[Samba] Samba prining and pauses
I have one Linux machine and one Windows. Windows PC has shared printer and other unix machines can print to it via Samba. But sometimes when I print multipage documents from unix machine to shared printer process stops after first page. Printer (HP LJ1200) blinks green saying i'm thinking, wait a secont and i print last pages... :) But nothing occurs for hours. And if after that I restart the printer or send any document from local Windows machine everything goes right - it pushes the printing process. I've replaced printer and Windows machine. The same again... Can anybody tell what's going on? :) Thanx -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] posix acls vs unix groups and nt acls
Well you can use posix acl's, but it's not 100% wind0ws compatible. you can only set the read, write and execute bits... (not the modify or other special wind0ws things..) to use the acl's be sure you have the acl lib's installed.. also be sure your partition/filesystem uses acl (set in the /etc/fstab) and 3th, your kernel need to be vuild with it, all mayor distro's have nowday's so i don't think it would be a problem.. (it's standard with th 2.6. kernels is think) next, compile samba with acl set (./configure --with-acl-support) make make install, and your done this is just a really short howto, but look at http://www.bluelightning.org/linux/samba_acl_howto/ for more info on the samba acl... Have fun. Collen if you did those 3 things David Bear wrote: I'm looking for info on using posix acls in samba. I'd like them to look and feel like nt acls. I'd like to use the windows client to set the acls on the samba server. I've got the official samba 3 howto book, but can't seem to figure things out from there. specifically, in the past I've used a force group entry in combined with create modes to keep shared files access to specific groups. I'd like to see where posix acls might fit in here since I could theoretically have a group of 'creators', a separate group of 'viewers', and a third group with 'read-write-delete' permissions. any good writups on this? I'm using samba 3.x and redhat enterperise ws 4 -- kernel 2.6.9-5 and samba-3.0.10-1.4E. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Re: How is this possible lol?
Hmm.. dunno i thought wins uses the same port (139 445) as smbd try to set a little higher debug level, maybe the log's will reveal some more input for you.. boot wrote: Hi Collen. The resolver order is wins lmhosts bcast. I am not using lmhosts. Perhaps I shuold change with to bcast wins lmhosts but I'm not sure how this would help, I imagine this is simply a preferred order for resolution. I am not using remote announce and/or remote browse sync although I did try them to no avail. My understadning is that these are not necessary and should only be used for troubleshooting. As per the logs, the announcements and sync attempts on all subnets do occur it's just that there are 0 records returned. well don't you need troubleshooting at this point, in my understanding it ain't working.. ? (-; Wins.dat does indeed contain all the computers but browse.dat on each box only contains the computers on that particular subnet. You are the only one responding :( Maybe this is an IPSEC / firewall issue but I dont know how to check... you could try yo disable the firewall for a short testing period, to see if it make anny difference. did you open the right ports ?? (445 139 both way's) good luck. Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: missing directory entries on irix
On 4/20/05, Cale Fairchild [EMAIL PROTECTED] wrote: Thanks for the patch, unfortunately when I installed it I had a lot more files missing from the directory listing and I have not taken much time to look at why. But it certainly is the cast that off_t on the IRIX box is 8 bytes in the current OS, however the compilers seem to convert the long values properly so long as overflow does not occur. Thanks to your suggestion on looking at the 'xfs_growfs -n' output I think that I have finally tracked down the problem with the missing file. In IRIX systems that have version 1 naming the last entry in that directory listing has a dirent-d_off value of -1 if you treat it as a long. On systems with version 2 naming the value is not set to -1. In samba 3.0.11 there was no apparent test of the dirent-d_off field, but in 3.0.12 it performs a telldir after reading the last name and returns NULL if the offset it -1. Nice work! I'm away from the lab this week, but I'll have a patch for you early next week. Thanks for digging into this. -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: still ACL bug in 3.0.14a
Hello, Jeremy Allison wrote: Precisely. This is something that isn't new and has been in Samba a long time. I don't think it's a critical bug that needs urgent code changes - unlike the ACL issues which were bugs in new functionality. Alright, so there is a design issue in samba that has been there for a long time, and as there a solutions (EAs) no need to do anything about it. Fine, go ahead and mark the bug as wontfix. But please also put somewhere in the docs the suggestion to use dos filemode and store dos attributes when using ACLs. Because I'm sure more people will be hit by this when using them. Have there been ACLs in Samba 2.x? don't think so, so this problem never really showed up, but with ACLs you may come up with the idea to remove all rights from every file and directory and manage everything with ACLs, and that won't work. Regards, Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrading samba from Fedora RPM
Hello, We have a samba file server running on Fedora Core 1. I have installed 3.0.11 from RPM package for Fedora. This release have some problems and I need to upgrade. Instead of usinf RPM, I'd like to build samba myself from the sourcecode. I already do that without problem but when installing binaries, lib and config files, it uses default installation directory (ie /usr/local/samba) instead of directory structure of previous 3.0.11 RPM installation. I look into packaging/Fedora/samba.spec to see ./configure options and tried this : ./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-privatedir=/etc/samba --enable-debug --with-quotas --with-ldapsam --with-smbmount but after installbin, log.smbd (which is not located in the right directory) says : 2005/04/19 10:38:54, 0] param/params.c:OpenConfFile(537) params.c:OpenConfFile() - Unable to open configuration file /usr/lib/smb.conf: No such file or directory log.smbd is installed in /var instead of /var/log/samba (from RPM installation). Can anyone give me the right parameters for Fedora Core. Thanks Best Regards. JiB. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: missing directory entries on irix
On Thu, Apr 21, 2005 at 05:23:19PM +1000, James Peach wrote:
On 4/20/05, Cale Fairchild [EMAIL PROTECTED] wrote:
Thanks for the patch, unfortunately when I installed it I had a lot more
files missing from the directory listing and I have not taken much time to
look at why. But it certainly is the cast that off_t on the IRIX box is 8
bytes
in the current OS, however the compilers seem to convert the long values
properly so long as overflow does not occur.
Thanks to your suggestion on looking at the 'xfs_growfs -n' output I think
that
I have finally tracked down the problem with the missing file. In IRIX
systems
that have version 1 naming the last entry in that directory listing has a
dirent-d_off value of -1 if you treat it as a long. On systems with
version 2
naming the value is not set to -1. In samba 3.0.11 there was no apparent
test
of the dirent-d_off field, but in 3.0.12 it performs a telldir after
reading
the last name and returns NULL if the offset it -1.
Nice work! I'm away from the lab this week, but I'll have a patch for
you early next week. Thanks for digging into this.
If I'm not wrong just deleting these lines should do it...
Can you report back to me if this works please ?
Thanks,
Jeremy.
Index: smbd/dir.c
===
--- smbd/dir.c (revision 6413)
+++ smbd/dir.c (working copy)
@@ -1038,9 +1038,6 @@
while ((n = vfs_readdirname(conn, dirp-dir))) {
struct name_cache_entry *e;
dirp-offset = SMB_VFS_TELLDIR(conn, dirp-dir);
- if (dirp-offset == -1) {
- return NULL;
- }
dirp-name_cache_index = (dirp-name_cache_index+1) %
NAME_CACHE_SIZE;
e = dirp-name_cache[dirp-name_cache_index];
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] group-rid and group-sid
hi! Studying smbldap-groupadd I encountered these parameters. I understand how they are calculated but I don't understand their use. Can anyone explain me that? Thanks a lot, Fabio -- Dott. Fabio Marcone 2T srl Telefono +39 - 0871- 540154 Fax +39 - 0871- 571594 Indirizzo Viale B. Croce 573, 66013 Chieti Scalo (CH) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP fails to load Desktop Profile on Samba 3 PDC
Hello, I'm currently trying to implement samba 3.0.14a as PDC in our office. I've allready managed to join the first trial workstations to the Domain. Now I have the following problem: I've created an Administrator-account for joining the machines and doing maintenance work. This account seems to have no problem to store its personal settings (Desktop, startmenu) on the PDC. When I add new users (unix and samba settings are correct), only a part of the users profile is stored on the PDC. Desktop works fine, however the startmenu always returns to windowsXP-default after a new logon. I even can't change to the detailed view in system controls. any hints? thanks and regards Christoph -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] the desktop.ini incident again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thanks all for your hints. I will try it, as soon as possible and let you know, whether it worked or not. Thanks. Holger -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ17KO0QDuZMdP0sRAifSAJ0dCSX95bg+L5q2blyyySzomMkiHgCeNdiO XyojGss41NhAH0T4yxXOwfg= =wCZR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.13 tries to find SID of User as sambaGroupMap
Dear List, while debugging the problem that users cant change file acls from windows clients, I found out that Samba (ver- sion 3.0.13 on debian sarge) tries to look up the SID (of the user who should be added to the acl) as a sambaGroupMapping in the LDAP. Does anybody can tell me: - why samba tries to match a SID of a user as a GroupMapping? This will never work as a user can never be a sambaGroupMapping by definition... - how I can tell samba not to do, as this is the reason why the acl change does not work Best regards and thanks a lot in advance! Matthias Eichler -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] the desktop.ini incident again
I think the real problem is the following: - windows saves the settings of the desktop and folder view in this file which is normally hidden, so the desktop.ini is more or less always there - it just comes up (via autostart e.g.) or in the quickstart- panel if you configure windows to display all system and hidden files... Matthias Am Donnerstag, den 21.04.2005, 10:05 +0200 schrieb Holger Wesser: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thanks all for your hints. I will try it, as soon as possible and let you know, whether it worked or not. Thanks. Holger -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ17KO0QDuZMdP0sRAifSAJ0dCSX95bg+L5q2blyyySzomMkiHgCeNdiO XyojGss41NhAH0T4yxXOwfg= =wCZR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] the desktop.ini incident again
Matthias Eichler wrote: I think the real problem is the following: - windows saves the settings of the desktop and folder view in this file which is normally hidden, so the desktop.ini is more or less always there - it just comes up (via autostart e.g.) or in the quickstart- panel if you configure windows to display all system and hidden files... Or (what seems to be the case here) if storing the roaming profile in a samba share somehow fails to preserve the hidden-flag. -- Wolfgang Ratzka -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Description of LDAP-attribute sambaSIDList
Dear List, I found some new LDAP attributes in the latest samba.schema, that where definitely not there when setting up our environ- ment. Unfortunately I cant find any description of these attributes, especially sambaSIDList. Does anybody has an definite description of that attribute, how it is used and how it should be administered, as the latest smbldap-tools do not use it... Thanks, Matthias -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Loxstedt
Du sein der , den ich denke! J. Block Mit uns haben Sie immer gute Karten! M a g i s t r a t Bremerhaven Vermessung- und Katasteramt Postfach 21 03 60, 27524 Bremerhaven Fährstraße 20, Technisches Rathaus 27568 Bremerhaven Tel.: 0471/590-3356 Fax: 0471/590-2078 Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smb PANIC: internal error
Hi! On my main server running Suse 9.2 with samba-3.0.14-0.1 (rpm) I just found the following in /var/log/messages: smbd[17958]: [2005/04/21 12:02:13, 0] lib/fault.c:fault_report(36) smbd[17958]: === smbd[17958]: [2005/04/21 12:02:13, 0] lib/fault.c:fault_report(37) smbd[17958]: INTERNAL ERROR: Signal 11 in pid 17958 (3.0.14-0.1-SUSE) smbd[17958]: Please read the appendix Bugs of the Samba HOWTO collection smbd[17958]: [2005/04/21 12:02:13, 0] lib/fault.c:fault_report(39) smbd[17958]: === smbd[17958]: [2005/04/21 12:02:13, 0] lib/util.c:smb_panic2(1495) smbd[17958]: PANIC: internal error smbd[17958]: [2005/04/21 12:02:13, 0] lib/util.c:smb_panic2(1503) smbd[17958]: BACKTRACE: 30 stack frames: smbd[17958]:#0 /usr/sbin/smbd(smb_panic2+0x120) [0x820c4d0] smbd[17958]:#1 /usr/sbin/smbd(smb_panic+0x26) [0x820c6a6] smbd[17958]:#2 /usr/sbin/smbd [0x81f7070] smbd[17958]:#3 [0xe420] smbd[17958]:#4 /lib/tls/libc.so.6 [0xb7d31ff4] smbd[17958]:#5 /lib/tls/libc.so.6 [0xb7d322e2] smbd[17958]:#6 /lib/tls/libc.so.6(getpwnam_r+0x14d) [0xb7cd3bed] smbd[17958]:#7 /lib/tls/libc.so.6(getpwnam+0x91) [0xb7cd35b1] smbd[17958]:#8 /usr/sbin/smbd(sys_getpwnam+0x1d) [0x81f9ddd] smbd[17958]:#9 /usr/sbin/smbd(getpwnam_alloc+0x5a) [0x81feb0a] smbd[17958]:#10 /usr/sbin/smbd(Get_Pwnam+0x15f) [0x81fcbdf] smbd[17958]:#11 /usr/sbin/smbd(smb_getpwnam+0x83) [0x8252fa3] smbd[17958]:#12 /usr/sbin/smbd [0x82531da] smbd[17958]:#13 /usr/sbin/smbd(make_server_info_info3+0x168) [0x8253438] smbd[17958]:#14 /usr/sbin/smbd [0x824f347] smbd[17958]:#15 /usr/sbin/smbd [0x824f80c] smbd[17958]:#16 /usr/sbin/smbd [0x824d492] smbd[17958]:#17 /usr/sbin/smbd [0x8249860] smbd[17958]:#18 /usr/sbin/smbd [0x8254713] smbd[17958]:#19 /usr/sbin/smbd [0x811d49e] smbd[17958]:#20 /usr/sbin/smbd(ntlmssp_update+0x15c) [0x811cc7c] smbd[17958]:#21 /usr/sbin/smbd(auth_ntlmssp_update+0x4b) [0x825439b] smbd[17958]:#22 /usr/sbin/smbd [0x80b57b9] smbd[17958]:#23 /usr/sbin/smbd(reply_sesssetup_and_X+0x4fa) [0x80b6aaa] smbd[17958]:#24 /usr/sbin/smbd [0x80e11e0] smbd[17958]:#25 /usr/sbin/smbd(process_smb+0x19a) [0x80e179a] smbd[17958]:#26 /usr/sbin/smbd(smbd_process+0x16f) [0x80e1bff] smbd[17958]:#27 /usr/sbin/smbd(main+0x530) [0x82904e0] smbd[17958]:#28 /lib/tls/libc.so.6(__libc_start_main+0xe0) [0xb7c62b10] smbd[17958]:#29 /usr/sbin/smbd [0x807a391] Do I have a problem? ;-) What does this mean? I wanted to read the mentioned Appendix Bugs, but I couldn't find it. Also I sometimes have the problem, that one smbd-process owned by root ist getting very busy taking up to 99% of my CPU (seen in top). Killing this process - everything ist fine again. Thanks in advance, Annette -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Telefonia - Internet Satelital - Rural (CHILE) Consulte
Hola: Necesito información de conección a Internet en zona rural donde no tengo acceso a teléfono (sólo celular) Muchas Gracias, Francisco Vega D. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: hi
Sorry, but you sent to the wrong list. You want samba@lists.samba.org, and you need to say **what** is not working. --dave Viveka Nand Pandey wrote: Hi , I have a problem related samba.Normally samba is working fine. But sometime it is not working,what is the problem. I have Linux 9.1 machine in Network regards, vivek pandey DISCLAIMER: This message is confidential to RS Software and/or the intended recipient. The information contained within may be legally privileged. If you are not the intended recipient, even if you are an addressee, you can not use, distribute or copy this message or its attachments, and any action or omission taken by you in reliance on it is prohibited and may be unlawful. If you have received this message in error, please notify the sender by return E-Mail and erase all copies of the message and attachments immediately. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of RS Software are neither given nor endorsed by it. -- David Collier-Brown, | Always do right. This will gratify Sun Microsystems, Toronto | some people and astonish the rest [EMAIL PROTECTED] | -- Mark Twain (416) 263-5733 (x65733) | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [MailServer Notification]To recipient: eManager settings were mat ched and action was taken.
eManager Notification * The following message was blocked because it contains sensitive content. Source mailbox: [EMAIL PROTECTED] Destination mailbox(es): [EMAIL PROTECTED];samba@lists.samba.org;[EMAIL PROTECTED] ba.org Rule/Policy: Bagle Action: Delete Content filter has detected a sensitive e-mail. BAGLE. *** End of message * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] dhcp.conf
Hi all, I just want to double check. include = /etc/samba/dhcp.conf Does this the same as the ordinary /etc/dhcpd.conf or is it a different file? What should be the content be? Searching google for /etc/SAMBA/dhcp.conf only brings up multiple entries of the smb.conf line. Thanks -- Kind regards Hans du Plooy SagacIT (Pty) Ltd hansdp at sagacit dot com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] dhcp.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hans du Plooy wrote: | Hi all, | | I just want to double check. | | include = /etc/samba/dhcp.conf | | Does this the same as the ordinary /etc/dhcpd.conf or is it a different | file? What should be the content be? Different. It should be information written by the dhcpcd client that is relevant to Samba.I don't use this type of setup so I can't give you specifics. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ6KqIR7qMdg1EfYRAvN3AKCz1WmP3K4WOMfpbun0BNdy9ne6qgCg7dn7 cshYjBHBeIxec2iFwcg3KeQ= =52VA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Re: How is this possible lol?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Collen wrote: | Hmm.. dunno i thought wins uses the same port (139 445) as | smbd try to set a little higher debug level, maybe | the log's will reveal some more input for you.. Nope. netbios name services are over port udp/137. You can query the wins server by running 'nmblookup -U wins ip -R 'name' cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ6SHIR7qMdg1EfYRAmvFAJ4zVPZsIS9tTqPokh460rq0R4o60gCaAt1F V1CV2CU1hgk5axehjUyto90= =Jggx -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Windows shares
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hassan Terry wrote: | Good evening- | I am a systems engineer with BAE Systems and am looking to solve a | Single Sign-On and file access issue using Vintela Authentication | Services (VAS) and Samba. This is to be accomplished on Solaris 9 | (0904) workstations and function within an Active Directory | environment (e.g. Windows Server 2003). | | VAS is currently advertising that the capability exists to integrate | Samba with Active Directory and Kerberos in a way that lets Samba | interoperate successfully with VAS, but this seems to just be the | capability to provide Solaris data shares to windows clients with no | mention of the reverse. For our effort the need is required to provide | data exchange/access both ways. Is there a way to allow Solaris | clients access to Windows-based data shares using Samba without | loading any software on the windows based systems? Any assistance | would be greatly appreciated and please let me know if there is | anything that I can do to provide support to your team. Thank you in | advance. There are some CIFS clients for solaris. In Samba, you can look at smbwrapper possibly (although this code is currently unmaintained). There's a rewrite of smbwrapper/smbsh using the libsmbclient libs in the 3.0.14a release. And of course, smbclient would work fine. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ6T7IR7qMdg1EfYRAkFdAJ9JPyzYpDqdEjoD2K4JESlJMGvdZACgnU/f yTWyiygrnbY23LYtnvl6RcM= =Py6z -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Incorrect This folder already contains a file named... error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Shaw wrote: | I understand that there was a bug in Samba a while | back that looked like this, but it was fixed. This problem | seems to only happen with Fuse, and using a regular filesystem | works fine. It's possible that my filesystem program or Fuse | itself is doing something unusual that is confusing Samba. | | Can someone point me in the right direction here? I would talk to the fuse developers. Samba is a userspace app and only asks the file system to do what a file system should do. If they find a bug in Samba, let us know. However, you might want to disable acl support for testing. Not all file systems are created equal. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ6XBIR7qMdg1EfYRAgK9AKCjLAWLm1RMvHVRlcS3zSTgelhS9ACgtY6m 9DLinscErJsGDx/a6h1KI1Y= =nfoA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hide unreadable files also hides readable files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Christoph Kaegi wrote: | Hello | | We have a Samba 3.0.11 Fileserver running on Solaris and | joined to an Active Directory. | | I have shares, with many directories, and I want to | hide the directories, people are not allowed to access | anyway. So I engaged the hide unreadable files | option. | | This basically works. | | The Problem arises, when the user is logged on locally | (not authenticated to the Domain) and mounts the share | by specifying his Username/Password. | | When he tries to look at his own files, they're hidden! | He only sees world readable data. Are you using ACLs ? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ6ZEIR7qMdg1EfYRAsfwAKDlp9yjMIJxklfBAzFAA74fF/x/yACbBBbV co9LS2b2ww9pvPe2pZgFKo4= =/fk8 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA with LDAP - net join fails
Hi, I have performed all the steps from John Tepstra's Samba-3 by Example 20 April 2005 to Chapter 5, step 21, pg 146. (My goal is to have SAMBA with LDAP and no MS Windows servers.) Everything appears to work properly to this point. When I perform the command: (amd is the name of this test server) net rpc join -S AMD -U root%not24get I get the error: Could not connect to server AMD The username or password was not correct. Adding debug -d 1, I get the following additional information: [2005/04/20 17:00:23, 1] utils/net_rpc.c:run_rpc_command(139) rpc command function failed! (NT_STATUS_ACCESS_DENIED) [2005/04/20 17:00:23, 1] libsmb/cliconnect.c:cli_full_connection(1494) failed session setup with NT_STATUS_LOGON_FAILURE Could not connect to server AMD The username or password was not correct. When restarting winbindd before trying to join the domain, I get the following in the windbindd error log: [2005/04/20 16:36:54, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Bad parameter to an ldap routine [2005/04/20 16:36:54, 1] lib/smbldap.c:another_ldap_try(1011) Connection to LDAP server failed for the 1 try! ... [2005/04/20 16:37:09, 0] sam/idmap.c:idmap_init(138) idmap_init: failed to initialize remote backend! [2005/04/20 16:37:09, 1] nsswitch/winbindd.c:main(897) Could not init idmap -- netlogon proxy only The following occurs in samba IP (machine) log, which I would expect. [2005/04/20 16:29:04, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244) get_md4pw: Workstation AMD$: no account in domain the /etc/nsswitch.conf file has the following: passwd: compat ldap shadow: files ldap group: compat ldap hosts: files dns wins System is running SuSE 9.2 with Samba 3.0.14a-.1-SUSE Any assistance would be greatly appreciated. Thank you. -- Steven C. Henry [EMAIL PROTECTED]@xnet.com Steven C. Henry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA with LDAP - net join fails
Hi, I would not specify the password in the commandline, but when prompted for it. I had some problems with special signs (maybe like your % in the password...) Matthias Am Donnerstag, den 21.04.2005, 08:25 -0500 schrieb Steven C. Henry: Hi, I have performed all the steps from John Tepstra's Samba-3 by Example 20 April 2005 to Chapter 5, step 21, pg 146. (My goal is to have SAMBA with LDAP and no MS Windows servers.) Everything appears to work properly to this point. When I perform the command: (amd is the name of this test server) net rpc join -S AMD -U root%not24get I get the error: Could not connect to server AMD The username or password was not correct. Adding debug -d 1, I get the following additional information: [2005/04/20 17:00:23, 1] utils/net_rpc.c:run_rpc_command(139) rpc command function failed! (NT_STATUS_ACCESS_DENIED) [2005/04/20 17:00:23, 1] libsmb/cliconnect.c:cli_full_connection(1494) failed session setup with NT_STATUS_LOGON_FAILURE Could not connect to server AMD The username or password was not correct. When restarting winbindd before trying to join the domain, I get the following in the windbindd error log: [2005/04/20 16:36:54, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Bad parameter to an ldap routine [2005/04/20 16:36:54, 1] lib/smbldap.c:another_ldap_try(1011) Connection to LDAP server failed for the 1 try! ... [2005/04/20 16:37:09, 0] sam/idmap.c:idmap_init(138) idmap_init: failed to initialize remote backend! [2005/04/20 16:37:09, 1] nsswitch/winbindd.c:main(897) Could not init idmap -- netlogon proxy only The following occurs in samba IP (machine) log, which I would expect. [2005/04/20 16:29:04, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244) get_md4pw: Workstation AMD$: no account in domain the /etc/nsswitch.conf file has the following: passwd: compat ldap shadow: files ldap group: compat ldap hosts: files dns wins System is running SuSE 9.2 with Samba 3.0.14a-.1-SUSE Any assistance would be greatly appreciated. Thank you. -- Steven C. Henry [EMAIL PROTECTED]@xnet.com Steven C. Henry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] error joining a domain
If i try to make my PDC join its own domain (as suggested in the books) I get the following: [2005/04/21 14:03:00, 0] utils/net_ads.c:ads_startup(186) ads_connect: Transport endpoint is not connected Joined domain SMB3. Is this just an error that I can forget, because it states that the joining went well. Greetz ramses -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question 2
After adding the domain I am trying to setup winbind (still) [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users [EMAIL PROTECTED] samba]# wbinfo -g BUILTIN+System Operators BUILTIN+Replicators BUILTIN+Guests BUILTIN+Power Users BUILTIN+Print Operators BUILTIN+Administrators BUILTIN+Account Operators BUILTIN+Backup Operators BUILTIN+Users [EMAIL PROTECTED] samba]# and that while I really have a domain called SMB3 remember, I am trying to make a PDC that also serves to let other servers authenticate against it using winbind. here is my smb.conf for the interested ppls #== Global Options === #-- Server and Domain names -- [Global] workgroup = SMB3 netbios name = SMB server string = TEST Server passdb backend= smbpasswd #-- Interface options ; socket options= TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hosts allow= 192.87.138.0/24, 195.169.144.0/24 127.0.0.1 guest account = nobody map to guest = Bad User username map = /etc/samba/smbusers #-- Logging -- ; log level = 2 log file = /var/log/samba/log.%m #-- Server Role and Security - security = user os level = 65 domain master = yes local master = yes preferred master = yes domain logons = yes logon path= logon home= logon script = standard.bat #-- Server Role and Security - winbind separator = + idmap uid = 500-1 idmap gid = 500-1 winbind enum users = yes winbind enum groups = yes #== Shares and Printers == [IPC$] path = /tmp hosts allow = 192.87.138.0/24, 195.169.144.0/24, 127.0.0.1 hosts deny= 0.0.0.0/0 #-- Netlogon - [NetLogon] path = /etc/samba/logon writable = no browsable = no write list= root create mode = 0755 #-- Shares --- [Home] path = /home/%u writable = yes browsable = yes create mode = 0700 directory mode= 0700 hide dot files= yes Greetz ramses -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hide unreadable files also hides readable files (SOLVED)
On 21.04-08:10, Gerald (Jerry) Carter wrote: | We have a Samba 3.0.11 Fileserver running on Solaris and | joined to an Active Directory. | | I have shares, with many directories, and I want to | hide the directories, people are not allowed to access | anyway. So I engaged the hide unreadable files | option. | | This basically works. | | The Problem arises, when the user is logged on locally | (not authenticated to the Domain) and mounts the share | by specifying his Username/Password. | | When he tries to look at his own files, they're hidden! | He only sees world readable data. Are you using ACLs ? No, no ACLs. But I managed to solve this problem by accident, though I don't really understand why in detail. The problem only showed up when I mounted the share with username/password. When using domain\username/password everything runs as expected. Thanks for coming back to this. Chris -- -- Christoph Kaegi [EMAIL PROTECTED] -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hide unreadable files also hides readable files (SOLVED)
On Thursday 21 April 2005 09:04 am, Christoph Kaegi wrote: No, no ACLs. But I managed to solve this problem by accident, though I don't really understand why in detail. The problem only showed up when I mounted the share with username/password. When using domain\username/password everything runs as expected. Thanks for coming back to this. Chris Do you also have local users on the clients? Perhaps it is using the local SIDs instead of the domain ones. Then the file would indeed be unreadable if it is not world-readable. Misty -- -- Christoph Kaegi [EMAIL PROTECTED] -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hide unreadable files also hides readable files (SOLVED)
On 21.04-09:18, Misty Stanley-Jones wrote: The problem only showed up when I mounted the share with username/password. When using domain\username/password everything runs as expected. Do you also have local users on the clients? Perhaps it is using the local SIDs instead of the domain ones. Then the file would indeed be unreadable if it is not world-readable. I *only* have local users/groups. We sync the unix users with the ADS Database using a specially written application. What is the difference, if Samba sees a local user or an ADS one? -- -- Christoph Kaegi [EMAIL PROTECTED] -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows caching Netbios names ??
Hello, we have a setup with a main samba server an an emergency server which synchronizes its data via rsync. Recently, I got the idea to run the emergency server under a different server name parallel to the main server so that users can easily recover deleted files etc. This lead to massive problems; the reason was that the clients randomly connected to the main or the backup server ! The setup is essentialy this : Main server : DNS : mainserver.local.domain IP : 192.168.2.1 NETBIOS name : MAINSERVER - master browser - domain master Backup Server : DNS : backupserver.local.domain IP : 192.168.2.2 NETBIOS name : BACKUPSERVER - no master browser - no domain master What happened is that I run the backup server as main server for one evening while repairing the latter. I ran it under the ip and NETBIOS anme of the name server. Then I switched back. The following day, clients would randomly connect to the backup or main server like mad, causing a lot of confusion. I was under the impression that the windows clients follow the results of the WINS resolution for their connection requests. But now I suspect they cache the MAC address an use this for connecting. It cant't be the ARP cacghe itself because other services (e.g. mail) have no problems connecting to the right server; it must be specific to the Windows networking protocols. Any idea what is happening or how this could be avoied ?? Yours, Jakob Curdes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Failed to grant privileges
Gerald (Jerry) Carter wrote: | Failed to grant privileges for OURDOMAIN\Domain Admins | (NT_STATUS_NO_SUCH_PRIVILEGE) add enable privileges = yes to [global] in smb.conf That did it. Thanks! Now I'm afraid I might have misinterpreted the implications of setting the privilege, but that's another matter entirely. Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with groups joining domain.- LDAP
Software list: FreeBSD 5.3 Samba 3.0.14a nss_ldap-1.204_5 openldap-client-2.2.19 openldap-server-2.2.23 p5-perl-ldap-0.32.02 pam_ldap-1.7.6 smbldap-tools-0.8.8 samba was configured with the following options. LDAP, Cups, Winbind, utmp, popt, acl, quotas, msdfs, syslog, without_ADS I have also tried winbind_nss which I believe is a FreeBSD wrapper around the linux implentation of winbindd, but it yielded the same results. 1. ldapadd ldapserach w/tls is working fine. 2. smbldap-tools work. smbldap-populate, smbldap-migrate-unix-accounts/groups work. smbldap-useradd works. 3. smbpasswd -w has been set. What fails is joining a machine to the domain. I get the domain password is incorrect, the workstation account is created, but with posix attributes only, no samba attributes. problems with groups If I add a group to the local /etc/group file, which I don't think should have to do, but maybe this is a FreeBSD nsswitch bug? Can anyone confirm this? pw group add domadmins smbldap-groupadd -a domadmins - adds to ldap fine. net groupmap modify ntgroup=Domain Admins unixgroup=domadmins . This fails with this error message: and I get the same error message if the -a omitted from smbldap-groupadd passdb/pdb_ldap.c:ldapsam_update_group_mapping_entry(2665) ldapsam_update_group_mapping_entry: No group to modify! Could not update group database net groupmap list shows all groups that are in LDAP. What I suspect is that group lookups are failing somehow, but I'm not sure. Also If I browse through network neighborhood to the samba PDC server, I can authenticate with an ordinary user and get the users home dir. So Users seem to be working. Here is my smb.conf, my smblap.conf and my ldap.conf serf# testparm -s Load smb config files from /usr/local/etc/smb.conf Processing section [homes] Processing section [netlogon] Processing section [Profiles] Processing section [printers] Loaded services file OK. # Global parameters [global] dos charset = 850 unix charset = ISO8859-1 workgroup = IMSDOM server string = Samba Server [%v] map to guest = Bad User passdb backend = ldapsam:ldap://serf.ims-tpa.com username map = /usr/local/etc/smbusers log level = 5 syslog = 0 log file = /var/log/samba/log.%m max log size = 50 time server = Yes deadtime = 10 printcap name = /etc/printcap add user script = /usr/local/sbin/smbldap-useradd -m %u add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/sbin/smbldap-useradd -w %u logon path = logon drive = T: logon home = \\%L\home\%u domain logons = Yes os level = 33 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=Manager,dc=ims-tpa,dc=com ldap delete dn = Yes ldap group suffix = ou=Groups ldap machine suffix = ou=Users ldap passwd sync = Yes ldap suffix = dc=ims-tpa,dc=com ldap ssl = start tls ldap user suffix = ou=Users idmap backend = ldap:ldap://serf.ims-tpa.com idmap uid = 1000-2 idmap gid = 1000-2 winbind separator = ^ printer admin = @Print Operators create mask = 0640 directory mask = 0750 hosts allow = 192.168.0., 127. nt acl support = No case sensitive = No dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /usr/local/samba/netlogon guest ok = Yes share modes = No [Profiles] path = /usr/local/samba/profiles read only = No guest ok = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No serf# less /usr/local/etc/smbldap-tools/smbldap.conf # $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ # $Id: smbldap.conf,v 1.17 2005/01/29 15:00:54 jtournier Exp $ # General Configuration SID=S-1-5-21-1642798596-2503770835-627191294 ## # # LDAP Configuration # ## # Ex: slaveLDAP=127.0.0.1 # slaveLDAP=127.0.0.1 # slavePort=389 # Master LDAP : needed for write operations # Ex: masterLDAP=127.0.0.1 # masterLDAP=127.0.0.1 masterLDAP=serf.ims-tpa.com masterPort=389 ldapTLS=1 verify=require cafile=/usr/local/certs/cacert.pem clientcert= clientkey=
Re: [Samba] Re: still ACL bug in 3.0.14a
On Thu, 21 Apr 2005 09:24:45 +0200 Peter Kruse [EMAIL PROTECTED] wrote: Alright, so there is a design issue in samba that has been there for a long time, and as there a solutions (EAs) no need to do anything about it. Fine, go ahead and mark the bug as wontfix. But please also put somewhere in the docs the suggestion to use dos filemode and store dos attributes when using ACLs. Because I'm sure more people will be hit by this when using them. Yes, I've just copied 45 GB of data from Windows to samba using robocopy and lots of people complain they cannot modify read only files (I added a comment to https://bugzilla.samba.org/show_bug.cgi?id=2619). IMHO default should be to have the same behaviour as in Windows (I don't know how to achieve it though :( ; of course, I should have used store dos attributes = yes from the beginning, but now it's too late). Have there been ACLs in Samba 2.x? Yes. Regards, Nerijus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP fails to load Desktop Profile on Samba 3 PDC
Hello, from smb.conf: logon path = \\ibkfsv-01\profiles/%u [profiles] path = /home/nt_profiles writeable = Yes create mask = 0600 directory mask = 0700 browseable = No /home/nt_profiles has 777, /home/nt_profiles/user has 700 and owner user. chris Am 21 Apr 2005 um 8:12, schrieb Tom Skeren: Christoph Galuschka wrote: Hello, I'm currently trying to implement samba 3.0.14a as PDC in our office. I've allready managed to join the first trial workstations to the Domain. Now I have the following problem: I've created an Administrator-account for joining the machines and doing maintenance work. This account seems to have no problem to store its personal settings (Desktop, startmenu) on the PDC. When I add new users (unix and samba settings are correct), only a part of the users profile is stored on the PDC. Desktop works fine, however the startmenu always returns to windowsXP-default after a new logon. I even can't change to the detailed view in system controls. What are the permissions on the profiles? any hints? thanks and regards Christoph TI.KOM Tirol Kommunikation GmbH Eduard-Wallnöfer-Platz 2 A-6010 Innsbruck Neuer Markt 1/2 A-1010 Wien Ing. Christoph Galuschka Lead Consultant Tel.: +43 512 902 2832 Fax: +43 512 902 2850 Mobil: +43 676 666 2832 eMail: [EMAIL PROTECTED] http://www.tikom.at --- This email is confidential and may also be legally privileged. If you have received this email in error, you are in notice of its status. Please notify the sender immediately by reply e-mail and then delete this message from your system. Please do not copy or use it for any purposes, or disclose its contents to any other person: to do so could be a breach of confidence. Thank you for your co-operation. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of TI.KOM Tirol Kommunikation GmbH. Please contact our Office on +43 512 902 2801 or +43 1 902 2841 or e-mail [EMAIL PROTECTED] if you require further assistance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.13 tries to find SID of User as sambaGroupMap
Michael, Please file a detailed bug report on https://b On Thursday 21 April 2005 02:09, Matthias Eichler wrote: Dear List, while debugging the problem that users cant change file acls from windows clients, I found out that Samba (ver- sion 3.0.13 on debian sarge) tries to look up the SID (of the user who should be added to the acl) as a sambaGroupMapping in the LDAP. Does anybody can tell me: - why samba tries to match a SID of a user as a GroupMapping? This will never work as a user can never be a sambaGroupMapping by definition... - how I can tell samba not to do, as this is the reason why the acl change does not work Best regards and thanks a lot in advance! Matthias Eichler -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.13 tries to find SID of User as sambaGroupMap
Michael, Sorry, last message glitched. I'll try again. Please file a detailed bug report to: https://bugzilla.samba.org This is the key to getting this looked at and fixed. - John T. On Thursday 21 April 2005 02:09, Matthias Eichler wrote: Dear List, while debugging the problem that users cant change file acls from windows clients, I found out that Samba (ver- sion 3.0.13 on debian sarge) tries to look up the SID (of the user who should be added to the acl) as a sambaGroupMapping in the LDAP. Does anybody can tell me: - why samba tries to match a SID of a user as a GroupMapping? This will never work as a user can never be a sambaGroupMapping by definition... - how I can tell samba not to do, as this is the reason why the acl change does not work Best regards and thanks a lot in advance! Matthias Eichler -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.13 tries to find SID of User as sambaGroupMap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John H Terpstra wrote: | Michael, | | Sorry, last message glitched. I'll try again. | | Please file a detailed bug report to: | https://bugzilla.samba.org | | This is the key to getting this looked at | and fixed. Before filing a bug, make sure youi are not using user private group on linux. Windows doesn't allow a user and group to exist by the same. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ8khIR7qMdg1EfYRAgs3AJ9n3dMNxMvjtUcxmdsNCwrsIF0mvACfWrO6 AhWBcV258M2PHb313qrSZx4= =16Qz -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.13 tries to find SID of User as sambaGroupMap
On Thursday 21 April 2005 09:39, Gerald (Jerry) Carter wrote: John H Terpstra wrote: | Michael, | | Sorry, last message glitched. I'll try again. | | Please file a detailed bug report to: | https://bugzilla.samba.org | | This is the key to getting this looked at | and fixed. Before filing a bug, make sure youi are not using user private group on linux. Windows doesn't allow a user and group to exist by the same. Good point, Jerry. This is something that has toasted many others. Maybe this should be specifically documented in the HOWTO. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] transactions
Hi, I have a question about samba3 internals. I want to know if samba does support what I call transactions (though I could be wrong) I need that a client either finish writing what it was meant to or not The problem is that I have a samba on a place where there is a very old accounting system writen in Cobol. Many instances of the program uses some kind of ISAM to access records in the samba server. Sometimes those clients dont finish writing what they are supposed to write. The database loose its consistency and the whole thing goes down. A solution could be that if a client makes a lock in a file and start writing to it. Samba could buffer this information and only write to the file if the client unlock the file. That is what I call transactions. Thanks a lot. javier -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] BDC not working in a full-samba-env
Dear List,
I am trying to set up a BDC in a full-samba environment,
without full success.
I followed the howtos about this topic with the following
settings:
BDC:
[global]
workgroup = KERNZEIT
netbios name = APPSERVER
security = user
server string = %h (Samba %v)
announce version=5.0
#LDAP STUFF
passdb backend = ldapsam:ldap://127.0.0.1 ldap://10.1.1.1;
ldap suffix = dc=kernzeit,dc=com
ldap machine suffix = ou=smb-machines
ldap admin dn = cn=admin,dc=kernzeit,dc=com
ldap ssl = no
ldap user suffix = dc=kernzeit,dc=com
ldap group suffix = ou=groups,ou=nss
wins support = yes
preferred master = yes
time server = yes
os level = 33
#DOMAIN STUFF
domain master = yes
(tried this with domain master yes and no, as there
are different howtos regarding this setting)
domain logons = yes
idmap backend = ldap:127.0.0.1 ldap:10.1.1.1
#LOGON STUFF
logon path = \{}\{}%L\{}Profiles\{}%u
logon script = login.bat
logon drive = H:
logon home = \\LOGIN\%U
template homedir = /home/%U
FILESERVER:
---
[global]
workgroup = KERNZEIT
netbios name = FILESERVER
server string = %h
announce version = 5.0
os level = 20
encrypt passwords = true
obey pam restrictions = no
security = domain
password server = 10.1.1.1, 10.1.1.10
panic action = /usr/share/samba/panic-action %d
nt acl support = yes
wins support = no
wins proxy = no
wins server = 10.1.1.1 10.1.1.10
dns proxy = no
local master = no
preferred master = no
domain master = no
domain logons = no
The problem is:
- user workstations can log on and are getting the netlogon-
script in the right way
- the fileserver (members server of the domain) says the
following while the netlogon script is failing:
[2005/04/21 18:24:22, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [service] - [service]
FAILED with error NT_STATUS_NO_LOGON_SERVERS
Thanks for any help!
Matthias
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Basic problem with Samba 3.0.11 PDC on Samba Red Hat RHAS3 ACL srpm.
People have been experiencing problems with the subject line. AFAICS most of them haven't bothered to follow selected bits of the HOWTO. However, the former excludes all references to the idealx scripts, which I cannot use, since my DIT is set up completely differently from the idealx concept. I write my own, disjointed, shell and awk OpenLDAP scripts. Neither on my RHAS3 test rig (config as above) nor production rig (75+ Win2000k things, config as above) have I experienced any problems. Everything works as documented in the HOWTO. Including Cups printers WHAT AM I DOING WRONG? Should I upgrade to 3.0.14a to experience real major problems? This is really scaring the hell out of me. I have to be making basic errors to earn my daily bread, and I don't seem to be able to do that. I'm not including my smb.confs. lest they should confuse yall. They seem to work as they ought to. It's mortifying. Please help. To the Samba team: phantastik product, need I say more? To JanHendrik: jou wordt alles goeds gegund, maar zo gauw mogelijk aan een LOI cursus nederlands beginnen, en volharden. Heeft voor mij wonderen verricht. Best and bless you all, --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Description of LDAP-attribute sambaSIDList
tor, 21.04.2005 kl. 10.37 skrev Matthias Eichler:
I found some new LDAP attributes in the latest samba.schema,
that where definitely not there when setting up our environ-
ment.
Unfortunately I cant find any description of these attributes,
especially sambaSIDList.
Does anybody has an definite description of that attribute,
how it is used and how it should be administered, as the latest
smbldap-tools do not use it...
Well, you should bet using GQ then, as any savvy OpenLDAP sysadmin
should. God knows how I'd manage OpenLDAP without GQ . Thanks Bert,
thanks Peter, thanks (newly) David Malcolm.
sambaSIDList
Description:Security ID List
OID: 1.3.6.1.4.1.7165.2.1.51
Superior:
Usage: User applications
Equality: caseIgnoreIA5Match
Ordering:
Substrings:
Syntax { length }: 1.3.6.1.4.1.1466.115.121.1.26{64}
Used in objectclasses: sambaGroupMapping
Name: sambaGroupMapping
Description: Samba Group Mapping
OID: 1.3.6.1.4.1.7165.2.2.4
Superior: top
Kind: Auxiliary
required attributes:
gidNumber
samba GroupType
sambaSID
Allowed attributes
displayName
description
sambaSI List
--Tonni
--
Nothing sucksseeds like a pigeon without a beak ...
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl
They love us, don't they, They feed us, won't they ...
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Description of LDAP-attribute sambaSIDList
Well thanks, but thats just the schema-file and does not
really says what infomation is stored in that attribute...
to be honest: gq?!?
Matthias
Am Donnerstag, den 21.04.2005, 17:48 +0200 schrieb Tony Earnshaw:
tor, 21.04.2005 kl. 10.37 skrev Matthias Eichler:
I found some new LDAP attributes in the latest samba.schema,
that where definitely not there when setting up our environ-
ment.
Unfortunately I cant find any description of these attributes,
especially sambaSIDList.
Does anybody has an definite description of that attribute,
how it is used and how it should be administered, as the latest
smbldap-tools do not use it...
Well, you should bet using GQ then, as any savvy OpenLDAP sysadmin
should. God knows how I'd manage OpenLDAP without GQ . Thanks Bert,
thanks Peter, thanks (newly) David Malcolm.
sambaSIDList
Description: Security ID List
OID: 1.3.6.1.4.1.7165.2.1.51
Superior:
Usage:User applications
Equality: caseIgnoreIA5Match
Ordering:
Substrings:
Syntax { length }: 1.3.6.1.4.1.1466.115.121.1.26{64}
Used in objectclasses: sambaGroupMapping
Name: sambaGroupMapping
Description: Samba Group Mapping
OID: 1.3.6.1.4.1.7165.2.2.4
Superior: top
Kind: Auxiliary
required attributes:
gidNumber
samba GroupType
sambaSID
Allowed attributes
displayName
description
sambaSI List
--Tonni
--
Nothing sucksseeds like a pigeon without a beak ...
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl
They love us, don't they, They feed us, won't they ...
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] %M client DNS name resolution
Since upgrading from 2.2.8a to 3.0.11, I'm having trouble with the %M samba variable that represents the client's DNS name. Instead of the hostname, it's resolving to the IP address. I added exec = /data1/smbvars.sh %m %M %I %a %D %u %H %g %U %G %S %P %p %h %L %N %v %d %R %T /tmp/smbvars.txt to the global section of smb.conf, and the results follow: Client variables... %m = p-griffith = Client's NetBIOS name %M = 192.168.174.212 = Client's DNS name %I = 192.168.174.212 = Client's IP address %a = Win2K = Client's architecture (IP addresses have been changed to protect the innocent.) I'm running Solaris 9, and I have no trouble resolving IP addresses to hostnames, or hostnames to IP addresses, using getent(1M) from the command line. Phillip Griffith (803) 952-8776 Information Technology Department Westinghouse Savannah River Company -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] %M client DNS name resolution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Since upgrading from 2.2.8a to 3.0.11, I'm having trouble | with the %M samba variable that represents the client's | DNS name. Instead of the hostname, it's resolving to | the IP address. Set 'hostname lookups = yes' in smb.conf. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZ+ooIR7qMdg1EfYRAniCAJ9uFLNCadDmpZYKqUC6+vN2Cozn6wCg514Y PD7Zmm+uRIChWsOZZZjQt7A= =ClGv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba performance
I am involved in the support of a digital audio editing and production system involving Windows 2k clients storing the audio assets on an AIX backend. The problem we have been experiencing is that we open audio files in the editor we are getting a minimum of 2 sec delay between pressing play and the start of the audio playback. Initial tests show that this delay can be up to 6 seconds and that typically there are four to five conversations between the samba server and the win2k DC before the file is begun to be streamed to the client. We haven't established yet whether these conversations are all relevant to the client or whether they are authentication requests for other clients. We are using pass-through authentication. We have noticed that despite our samba config being the default regarding autodisconnect (ie never disconnect) we see the client application disconnect after a few seconds of inactivity within the audio editor. This leads us to suspect that the application is causing the disconnect by design. Also, browsing the samba share in windows explorer causes a permanent samba connection, and in this situation we do not have the delay in streaming of the audio. My questions are: Does samba process authentication requests in a serial manner, therefore are we getting a delay due to a queuing of requests? If the above is true is it the case that samba is not recommended as a viable solution for time critical applications? Is it possible that we are having a problem with oplocks? I don't think is necessarily the case as there shouldn't be multiple users accessing the same audio file in this environment. many thanks in advance, Martin. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Incorrect password or unknown username error when accessing a share
Hi, I have configured Samba to be a part of a NT style domain. The machine was able to join the group fine (great support from this group. Thanks!). ADS or LDAP are not used and the configuration relies on the Windows PDC to perform user authentication. Promblem 1) When a user tries to access the samba server, a dialog box pops-up saying Incorrect password or unknown username for \\samba-server and prompts me for the user name password. When I put in Domain-name\username it logs me in fine. How can I avoid forcing the users to put in domain name before their username? Problem 2) After accessing the server, when I access a share on the server it prompts me for the user name password again. On putting the same user name password as earlier, this keeps on prompting me again as if it did not like the combination. I have tried adding and removing users from /etc/passwd and smbpasswd but have the same problem over. Can someone help identify what is the right combination it is looking for or if there is anything I need to add to the smb.conf? An extract of the smb.conf file is provided below for reference. Your help on these issues is very much appreciated. Thanks, Ash [global] dns proxy = no debug timestamp = yes encrypt passwords = yes idmap gid = 15000-2 socket options = TCP_NODELAY max log size = 1024 password server = password server idmap uid = 15000-2 debug level = 3 security = domain server string = Samba Server workgroup = domain-name log level = 3 log file = /usr/local/samba/var/log.%m netbios name = appserver7 load printers = yes os level = 33 default = share winbind use default domain = Yes [homes] comment = Home Directories valid users = %S browseable = no writable = yes [share] path = /share comment = Solaris share valid users = @Accounts guest ok = Yes read only = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logging and/or reporting on account lockouts
My configuration is currently running Samba (3.0.14a) setup as a PDC with the idealx scripts. I have account lockouts working however, is there a way to write these lockouts to a text log? My managers would like the ability to review these on a daily basis. I have seen multiple threads on logging all logons/logoffs but all we are interested in is the account lockouts. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to determine the origin of BROWSE.DAT Entries
I have a multi domain setup using samba. I run 3 domains across a VPN connection. One is always setup as the master WINS server. The master Server is still on 2.2.8a. All of the other domains are at V3.010. I stopped all of the servers this morning and deleted the Browse.dat file. (I had a mistake in one of my domains that was conflicting with the he master wins server) After I restarted the daemons I now have a couple of Domain/Workgroup entries that show up in the browse.dat file. How do I determine where these came from? I want to make sure that none of my machines have been compromised. When I run smbclient is gives me a list of additional workgroups and the master for that group but I cannot query those machines to find the IP address. Is there any other way to locate the information that I need? Thanks in advanced. Scott Swaim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 64 bit build for Solaris 9
I am trying to build a 64 bit version of Samba 3.x for Solaris 9 that will have Active Directory and winbind support. I am having lots of trouble as it seems to require 64 bit versions of the OpenLDAP libraries and the krb5 libraries. I have successfully compiled OpenLDAP as 64 bit but I can't get krb5 to build 64 bit libraries. It has trouble with the aes-crypt modules. Has anyone out there been successful building a 64 bit samba 3.x for Solaris with Active directory and winbind support? If so I would sure like to talk to you. Thanks. --Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] poisx in ldap and smbpasswd backend : get_md4pw: Workstation station$: no account in domain
Hello, I migrate posix users in ldap (nss_ldap). but now, if I join a windows station to my SAMBA 2 domain from my windows xp station: everything seems ok : user add to the local /etc/passwd and the windows welcomes me in the domain but after the reboot and when I try to connect : on the windows XP : Domain password server not available nad in the log of SMb : get_md4pw: Workstation station$: no account in domain my global in smb.conf : [global] add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u netbios name = SERVER workgroup = DM server string = SAMBA PDC hosts allow = 192.168.4. load printers = no ; printing = lprng ; guest account = pcguest log file = /var/log/samba/%m.log max log size = 50 security = user ; password server = NT-Server-Name ; password level = 8 ; username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd ; invalid users = bin daemon adm lp sync shutdown halt mail news uucp operator games gopher ftp nobody ixfs httpd ; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt unix password sync = no ;passwd program = /usr/bin/passwd %u ;passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* ;pam password change = yes ; username map = /etc/samba/smbusers ; include = /etc/samba/smb.conf.%m obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; remote announce = 192.168.1.255 192.168.2.44 local master = yes os level = 33 domain master = yes preferred master = yes domain logons = yes ;logon script = %m.cmd ; logon script = %U.bat ; logon script = soft_inventory.cmd logon path = \\SASSARI\%U\profile logon drive = Z: logon home = \\SASSARI\%U ; wins support = yes ; wins server = 192.168.4.29 ; wins proxy = yes dns proxy = no ; preserve case = no ; short preserve case = no ; default case = lower ; case sensitive = no create mask = 0775 directory mask = 0775 interfaces = eth0 192.168.4.10/255.255.255.255 bind interfaces only = True #client code page = 437 character set = ISO8859-1 ; debug level = 2 domain admin group = @root #profile acls = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Replacing a W2K Server?
We have a Windows 2000 server with Terminal Services. It is an Active Directory master server for a microscopic network comprising itself and one Windows 2000 Workstation client. It is part of a network consisting of Unix machines: several Solaris 8 systems, a handful of Linux boxes, and a Mac OS X workstation. User authentication and other login information on this network is provided by NIS running on Solaris - but see below. Some of the Unix boxes are running Samba 3 to share files to Windows workstations. The services the W2K server provides are: file sharing to Windows workstations (these live in a different Active Directory domain); Windows applications for Unix users via Terminal Services and rdesktop; and authentication for the Samba servers. User NIS password changes are reflected from the Unix systems to W2K using Microsoft's services for Unix (in particular, MS provides a PAM module that sends password changes to the W2K server), so using W2K for authentication allows users to use their NIS passwords when connecting to Samba, rather than some Samba-only password. Our goal in life is to get rid of the W2K system. We don't want to be in the business of W2K server sysadmin, and the box running it is old and takes up a lot of space and energy. This would mean moving its files to a new Samba server. Is there a straightforward way to get the new server, as well as the existing ones, to authenticate in such a way that its passwords can be identical with the NIS/Unix passwords? Does this require some kind of Kerberos/LDAP infrastructure we do not now use? How would this be set up. I have read several documents, but it seems to me that: 1. Samba can authenticate with PAM, but this uses cleartext passwords. 2. Samba can authenticate from its own LDAP or file password database, but there is no obvious way to keep this synchronized with Unix passwords. 3. We could set up a Kerberos system, but I do not see any way of making Samba refer to Kerberos for password authentication. Any suggestions, please? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Replacing a W2K Server?
Michael Urban rta: We have a Windows 2000 server with Terminal Services. It is an Active Directory master server for a microscopic network comprising itself and one Windows 2000 Workstation client. It is part of a network consisting of Unix machines: several Solaris 8 systems, a handful of Linux boxes, and a Mac OS X workstation. User authentication and other login information on this network is provided by NIS running on Solaris - but see below. Some of the Unix boxes are running Samba 3 to share files to Windows workstations. The services the W2K server provides are: file sharing to Windows workstations (these live in a different Active Directory domain); Windows applications for Unix users via Terminal Services and rdesktop; and authentication for the Samba servers. User NIS password changes are reflected from the Unix systems to W2K using Microsoft's services for Unix (in particular, MS provides a PAM module that sends password changes to the W2K server), so using W2K for authentication allows users to use their NIS passwords when connecting to Samba, rather than some Samba-only password. Our goal in life is to get rid of the W2K system. We don't want to be in the business of W2K server sysadmin, and the box running it is old and takes up a lot of space and energy. This would mean moving its files to a new Samba server. Is there a straightforward way to get the new server, as well as the existing ones, to authenticate in such a way that its passwords can be identical with the NIS/Unix passwords? Does this require some kind of Kerberos/LDAP infrastructure we do not now use? How would this be set up. I have read several documents, but it seems to me that: 1. Samba can authenticate with PAM, but this uses cleartext passwords. 2. Samba can authenticate from its own LDAP or file password database, but there is no obvious way to keep this synchronized with Unix passwords. 3. We could set up a Kerberos system, but I do not see any way of making Samba refer to Kerberos for password authentication. Any suggestions, please? I recomend https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap as a good starting point for understanding the Samba+OpenLDAP+Heimdal interaction. It is true that Samba can't be a Kerberos enabled AD yet, but your *nix machines should be happy with Heimdal+OpenLDAP instead of the quite outdated an insecure NIS (just my 2c) Regards Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] transactions
On Thu, Apr 21, 2005 at 11:55:21AM +0400, [EMAIL PROTECTED] wrote: Hi, I have a question about samba3 internals. I want to know if samba does support what I call transactions (though I could be wrong) I need that a client either finish writing what it was meant to or not The problem is that I have a samba on a place where there is a very old accounting system writen in Cobol. Many instances of the program uses some kind of ISAM to access records in the samba server. Sometimes those clients dont finish writing what they are supposed to write. The database loose its consistency and the whole thing goes down. A solution could be that if a client makes a lock in a file and start writing to it. Samba could buffer this information and only write to the file if the client unlock the file. That is what I call transactions. We don't currently do this - it could be done via a custom VFS module. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] FW: Remote Announce
Id like to know if a Samba PDC can work on a multi-segment network by using the remote announce parameter in smb.conf? Will it work better if I place network cards for each network segment on the samba PDC? Thanks and best regards to everyone. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Description of LDAP-attribute sambaSIDList
tor, 21.04.2005 kl. 18.40 skrev Matthias Eichler: Well thanks, but thats just the schema-file and does not really says what infomation is stored in that attribute... Nonsense. to be honest: gq?!? You don't mean to be honest, you mean what is GQ and what does it do? We Google, don't we? From www.biot.com we jump. GQ is the definitive solution to questions such as yours, plus all definitive answers to the question: how do I manage my (Open)LDAP database? --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Description of LDAP-attribute sambaSIDList
Tony Earnshaw wrote: tor, 21.04.2005 kl. 18.40 skrev Matthias Eichler: Well thanks, but thats just the schema-file and does not really says what infomation is stored in that attribute... Nonsense. We all can read. But sometimes we need others to help us to comprehend what it is that we are looking at. Have you considered that the OP is asking you for help to understand what it is he is looking at Not how to look at it. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r6414 - in branches/SAMBA_4_0/source: include libnet
Author: mimir
Date: 2005-04-21 07:24:16 + (Thu, 21 Apr 2005)
New Revision: 6414
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6414
Log:
Added composite user del function. Slightly broken still, but I don't
want it to hang around not commited.
rafal
Modified:
branches/SAMBA_4_0/source/include/structs.h
branches/SAMBA_4_0/source/libnet/composite.h
branches/SAMBA_4_0/source/libnet/userman.c
Changeset:
Modified: branches/SAMBA_4_0/source/include/structs.h
===
--- branches/SAMBA_4_0/source/include/structs.h 2005-04-21 05:47:02 UTC (rev
6413)
+++ branches/SAMBA_4_0/source/include/structs.h 2005-04-21 07:24:16 UTC (rev
6414)
@@ -162,6 +162,7 @@
struct smb_composite_fsinfo;
struct rpc_composite_userinfo;
struct rpc_composite_useradd;
+struct rpc_composite_userdel;
struct nbt_name;
struct nbt_name_packet;
Modified: branches/SAMBA_4_0/source/libnet/composite.h
===
--- branches/SAMBA_4_0/source/libnet/composite.h2005-04-21 05:47:02 UTC
(rev 6413)
+++ branches/SAMBA_4_0/source/libnet/composite.h2005-04-21 07:24:16 UTC
(rev 6414)
@@ -43,3 +43,14 @@
struct policy_handle user_handle;
} out;
};
+
+
+struct rpc_composite_userdel {
+ struct {
+ struct policy_handle domain_handle;
+ const char *username;
+ } in;
+ struct {
+ struct policy_handle user_handle;
+ } out;
+};
Modified: branches/SAMBA_4_0/source/libnet/userman.c
===
--- branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 05:47:02 UTC (rev
6413)
+++ branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 07:24:16 UTC (rev
6414)
@@ -28,8 +28,12 @@
#include librpc/gen_ndr/ndr_samr.h
#include libnet/composite.h
-static void useradd_handler(struct rpc_request *req);
+/*
+ * Composite user add function
+ */
+static void useradd_handler(struct rpc_request*);
+
enum useradd_stage { USERADD_CREATE };
struct useradd_state {
@@ -178,3 +182,184 @@
struct composite_context *c = rpc_composite_useradd_send(pipe, io);
return rpc_composite_useradd_recv(c, mem_ctx, io);
}
+
+
+/*
+ * Composite user del function
+ */
+
+static void userdel_handler(struct rpc_request*);
+
+enum userdel_stage { USERDEL_LOOKUP, USERDEL_OPEN, USERDEL_DELETE };
+
+struct userdel_state {
+ enum userdel_stagestage;
+ struct dcerpc_pipe*pipe;
+ struct rpc_request*req;
+ struct policy_handle domain_handle;
+ struct policy_handle user_handle;
+ struct samr_LookupNames lookupname;
+ struct samr_OpenUser openuser;
+ struct samr_DeleteUserdeleteuser;
+};
+
+
+static NTSTATUS userdel_lookup(struct composite_context *c,
+ struct userdel_state *s)
+{
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+
+ c-status = dcerpc_ndr_request_recv(s-req);
+ NT_STATUS_NOT_OK_RETURN(c-status);
+
+ if (!s-lookupname.out.rids.count) {
+ /* TODO: no such user */
+ status = NT_STATUS_NO_SUCH_USER;
+
+ } else if (!s-lookupname.out.rids.count 1) {
+ /* TODO: ambiguous username */
+ status = NT_STATUS_INVALID_ACCOUNT_NAME;
+ }
+
+ s-openuser.in.domain_handle = s-domain_handle;
+ s-openuser.in.rid = s-lookupname.out.rids.ids[0];
+ s-openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ s-openuser.out.user_handle = s-user_handle;
+
+ s-req = dcerpc_samr_OpenUser_send(s-pipe, c, s-openuser);
+
+ s-req-async.callback = userdel_handler;
+ s-req-async.private = c;
+ s-stage = USERDEL_OPEN;
+
+ return NT_STATUS_OK;
+failure:
+ talloc_free(c);
+ return status;
+}
+
+
+static NTSTATUS userdel_open(struct composite_context *c,
+struct userdel_state *s)
+{
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+
+ c-status = dcerpc_ndr_request_recv(s-req);
+ NT_STATUS_NOT_OK_RETURN(c-status);
+
+ s-deleteuser.in.user_handle = s-user_handle;
+ s-deleteuser.out.user_handle = s-user_handle;
+
+ s-req = dcerpc_samr_DeleteUser_send(s-pipe, c, s-deleteuser);
+
+ s-req-async.callback = userdel_handler;
+ s-req-async.private = c;
+ s-stage = USERDEL_DELETE;
+
+ return NT_STATUS_OK;
+}
+
+
+static NTSTATUS userdel_delete(struct composite_context *c,
+ struct userdel_state *s)
+{
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+
+ c-status = dcerpc_ndr_request_recv(s-req);
+ NT_STATUS_NOT_OK_RETURN(c-status);
+
+ c-state = SMBCLI_REQUEST_DONE;
+
+ return NT_STATUS_OK;
+}
+
+
svn commit: samba r6415 - in branches/SAMBA_4_0/source/torture: . libnet
Author: mimir
Date: 2005-04-21 07:25:16 + (Thu, 21 Apr 2005)
New Revision: 6415
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6415
Log:
Added NET-USERDEL torture test which proves something's wrong
with user del function.
rafal
Modified:
branches/SAMBA_4_0/source/torture/libnet/userman.c
branches/SAMBA_4_0/source/torture/torture.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userman.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-21 07:24:16 UTC
(rev 6414)
+++ branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-21 07:25:16 UTC
(rev 6415)
@@ -153,6 +153,55 @@
}
+static BOOL test_createuser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle, const char* user)
+{
+ NTSTATUS status;
+ struct policy_handle h, domain_handle, user_handle;
+ struct samr_String username;
+ struct samr_CreateUser r4;
+ uint32_t user_rid;
+
+ username.string = user;
+
+ r4.in.domain_handle = handle;
+ r4.in.account_name = username;
+ r4.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r4.out.user_handle = user_handle;
+ r4.out.rid = user_rid;
+
+ printf(creating user '%s'\n, username.string);
+
+ status = dcerpc_samr_CreateUser(p, mem_ctx, r4);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(CreateUser failed - %s\n, nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
+
+static BOOL test_userdel(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+struct policy_handle *handle, const char *username)
+{
+ NTSTATUS status;
+ BOOL ret = False;
+ struct rpc_composite_userdel user;
+
+ user.in.domain_handle = *handle;
+ user.in.username = username;
+
+ status = rpc_composite_userdel(p, mem_ctx, user);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(Failed to call sync rpc_composite_userdel - %s\n,
nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
+
BOOL torture_useradd(void)
{
NTSTATUS status;
@@ -206,3 +255,58 @@
talloc_free(mem_ctx);
return ret;
}
+
+
+BOOL torture_userdel(void)
+{
+ NTSTATUS status;
+ const char *binding;
+ struct dcerpc_pipe *p;
+ struct dcerpc_binding *b;
+ struct policy_handle h;
+ struct samr_String domain_name;
+ char* name = TEST_USERNAME;
+ TALLOC_CTX *mem_ctx;
+ BOOL ret = True;
+
+ mem_ctx = talloc_init(test_userdel);
+ binding = lp_parm_string(-1, torture, binding);
+
+ status = torture_rpc_connection(mem_ctx,
+ p,
+ DCERPC_SAMR_NAME,
+ DCERPC_SAMR_UUID,
+ DCERPC_SAMR_VERSION);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return False;
+ }
+
+ status = dcerpc_parse_binding(mem_ctx, binding, b);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(failed to parse dcerpc binding '%s'\n, binding);
+ talloc_free(mem_ctx);
+ ret = False;
+ goto done;
+ }
+
+ domain_name.string = lp_workgroup();
+ if (!test_opendomain(p, mem_ctx, h, domain_name)) {
+ ret = False;
+ goto done;
+ }
+
+ if (!test_createuser(p, mem_ctx, h, name)) {
+ ret = False;
+ goto done;
+ }
+
+ if (!test_userdel(p, mem_ctx, h, name)) {
+ ret = False;
+ goto done;
+ }
+
+done:
+ talloc_free(mem_ctx);
+ return ret;
+}
Modified: branches/SAMBA_4_0/source/torture/torture.c
===
--- branches/SAMBA_4_0/source/torture/torture.c 2005-04-21 07:24:16 UTC (rev
6414)
+++ branches/SAMBA_4_0/source/torture/torture.c 2005-04-21 07:25:16 UTC (rev
6415)
@@ -2420,6 +2420,7 @@
/* libnet tests */
{NET-USERINFO, torture_userinfo, 0},
{NET-USERADD, torture_useradd, 0},
+ {NET-USERDEL, torture_userdel, 0},
{NULL, NULL, 0}};
svn commit: samba r6416 - in trunk/source/smbd: .
Author: jra
Date: 2005-04-21 07:57:41 + (Thu, 21 Apr 2005)
New Revision: 6416
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6416
Log:
Strange old IRIX systems return -1 for telldir() when
end of directory reached. Don't check for that and bail
when reading directory entries as it's a valid value.
Excellent work from Cale Fairchild [EMAIL PROTECTED]
tracked this down.
Jeremy.
Modified:
trunk/source/smbd/dir.c
Changeset:
Modified: trunk/source/smbd/dir.c
===
--- trunk/source/smbd/dir.c 2005-04-21 07:25:16 UTC (rev 6415)
+++ trunk/source/smbd/dir.c 2005-04-21 07:57:41 UTC (rev 6416)
@@ -1038,9 +1038,6 @@
while ((n = vfs_readdirname(conn, dirp-dir))) {
struct name_cache_entry *e;
dirp-offset = SMB_VFS_TELLDIR(conn, dirp-dir);
- if (dirp-offset == -1) {
- return NULL;
- }
dirp-name_cache_index = (dirp-name_cache_index+1) %
NAME_CACHE_SIZE;
e = dirp-name_cache[dirp-name_cache_index];
svn commit: samba r6417 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-04-21 07:57:52 + (Thu, 21 Apr 2005)
New Revision: 6417
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6417
Log:
Strange old IRIX systems return -1 for telldir() when
end of directory reached. Don't check for that and bail
when reading directory entries as it's a valid value.
Excellent work from Cale Fairchild [EMAIL PROTECTED]
tracked this down.
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/dir.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dir.c
===
--- branches/SAMBA_3_0/source/smbd/dir.c2005-04-21 07:57:41 UTC (rev
6416)
+++ branches/SAMBA_3_0/source/smbd/dir.c2005-04-21 07:57:52 UTC (rev
6417)
@@ -1038,11 +1038,7 @@
while ((n = vfs_readdirname(conn, dirp-dir))) {
struct name_cache_entry *e;
dirp-offset = SMB_VFS_TELLDIR(conn, dirp-dir);
- if (dirp-offset == -1) {
- return NULL;
- }
dirp-name_cache_index = (dirp-name_cache_index+1) %
NAME_CACHE_SIZE;
-
e = dirp-name_cache[dirp-name_cache_index];
SAFE_FREE(e-name);
e-name = SMB_STRDUP(n);
svn commit: samba r6418 - in branches/tmp/pidl2/source/build/pidl: .
Author: jelmer
Date: 2005-04-21 08:03:38 + (Thu, 21 Apr 2005)
New Revision: 6418
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6418
Log:
Allow determining the prefix necessary for getting to the value of a variable
Modified:
branches/tmp/pidl2/source/build/pidl/ndr_parser.pm
Changeset:
Modified: branches/tmp/pidl2/source/build/pidl/ndr_parser.pm
===
--- branches/tmp/pidl2/source/build/pidl/ndr_parser.pm 2005-04-21 07:57:52 UTC
(rev 6417)
+++ branches/tmp/pidl2/source/build/pidl/ndr_parser.pm 2005-04-21 08:03:38 UTC
(rev 6418)
@@ -21,6 +21,25 @@
return $typefamily{$n};
}
+sub append_prefix($$)
+{
+ my $e = shift;
+ my $var_name = shift;
+ my $pointers = 0;
+
+ foreach my $l (@{$e-{LEVELS}}) {
+ if ($l-{TYPE} eq POINTER) {
+ $pointers++;
+ } elsif ($l-{TYPE} eq DATA) {
+ if ($l-{DATA_TYPE} eq string) {
+ return get_value_of($var_name) unless
($pointers);
+ }
+ }
+ }
+
+ return $var_name;
+}
+
# see if a variable needs to be allocated by the NDR subsystem on pull
sub need_alloc($)
{
@@ -628,6 +647,8 @@
my $var_name = $var_prefix.$e-{NAME};
+ $var_name = append_prefix($e, $var_name);
+
return unless $primitives or ($deferred and ContainsDeferred($e));
start_flags($e);
@@ -717,6 +738,7 @@
my($var_name) = shift;
my $env = shift;
+ $var_name = append_prefix($e, $var_name);
return if (util::has_property($e, noprint));
if (my $value = util::has_property($e, value)) {
@@ -886,6 +908,8 @@
my $var_name = $var_prefix.$e-{NAME};
+ $var_name = append_prefix($e, $var_name);
+
my $previous = undef;
return unless $primitives or ($deferred and ContainsDeferred($e));
svn commit: samba r6419 - in branches/SAMBA_4_0/source/libnet: .
Author: mimir Date: 2005-04-21 12:21:14 + (Thu, 21 Apr 2005) New Revision: 6419 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6419 Log: Fix strange behaviour of NET-USERDEL where account doesn't actually gets deleted. rafal Modified: branches/SAMBA_4_0/source/libnet/userman.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/userman.c === --- branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 08:03:38 UTC (rev 6418) +++ branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 12:21:14 UTC (rev 6419) @@ -314,11 +314,13 @@ s = talloc_zero(c, struct userdel_state); if (s == NULL) goto failure; - s-pipe = p; c-state = SMBCLI_REQUEST_SEND; c-private= s; c-event_ctx = dcerpc_event_context(p); + s-pipe = p; + s-domain_handle = io-in.domain_handle; + s-lookupname.in.domain_handle = io-in.domain_handle; s-lookupname.in.num_names = 1; s-lookupname.in.names = talloc_zero(s, struct samr_String);
svn commit: samba r6420 - in branches/SAMBA_4_0/source/torture/libnet: .
Author: mimir
Date: 2005-04-21 12:22:48 + (Thu, 21 Apr 2005)
New Revision: 6420
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6420
Log:
Close user account handle before calling tested function to better
simulate real conditions of calling the function.
rafal
Modified:
branches/SAMBA_4_0/source/torture/libnet/userman.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userman.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-21 12:21:14 UTC
(rev 6419)
+++ branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-21 12:22:48 UTC
(rev 6420)
@@ -159,25 +159,37 @@
NTSTATUS status;
struct policy_handle h, domain_handle, user_handle;
struct samr_String username;
- struct samr_CreateUser r4;
+ struct samr_CreateUser r1;
+ struct samr_Close r2;
uint32_t user_rid;
username.string = user;
- r4.in.domain_handle = handle;
- r4.in.account_name = username;
- r4.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- r4.out.user_handle = user_handle;
- r4.out.rid = user_rid;
+ r1.in.domain_handle = handle;
+ r1.in.account_name = username;
+ r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r1.out.user_handle = user_handle;
+ r1.out.rid = user_rid;
printf(creating user '%s'\n, username.string);
- status = dcerpc_samr_CreateUser(p, mem_ctx, r4);
+ status = dcerpc_samr_CreateUser(p, mem_ctx, r1);
if (!NT_STATUS_IS_OK(status)) {
printf(CreateUser failed - %s\n, nt_errstr(status));
return False;
}
+ r2.in.handle = user_handle;
+ r2.out.handle = user_handle;
+
+ printf(closing user '%s'\n, username.string);
+
+ status = dcerpc_samr_Close(p, mem_ctx, r2);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(Close failed - %s\n, nt_errstr(status));
+ return False;
+ }
+
return True;
}
svn commit: samba r6421 - in branches/SAMBA_3_0/source: passdb rpc_server
Author: jerry
Date: 2005-04-21 17:13:50 + (Thu, 21 Apr 2005)
New Revision: 6421
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6421
Log:
use add machine script when creating a user (ACB_NORMAL)
who has a name ending in '$' (usrmgr.exe does this for
domain trusts (that's was jfm's original comment I think).
avoid an assert() call in libldap.
Modified:
branches/SAMBA_3_0/source/passdb/pdb_ldap.c
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-04-21 12:22:48 UTC (rev
6420)
+++ branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-04-21 17:13:50 UTC (rev
6421)
@@ -3423,7 +3423,8 @@
state-connection-paged_results = False;
}
- state-current_entry = ldap_first_entry(ld, state-entries);
+ if ( ld )
+ state-current_entry = ldap_first_entry(ld, state-entries);
if (state-current_entry == NULL) {
ldap_msgfree(state-entries);
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-04-21 12:22:48 UTC
(rev 6420)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-04-21 17:13:50 UTC
(rev 6421)
@@ -1985,13 +1985,15 @@
se_priv_copy( se_rights, se_machine_account );
can_add_account = user_has_privileges(
p-pipe_user.nt_user_token, se_rights );
}
- else if ( acb_info ACB_NORMAL )
+ /* usrmgr.exe (and net rpc trustdom grant) creates a normal user
+ account for domain trusts and changes the ACB flags later */
+ else if ( acb_info ACB_NORMAL (account[strlen(account)-1] != '$') )
{
pstrcpy(add_script, lp_adduser_script());
se_priv_copy( se_rights, se_add_users );
can_add_account = user_has_privileges(
p-pipe_user.nt_user_token, se_rights );
}
- else if ( acb_info (ACB_SVRTRUST|ACB_DOMTRUST) )
+ else/* implicit assumption of a BDC or domain trust account here
(we already check the flags earlier) */
{
pstrcpy(add_script, lp_addmachine_script());
if ( lp_enable_privileges() ) {
svn commit: samba r6422 - in trunk/source: . client include passdb rpc_server tests
Author: jerry Date: 2005-04-21 18:01:37 + (Thu, 21 Apr 2005) New Revision: 6422 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6422 Log: merging changes from 3.0 Added: trunk/source/client/umount.cifs.c Modified: trunk/source/Makefile.in trunk/source/client/client.c trunk/source/include/includes.h trunk/source/include/libsmb_internal.h trunk/source/passdb/pdb_ldap.c trunk/source/rpc_server/srv_samr_nt.c trunk/source/tests/sysquotas.c Changeset: Sorry, the patch is too large (875 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6422
svn commit: samba r6423 - in trunk/source/rpc_server: .
Author: jerry Date: 2005-04-21 18:44:56 + (Thu, 21 Apr 2005) New Revision: 6423 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6423 Log: fix compile ereor from bad merge Modified: trunk/source/rpc_server/srv_samr_nt.c Changeset: Modified: trunk/source/rpc_server/srv_samr_nt.c === --- trunk/source/rpc_server/srv_samr_nt.c 2005-04-21 18:01:37 UTC (rev 6422) +++ trunk/source/rpc_server/srv_samr_nt.c 2005-04-21 18:44:56 UTC (rev 6423) @@ -501,7 +501,7 @@ /* TODO: different SDs have to be generated for aliases groups and users. Currently all three get a default user SD */ DEBUG(10,(_samr_query_sec_obj: querying security on Object with SID: %s\n, sid_to_string(str_sid, pol_sid))); - r_u-status = samr_make_usr_obj_sd(p-mem_ctx, psd,sd_size, pol_sid); + r_u-status = make_samr_object_sd(p-mem_ctx, psd, sd_size, usr_generic_mapping, pol_sid, SAMR_USR_RIGHTS_WRITE_PW); } else return NT_STATUS_OBJECT_TYPE_MISMATCH;
svn commit: samba r6424 - in branches/SAMBA_4_0/source/libnet: .
Author: mimir
Date: 2005-04-21 23:25:38 + (Thu, 21 Apr 2005)
New Revision: 6424
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6424
Log:
More comments and fixes to existing ones.
rafal
Modified:
branches/SAMBA_4_0/source/libnet/userman.c
Changeset:
Modified: branches/SAMBA_4_0/source/libnet/userman.c
===
--- branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 18:44:56 UTC (rev
6423)
+++ branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 23:25:38 UTC (rev
6424)
@@ -95,6 +95,7 @@
* @param p dce/rpc call pipe
* @param io arguments and results of the call
*/
+
struct composite_context *rpc_composite_useradd_send(struct dcerpc_pipe *p,
struct
rpc_composite_useradd *io)
{
@@ -141,7 +142,7 @@
/**
* Waits for and receives result of asynchronous useradd call
*
- * @param c composite context returned by asynchronous userinfo call
+ * @param c composite context returned by asynchronous useradd call
* @param mem_ctx memory context of the call
* @param io pointer to results (and arguments) of the call
* @return nt status code of execution
@@ -185,7 +186,7 @@
/*
- * Composite user del function
+ * Composite user delete function
*/
static void userdel_handler(struct rpc_request*);
@@ -204,6 +205,9 @@
};
+/**
+ * Stage 1: Lookup the user name and resolve it to rid
+ */
static NTSTATUS userdel_lookup(struct composite_context *c,
struct userdel_state *s)
{
@@ -239,6 +243,9 @@
}
+/**
+ * Stage 2: Open user account.
+ */
static NTSTATUS userdel_open(struct composite_context *c,
struct userdel_state *s)
{
@@ -260,6 +267,9 @@
}
+/**
+ * Stage 3: Delete user account
+ */
static NTSTATUS userdel_delete(struct composite_context *c,
struct userdel_state *s)
{
@@ -274,6 +284,12 @@
}
+/**
+ * Event handler for asynchronous request. Handles transition through
+ * intermediate stages of the call.
+ *
+ * @param req rpc call context
+ */
static void userdel_handler(struct rpc_request *req)
{
struct composite_context *c = req-async.private;
@@ -302,6 +318,13 @@
}
+/**
+ * Sends asynchronous userdel request
+ *
+ * @param p dce/rpc call pipe
+ * @param io arguments and results of the call
+ */
+
struct composite_context *rpc_composite_userdel_send(struct dcerpc_pipe *p,
struct
rpc_composite_userdel *io)
{
@@ -320,14 +343,17 @@
s-pipe = p;
s-domain_handle = io-in.domain_handle;
-
+
+ /* preparing parameters to send rpc request */
s-lookupname.in.domain_handle = io-in.domain_handle;
s-lookupname.in.num_names = 1;
s-lookupname.in.names = talloc_zero(s, struct samr_String);
s-lookupname.in.names-string = io-in.username;
+ /* send the request */
s-req = dcerpc_samr_LookupNames_send(p, c, s-lookupname);
-
+
+ /* callback handler */
s-req-async.callback = userdel_handler;
s-req-async.private = c;
s-stage = USERDEL_LOOKUP;
@@ -340,6 +366,15 @@
}
+/**
+ * Waits for and receives results of asynchronous userdel call
+ *
+ * @param c composite context returned by asynchronous userdel call
+ * @param mem_ctx memory context of the call
+ * @param io pointer to results (and arguments) of the call
+ * @return nt status code of execution
+ */
+
NTSTATUS rpc_composite_userdel_recv(struct composite_context *c, TALLOC_CTX
*mem_ctx,
struct rpc_composite_userdel *io)
{
Build status as of Fri Apr 22 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-04-21 00:00:19.0 + +++ /home/build/master/cache/broken_results.txt 2005-04-22 00:00:35.0 + @@ -1,18 +1,19 @@ -Build status as of Thu Apr 21 00:00:02 2005 +Build status as of Fri Apr 22 00:00:02 2005 Build counts: Tree Total Broken Panic -ccache 38 4 0 -distcc 38 1 0 +ccache 39 4 0 +distcc 39 1 0 ppp 23 2 0 rsync38 1 0 samba1 1 1 samba-docs 0 0 0 -samba4 40 11 0 +samba4 41 15 0 samba_3_040 9 0 Currently broken builds: Host Tree Compiler Status +cyberone samba4 gccok/ 2/?/? fusberta samba4 gccok/ 2/?/? samba-s390 samba4 gccok/ 2/?/? rhonwynsamba4 gcc-4.0ok/ 2/?/? @@ -20,11 +21,14 @@ rhonwynsamba4 tccok/ 2/?/? shelob ccache iccok/ok/ok/ 2 aretnapccache iccok/ok/ok/ 1 +smartserv1 samba4 gcc-4.0ok/ 1/?/? smartserv1 samba_3_0gcc-4.0ok/ 1/?/? gwen distcc cc ok/ 1/?/? gwen samba4 cc ok/ 1/?/? gwen samba_3_0cc ok/ 1/?/? +us4samba4 cc ok/ 1/?/? us4samba_3_0cc ok/ 1/?/? +us4samba4 gccok/ 1/?/? us4samba_3_0gccok/ 1/?/? flock samba4 gccok/ 1/?/? shubnigurath samba4 cc ok/ 1/?/?
svn commit: samba r6425 - in branches/SAMBA_4_0/source/libnet: .
Author: mimir Date: 2005-04-22 00:22:11 + (Fri, 22 Apr 2005) New Revision: 6425 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6425 Log: Yet another comment. rafal Modified: branches/SAMBA_4_0/source/libnet/userman.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/userman.c === --- branches/SAMBA_4_0/source/libnet/userman.c 2005-04-21 23:25:38 UTC (rev 6424) +++ branches/SAMBA_4_0/source/libnet/userman.c 2005-04-22 00:22:11 UTC (rev 6425) @@ -393,6 +393,15 @@ } +/** + * Synchronous version of userdel call + * + * @param pipe dce/rpc call pipe + * @param mem_ctx memory context for the call + * @param io arguments and results of the call + * @return nt status code of execution + */ + NTSTATUS rpc_composite_userdel(struct dcerpc_pipe *pipe, TALLOC_CTX *mem_ctx, struct rpc_composite_userdel *io)
svn commit: samba r6426 - in branches/SAMBA_4_0/source/torture/libnet: .
Author: mimir
Date: 2005-04-22 00:32:37 + (Fri, 22 Apr 2005)
New Revision: 6426
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6426
Log:
DCE/RPC bind string parsing is not needed anymore, as we use
lp_workgroup parameter as domain name to operate on.
rafal
Modified:
branches/SAMBA_4_0/source/torture/libnet/userinfo.c
branches/SAMBA_4_0/source/torture/libnet/userman.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userinfo.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22 00:22:11 UTC
(rev 6425)
+++ branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22 00:32:37 UTC
(rev 6426)
@@ -225,17 +225,8 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
- status = dcerpc_parse_binding(mem_ctx, binding, b);
- if (!NT_STATUS_IS_OK(status)) {
- printf(failed to parse dcerpc binding '%s'\n, binding);
- talloc_free(mem_ctx);
- ret = False;
- goto done;
- }
name.string = lp_workgroup();
if (!test_opendomain(p, mem_ctx, h, name, sid)) {
Modified: branches/SAMBA_4_0/source/torture/libnet/userman.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-22 00:22:11 UTC
(rev 6425)
+++ branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-22 00:32:37 UTC
(rev 6426)
@@ -23,7 +23,7 @@
#include librpc/gen_ndr/ndr_samr.h
#include libnet/composite.h
-#define TEST_USERNAME libnetuserinfotest
+#define TEST_USERNAME libnetusermantest
static BOOL test_opendomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
@@ -235,18 +235,8 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
- status = dcerpc_parse_binding(mem_ctx, binding, b);
- if (!NT_STATUS_IS_OK(status)) {
- printf(failed to parse dcerpc binding '%s'\n, binding);
- talloc_free(mem_ctx);
- ret = False;
- goto done;
- }
-
domain_name.string = lp_workgroup();
if (!test_opendomain(p, mem_ctx, h, domain_name)) {
ret = False;
@@ -290,18 +280,8 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
- status = dcerpc_parse_binding(mem_ctx, binding, b);
- if (!NT_STATUS_IS_OK(status)) {
- printf(failed to parse dcerpc binding '%s'\n, binding);
- talloc_free(mem_ctx);
- ret = False;
- goto done;
- }
-
domain_name.string = lp_workgroup();
if (!test_opendomain(p, mem_ctx, h, domain_name)) {
ret = False;
Re: svn commit: samba r6426 - in branches/SAMBA_4_0/source/torture/libnet: .
On Fri, 22 Apr 2005 [EMAIL PROTECTED] wrote:
Author: mimir
Date: 2005-04-22 00:32:37 + (Fri, 22 Apr 2005)
New Revision: 6426
[deletia]
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userinfo.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22
00:22:11 UTC (rev 6425)
+++ branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22
00:32:37 UTC (rev 6426)
@@ -225,17 +225,8 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
I don't think this is a big item, but I actually prefer the first one
above that was deleted, because it makes things much easier when you are
inserting debugging statements and so forth, at the cost of a few more
characters.
Of course, I am not going to create a big fuss, though.
Regards
-
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
svn commit: samba-docs r498 - in trunk/Samba-Guide: .
Author: jht Date: 2005-04-22 01:46:37 + (Fri, 22 Apr 2005) New Revision: 498 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=498 Log: More updates from feedback. Modified: trunk/Samba-Guide/SBE-AddingUNIXClients.xml trunk/Samba-Guide/SBE-MakingHappyUsers.xml trunk/Samba-Guide/SBE-MigrateNT4Samba3.xml trunk/Samba-Guide/SBE-MigrateNW4Samba3.xml Changeset: Sorry, the patch is too large (472 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=498
Re: svn commit: samba r6426 - in branches/SAMBA_4_0/source/torture/libnet: .
On Thu, Apr 21, 2005 at 06:20:34PM -0700, Richard Sharpe wrote:
On Fri, 22 Apr 2005 [EMAIL PROTECTED] wrote:
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
I don't think this is a big item, but I actually prefer the first one
above that was deleted, because it makes things much easier when you are
inserting debugging statements and so forth, at the cost of a few more
characters.
Certainly, when you add debug statements you use the deleted form.
I changed it to single line because it is smaller. Once I put there
something more it will be just what you prefer.
cheers,
--
Rafal Szczesniak
Samba Team member http://www.samba.org
signature.asc
Description: Digital signature
svn commit: samba r6427 - in trunk/source: include registry utils
Author: jerry Date: 2005-04-22 02:42:09 + (Fri, 22 Apr 2005) New Revision: 6427 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6427 Log: start to give more flesh to the structure surrounding reading registry files. Connect the SK, VK, LF records to the NK parent. Modified: trunk/source/include/regfio.h trunk/source/registry/regfio.c trunk/source/utils/net_rpc_registry.c Changeset: Sorry, the patch is too large (497 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6427
svn commit: samba-docs r499 - in trunk/Samba-Guide: .
Author: jht Date: 2005-04-22 03:53:48 + (Fri, 22 Apr 2005) New Revision: 499 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=499 Log: More wonderful edits from feedback. Modified: trunk/Samba-Guide/SBE-500UserNetwork.xml trunk/Samba-Guide/SBE-AddingUNIXClients.xml trunk/Samba-Guide/SBE-Appendix1.xml trunk/Samba-Guide/SBE-DomainAppsSupport.xml trunk/Samba-Guide/SBE-HighAvailability.xml trunk/Samba-Guide/SBE-MakingHappyUsers.xml trunk/Samba-Guide/SBE-TheSmallOffice.xml trunk/Samba-Guide/SBE-preface.xml Changeset: Sorry, the patch is too large (483 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=499
svn commit: samba r6428 - in trunk/source: include registry utils
Author: jerry Date: 2005-04-22 04:12:11 + (Fri, 22 Apr 2005) New Revision: 6428 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6428 Log: successfully parse lf and vk records Modified: trunk/source/include/regfio.h trunk/source/registry/regfio.c trunk/source/utils/net_rpc_registry.c Changeset: Sorry, the patch is too large (316 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6428
svn commit: samba r6429 - in trunk/source: include registry
Author: jerry
Date: 2005-04-22 04:25:21 + (Fri, 22 Apr 2005)
New Revision: 6429
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6429
Log:
fix bug that caused prs_vk_rec() to fail prematurely when the reg value data
was stored in the offset
Modified:
trunk/source/include/regfio.h
trunk/source/registry/regfio.c
Changeset:
Modified: trunk/source/include/regfio.h
===
--- trunk/source/include/regfio.h 2005-04-22 04:12:11 UTC (rev 6428)
+++ trunk/source/include/regfio.h 2005-04-22 04:25:21 UTC (rev 6429)
@@ -40,6 +40,7 @@
/* Flags for the vk records */
#define VK_FLAG_NAME_PRESENT 0x0001
+#define VK_DATA_IN_OFFSET 0x1000
/* ??? List -- list of key offsets and hashed names for consistency */
Modified: trunk/source/registry/regfio.c
===
--- trunk/source/registry/regfio.c 2005-04-22 04:12:11 UTC (rev 6428)
+++ trunk/source/registry/regfio.c 2005-04-22 04:25:21 UTC (rev 6429)
@@ -400,21 +400,19 @@
if ( vk-data_size != 0 ) {
BOOL charmode = vk-type (REG_SZ|REG_MULTI_SZ);
- if ( !(vk-data = PRS_ALLOC_MEM( ps, uint8, vk-data_size) ) )
- return False;
-
/* the data is stored in the offset if the size = 4 */
- if ( vk-data_size 4 ) {
- /* set the offset */
-
+ if ( vk-data_size VK_DATA_IN_OFFSET ) {
+ if ( !(vk-data = PRS_ALLOC_MEM( ps, uint8,
vk-data_size) ) )
+ return False;
if ( !(prs_set_offset( ps, vk-data_off+HBIN_HDR_SIZE
)) )
return False;
-
if ( !prs_uint8s( charmode, data, ps, depth,
vk-data, vk-data_size) )
return False;
}
else {
+ if ( !(vk-data = PRS_ALLOC_MEM( ps, uint8, 4 ) ) )
+ return False;
SIVAL( vk-data, 0, vk-data_off );
}
svn commit: samba r6430 - in branches/SAMBA_4_0/source/torture/libnet: .
Author: mimir
Date: 2005-04-22 05:11:53 + (Fri, 22 Apr 2005)
New Revision: 6430
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6430
Log:
Delete existing test account if, for some reason, it hasn't been
deleted last time running the test.
rafal
Modified:
branches/SAMBA_4_0/source/torture/libnet/userman.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userman.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-22 04:25:21 UTC
(rev 6429)
+++ branches/SAMBA_4_0/source/torture/libnet/userman.c 2005-04-22 05:11:53 UTC
(rev 6430)
@@ -176,6 +176,22 @@
status = dcerpc_samr_CreateUser(p, mem_ctx, r1);
if (!NT_STATUS_IS_OK(status)) {
printf(CreateUser failed - %s\n, nt_errstr(status));
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
+ printf(User (%s) already exists - attempting to delete
and recreate account again\n, user);
+ if (!test_cleanup(p, mem_ctx, handle, TEST_USERNAME)) {
+ return False;
+ }
+
+ printf(creating user account\n);
+
+ status = dcerpc_samr_CreateUser(p, mem_ctx, r1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(CreateUser failed - %s\n,
nt_errstr(status));
+ return False;
+ }
+ return True;
+ }
return False;
}
@@ -292,12 +308,12 @@
ret = False;
goto done;
}
-
- if (!test_userdel(p, mem_ctx, h, name)) {
+
+ if (!test_userdel(p, mem_ctx, h, name)) {
ret = False;
goto done;
}
-
+
done:
talloc_free(mem_ctx);
return ret;
