;) I'll keep you informed if this happens, of course. -- Ciao, Marco. ...Dig?, Bill Bruford's Earthworks (1989) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: File browser doesn't remember last directory over Dfs
I applied the patch below to 3.0.13 and it seems to have fixed this problem. Simon Walton -- *** source/include/msdfs.h.orig Fri Mar 11 05:47:05 2005 --- source/include/msdfs.h Thu Apr 7 17:02:39 2005 *** *** 72,77 --- 72,85 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED,\ ERRSRV, ERRbadpath);; } + #define RESOLVE_FINDFIRST_DFSPATH(name, conn, inbuf, outbuf)\ + { if ((SVAL(inbuf,smb_flg2) FLAGS2_DFS_PATHNAMES) \ + lp_host_msdfs() lp_msdfs_root(SNUM(conn))\ + dfs_redirect(name,conn,True)) \ + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, \ +ERRSRV, ERRbadpath);; } + + #define init_dfsroot(conn, inbuf, outbuf) \ { if (lp_msdfs_root(SNUM(conn)) lp_host_msdfs()) { \ DEBUG(2,(Serving %s as a Dfs root\n,\ *** source/smbd/trans2.c.orig Fri Mar 18 06:56:41 2005 --- source/smbd/trans2.cThu Apr 7 17:02:39 2005 *** *** 1378,1384 return ERROR_NT(ntstatus); } ! RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); unix_convert(directory,conn,0,bad_path,sbuf); if (bad_path) { --- 1378,1384 return ERROR_NT(ntstatus); } ! RESOLVE_FINDFIRST_DFSPATH(directory, conn, inbuf, outbuf); unix_convert(directory,conn,0,bad_path,sbuf); if (bad_path) { Simon Walton wrote: Hi, I have encountered some strange behaviour after upgrading to 3.0.12 on FreeBSD 4.10 file servers. Normally when users on windows apps use the file browser to select a file it remembers the selected directory between invocations, so that, for example, they can easily read in multiple files from the same directory, or if they click on Save As... it takes them to the directory where they last saved. However if the path follows a Dfs link on the samba server this does not happen, and the file browser always opens up in some default location (under Docs and Settings locally). This was observed on Win 2k SP4 and Win XP SP2. Downgrading to 3.0.7 (on the server with the Dfs tree) fixed the problem. Upgrading to 3.0.13 did not fix it. I turned up logging on the server with the problem and it looks like when you bring up the file browser it tries to stat the location but fails like so: [2005/04/05 14:29:30, 3] smbd/trans2.c:call_trans2findfirst(1351) call_trans2findfirst: dirtype = 22, maxentries = 1366, close_after_first=1, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/04/05 14:29:30, 3] smbd/msdfs.c:dfs_redirect(391) dfs_redirect: Redirecting m-6/v/MWD/vid_rez_Archives [2005/04/05 14:29:30, 3] smbd/error.c:error_packet(105) error string = No such file or directory [2005/04/05 14:29:30, 3] smbd/error.c:error_packet(129) error packet at smbd/trans2.c(1381) cmd=50 (SMBtrans2) NT_STATUS_PATH_NOT_COVERED In this example /v/MWD/vid_rez_Archives is a Dfs link. I saw in the archives mention of a problem executing files over Dfs links; I don't know if this is related. Simon Walton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrade Samba 3.0.9 (Suse 9.2) = Samba 3.0.13 Or newer
fre, 08.04.2005 kl. 17.00 skrev [EMAIL PROTECTED]: If I upgrade my PDC with samba 3.0.13 (RPM) will I have something to do on config file / openldap ? Most probably, if your installation is pre-3.0.11. It's all in the docs, if you're not an OpenLDAP person by choice you'll have problems coping with it. 1: wait for 3.0.14 (rc1 next week) There are too many published bugs in 3.0.13. 2: 3.0.11 doesn't have those bugs, but 3.0.14 should include many updates that make waiting worthwhile. That's my position, at any rate. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Custom Hidden Files?
fre, 08.04.2005 kl. 17.41 skrev Franco Sensei [...] hide dot files ... but some of those files will probably be directories which your users might want.. My purpose is giving on every platform the same home direcory. Relying on afs, kerberos and ldap every os other than windows can have the same things. Now I'm finding a way to have the same things on ms products (2000 and later). This will probably get you into all kinds of shit (learn Windows and NTFS to find out why). However, if that's what you want, you go ahead, find out for yourself ;) My advice is to keep Unix and Windows (Samba) home and other directories completely apart from each other. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP and the Password attrtibute in SAMBA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, ~I am currently using SAMBA in conjunction with LDAP. There is one minor thing that I was wondering about. Is it possible to get SAMBA to get the users password from another attribute than the SambaNTPassword password attribute? I have some other ideas for making it work but it would make it easier if SAMBA could use say teh userpassword attribute instead of that one :) Thanks! Liz -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCVuNNlt/irWun80cRAprPAJ9LyWTFtIU9PB+P7HMATgI91j/55QCfSYWG gcR7VILolhi+9tyl4Ul8TOU= =nkx0 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Database Problems
I have a billing database that runs on a Faircom engine. I had set things up initially with users accessing files in this directory with their user accounts. However, only one person could enter data at a time. I then created a seperate share for this directory and did a force user= on it. I had thought that this worked, but of course users never bothered to tell me that after a short period of time the problem reemerged. I'm wondering what other tricks I might use here to eleviate this problem. The server is a LDAP PDC running 3.0.10. smb.conf. Tabs3 is the database directory global] workgroup = FSKS server string = Camarillo interfaces = obey pam restrictions = Yes passdb backend = ldapsam:ldap:// log file = /usr/log/samba/%m.log max log size = 50 acl compatibility = win2k map acl inherit = Yes server signing = auto add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u' delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u' add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g' delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g' add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g' delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g' set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u' add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u' domain logons = Yes os level = 33 lm interval = 5 preferred master = Yes domain master = Yes wins server = lock spin count = 4 ldap admin dn = cn=Manager,dc=fsklaw,dc=com ldap filter = ((uid=%u)(objectclass=posixAccount)) ldap group suffix = ou=groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=computers ldap suffix = dc=fsklaw,dc=com ldap user suffix = ou=users idmap backend = ldap:ldap:// idmap uid = 1-2 idmap gid = 1-2 admin users = tms3 inherit permissions = Yes inherit acls = Yes write cache size = 262144 dos filemode = Yes dos filetimes = Yes [camarillo] path = /usr/home/camarillo read only = No create mask = 0777 force create mode = 0777 force directory mode = 0777 guest ok = Yes [www] path = /usr/local/www valid users = root read only = No [Profiles] path = /usr/home/camarillo/open/Profiles read only = No guest ok = Yes profile acls = Yes hide files = /desktop.ini/ [tabs3] path = /usr/home/camarillo/open/STI_Remote force user = root read only = No create mask = 0740 force create mode = 0740 force directory mode = 0740 directory security mask = 0740 guest ok = Yes veto oplock files = rmtfee.dat, rmtfee.idx -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Execute shell command when accessing a share
Hello List! Is it possible to execute a shell command as soon as a client connects to a share/file? Background: I want to install a Windows Database Application (on a samba share) which does not lock its Database files, and i want to avoid that a 2nd client with the same Database Application will overwrite any changes. Or has anyone else a workaround idea for my problem? Cheers, Mario -- Handyrechnung zu hoch? Tipp: SMS und MMS mit GMX Seien Sie so frei: Alle Infos unter http://www.gmx.net/de/go/freesms -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and the Password attrtibute in SAMBA
would make it easier if SAMBA could use say teh userpassword attribute This comes up every month or so, and the answer is always no. Here's my understanding of how it works, somebody correct me if I'm wrong (or affirm if right for once ;) ) Windows encrypts the password on the client side and sends the password hash over the wire encrypted. Once it gets to the server, the server simply compars the hashes and gives the virtual thumbs up/down on it. The crux of the problem is that neither password hash is reversable, UNIX or Windows, which is why the hash is worth the bits it's stored in... if they were reversable security would be a sham at best. You should be able to follow through at this point that comparing two hashes of different types is pointless since you can't derive the original value, and the hashes are obviously going to be different. So basically, unless you can configure windows to send the same hash as your UNIX system uses or get your system to use the NT string, you're pretty much borked. Of course this would also require samba to check the sent hash against /etc/passwd|shadow, but that would probably be trivial compared to reconfiguring windows or rewriting pam to read an NT hash. Make sense? It's late on friday and I'm burned out, so question away if it doesn't. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbd hangs for users...
On Fri, Apr 08, 2005 at 01:23:11PM +0200, Anders Troback wrote: Hi, I'm new to the list so bare with me! Running samba-3.0.12 on FreeBSD 5.3-STABLE. I did uppgrade from 3.0.10 to 3.0.12 and now lots of my users have problems accesing their home folder on that server. If I look at the users procceses they are running more than one smbd and they are on verry high load, in top: PID USERNAME PRI NICE SIZERES STATE C TIME WCPUCPU COMMAND 12045 user1 1320 8588K 4900K CPU1 0 5:02 72.31% 72.31% smbd 11577 user1 1320 8604K 4680K CPU3 0 20:19 72.17% 72.17% smbd 12101 user1 1320 8884K 5156K RUN0 0:51 69.58% 69.58% smbd In windows the explorer hangs if the access their home folder... Can you get a backtrace using gdb from one of these processes ? I think I have a patch for you for this but need to be sure. Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Browse sync problem - any help appreciated!
Greetings! Any help with this problem would be greatly appreciated: I have 3 samba boxes on 3 different subnets. One is set to be a WINS server with the others pointing to it. I have verified that each box is the LMB for each subnet with the DMB on the same box as the WINS. The logs on each box indicate apparantly correct announcements and sync attempts however there are always 0 records returned :( The browse.dat files on each box do indeed contain the list of names on that particular subnet but not from the others. [2005/03/31 18:53:58, 2] nmbd/nmbd_browsesync.c:sync_with_lmb(69) sync_with_lmb: Initiating sync with local master browser PICKLE0x20 at IP 192.168.5.1 for workgroup TEST[2005/03/31 18:53:58, 2] nmbd/nmbd_synclists.c:sync_browse_lists(171) Initiating browse sync for TEST to PICKLE(192.168.5.1) [2005/03/31 18:53:58, 3] lib/util_sock.c:open_socket_out(845) Connecting to 192.168.5.1 at port 139 [2005/03/31 18:53:58, 2] nmbd/nmbd_synclists.c:complete_sync(286) sync with PICKLE(192.168.5.1) for workgroup TEST completed (0 records) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Recover from inadvertent change to domain SID
I have run Samba 2.2.2 without problems for three years. The server acts as the domain controller for a domain of thirty XP/2000 computers. Two weeks ago the domain SID was accidentally changed. I can confirm this by looking at backups of /etc/MACHINE.SID. I am not sure how the SID changed but I _think_ that it may have occurred during testing for an upgrade to Samba 3 :( I now find that _some_ users can no longer log on to _some_ machines. The majority of users always log on to 'their own' computer and have not reported problems. Problems seem to occur when a user attempts to log on to a machine that they would not regularly use. User profiles are stored locally (i.e they are not roaming). If I examine the user profiles on an XP client, (System Properties,Advanced,User Profiles) I typically find that some profiles are recognized by the domain whilst others appear as 'Account Unknown'. The 'unknown' accounts are unable to log in. If a user has _never_ logged on to a particular machine before (and therefore has no profile) they are also unable to log in. However, if I examine the user SIDs in the registry (HKLM/SOFTWARE/Microsoft/Windows NT/ProfileList) all the user SIDs begin with the original domain SID, not with the new domain SID which has been in place for two weeks. Question: How are _any_ users able to log in when their user SID is different from the domain SID? Question: A user can log in to one machine but not another even though the user SID in the registry is identical on both machines. Does this mean that the machine SID is also a factor? Question: What is the best course of action to take now? Can I simply replace the original domain SID in MACHINE.SID? Will the current 'incorrect' domain SID have propagated elsewhere? If I leave the current domain SID in place, I believe that I can recover by simply removing a machine from the domain and rejoining. I have tried this on one machine and it seems to work. But of course, the system then creates a new profile when a user logs on and I am keen to avoid this. Many thanks Jean Lofts -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Custom Hidden Files?
Tony Earnshaw wrote: This will probably get you into all kinds of shit (learn Windows and NTFS to find out why). However, if that's what you want, you go ahead, find out for yourself ;) My advice is to keep Unix and Windows (Samba) home and other directories completely apart from each other. I can also set different shares. One is ~/windows/ for the profile, and one is the unix home directory along with another one which is afs... Would you do that? -- Sensei mailto:[EMAIL PROTECTED] pgp:8998A2DB icqnum:241572242 yahoo!:sensei_sen msn-id:[EMAIL PROTECTED] signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Nagging error
Hi Dimitri, I also have lots of these same errors in my logs. I have no idea what they mean. Don't seem to be causing a problem though. regards, Ian Hello to all. I keep getting the same error in the logs of all my Samba boxes: Apr 8 09:00:19 hanover smbd[19917]: [2005/04/08 09:00:19, 0] lib/util_sock.c:read_socket_data(384) Apr 8 09:00:19 hanover smbd[19917]: read_socket_data: recv failure for 4. Error = Connection reset by peer If this has been posted before, my apologies. I've RTFM, and I've googled for a solution, and while I've seen a few suggestions (actually, very few, although many have requested a solution), none has worked for me. Can anyone help? Many thanks. Dimitri -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. P : ++353 93 23151 F : ++353 93 23110 E : mailto:[EMAIL PROTECTED] W : http://www.cel-europe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: Migrating from NT4 to Samba/LDAP - Demoting PDC to domain member
I'll second that - I've used UPromote a couple of times to 'demote' a 'retired' NT 4 PDC to a member server. Worked great - alas - not free. I have even demoted an nt4 pdc exchange 5.5 to a standalone server, and it came up without a problem afterwards. I used compaq servers with the Compaq SMART RAID Disk Controller. Even though I received warnings about possible issues (see http://utools.com/compaq.asp) it worked without a problem. MIND YOU: I did disable the write cache completely prior to the whole operation. mj -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Thanks everybody for their input. I'm going to attempt the migration at the weekend so fingers crossed :). Ian -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. E : mailto:[EMAIL PROTECTED] W : http://www.cel-europe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cups print jobnames became SMB jobname not doc name
Since upgrading to Fedora Core 3 the jobname for the files being printed to our PDF CUPS backend have become the Samba jobname as in SMBPRN.888009.hjdcl instead of the application filename such as Microsoft Word - Document1.DOC. This stops us from providing a properly-named PDF file to our users. Our other server that is still on Core 1 does not have this problem. I've seen other mentions of this problem going back several years but no definitive answer. Can anyone advise what action to take? Thanks, Greg -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] using unix password sync to sync krb5 password
Hello, I'm creating a perl script that will update a username password with this syntax script.pl -u USERNAME I had a weird idea : unix password sync = yes passwd program = /bin/scipt.pl -u %u passwd chat = *new*password* %n\\n*new*password* %n\\n *ok_changed* does someone try this type of little hack to sync krb5 DB ? Nice W-E to all ! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] No domain server was available to validate your password.
I am a Samba newbie who has just set up a Samba server running under Fedora Core 3 and a client running under Win 98. When I log in, I get the message: No domain server was available to validate your password. You may not be able to gain access to some network resources. Also, Any attempt to see the network from Network Neighborhood or from Windows Explorer fails with the error box: Unable to browse the network . The network is not accessible For more information ... I have run all the tests in the HOWTO section: .../Samba-HOWTO-Collection/diagnosis.html up to and including the last two: C:\WINDOWSnet use x: \\claremont\TMP on the client, which does, in fact make the device x: on my client equivalent to /tmp on my server, and $ nmblookup -M MYGROUP querying MYGROUP on 192.168.255.255 192.168.1.35 MYGROUP1d on the server, which looks OK. Nevertheless (to repeat) attempts to browse the network from Network Neighborhood or from Windows Explorer all fail. I have taken some logs with ethereal. The one attached, windowsLogin shows activity from starting smbd and nmbd, through logging on from the windows machine (amito) and and attempt to browse the network from it. I have also attached my smb.conf file. The network is very small. It consists of only 3 machines: # Gateway to the Internet and name server for the local net 192.168.0.1 homeportal.gateway.2wire.net # Windows client 192.168.1.34amito.localdomain amito # Linux Samba server 192.168.1.35claremont.localdomain claremont What's going on? # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2005/04/07 17:33:00 # Global parameters [global] workgroup = MYGROUP server string = Samba Server auth methods = guest, sam username map = /etc/samba/smbusers log file = /var/log/samba/%m.log max log size = 50 name resolve order = lmhosts host bcast server signing = auto socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 printcap name = /etc/printcap preferred master = Yes domain master = Yes wins support = Yes ldap ssl = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 cups options = raw [homes] comment = Home Directories read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [jonrysh] path = /home/jonrysh guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Samba binding anonymously (was: Re: [Samba] smbldap-tools not playing nice w/ samba ?)
After looking at this further, I realized I had only grepped the log for the last connection that I saw. What happened was samba opened up a connection (conn=20538), and after that a new connection (conn=20539) was opened up, the conn=20539 connection was the one that _added_ the machine account... and it looks like samba did some further operations on the 20538 connection, the last of which is a search for the machine user. So, Tony, I stand corrected! I discovered that the reason this search failed is because samba was binding anonymously on the 20538 connection, and my ACLs are set up to deny access for anonymous binds. My conf file is set up to bind with the cn=Manager dn. Why would Samba ever bind to ldap anonymously? Tony Earnshaw wrote: tor, 07.04.2005 kl. 20.10 skrev Ben Davis: I tried this and it still did not work. The problem as far as I can tell is that samba is not even attempting to search for the user after it adds it. The very last operations in my slapd.log after the error occured, were: This is not so: conn=20539 op=1 SRCH base=dc=pca-wichita,dc=com scope=2 filter=((objectClass=posixAccount)(uid=melisa$)) This is a search, scope sub, for ((objectClass=posixAccount)(uid=melisa$)) conn=20539 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=20539 op=2 SRCH This is the log entry that says that no object is found. I.e., there is either no combination of objectClass=posixAccount and uid=melisa$, or the LDAP ACL prohibits it being read. Do a search with 'ldapsearch -x' and the same filter. If it doesn't return anything, the object probably doesn't exist. Don't get led astray by nss, it's not used here. The samba ldapsam backend and tools (not idealx) are first class and brilliantly written. --Tonni -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: How to turn off roaming profiles while holdingontologon scripts.
fre, 08.04.2005 kl. 16.37 skrev Jason Balicki: On XP and 2k (at least) roaming profiles can be turned off client side as well (right click my computer, go to properties, advanced, profiles, settings.) You can set profiles to be local here and mix local/roaming profiles if need be. And this you have to do on 10,000 clients spread all over the world? Consider running runas on netlogon, calling a script that alters registry entries. Google ;) --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools not playing nice w/ samba ?
fre, 08.04.2005 kl. 18.46 skrev Ben Davis: I tried this and it still did not work. The problem as far as I can tell is that samba is not even attempting to search for the user after it adds it. The very last operations in my slapd.log after the error occured, were: This is not so: onn=20539 op=1 SRCH base=dc=pca-wichita,dc=com scope=2 filter=((objectClass=posixAccount)(uid=melisa$)) This is a search, scope sub, for ((objectClass=posixAccount)(uid=melisa$)) onn=20539 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=20539 op=2 SRCH This is the log entry that says that no object is found. I.e., there is either no combination of objectClass=posixAccount and uid=melisa$, or the LDAP ACL prohibits it being read. Right, but that is only the FIRST operation for that connection. Read that log again. Did it. You're right. The LAST operation is where it adds the entry. Therefore it is my understanding that samba (or the idealx script) is searching for the entry which doesn't exist (as expected, because this is the first time the machine has joined) and then adding it... My point was that the very LAST thing that happened is the machine user gets added, and then nothing else (so searches or anything) happens after that. My question is why isn't samba doing anything _after_ the user gets added to LDAP? I can't use the idealx scripts at all, since they'd not be able to cope with a DIT that I had *long* before I started using Samba, with several user group containers spread through the base DIT. The idealx scripts could not cope wiyh these, they couldn't cope with my Computer DN, such as I've defined it and they couldn't cope with my group definitions. Nor could LAM, nor could anything else written as off-the-cuff panaceas. I write my own scripts (pure awk) for adding Posix accounts for 5 different groups, I write my own scripts (shell/awk/sed/OpenLDAP tools) for adding groups and computers/Windows workstations, I'm an OpenLDAP person (was long before I started with Samba). I incorporate the Samba tools (mostly smbpasswd) into my scripts as necessary and they always work. I've looked through and even tried to change the idealx stuff to do what I want and what I do, but that's useless, since the idealx scripts are not capable of doing what i do (multiple user groups, user-defined object classes and attributes from given first-middle-last-name lists), converting these into Samba/Windows users, etc. My scripts are utterly disjointed and not fit to publish, so I won't even offer them. They were written one by one until each did what I wanted. There are at least 10, disjointed, shit scripts. All I can say is, that there's a hell of a lot of difference between the Samba tools (smbpasswd, smbd, pdbedit, etc) and the idealx scripts. The latter are intended for kindergarten-standard OpenLDAP administrators who don't know arse from tit and the former are written for Unix system administrators. I have a site running 75+ Windows 2000 workstations with 1150+ potential single-login Samba 3.0.11 users that also use OpenLDAP for Linux Terminal Server Project, smtp and IMAP e-mail, Pykota print quota stuff, etc. purposes. I couldn't possibly have done the Samba bit using the idealx scripts or any other off-the-cuff scripts. So my advice would be for you to be more critical to the idealx scripts and parse each one. If you find out why they are not working, you won't need to post here for help on why. As I wrote above, they're useless for me, so I write my own. --Tonni Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r6247 - in branches/SAMBA_4_0/source: include libcli/dgram librpc/idl nbt_server nbt_server/dgram torture/nbt
Author: tridge Date: 2005-04-08 08:57:09 + (Fri, 08 Apr 2005) New Revision: 6247 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6247 Log: added the server side code for receiving mailslot requests, and parsing incoming netlogon requests. No replies are sent yet. Added: branches/SAMBA_4_0/source/nbt_server/dgram/ branches/SAMBA_4_0/source/nbt_server/dgram/browse.c branches/SAMBA_4_0/source/nbt_server/dgram/netlogon.c branches/SAMBA_4_0/source/nbt_server/dgram/request.c Modified: branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/libcli/dgram/dgramsocket.c branches/SAMBA_4_0/source/libcli/dgram/netlogon.c branches/SAMBA_4_0/source/librpc/idl/nbt.idl branches/SAMBA_4_0/source/nbt_server/config.mk branches/SAMBA_4_0/source/nbt_server/interfaces.c branches/SAMBA_4_0/source/torture/nbt/dgram.c Changeset: Sorry, the patch is too large (430 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6247
svn commit: samba r6248 - in branches/SAMBA_4_0/source: libcli/dgram librpc/idl
Author: tridge Date: 2005-04-08 09:38:16 + (Fri, 08 Apr 2005) New Revision: 6248 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6248 Log: added parsing of type 10 UAS announce netlogon packets Modified: branches/SAMBA_4_0/source/libcli/dgram/netlogon.c branches/SAMBA_4_0/source/librpc/idl/nbt.idl Changeset: Modified: branches/SAMBA_4_0/source/libcli/dgram/netlogon.c === --- branches/SAMBA_4_0/source/libcli/dgram/netlogon.c 2005-04-08 08:57:09 UTC (rev 6247) +++ branches/SAMBA_4_0/source/libcli/dgram/netlogon.c 2005-04-08 09:38:16 UTC (rev 6248) @@ -70,5 +70,12 @@ status = ndr_pull_struct_blob(data, mem_ctx, netlogon, (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,(Failed to parse netlogon packet of length %d\n, +data-length)); +#if 0 + file_save(netlogon.dat, data-data, data-length); +#endif + } return status; } Modified: branches/SAMBA_4_0/source/librpc/idl/nbt.idl === --- branches/SAMBA_4_0/source/librpc/idl/nbt.idl2005-04-08 08:57:09 UTC (rev 6247) +++ branches/SAMBA_4_0/source/librpc/idl/nbt.idl2005-04-08 09:38:16 UTC (rev 6248) @@ -8,7 +8,10 @@ encoding if it doesn't work out */ -interface nbt +[ uuid(1-2-3-4), + version(1.0), + depends(security) +] interface nbt { const int NBT_NAME_SERVICE_PORT = 137; const int NBT_DGRAM_SERVICE_PORT = 138; @@ -326,6 +329,7 @@ /* \MAILSLOT\NET\NETLOGON mailslot requests */ typedef [enum8bit] enum { NETLOGON_QUERY_FOR_PDC = 0x7, + NETLOGON_ANNOUNCE_UAS = 0xa, NETLOGON_RESPONSE_FROM_PDC = 0xc } nbt_netlogon_command; @@ -351,8 +355,37 @@ uint16 lm20_token; } nbt_netlogon_response_from_pdc; + /* announce change to UAS or SAM */ + typedef struct { + uint32 db_index; + hyperserial; + NTTIME timestamp; + } nbt_db_change; + + /* used to announce SAM changes */ + typedef struct { + uint32 serial_lo; + time_t timestamp; + uint32 pulse; + uint32 random; + astring pdc_name; + astring domain; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring unicode_domain; + uint32 db_count; + nbt_db_changedbchange[db_count]; + [value(ndr_size_dom_sid(r-sid))] uint32 sid_size; + uint16 unknown; + dom_sid sid; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_announce_uas; + typedef [nodiscriminant] union { [case(NETLOGON_QUERY_FOR_PDC)] nbt_netlogon_query_for_pdc pdc; + [case(NETLOGON_ANNOUNCE_UAS)] nbt_netlogon_announce_uas uas; [case(NETLOGON_RESPONSE_FROM_PDC)] nbt_netlogon_response_from_pdc response; } nbt_netlogon_request; @@ -361,4 +394,6 @@ uint8pad; [switch_is(command)] nbt_netlogon_request req; } nbt_netlogon_packet; + + void nbt_netlogon([in] nbt_netlogon_packet logon); }
svn commit: samba r6249 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-04-08 17:04:59 + (Fri, 08 Apr 2005) New Revision: 6249 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6249 Log: Get the comparison the right way around... Jeremy. Modified: branches/SAMBA_3_0/source/smbd/statcache.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/statcache.c === --- branches/SAMBA_3_0/source/smbd/statcache.c 2005-04-08 09:38:16 UTC (rev 6248) +++ branches/SAMBA_3_0/source/smbd/statcache.c 2005-04-08 17:04:59 UTC (rev 6249) @@ -52,7 +52,7 @@ if (!lp_stat_cache()) return; - if (sc_size (sc_size*1024 tdb_stat_cache-map_size)) { + if (sc_size (tdb_stat_cache-map_size sc_size*1024)) { reset_stat_cache(); }
svn commit: samba r6250 - in trunk/source/smbd: .
Author: jra Date: 2005-04-08 17:05:01 + (Fri, 08 Apr 2005) New Revision: 6250 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6250 Log: Get the comparison the right way around... Jeremy. Modified: trunk/source/smbd/statcache.c Changeset: Modified: trunk/source/smbd/statcache.c === --- trunk/source/smbd/statcache.c 2005-04-08 17:04:59 UTC (rev 6249) +++ trunk/source/smbd/statcache.c 2005-04-08 17:05:01 UTC (rev 6250) @@ -52,7 +52,7 @@ if (!lp_stat_cache()) return; - if (sc_size (sc_size*1024 tdb_stat_cache-map_size)) { + if (sc_size (tdb_stat_cache-map_size sc_size*1024)) { reset_stat_cache(); }
svn commit: samba r6251 - in trunk/source/smbd: .
Author: jra Date: 2005-04-08 19:21:35 + (Fri, 08 Apr 2005) New Revision: 6251 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6251 Log: Re-order position of become_root() to allow directory to be read first. Jeremy. Modified: trunk/source/smbd/oplock.c Changeset: Modified: trunk/source/smbd/oplock.c === --- trunk/source/smbd/oplock.c 2005-04-08 17:05:01 UTC (rev 6250) +++ trunk/source/smbd/oplock.c 2005-04-08 19:21:35 UTC (rev 6251) @@ -807,7 +807,6 @@ saved_user_conn = current_user.conn; saved_vuid = current_user.vuid; saved_fsp_conn = fsp-conn; - change_to_root_user(); /* * Initialize saved_dir to something sensible: vfs_GetWd may not work well * for root: the directory may be NFS-mounted and exported with root_squash @@ -818,6 +817,10 @@ /* Save the chain fnum. */ file_chain_save(); + pstrcpy(file_name, fsp-fsp_name); + + change_to_root_user(); + /* * From Charles Hoch [EMAIL PROTECTED]. If the break processing * code closes the file (as it often does), then the fsp pointer here @@ -825,8 +828,6 @@ * around the loop. */ - pstrcpy(file_name, fsp-fsp_name); - while((fsp = initial_break_processing(dev, inode, file_id)) OPEN_FSP(fsp) EXCLUSIVE_OPLOCK_TYPE(fsp-oplock_type)) { if(receive_smb(smbd_server_fd(),inbuf, timeout) == False) {
svn commit: samba r6252 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-04-08 19:21:41 + (Fri, 08 Apr 2005) New Revision: 6252 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6252 Log: Re-order position of become_root() to allow directory to be read first. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/oplock.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/oplock.c === --- branches/SAMBA_3_0/source/smbd/oplock.c 2005-04-08 19:21:35 UTC (rev 6251) +++ branches/SAMBA_3_0/source/smbd/oplock.c 2005-04-08 19:21:41 UTC (rev 6252) @@ -805,7 +805,6 @@ saved_user_conn = current_user.conn; saved_vuid = current_user.vuid; saved_fsp_conn = fsp-conn; - change_to_root_user(); /* * Initialize saved_dir to something sensible: vfs_GetWd may not work well * for root: the directory may be NFS-mounted and exported with root_squash @@ -816,6 +815,10 @@ /* Save the chain fnum. */ file_chain_save(); + pstrcpy(file_name, fsp-fsp_name); + + change_to_root_user(); + /* * From Charles Hoch [EMAIL PROTECTED]. If the break processing * code closes the file (as it often does), then the fsp pointer here @@ -823,8 +826,6 @@ * around the loop. */ - pstrcpy(file_name, fsp-fsp_name); - while((fsp = initial_break_processing(dev, inode, file_id)) OPEN_FSP(fsp) EXCLUSIVE_OPLOCK_TYPE(fsp-oplock_type)) { if(receive_smb(smbd_server_fd(),inbuf, timeout) == False) {
svn commit: samba r6253 - in branches/SAMBA_3_0/source: . lib
Author: jra Date: 2005-04-08 21:05:14 + (Fri, 08 Apr 2005) New Revision: 6253 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6253 Log: Add FreeBSD EA API support. Bug #2576 - patch donated by Timur Bakeyev [EMAIL PROTECTED] Jeremy. Modified: branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/lib/system.c Changeset: Sorry, the patch is too large (342 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6253
svn commit: samba r6254 - in trunk/source: . lib
Author: jra Date: 2005-04-08 21:05:29 + (Fri, 08 Apr 2005) New Revision: 6254 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6254 Log: Add FreeBSD EA API support. Bug #2576 - patch donated by Timur Bakeyev [EMAIL PROTECTED] Jeremy. Modified: trunk/source/configure.in trunk/source/lib/system.c Changeset: Sorry, the patch is too large (342 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6254
svn commit: samba r6255 - in branches/SAMBA_3_0/source/client: .
Author: sfrench Date: 2005-04-08 22:46:31 + (Fri, 08 Apr 2005) New Revision: 6255 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6255 Log: Initial checkin of cifs umount utility Added: branches/SAMBA_3_0/source/client/umount.cifs.c Changeset: Sorry, the patch is too large (271 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6255
svn commit: samba r6256 - in branches/SAMBA_3_0/source/utils: .
Author: jra Date: 2005-04-08 22:58:07 + (Fri, 08 Apr 2005) New Revision: 6256 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6256 Log: Fix fprintf errors in smbpasswd. Fix for bug #2585 Ulf H?\195?\164rnhammar [EMAIL PROTECTED] Jeremy. Modified: branches/SAMBA_3_0/source/utils/smbpasswd.c Changeset: Modified: branches/SAMBA_3_0/source/utils/smbpasswd.c === --- branches/SAMBA_3_0/source/utils/smbpasswd.c 2005-04-08 22:46:31 UTC (rev 6255) +++ branches/SAMBA_3_0/source/utils/smbpasswd.c 2005-04-08 22:58:07 UTC (rev 6256) @@ -282,7 +282,7 @@ ret = remote_password_change(remote_mach, username, old_passwd, new_pw, err_str, sizeof(err_str)); if(*err_str) - fprintf(stderr, err_str); + fprintf(stderr, %s, err_str); return ret; } @@ -292,7 +292,7 @@ if(*msg_str) printf(msg_str); if(*err_str) - fprintf(stderr, err_str); + fprintf(stderr, %s, err_str); return ret; } @@ -503,7 +503,7 @@ fstrcpy(user_name,pwd-pw_name); passwd_free(pwd); } else { - fprintf(stderr, smbpasswd: you don't exist - go away\n); + fprintf(stderr, smbpasswd: cannot lookup user name for uid %u\n, (unsigned int)getuid()); exit(1); } }
svn commit: samba r6257 - in trunk/source/utils: .
Author: jra Date: 2005-04-08 22:58:12 + (Fri, 08 Apr 2005) New Revision: 6257 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6257 Log: Fix fprintf errors in smbpasswd. Fix for bug #2585 Ulf H?\195?\164rnhammar [EMAIL PROTECTED] Jeremy. Modified: trunk/source/utils/smbpasswd.c Changeset: Modified: trunk/source/utils/smbpasswd.c === --- trunk/source/utils/smbpasswd.c 2005-04-08 22:58:07 UTC (rev 6256) +++ trunk/source/utils/smbpasswd.c 2005-04-08 22:58:12 UTC (rev 6257) @@ -282,7 +282,7 @@ ret = remote_password_change(remote_mach, username, old_passwd, new_pw, err_str, sizeof(err_str)); if(*err_str) - fprintf(stderr, err_str); + fprintf(stderr, %s, err_str); return ret; } @@ -292,7 +292,7 @@ if(*msg_str) printf(msg_str); if(*err_str) - fprintf(stderr, err_str); + fprintf(stderr, %s, err_str); return ret; } @@ -503,7 +503,7 @@ fstrcpy(user_name,pwd-pw_name); passwd_free(pwd); } else { - fprintf(stderr, smbpasswd: you don't exist - go away\n); + fprintf(stderr, smbpasswd: cannot lookup user name for uid %u\n, (unsigned int)getuid()); exit(1); } }
Build status as of Sat Apr 9 00:00:01 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-04-08 00:00:18.0 + +++ /home/build/master/cache/broken_results.txt 2005-04-09 00:00:24.0 + @@ -1,38 +1,63 @@ -Build status as of Fri Apr 8 00:00:01 2005 +Build status as of Sat Apr 9 00:00:01 2005 Build counts: Tree Total Broken Panic ccache 35 2 0 -distcc 35 1 0 +distcc 35 2 0 ppp 20 1 0 -rsync35 3 0 +rsync35 4 0 samba1 1 0 samba-docs 0 0 0 -samba4 39 12 0 -samba_3_037 13 0 +samba4 39 39 0 +samba_3_037 17 0 Currently broken builds: Host Tree Compiler Status +aix1 samba4 gccok/ 2/?/? fusberta samba4 gccok/ 2/?/? +yurok samba4 gccok/ 2/?/? +yurok samba_3_0gcc 127/?/?/? samba-s390 samba4 gccok/ 2/?/? +rhonwynsamba4 gccok/ 2/?/? rhonwynsamba4 gcc-4.0ok/ 2/?/? rhonwynsamba_3_0gcc-4.0ok/ 2/?/? rhonwynsamba4 tccok/ 2/?/? +superego samba4 gccok/ 2/?/? +cl012 samba4 gccok/ 2/?/? +dev4-003 samba4 gccok/ 2/?/? +berks samba4 gccok/ 2/?/? +aretnapsamba4 gccok/ 1/?/? aretnapsamba_3_0gccok/ 1/?/? aretnapccache iccok/ok/ok/ 1 aretnapsamba4 icc 127/?/?/? aretnapsamba_3_0icc 127/?/?/? +gc4rsyncgccok/ok/ok/ 1 +gc4samba4 gccok/ 1/?/? gc4samba_3_0gccok/ 1/?/? +manhattan samba4 cc ok/ 1/?/? manhattan samba_3_0cc ok/ 1/?/? +sbfsamba4 gccok/ 1/?/? +sbfsamba_3_0gccok/ 1/?/? +smartserv1 samba4 gccok/ 1/?/? +smartserv1 samba_3_0gccok/ 1/?/? +smartserv1 samba4 gcc-4.0ok/ 1/?/? +smartserv1 samba_3_0gcc-4.0ok/ 1/?/? +wetlizard samba4 gccok/ 2/?/? +tardis samba4 gccok/ 2/?/? tardis samba_3_0gccok/ok/ok/ 2 gwen distcc cc ok/ 1/?/? gwen samba4 cc ok/ 1/?/? gwen samba_3_0cc ok/ 1/?/? +us4samba4 cc ok/ 1/?/? us4samba_3_0cc ok/ 1/?/? +us4samba4 gccok/ 1/?/? us4samba_3_0gccok/ 1/?/? +trip samba4 gccok/ 2/?/? flock samba4 gccok/ 1/?/? flock samba_3_0gccok/ 1/?/? +homer samba4 gccok/ 2/?/? shubnigurath samba4 cc ok/ 1/?/? +sol10 samba4 gccok/ 1/?/? gc20 samba4 gccok/ 2/?/? sun1 rsynccc ok/ok/ok/ 2 sun1 samba4 cc ok/ 2/?/? @@ -40,10 +65,18 @@ sun1 rsyncgccok/ok/ok/ 2 sun1 samba4 gccok/ 2/?/? sun1 samba_3_0gccok/ 2/?/? +fire1 samba4 gccok/ 2/?/? m30ccache gccok/ok/ok/ 2 m30rsyncgccok/ok/ok/ 2 m30samba4 gccok/ 2/?/? m30samba_3_0gccok/ 2/?/? metze02sambagcc 77/?/?/? +metze02samba4 gccok/ 2/?/? +metze02samba4 gcc-3.4ok/ 2/?/? +metze01distcc gcc 2/?/?/? +metze01samba4 gccok/ 2/?/? +PCS1 samba4 gccok/ 2/?/? +l390vme1 samba4 gccok/ 2/?/? opippp gccok/ 2/?/? +opisamba4 gccok/ 2/?/?
svn commit: samba r6258 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-04-09 00:41:38 + (Sat, 09 Apr 2005) New Revision: 6258 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6258 Log: Fix found by OS/2 set_ea call. When setting specific info remember to terminate once we've done that and not break into the generic file metadata set code. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-08 22:58:12 UTC (rev 6257) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-09 00:41:38 UTC (rev 6258) @@ -3739,7 +3739,11 @@ if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } - break; + + /* We're done. We only get EA info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } #if 0 @@ -3929,7 +3933,9 @@ return ERROR_NT(status); } - break; + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } case SMB_FILE_POSITION_INFORMATION: @@ -3949,9 +3955,14 @@ #endif /* LARGE_SMB_OFF_T */ DEBUG(10,(call_trans2setfilepathinfo: Set file position information for file %s to %.0f\n, fname, (double)position_information )); - if (fsp) + if (fsp) { fsp-position_information = position_information; - break; + } + + /* We're done. We only get position info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } /* From tridge Samba4 : @@ -3971,7 +3982,11 @@ if (mode != 0 mode != 2 mode != 4 mode != 6) { return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } - break; + + /* We're done. We only get mode info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } /*
svn commit: samba r6259 - in trunk/source/smbd: .
Author: jra Date: 2005-04-09 00:41:47 + (Sat, 09 Apr 2005) New Revision: 6259 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6259 Log: Fix found by OS/2 set_ea call. When setting specific info remember to terminate once we've done that and not break into the generic file metadata set code. Jeremy. Modified: trunk/source/smbd/trans2.c Changeset: Modified: trunk/source/smbd/trans2.c === --- trunk/source/smbd/trans2.c 2005-04-09 00:41:38 UTC (rev 6258) +++ trunk/source/smbd/trans2.c 2005-04-09 00:41:47 UTC (rev 6259) @@ -3739,7 +3739,11 @@ if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } - break; + + /* We're done. We only get EA info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } #if 0 @@ -3929,7 +3933,9 @@ return ERROR_NT(status); } - break; + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } case SMB_FILE_POSITION_INFORMATION: @@ -3949,9 +3955,14 @@ #endif /* LARGE_SMB_OFF_T */ DEBUG(10,(call_trans2setfilepathinfo: Set file position information for file %s to %.0f\n, fname, (double)position_information )); - if (fsp) + if (fsp) { fsp-position_information = position_information; - break; + } + + /* We're done. We only get position info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } /* From tridge Samba4 : @@ -3971,7 +3982,11 @@ if (mode != 0 mode != 2 mode != 4 mode != 6) { return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } - break; + + /* We're done. We only get mode info in this call. */ + SSVAL(params,0,0); + send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0); + return(-1); } /*
svn commit: samba r6260 - in trunk/source: smbd utils
Author: jra Date: 2005-04-09 00:49:54 + (Sat, 09 Apr 2005) New Revision: 6260 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6260 Log: Tidyup message str printf. Ensure tvs struct is zeroed. Jeremy. Modified: trunk/source/smbd/trans2.c trunk/source/utils/smbpasswd.c Changeset: Modified: trunk/source/smbd/trans2.c === --- trunk/source/smbd/trans2.c 2005-04-09 00:41:47 UTC (rev 6259) +++ trunk/source/smbd/trans2.c 2005-04-09 00:49:54 UTC (rev 6260) @@ -3581,6 +3581,7 @@ return ERROR_NT(NT_STATUS_INVALID_PARAMETER); ZERO_STRUCT(sbuf); + ZERO_STRUCT(tvs); if (tran_call == TRANSACT2_SETFILEINFO) { if (total_params 4) { Modified: trunk/source/utils/smbpasswd.c === --- trunk/source/utils/smbpasswd.c 2005-04-09 00:41:47 UTC (rev 6259) +++ trunk/source/utils/smbpasswd.c 2005-04-09 00:49:54 UTC (rev 6260) @@ -290,7 +290,7 @@ err_str, sizeof(err_str), msg_str, sizeof(msg_str)); if(*msg_str) - printf(msg_str); + printf(%s, msg_str); if(*err_str) fprintf(stderr, %s, err_str);
svn commit: samba r6261 - in branches/SAMBA_3_0/source: smbd utils
Author: jra Date: 2005-04-09 00:50:12 + (Sat, 09 Apr 2005) New Revision: 6261 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6261 Log: Tidyup message str printf. Ensure tvs struct is zeroed. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c branches/SAMBA_3_0/source/utils/smbpasswd.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-09 00:49:54 UTC (rev 6260) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-09 00:50:12 UTC (rev 6261) @@ -3581,6 +3581,7 @@ return ERROR_NT(NT_STATUS_INVALID_PARAMETER); ZERO_STRUCT(sbuf); + ZERO_STRUCT(tvs); if (tran_call == TRANSACT2_SETFILEINFO) { if (total_params 4) { Modified: branches/SAMBA_3_0/source/utils/smbpasswd.c === --- branches/SAMBA_3_0/source/utils/smbpasswd.c 2005-04-09 00:49:54 UTC (rev 6260) +++ branches/SAMBA_3_0/source/utils/smbpasswd.c 2005-04-09 00:50:12 UTC (rev 6261) @@ -290,7 +290,7 @@ err_str, sizeof(err_str), msg_str, sizeof(msg_str)); if(*msg_str) - printf(msg_str); + printf(%s, msg_str); if(*err_str) fprintf(stderr, %s, err_str);
svn commit: samba r6262 - in branches/SAMBA_3_0/source/client: .
Author: sfrench Date: 2005-04-09 05:01:00 + (Sat, 09 Apr 2005) New Revision: 6262 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6262 Log: Minor updates to cifs umount helper Modified: branches/SAMBA_3_0/source/client/umount.cifs.c Changeset: Modified: branches/SAMBA_3_0/source/client/umount.cifs.c === --- branches/SAMBA_3_0/source/client/umount.cifs.c 2005-04-09 00:50:12 UTC (rev 6261) +++ branches/SAMBA_3_0/source/client/umount.cifs.c 2005-04-09 05:01:00 UTC (rev 6262) @@ -49,7 +49,7 @@ #define MNT_EXPIRE 0x04 #endif -#define CIFS_IOC_CHECKUMOUNT _IOR('u', 2, int) +#define CIFS_IOC_CHECKUMOUNT _IO('c', 2) static struct option longopts[] = { { all, 0, NULL, 'a' }, @@ -93,14 +93,21 @@ /* presumably can not chdir into the target as we do on mount */ fileid = open(dir, O_RDONLY | O_DIRECTORY | O_NOFOLLOW, 0); + if(fileid == -1) { + if(verboseflg) + printf(error opening mountpoint %d %s,errno,strerror(errno)); + return errno; + } - /* check if fileid valid if fileid == -1 BB FIXME */ - rc = ioctl(fileid, CIFS_IOC_CHECKUMOUNT, NULL); if(verboseflg) - printf(ioctl returned %d with errno %d\n,rc,errno); + printf(ioctl returned %d with errno %d %s\n,rc,errno,strerror(errno)); + if(rc == ENOTTY) + printf(user unmounting via %s is an optional feature of the cifs filesystem driver (cifs.ko)\n\tand requires cifs.ko version 1.32 or later\n,thisprogram); + else if (rc 0) + printf(user unmount of %s failed with %d %s,dir,errno,strerror(errno)); close(fileid); return rc;