[Samba] Getting Win share info through samba?

[Henrik Zagerholm]

Hi!

I wonder if it is possible to retreive info about a Win share in  
samba so that I know the physical path of the share.


I.e I want to know the share Data's the physical path C:\Test\Data.

Is this possible?


Thanks
Henrik
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] User unable to change their password using smbpasswd

[FCG Lu Bei]

Hello, everyone
I searched in the list, some problems are the same as it. But I can't find the 
resolution. Would you please help me. Now, nobody can change the password. 

  -原始邮件-
 发件人:  FCG Lu Bei  
 发送时间: 2005年10月10日 12:18
 收件人:  'samba@lists.samba.org'
 主题:   User unable to change their password using smbpasswd
 重要性:  高
 
 
 
 
   May anyone help me solve the problem? I use samba 2.2.2 on Solaris 8
 
   ngnvob02 [** NONE **]/export/home/sitlb $ cd /usr/local/samba/bin
   ngnvob02 [** NONE **]/usr/local/samba/bin $ ./smbpasswd
   Old SMB password:
   New SMB password:
   Retype new SMB password:
   machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : 
 ERRSRV - ERRbadpw.
   Failed to change password for sitlb
 
   But I can change the passwd as root. 
 
   Thank you very much!
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Samba 3.0.20a and Winbind crashing (bug?)

[sysrm]

Yeah same on my other 3 light load servers. one has crashed once (which
is the heavier loaded of the 3)

Very frustrating :/

Cheers

Ross

 [EMAIL PROTECTED] wrote:

 All running RHES 3, all with samba 3.0.20a and all have the winbind
 crashing problem :/
 the main 2 are the filestore and email servers, also get the most usage.
 in fact from my systems point of view, its definatly a most usage = most
 frequent winbind crashing issue.

 I have one rhel3 (centos3 actually) server on which winbind has been
 running since samba-3.0.20a was released.  Hasn't crashed once, though I
 wouldn't categorize it's usage as heavy.

 -- Rex

 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)

[sysrm]

Yeah i forgot to mention that, i had the same problem in 3.0.14a as i do
in 3.0.20a :/

Mine doesnt freeze, it actually ends the daemon. whats odd (just noticed
this morning) is i checked the server at 7:40am, all is well. checked it
at 8.05 am, its crashed!

just had a look through logs etc, it looks like it crashes at 8am most
days! always 8 am! last night when i checked it was slighly different, it
seems that crash was caused due to a log rotate. :/

Any one else got any ideas?

Cheers

Ross

 This sounds like the same problem i had with winbind in both 3.0.14
 abd 3.0.20.

 Mine freezes, and the daemon appears to be still running using ps and
 top,
 but it doesnt respond to queries.

 It seems like i can trigger this event by running getent passwd. It
 shows the
 accounts, but then the daemon dies.

 I run it on debian sarge, and i have another server with different
 hardware
 that also runs debian sarge. The other server does not have the problem
 (havent tested with getent passwd) but it does not see as many auth.
 attempts
 as the freezing server does. I use winbindd for pam_winbind.
 And some times it goes days without crashing other times it freezes
 several
 times an hour.

 I get this following entries in my auth.log:
  write to socket failed!
  internal module error (retval = 3



 I circumvented it by running wbinfo -p every minute and restarting
 winbbind if
 wbinfo failed.


 JonB




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Error compiling Samba for MySQL Support

[Collen Blijenberg]

Is this a mysql error, don't think so
coz' the error is within system quota's.

are you sure your system support system quota's ??

Collen

Andrew Stephen wrote:

Hi
 
I am trying to recompile samba for MySQL support and get the following error


 
Compiling lib/sysquotas_4A.c

lib/sysquotas_4A.c: In function sys_get_vfs_quota:
lib/sysquotas_4A.c:102: error: struct dqblk has no member named
dqb_curblocks
lib/sysquotas_4A.c:119: error: struct dqblk has no member named
dqb_curblocks
lib/sysquotas_4A.c:165: error: struct dqblk has no member named
dqb_curblocks
make: *** [lib/sysquotas_4A.o] Error 1
 
Any suggestions on how to get past it would be greatly appreciated.
 
Cheers

Andrew
 





--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] error , mysql and samba

[Collen Blijenberg]

Yes it's necessary to make the unix users aswel
unless you make a open system and use the nobody user.
but then again you miss security and all..!

Collen

Dnebla wrote:

hello everybody , before sorry bad english .

my consults is , the configuration samba with passdb backend mysql ,
is necessary, create user unix system ?

is necessary, adduser user ?


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] mod_ntlm_winbind on Apache vs. IE6, no POST method

[Collen Blijenberg]

Is the mod_ntlm_winbind already apache 2.XX ready ??
or is it still written for the 1.3.XX version ?

Collen

Andrew Bartlett wrote:

On Mon, 2005-10-03 at 14:34 -0600, Todd Garrison wrote:

Hello,

I have setup mod_ntlm_winbind 


Firstly, I presume this is the version from lorikeet SVN?


to provide authentication for an Apache
1.3.33 webserver running on Fedora Core 3. The authentication works,
but I have run into a problem when using Internet Explorer.

It seems that the problem might be with Internet Explorer itself, but
here is what I think is happening - the browser will not submit any
forms with a POST method on a website protected with NTLM Auth.

Everything seems to work fine when using Firefox/Mozilla, but IE6 has
a problem. Attached is the text extracted from a packet capture using
both browsers:



You can see that IE6 sends content-length: 0 and includes the NTLM
hash again, whereas Firefox does not.

Is this a bug in mod_ntlm_winbind, IE6, or just a configuration error?


It looks like MSIE is avoiding resubmitting the POST twice for the
multiple round trips of the NTLM exchange.   Firefox is probably still
sitting on an existing connection.

So, I think the issue might be that apache is not handling the NTLM
authentication request to the module, but we would need to see more
server-side logs and a real (uncensored, unfortunately) packet capture.

A small group of developers trying to take mod_ntlm_winbind further are
gathering, I think we need to setup a public webpage and some contact
details...

Andrew Bartlett




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: 答复: [Samba] About the group setting in smb.conf.

[Gary Dale]

The groupmap function is part of the new net command (i.e. net
groupmap ). It's part of Samba, not FreeBSD.


Liu wrote:

Hi Gary,
My environment is FreeBSD 5.4 , Samba 3.0.12 and the users are authenticated 
by AD server(that is the password server points to this server)
It seems no groupmap command on freebsd,
How I can solve this issue?

Thanks!
Liu

-邮件原件-
发件人: Gary Dale [mailto:[EMAIL PROTECTED] 
发送时间: 2005年10月10日 11:07
收件人: Liu; Liu, Hong Quan 刘红泉
抄送: samba@lists.samba.org
主题: Re: [Samba] About the group setting in smb.conf.

Liu wrote:

  

Hi,

This is my first time to configure Samba server as a member server in AD 
domain,

So, I have a question about how to configure a group name with one or more 
spaces in smb.conf?

As we know, this kind of group names are very common in Windows environment.

For example, set “valid users” parameter:

Usually , a name starting with @ is represented group, 

  valid users = username, @GroupName,…

But if the group name includes spaces, e.g. “it dept”, “sales dept”,

How can I set them correctly?

(I set them as @”it dept”, but the winbind log file tells me “group it dept 
in domain  does not exist”,

But I can list this group using wbinfo �Cg)

Wish someone give me a advice!

Thanks in advance!



Best Regards!

Liu hongquan



 



Basically, you need to map your NT groups to Linux groups. The Linux
groups should not have spaces in the names. Do a search on samba
groupmap for the details.

  



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Aix Level 5.1.9 and Samba 3.0.4.0

[Danick RAHARD]

Danick RAHARD wrote:
  | On a Unix server, level 5.1.9 , i cannot run samba 3.0.4.0 : i got this
  | error message :
  |
  | *
  |
  | [EMAIL PROTECTED] /usr/local/samba/sbin  nmbd
  |
  | Could not load program nmbd:
  |
  | Symbol resolution failed for nmbd because:
  |
  | Symbol __strtollmax (number 189) is not exported from dependent
  |
  | module /usr/lib/libc.a(shr.o).
  |
  | Examine .loader section symbols with the 'dump -Tv' command.
  |
  | *
  | **
  | can you explain me the reason ?

Cordialement
RAHARD Danick
Schenker-Joyau
Tel : 02.43.61.48.61
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] cannot change computer name

[aT]

This is a repeat post . I am waiting to hear from someone about this issue.
please help me resolving this issue.


I have samba PDC configured.

I am unable to change the computer name for any computer . All clients 
are windows XP pro .


It says access denied. Although i use the same Administrator username 
and password which i used to join these computers to samba domain. I 
will really appreciate if some can help me in this .

thanks  regards

I am using samba-server-3.0.13-2mdk

Here is Global section of my samba conf

[global]
   server string = network Share
   workgroup = NETPDC
   netbios name = freeze
   encrypt passwords = Yes
   smb passwd file = /etc/samba/smbpasswd
   passwd chat = *New*password* %n\n *new*password* %n\n *success*
   passwd program = /usr/bin/passwd %u
   passwd chat debug = yes
   unix password sync = Yes
   log level = 0
   username map = /etc/samba/smbusers
   syslog = 0
   printcap name = CUPS
   show add printer wizard = no
   printing = CUPS
   name resolve order = wins bcast hosts
   add user script = /usr/sbin/useradd -m %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usermod -G %g %u
   add machine script = /usr/sbin/useradd -s /bin/false -d 
/dev/null %u

   logon script = scripts\login.bat
   #logon home = \\%L\%U
   #logon drive = X:
   domain logons = Yes
   preferred master =  Yes
   wins support = Yes
   winbind separator = \
   idmap uid = 1-2
   idmap gid = 1-2
#   directory security mask = 0775
#   security mask = 0775
#   create mask = 0775
   directory mode = 0775




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] cannot change computer name

[stephane . purnelle]

You cannot change the  computer namde direcly, you must disconnect from 
the domain, change the name and reconnect to the domain.
I always use this methode

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
10/10/2005 12:31:37 :

 This is a repeat post . I am waiting to hear from someone about this 
issue.
 please help me resolving this issue.
 
  I have samba PDC configured.
 
  I am unable to change the computer name for any computer . All clients 

  are windows XP pro .
 
  It says access denied. Although i use the same Administrator username 
  and password which i used to join these computers to samba domain. I 
  will really appreciate if some can help me in this .
  thanks  regards
 
  I am using samba-server-3.0.13-2mdk
 
  Here is Global section of my samba conf
 
  [global]
 server string = network Share
 workgroup = NETPDC
 netbios name = freeze
 encrypt passwords = Yes
 smb passwd file = /etc/samba/smbpasswd
 passwd chat = *New*password* %n\n *new*password* %n\n *success*
 passwd program = /usr/bin/passwd %u
 passwd chat debug = yes
 unix password sync = Yes
 log level = 0
 username map = /etc/samba/smbusers
 syslog = 0
 printcap name = CUPS
 show add printer wizard = no
 printing = CUPS
 name resolve order = wins bcast hosts
 add user script = /usr/sbin/useradd -m %u
 delete user script = /usr/sbin/userdel -r %u
 add group script = /usr/sbin/groupadd %g
 delete group script = /usr/sbin/groupdel %g
 add user to group script = /usr/sbin/usermod -G %g %u
 add machine script = /usr/sbin/useradd -s /bin/false -d 
  /dev/null %u
 logon script = scripts\login.bat
 #logon home = \\%L\%U
 #logon drive = X:
 domain logons = Yes
 preferred master =  Yes
 wins support = Yes
 winbind separator = \
 idmap uid = 1-2
 idmap gid = 1-2
  #   directory security mask = 0775
  #   security mask = 0775
  #   create mask = 0775
 directory mode = 0775
 
 
 
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] cannot change computer name

[Louis van Belle]

Try the folowing, remove the pc from the domain.
logon localy with administrator and try again.

Does not work ? do the folowing.
Start - Run, type GPEDIT.MSC (enter) 
In the screen you see, klik with right on local computer on the top
en get the properties. 

Here disable both settings for policies.

type Start-run : GPUPDATE  ( enter ) 
and try again. 

!!! DO NOT RENAME COMPUTERS WHEN IN DOMAIN 
!!! IT ALWAYS GIVES PROBLEMS !!!

Louis

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] Namens aT
Verzonden: maandag 10 oktober 2005 12:32
Aan: samba@lists.samba.org
Onderwerp: [Samba] cannot change computer name

This is a repeat post . I am waiting to hear from someone 
about this issue.
please help me resolving this issue.

 I have samba PDC configured.

 I am unable to change the computer name for any computer . 
All clients 
 are windows XP pro .

 It says access denied. Although i use the same Administrator 
username 
 and password which i used to join these computers to samba domain. I 
 will really appreciate if some can help me in this .
 thanks  regards

 I am using samba-server-3.0.13-2mdk

 Here is Global section of my samba conf

 [global]
server string = network Share
workgroup = NETPDC
netbios name = freeze
encrypt passwords = Yes
smb passwd file = /etc/samba/smbpasswd
passwd chat = *New*password* %n\n *new*password* %n\n 
*success*
passwd program = /usr/bin/passwd %u
passwd chat debug = yes
unix password sync = Yes
log level = 0
username map = /etc/samba/smbusers
syslog = 0
printcap name = CUPS
show add printer wizard = no
printing = CUPS
name resolve order = wins bcast hosts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d 
 /dev/null %u
logon script = scripts\login.bat
#logon home = \\%L\%U
#logon drive = X:
domain logons = Yes
preferred master =  Yes
wins support = Yes
winbind separator = \
idmap uid = 1-2
idmap gid = 1-2
 #   directory security mask = 0775
 #   security mask = 0775
 #   create mask = 0775
directory mode = 0775



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] mod_ntlm_winbind on Apache vs. IE6, no POST method

[Andrew Bartlett]

On Mon, 2005-10-10 at 11:42 +0200, Collen Blijenberg wrote:
 Is the mod_ntlm_winbind already apache 2.XX ready ??
 or is it still written for the 1.3.XX version ?

A team assembled to build an apache 2.0 version, but it's been ported
yet.  The closest we have is:  http://source.grep.no/ however there are
issues with that module.

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.http://suse.de
Authentication Developer, Samba Team   http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Dangling MS Access DB Lock Files *.ldb

[Dragan Krnic]

I have an intermittent problem with dangling MS Access DB lock files.

In a productive environment with N batch queus (each on a separate
Windows XP Professional) a scheduler PC dispatches the work load to
a free queue by means of modifying a simple MS Access DB file 
called PRIM.mdb, which resides on a Samba 3.0.20 share. Each free
queue PC polls the same MS Access DB file every 60 seconds to see
if there is a work packet to be executed by it. If there is a work
package for it it modifies a state value of the respective work packet 
in this DB when it starts executing it as well as after the job has 
been done so that the scheduler knows what's going on.

As I understand the MS Access API a client creates a lock file 
PRIM.ldb whenever it wishes to modify the DB file PRIM.mdb.

From time to time, but generally not very often, a lock file is 
dropped by either a queue PC or by scheduler. Therefore no one
can modify the DB file until the lock file is removed.

The linux utility lsof can't see that the lock file is opened
by any process but the status page of SWAT always lists it under
Open Files with the smbd PID of the client which last opened
it, with Sharing declared DENY_NONE, R/W as RDWR, Oplock
is NONE (oplocks=no), full path name under File and the 
timestamp of the last access under Date.

The lock file can only be removed by super user root but if the
smbd process which holds it open is killed, then the problem is
also solved sometimes even without removing the lock file itself.

I have inspected the samba log files and identified the point at
which this happens recently. To make things simpler I've removed
much of the samba verbosity in the following overview of the 
offending client's actions (mdb is the MS Access DB file and
ldb is the respective lock file):

23:55:53close   mdb 1
close   ldb 0
23:55:54openldb ro  1
openmdb rw  2
openldb rw  3
23:55:55close   mdb 1
Share violation on PRIM.mdb, flags=2
openmdb rw  2

No other client was active at the time so there is no racing
here. Only the offending client loses track of the lock file
and forgets about it.

Has anyone had a similar problem and lived to talk about it?

Any hints?
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ntlm_auth SID problem

[Marcello Mezzanotti]

Hello all

Im using a linux box running CentOS 4.1 as a proxy server with user
auth with an AD
Its working for a long time, but suddenly this weekend the users cant
authenticate anymore

looking on logs i obtain this

Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
Oct 10 08:29:59 sol (ntlm_auth):   Winbindd lookupname failed to resolve
VILLAS+SQUID into a SID!

searching for this error on google i tried on ntlm_auth command to
change the DOMAIN+GROUP to SID and with SID works fine


/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
--require-membership-of=VILLAS+SQUID
USER PASSWORD
[2005/10/10 12:18:53, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
  Winbindd lookupname failed to resolve VILLAS+SQUID into a SID!
ERR

and changing

/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
--require-membership-of=S-1-5-21-1390067357-573735546-682003330-1524
USER PASSWORD
OK

any guess?
thanks anyway
marcello

--
Marcello Mezzanotti [EMAIL PROTECTED]
Information Security
UNIX / Linux / *BSD
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] About the group setting in smb.conf RE: samba Digest, Vol 34, Issue

[adrian sender]

hFrom: [EMAIL PROTECTED]

Reply-To: samba@lists.samba.org
To: samba@lists.samba.org
Subject: samba Digest, Vol 34, Issue 14
Date: Mon, 10 Oct 2005 12:05:06 + (GMT)


---
From: Liu, Hong Quan ÁõºìȪ [EMAIL PROTECTED]
To: samba@lists.samba.org
Subject: [Samba] About the group setting in smb.conf.
Sent: Monday, 10 October 2005 12:19:13 PM
Hi,

This is my first time to configure Samba server as a member server in AD 
domain,


So, I have a question about how to configure a group name with one or more
spaces in smb.conf?

As we know, this kind of group names are very common in Windows environment.

For example, set ¡°valid users¡± parameter:

Usually , a name starting with @ is represented group,

  valid users = username, @GroupName,¡­

But if the group name includes spaces, e.g. ¡°it dept¡±, ¡°sales dept¡±,

How can I set them correctly?

(I set them as @¡±it dept¡±, but the winbind log file tells me ¡°group it 
dept

in domain  does not exist¡±,

But I can list this group using wbinfo ¨Cg)

Wish someone give me a advice!


Thanks in advance!

--

RE: [Samba] About the group setting in smb.conf

Hello Liu,

If you have have a group such as Domain members you muse use @group name. 
You seem to be missing   hThis should solve your problem.



[Video]
 comment = Videos  Movies
 path = /data/Video
 writeable = no
 browsable = yes
 read only = yes
 valid users = @Domain Users

Cheers,

Adrian Sender


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Help !!!

[Ing. Fernando Cabrera R.]

We are running samba-2.0.20-2 on Fedora C4. It was installed 2 weeks ago,
and it was working just fine. But suddenly, today smb refuse all
connections.

In the log file it shows several lines like this:
 libsmb/unexpected.c:unexpedted_packet (53)
 Failed to open unexpected.tdb

 Nmbd/nmbd_serverlistdb.c:write_browse_list(341)
 Write_browse_list: Can't open file /var/lib/samba/browse.dat.. Error was
Permission denied.

Both files exist, and all files in /var/lib/samba have owner rw permission.

Any suggest is welcome

TIA 

Ing. Fernando Cabrera Ruiz
Departamento de Sistemas
Vamsa Aguascalientes, SA de CV
(449)910 9393 x4023
www.nissanvamsaags.com.mx


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.11.14/127 - Release Date: 10/10/2005
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dangling MS Access DB Lock Files *.ldb

[Jeremy Allison]

On Mon, Oct 10, 2005 at 04:21:15PM +0100, Dragan Krnic wrote:
 I have an intermittent problem with dangling MS Access DB lock files.
 
 In a productive environment with N batch queus (each on a separate
 Windows XP Professional) a scheduler PC dispatches the work load to
 a free queue by means of modifying a simple MS Access DB file 
 called PRIM.mdb, which resides on a Samba 3.0.20 share. Each free
 queue PC polls the same MS Access DB file every 60 seconds to see
 if there is a work packet to be executed by it. If there is a work
 package for it it modifies a state value of the respective work packet 
 in this DB when it starts executing it as well as after the job has 
 been done so that the scheduler knows what's going on.

There's a bug in 3.0.20 that might affect this (btw it's also in
3.0.20a). I know about it because it's my fault :-(.

Here's the patch for 3.0.20, and 3.0.20a.

Jeremy.
--- smbd/open.c 2005-07-28 06:19:42.0 -0700
+++ smbd/open.c.new 2005-10-10 09:32:25.0 -0700
@@ -1585,13 +1585,6 @@
 
fsp_open = 
open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,access_mask);
 
-   if (!fsp_open  (flags == O_RDWR)  (errno != ENOENT)) {
-   if((fsp_open = open_file(fsp,conn,fname,psbuf,
-O_RDONLY,unx_mode,access_mask)) == 
True) {
-   flags = O_RDONLY;
-   }
-   }
-
if (!fsp_open) {
if(file_existed) {
unlock_share_entry(conn, dev, inode);
--- smbd/open.c 2005-09-29 14:52:40.0 -0700
+++ smbd/open.c.new 2005-10-06 21:45:37.0 -0700
@@ -1585,22 +1585,6 @@
 
fsp_open = 
open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,access_mask);
 
-   if (!fsp_open  (flags2  O_EXCL)  (errno == EEXIST)) {
-   /*
-* Two smbd's tried to open exclusively, but only one of them
-* succeeded.
-*/
-   file_free(fsp);
-   return NULL;
-   }
-
-   if (!fsp_open  (flags == O_RDWR)  (errno != ENOENT)) {
-   if((fsp_open = open_file(fsp,conn,fname,psbuf,
-O_RDONLY,unx_mode,access_mask)) == 
True) {
-   flags = O_RDONLY;
-   }
-   }
-
if (!fsp_open) {
if(file_existed) {
unlock_share_entry(conn, dev, inode);
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] ACLs and EXT3

[Daniel Haas]

Hi Ian,

thank you for your answer

This article shows me a lot of details which help me to understand more about 
ACLs

But my problem was not solve with it. There is discribe how I can copy files 
without inherit ACLs.
I want to know how I can move ACLs with inheritance from the parent directory I 
move the file to.

Greets
Daniel

Ian Clancy [EMAIL PROTECTED] schrieb am 07.10.05 13:12:53:
 
 Hi Daniel,
 You need to read up on Default ACLs. This article should cover what you 
 need to know.
 
 http://www.vanemery.com/Linux/ACL/linux-acl.html
 regards,
 Ian
 
 Daniel Haas wrote:
 
 Hi List,
 
 I am working with ACLs and the EXT3 Filesystem and I have the same problem 
 how already discussed in several NGs.
 
 If I move a file from one directory into another, the file do not change the 
 persmissons. So the users who should be authorize to access the file, do not 
 have these permissons. This is a great problem in my data structure because 
 we have to exchange a lot of files.
 
 I know that this is the way the filesystems works. But I think there are 
 more people who wants to work in the discribed way. So is there a filesystem 
 which have another way to handle the scrolling of files and directories?
 
 Is there really no chance to inherit the permissions from the 
 parent-directory?
 Or do anybody know a workaround to mange my problem? How do other 
 administrators handle this?
 
 for info:
 I am working with Samba 3.0.13 under SuSE 9.3
 The service of the smb.conf for tests:
[data]
 comment = Daten
 path = /data
 writeable = yes
 create mask = 0770
 directory mask = 0770
 valid users = @samba
 Test with inherit permissions and inherit ACL was not successful.
 
 Thanks for your help
 Daniel
 __
 Verschicken Sie romantische, coole und witzige Bilder per SMS!
 Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193
 
   
 
 


__
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)

[Jeremy Allison]

On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote:
 Hi all.
 
 having major issues on all my servers at the moment.
 
 All running RHES 3, all with samba 3.0.20a and all have the winbind
 crashing problem :/
 
 the main 2 are the filestore and email servers, also get the most usage.
 
 in fact from my systems point of view, its definatly a most usage = most
 frequent winbind crashing issue.
 
 Any help from others or the dev team gratefully received.
 
 NB i have also set a cron to restart smb at 22:00 every night.
 
 Many thanks

There's a crash bug fix Jerry will be posting to the patches
page within the next hour or so - this should fix the winbindd
crashes you're seeing.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba 3.0.20a and Winbind crashing (bug?)

[Ross McInnes]

Yay! Many thanks guys, ill apply it some point tonight and report back any
issues, or if it works even :)

Ross 

-Original Message-
From: Jeremy Allison [mailto:[EMAIL PROTECTED] 
Sent: 10 October 2005 18:03
To: [EMAIL PROTECTED]
Cc: samba@lists.samba.org
Subject: Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)

On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote:
 Hi all.
 
 having major issues on all my servers at the moment.
 
 All running RHES 3, all with samba 3.0.20a and all have the winbind 
 crashing problem :/
 
 the main 2 are the filestore and email servers, also get the most usage.
 
 in fact from my systems point of view, its definatly a most usage = 
 most frequent winbind crashing issue.
 
 Any help from others or the dev team gratefully received.
 
 NB i have also set a cron to restart smb at 22:00 every night.
 
 Many thanks

There's a crash bug fix Jerry will be posting to the patches page within the
next hour or so - this should fix the winbindd crashes you're seeing.

Jeremy.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Poor performance between linux boxes using Samba 3

[Roger Lucas]

I have a network with two machines on it, both running Debian and updated
with the latest Debian stable samba (3.0.14).  Both machines are reasonably
high spec (512MB RAM and Athlon 2200+ processors) and have little else
running (console mode, no KDE/Gnome/etc).  They are connected by a Netgear
FS108 100-Base-T ethernet switch.

 

When I try to copy a large file (500MB) from machine A to machine B using
FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my
100-base-T network is running at full speed and full duplex, as I would
expect.

 

When I instead try to copy the same file from machine A to machine B using
FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o
user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec.

 

I have followed the instructions in the HOW-TO and in the smb.conf file and
have the settings below on both machines.

 

The smb.conf has the following line:

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

 

Is this throughput normal ?

 

I would have expected similar performance to the FTP, given the spec of the
machines and the fact that both protocols are using TFTP.

 

Thanks in advance.

 

 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Profiles change when migrating from NT4 to Samba PDC

[Philip Washington]

Philip Washington wrote:


Craig White wrote:


On Fri, 2005-10-07 at 17:52 -0700, Craig White wrote:
 


On Fri, 2005-10-07 at 19:22 -0500, Philip Washington wrote:
  

After migration of an NT4 domain to Samba we find that when users 
log in they have a new profile.  Since we cannot deal with this on 
all of the computers with all of the users we have had to stop the 
migration.
I have searched through the archive and not been able to find any 
answers to this issue,  I did find a relevant article though and 
apparently they didn't have an answer in 2002. 
http://lists.samba.org/archive/samba/2002-August/050163.html

Has anyone found a way to resolve this?
We are not using roaming profiles.




I am hoping that you really aren't looking for wild speculation as to
what may be the problem. Some things that you should consider sharing
with us so that we might be able to make a useful suggestion...

samba version ?

SID ? 'net getlocalsid' does this match the SID of the domain that the
machines that were already joined to the domain? Did you actually 'net
setlocalsid' to match?

from your smb.conf
passdb ?
logon path = ?
security = ?
domain logons = ?
domain master = ?
preferred master = ?

If we took an example of one or two users who had a problem with their
profiles...what's output of things like

pdbedit -L USER_NAME ?

does the profile path actually work? Is it reachable from a Windows
system?
privileges on profile server permit access?

otherwise, I would just say that you're having a bad day.

  



I should have pointed out...

logon path =

(that's right - blank) prevents roaming profiles

and perhaps, because I am not very smart and was trying to populate LDAP
with which I was pretty unfamiliar, I had to run through the vampire
process a lot of times before I got everything working the way I wanted
it. My second time doing the vampire thing to LDAP was considerably
easier. Even though the documentation was excellent, the devil is in the
details.

Craig


 

We had spent 3 days on it and got it to work without the roaming 
profiles ( Using Ch 8 from Samba-3 by Example and help here).  It 
sounds like we went through some of the same issues with vampire, but 
it looked like we had it working with our test system.

We had a test machine MACHINE1 in  NT4 DOMAINA.
We transfered DOMAINA over to a SambaPDC-with LDAP.
Moved MACHINE1 over to the test environment with a SambaPDC-with 
LDAP.  Logged in TESTUSER1 everything looked fine, no roaming profile 
(we did a jig and jumped for joy ).
We then moved MACHINE2 over to the test environment logged in 
TESTUSER1 (we had transfered TESTUSER1 from the original NT4 domain).  
We then logged in USER2 which was the primary user for this computer 
when it was in the NT4 domain.  That was when we found out that 
Outlook treated the user as someone completely different, as well as 
other programs on the machine, the desktop was completely changed to 
default. After spending another day on it we had to move on, but we 
are now willing to try again from scratch.


Did  we still have something wrong?  Has/does this work with the 
latest version?


Goal 1: is USER1 on MACHINE1 can log into the system and not tell that 
something has changed (Namely there is a different PDC platform).
Goal 2: The IT department doesn't have to write a bunch of scripts to 
move profile information on each computer.


Is this possible, because I was of the impression that once we 
finished the client MACHINE1 and user USER1 wouldn't know or act any 
differently when logging into NT4 as the PDC vs logging into the 
transfered DOMAINA on the Samba-LDAP PDC.




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Poor performance between linux boxes using Samba 3

[Roger Lucas]

I mean TCP not TFTP in the mail.  All hail the automatic spellchecker...

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Roger Lucas
Sent: 10 October 2005 18:27
To: samba@lists.samba.org
Subject: [Samba] Poor performance between linux boxes using Samba 3

I have a network with two machines on it, both running Debian and updated
with the latest Debian stable samba (3.0.14).  Both machines are reasonably
high spec (512MB RAM and Athlon 2200+ processors) and have little else
running (console mode, no KDE/Gnome/etc).  They are connected by a Netgear
FS108 100-Base-T ethernet switch.

 

When I try to copy a large file (500MB) from machine A to machine B using
FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my
100-base-T network is running at full speed and full duplex, as I would
expect.

 

When I instead try to copy the same file from machine A to machine B using
FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o
user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec.

 

I have followed the instructions in the HOW-TO and in the smb.conf file and
have the settings below on both machines.

 

The smb.conf has the following line:

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

 

Is this throughput normal ?

 

I would have expected similar performance to the FTP, given the spec of the
machines and the fact that both protocols are using TFTP.

 

Thanks in advance.

 

 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Poor performance between linux boxes using Samba 3

[Jeremy Allison]

On Mon, Oct 10, 2005 at 07:22:45PM +0100, Roger Lucas wrote:
 I mean TCP not TFTP in the mail.  All hail the automatic spellchecker...
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Roger Lucas
 Sent: 10 October 2005 18:27
 To: samba@lists.samba.org
 Subject: [Samba] Poor performance between linux boxes using Samba 3
 
 I have a network with two machines on it, both running Debian and updated
 with the latest Debian stable samba (3.0.14).  Both machines are reasonably
 high spec (512MB RAM and Athlon 2200+ processors) and have little else
 running (console mode, no KDE/Gnome/etc).  They are connected by a Netgear
 FS108 100-Base-T ethernet switch.
 
  
 
 When I try to copy a large file (500MB) from machine A to machine B using
 FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my
 100-base-T network is running at full speed and full duplex, as I would
 expect.
 
  
 
 When I instead try to copy the same file from machine A to machine B using
 FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o
 user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec.

Can you try using Steve French's cifsfs client instead of smbfs. Steve
is actively maintaining cifsfs and is working on performance issues.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba creating multiple isntances of the deamon

[Benoit Gauthier]

(2005.10.10, 14:25)

I am running Samba 3.0.14a-2 on Fedora 4. I have no problem seeing the
Linux file system from any of the Windows (2000, SP4) computers
attached to the network.

The problem is that smbd processes are created for no apparent reason
and never die. I noticed this when the computer had been up for about
three days and there were some 600 active smbd processes!

What could be the cause of this behaviour? More importantly, what is
the solution? Clearly, this is not normal behaviour!

Thanks in advance for your help.


Benoît



Benoît Gauthier, mailto:[EMAIL PROTECTED]
Réseau Circum inc. / Circum Network Inc.

Nouvelles/News http://circum.com

74, rue du Val-Perché, Gatineau, Québec (Canada) J8Z 2A6
+1 819.770.2423  télec. fax: +1 819.770.5196



http://c2005.evaluationcanada.ca/
http://evaluationcanada.ca/
http://simulation.evaluationcanada.ca/


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] unrecognized pam_winbind/gdm error.

[Matt Sellers]

Hello all,

I have successfully setup winbind with clients pointing to a central ldap
server, and have had great results for ssh service logins, however i get
wierd problems with gdm login attempts after winbind has been running for a
while.

Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: request failed, but PAM error
0!
Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: internal module error (retval =
3, user = `mahmed')
Oct 10 14:45:29 ctilinux6 gdm-binary[2398]: Couldn't authenticate user

This error can be resolved by restarting winbind, thus allowing users to
login again. Ive setup a cron job to do this every few hours but I want to
find the root of the problem...

many thanks to to developers and supporters of the samba project, im
documenting all my setup notes / issues and am going to post them to a
website soon

-matt
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ADS auth when primary AD server fails

[Brian_Gautreau]

Im having some trouble getting, or even finding out if this works.  I
have read through the samba by example and all the docs i can get my
hands on and i cant get this to work.  Maybe it isn't supposed too
I have setup samba under RHEL4 QU1 to authenticate to AD.  I am just
using samba to authenticate users for login purposes.  It works fine and
dandy until my primary AD box goes down.
 
I have a secondary AD server.  It has a full replication of AD, DNS, and
also hands out kerberos tickets.  My AD DNS has the listings for
_kerberos._tcp.gutbuster.local.  `dig SRV
_kerberos._tcp.gutbuster.local` returns both server entries results
regardless of which DNS server I use.
 
I dont seem to get very far once my primary has gone down.  The samba
host is able to get a new kerberos ticket from the secondary by running
`kinit [EMAIL PROTECTED] but can no longer get winbind info
with `wbinfo` and getent passwd fails to pull AD info.  Have I said
enough yet?  
 
my samba host is   10.180.23.69
my ad primary is 10.180.23.57
my ad secondary is 10.180.23.88
 
I have forced kerberos to use DNS to lookup the KDC
(dns_lookup_kdc=true) in the krb5.conf and i dont have any of the
KDC=10.180.23.88.  I have tried using 'password server = *', 'password
server = 10.180.23.88 10.180.23.57', and removing the 'password server='
line all together.  
 
Does anyone know if this setup even works?  Remember, It isn't that I
cant get AD to authenticate, its only when the primary AD server fails
and the secondary server is all that exists.
 
Here is my krb5.conf and my smb.conf...
 
[EMAIL PROTECTED] ~]# cat /etc/krb5.conf 
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
 
[libdefaults]
 default_realm = GUTBUSTER.LOCAL
 dns_lookup_realm = false
 dns_lookup_kdc = true
 
[realms]
 GUTBUSTER.LOCAL = {
  default_domain = gutbuster.local
 }
 
[domain_realm]
 .gutbuster.local = GUTBUSTER.LOCAL
 gutbuster.local = GUTBUSTER.LOCAL
 
[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf
 
[appdefaults]
 pam = {
   debug = true
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
[EMAIL PROTECTED] ~]# 

 
[EMAIL PROTECTED] ~]# cat /etc/samba/smb.conf 
[global]
   winbind separator = +
   winbind cache time = 10
   workgroup = GUTBUSTER.LOCAL
   winbind use default domain = yes
   client schannel = no
   realm = GUTBUSTER.LOCAL
   security = ads
   encrypt passwords = yes
   idmap uid = 5000-5999
   idmap gid = 6000-6999
   winbind enum users = yes
   winbind enum groups = yes
   template shell = /bin/bash
   template homedir = /home/%U
[EMAIL PROTECTED] ~]# 

 
 
 
 
Thanks,
 
Brian Gautreau
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] 1GB File Size Limit on Samba?

[Vickie L. Kidder]

I have a problem copying and creating files from WindowsXP to a Samba 
share on AIX 5.2 server.

When copying a file using Windows Explorer to the share, it gives the 
message Cannot copy filename: There is not enough free disk space.  
When creating a file using Windows Backup to the share, backup stops when 
the file is just under 1GB.

The AIX 5.2.0 filesystem where the share is located has 16 GB of free 
space and is large-file enabled Journaled File System, which will allow 
files  2GB.  The filesize ulimit for root and user is set to unlimted.

Based on the AIX configuration,  I am able to do the following with no 
problems:
1)  FTP file  1GB from C: directly to the AIX server (not to Samba 
share).
2)  Copy file 1 GB from the Samba share to PC's C:\ drive.

Failure only occurs when copying TO a Samba share within Windows.

Is there any known Samba issue/bug that would limit filesize to  1GB?


Vickie Kidder
Information Systems
McIlhenny Company
(337) 373-6126
[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)

[Jeremy Allison]

On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote:
 Hi all.
 
 having major issues on all my servers at the moment.
 
 All running RHES 3, all with samba 3.0.20a and all have the winbind
 crashing problem :/
 
 the main 2 are the filestore and email servers, also get the most usage.
 
 in fact from my systems point of view, its definatly a most usage = most
 frequent winbind crashing issue.
 
 Any help from others or the dev team gratefully received.
 
 NB i have also set a cron to restart smb at 22:00 every night.

Please try this patch :

Jeremy.
Index: nsswitch/winbindd_misc.c
===
--- nsswitch/winbindd_misc.c(revision 10687)
+++ nsswitch/winbindd_misc.c(revision 10688)
@@ -127,7 +127,8 @@
 
if (num_domains  0)
extra_data = talloc_asprintf(state-mem_ctx, %s\\%s\\%s,
-names[0], alt_names[0],
+names[0],
+alt_names[0] ? alt_names[0] : 
names[0],
 sid_string_static(sids[0]));
 
for (i=1; inum_domains; i++)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba profiles

[Gweltaz Siviniant]

Hi, sorry for my bad English...
I have a samba 2.2.6 configure as an NT PDC and I want to apply the same 
parameters for all of my itinerants users. As the /etc/skel directory 
for the home's directory should i place in an directory windows 
paramèters files (Application data, local settings, ...) for samba copy 
it for new users ?



Thanks



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Poor performance between linux boxes using Samba 3

[Roger Lucas]

Hi Jeremy,

Thanks for the info.  I ran another test with a 100MB file as below:

mount -t smbfs //machineb/share /mnt/machineb 
cp test-100mb.dat /mnt/machineb/test1.dat
umount /mnt/machineb

The above copy took 60 seconds.

mount -t cifs //machineb/share /mnt/machineb 
cp test-100mb.dat /mnt/machineb/test2.dat
umount /mnt/machineb

This copy took just 20 seconds.

I am running kernel 2.6.8 which apparently has CIFS built in.

I am amazed by the performance increase, so CIFS definitely seems the way to
go.  Is there a deep reason for why this is, as CIFS seems to be part of the
SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have
both the smbclient and CIFS client with such massive performance
differences

Thanks again,

Roger

-Original Message-
From: Jeremy Allison [mailto:[EMAIL PROTECTED] 
Sent: 10 October 2005 19:23
To: Roger Lucas
Cc: samba@lists.samba.org
Subject: Re: [Samba] Poor performance between linux boxes using Samba 3

On Mon, Oct 10, 2005 at 07:22:45PM +0100, Roger Lucas wrote:
 I mean TCP not TFTP in the mail.  All hail the automatic
spellchecker...
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Roger Lucas
 Sent: 10 October 2005 18:27
 To: samba@lists.samba.org
 Subject: [Samba] Poor performance between linux boxes using Samba 3
 
 I have a network with two machines on it, both running Debian and updated
 with the latest Debian stable samba (3.0.14).  Both machines are
reasonably
 high spec (512MB RAM and Athlon 2200+ processors) and have little else
 running (console mode, no KDE/Gnome/etc).  They are connected by a Netgear
 FS108 100-Base-T ethernet switch.
 
  
 
 When I try to copy a large file (500MB) from machine A to machine B using
 FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my
 100-base-T network is running at full speed and full duplex, as I would
 expect.
 
  
 
 When I instead try to copy the same file from machine A to machine B using
 FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb
-o
 user=xxx,password=xxx) then I get much lower throughput - around 3
MB/sec.

Can you try using Steve French's cifsfs client instead of smbfs. Steve
is actively maintaining cifsfs and is working on performance issues.

Jeremy.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Poor performance between linux boxes using Samba 3

[Jeremy Allison]

On Mon, Oct 10, 2005 at 11:31:06PM +0100, Roger Lucas wrote:
 Hi Jeremy,
 
 Thanks for the info.  I ran another test with a 100MB file as below:
 
   mount -t smbfs //machineb/share /mnt/machineb 
   cp test-100mb.dat /mnt/machineb/test1.dat
   umount /mnt/machineb
 
 The above copy took 60 seconds.
 
   mount -t cifs //machineb/share /mnt/machineb 
   cp test-100mb.dat /mnt/machineb/test2.dat
   umount /mnt/machineb
 
 This copy took just 20 seconds.
 
 I am running kernel 2.6.8 which apparently has CIFS built in.
 
 I am amazed by the performance increase, so CIFS definitely seems the way to
 go.  Is there a deep reason for why this is, as CIFS seems to be part of the
 SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have
 both the smbclient and CIFS client with such massive performance
 differences

You're confusing smbfs with smbclient. smbfs is an old, rather unmaintained
part of the Linux kernel, smbclient is the ftp command-line like client
shipped with Samba.

Steve tests CIFSFS with modern versions of Samba and works dilligently
on performance issues.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] unrecognized pam_winbind/gdm error.

[Jeremy Allison]

On Mon, Oct 10, 2005 at 02:56:21PM -0500, Matt Sellers wrote:
 Hello all,
 
 I have successfully setup winbind with clients pointing to a central ldap
 server, and have had great results for ssh service logins, however i get
 wierd problems with gdm login attempts after winbind has been running for a
 while.
 
 Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: request failed, but PAM error
 0!
 Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: internal module error (retval =
 3, user = `mahmed')
 Oct 10 14:45:29 ctilinux6 gdm-binary[2398]: Couldn't authenticate user
 
 This error can be resolved by restarting winbind, thus allowing users to
 login again. Ive setup a cron job to do this every few hours but I want to
 find the root of the problem...
 
 many thanks to to developers and supporters of the samba project, im
 documenting all my setup notes / issues and am going to post them to a
 website soon

What version of Samba ? That would help with narrowing down any winbindd
issues.

Thanks,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] excessive lpstat calls

[Andrew Morgan]

I run a fairly busy samba server that only serves up users' home 
directory.  I am running Samba v3.0.20 under Solaris 10 on a Sun v440. 
I'm seeing a large number of calls to '/usr/bin/lpstat -v'.  These are 
probably occuring everytime a new client connects, but I'm not positive.


The server does not have any printers attached to it, has no entries in 
/etc/printers.conf, and is not running lp services at all.  I am unable to 
remove the lp packages from the system due to dependencies.  I have no 
intention of using Samba as a print server on this machine, so I'd like to 
disable printing entirely and prevent Samba from calling lpstat 
continuously.


I've attached my smb.conf file.  Any suggestions?

Thanks,
Andy[global]
netbios name = ONID-FS
security = domain
password server = *
encrypt passwords = true
interfaces = ce0
guest account = nobody
domain master = no
local master = no
preferred master = no
os level = 0
log level = 1
syslog = 6
syslog only = yes
name resolve order = wins host
wide links = false
wins server = 128.193.4.45
workgroup = ONID
server string = ONID File Server
allow trusted domains = no
load printers = no

[homes]
comment = Home Directories
browseable = false
read only = no
create mode = 0700
hide files = /public_html/

[public_html]
comment = Web page
read only = no
path = %H/public_html
create mode = 0755

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Poor performance between linux boxes using Samba 3

[Roger Lucas]

Hi Jeremy,

Thanks for the clarification.  I had assumed that since it was the client
side of the connection, that smbclient was being used (indirectly) as the
program/driver/whatever that was actually doing the hard work.  If this is
actually being done by smbfs and smbfs is getting a bit stale, then it
explains why cifsfs is so much better.  (It is also nice that it is built
into the kernel - an unexpected pleasant surprise !  :-)

Regards,

Roger

-Original Message-
From: Jeremy Allison [mailto:[EMAIL PROTECTED] 
Sent: 10 October 2005 23:36
To: Roger Lucas
Cc: 'Jeremy Allison'; samba@lists.samba.org
Subject: Re: [Samba] Poor performance between linux boxes using Samba 3

On Mon, Oct 10, 2005 at 11:31:06PM +0100, Roger Lucas wrote:
 Hi Jeremy,
 
 Thanks for the info.  I ran another test with a 100MB file as below:
 
   mount -t smbfs //machineb/share /mnt/machineb 
   cp test-100mb.dat /mnt/machineb/test1.dat
   umount /mnt/machineb
 
 The above copy took 60 seconds.
 
   mount -t cifs //machineb/share /mnt/machineb 
   cp test-100mb.dat /mnt/machineb/test2.dat
   umount /mnt/machineb
 
 This copy took just 20 seconds.
 
 I am running kernel 2.6.8 which apparently has CIFS built in.
 
 I am amazed by the performance increase, so CIFS definitely seems the way
to
 go.  Is there a deep reason for why this is, as CIFS seems to be part of
the
 SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have
 both the smbclient and CIFS client with such massive performance
 differences

You're confusing smbfs with smbclient. smbfs is an old, rather unmaintained
part of the Linux kernel, smbclient is the ftp command-line like client
shipped with Samba.

Steve tests CIFSFS with modern versions of Samba and works dilligently
on performance issues.

Jeremy.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] ADS auth when primary AD server fails

[Jeremy Allison]

On Mon, Oct 10, 2005 at 03:52:02PM -0500, [EMAIL PROTECTED] wrote:
 Im having some trouble getting, or even finding out if this works.  I
 have read through the samba by example and all the docs i can get my
 hands on and i cant get this to work.  Maybe it isn't supposed too
 I have setup samba under RHEL4 QU1 to authenticate to AD.  I am just
 using samba to authenticate users for login purposes.  It works fine and
 dandy until my primary AD box goes down.
  
 I have a secondary AD server.  It has a full replication of AD, DNS, and
 also hands out kerberos tickets.  My AD DNS has the listings for
 _kerberos._tcp.gutbuster.local.  `dig SRV
 _kerberos._tcp.gutbuster.local` returns both server entries results
 regardless of which DNS server I use.
  
 I dont seem to get very far once my primary has gone down.  The samba
 host is able to get a new kerberos ticket from the secondary by running
 `kinit [EMAIL PROTECTED] but can no longer get winbind info
 with `wbinfo` and getent passwd fails to pull AD info.  Have I said
 enough yet?  
  
 my samba host is   10.180.23.69
 my ad primary is 10.180.23.57
 my ad secondary is 10.180.23.88
  
 I have forced kerberos to use DNS to lookup the KDC
 (dns_lookup_kdc=true) in the krb5.conf and i dont have any of the
 KDC=10.180.23.88.  I have tried using 'password server = *', 'password
 server = 10.180.23.88 10.180.23.57', and removing the 'password server='
 line all together.  
  
 Does anyone know if this setup even works?  Remember, It isn't that I
 cant get AD to authenticate, its only when the primary AD server fails
 and the secondary server is all that exists.

Very thorough, execpt you neglected to tell us what version of Samba
you're using. That actually does help you know :-).

winbindd has been undergoing a lot of work recently - knowing the
version you're using would help us investigate.

Can you get an ethereal trace from your box when you're trying to
get it to fail over please ?

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Domain Authentication oddities

[Jeremy Allison]

On Thu, Oct 06, 2005 at 10:49:26AM -0700, Eduard Tieseler wrote:
 
 I am running Samba 3.0.10-1.4E on RHEL 4.0.  I was able to join this server
 to the domain using the 'net ads join' command and it created a machine
 account in AD with the name of the server.  My issue is that I can
 authenticate using domain credentials when I access the server from a
 Windows computer using //SMBSERVERNAME/SHARE, however when I access the
 server using //SMBSERVERIPADDRESS/SHARE I can not authenticate with domain
 credentials, I must use an account local to the SMB Server.
 (SMBSERVERNAME/username)  Please help me with this issue, I have checked a
 fair amount of the archive and google to no avail.  I have included snippets
 of log files, config files, and some results from commands below:  THANKS
 FOR THE HELP!!!

In order to get a kerberos ticket, you need a server (service) name.
krb5 auth doesn't work with just an IP address, it's falling back to
NTLM.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Profiles change when migrating from NT4 to Samba PDC

[Craig White]

On Mon, 2005-10-10 at 12:47 -0500, Philip Washington wrote:
 Philip Washington wrote:
 
  Craig White wrote:
 
  On Fri, 2005-10-07 at 17:52 -0700, Craig White wrote:
   
 
  On Fri, 2005-10-07 at 19:22 -0500, Philip Washington wrote:

 
  After migration of an NT4 domain to Samba we find that when users 
  log in they have a new profile.  Since we cannot deal with this on 
  all of the computers with all of the users we have had to stop the 
  migration.
  I have searched through the archive and not been able to find any 
  answers to this issue,  I did find a relevant article though and 
  apparently they didn't have an answer in 2002. 
  http://lists.samba.org/archive/samba/2002-August/050163.html
  Has anyone found a way to resolve this?
  We are not using roaming profiles.
  
 
  
  I am hoping that you really aren't looking for wild speculation as to
  what may be the problem. Some things that you should consider sharing
  with us so that we might be able to make a useful suggestion...
 
  samba version ?
 
  SID ? 'net getlocalsid' does this match the SID of the domain that the
  machines that were already joined to the domain? Did you actually 'net
  setlocalsid' to match?
 
  from your smb.conf
  passdb ?
  logon path = ?
  security = ?
  domain logons = ?
  domain master = ?
  preferred master = ?
 
  If we took an example of one or two users who had a problem with their
  profiles...what's output of things like
 
  pdbedit -L USER_NAME ?
 
  does the profile path actually work? Is it reachable from a Windows
  system?
  privileges on profile server permit access?
 
  otherwise, I would just say that you're having a bad day.
 

 
  
  I should have pointed out...
 
  logon path =
 
  (that's right - blank) prevents roaming profiles
 
  and perhaps, because I am not very smart and was trying to populate LDAP
  with which I was pretty unfamiliar, I had to run through the vampire
  process a lot of times before I got everything working the way I wanted
  it. My second time doing the vampire thing to LDAP was considerably
  easier. Even though the documentation was excellent, the devil is in the
  details.
 
  Craig
 
 
   
 
  We had spent 3 days on it and got it to work without the roaming 
  profiles ( Using Ch 8 from Samba-3 by Example and help here).  It 
  sounds like we went through some of the same issues with vampire, but 
  it looked like we had it working with our test system.
  We had a test machine MACHINE1 in  NT4 DOMAINA.
  We transfered DOMAINA over to a SambaPDC-with LDAP.
  Moved MACHINE1 over to the test environment with a SambaPDC-with 
  LDAP.  Logged in TESTUSER1 everything looked fine, no roaming profile 
  (we did a jig and jumped for joy ).
  We then moved MACHINE2 over to the test environment logged in 
  TESTUSER1 (we had transfered TESTUSER1 from the original NT4 domain).  
  We then logged in USER2 which was the primary user for this computer 
  when it was in the NT4 domain.  That was when we found out that 
  Outlook treated the user as someone completely different, as well as 
  other programs on the machine, the desktop was completely changed to 
  default. After spending another day on it we had to move on, but we 
  are now willing to try again from scratch.
 
  Did  we still have something wrong?  Has/does this work with the 
  latest version?
 
  Goal 1: is USER1 on MACHINE1 can log into the system and not tell that 
  something has changed (Namely there is a different PDC platform).
  Goal 2: The IT department doesn't have to write a bunch of scripts to 
  move profile information on each computer.
 
  Is this possible, because I was of the impression that once we 
  finished the client MACHINE1 and user USER1 wouldn't know or act any 
  differently when logging into NT4 as the PDC vs logging into the 
  transfered DOMAINA on the Samba-LDAP PDC.
 

in all fairness, I have let this go because you didn't answer any of the
questions that I asked. I'm not sure why anyone else didn't follow up
but perhaps they were thinking along the same lines that I was.

In light of no reply, you might consider starting over, and rephrasing
your questions.

In short, I had absolutely no problems with migrating users from NT PDC
to Samba PDC but I have always used LDAP as backend for the migration
and roaming profiles.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba segment faulting - unknown cause

[Mike Hodgkinson]

Hello,

Recently our Samba server has started segment faulting. It happens occasionally, but is often enough to cause disruption. 
People notice thier network drives freeze, I am unsure of the cause of the segment fault, and have no experience debugging backtraces.

Can anoyone lend a hand?

We are running Samba as a primary domain controller with an Openldap backend on 
another server, both on debian linux sarge stable.
Versions:
Samba server
ii  samba  3.0.14a-3 
ii  samba-common   3.0.14a-3
ii  smbclient  3.0.14a-3  
ii  smbfs  3.0.14a-3  
ii  smbldap-tools  0.8.7-4
ii  libpam-ldap178-1 
ii  libnss-ldap238-1  
ii  libc6  2.3.2.ds1-22

Openldap server
ii  ldap-utils 2.2.23-8   OpenLDAP utilities
ii  libldap-2.2-7  2.2.23-8   OpenLDAP libraries
ii  libldap2   2.1.30-8   OpenLDAP libraries
rc  libnss-ldap238-1  NSS module for using LDAP as a naming servic
rc  libpam-ldap178-1  Pluggable Authentication Module allowing LDA
ii  libc6  2.3.2.ds1-22   
ii  libc6-sparc64  2.3.2.ds1-22 



Email recieved
---
The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for pid 5720 (/usr/sbin/smbd).

Below is a backtrace for this process generated with gdb, which shows
the state of the program at the time the error occured.  You are
encouraged to submit this information as a bug report to Debian.  For
information about the procedure for submitting bug reports , please see
http://www.debian.org/Bugs/Reporting or the reportbug(1) manpage.

(no debugging symbols found)
Using host libthread_db library /lib/libthread_db.so.1.
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 5720)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
0x4023b808 in waitpid () from /lib/libc.so.6
#0  0x4023b808 in waitpid () from /lib/libc.so.6
#1  0x402c3880 in ?? () from /lib/libc.so.6
#2  0x401d44c2 in strtold_l () from /lib/libc.so.6
#3  0x081eb261 in smb_panic2 ()
#4  0x081eb1ea in smb_panic ()
#5  0x081d7368 in dbgtext ()
#6  0x4034e825 in __pthread_sighandler () from /lib/libpthread.so.0
#7  signal handler called
#8  0x401bd7c1 in kill () from /lib/libc.so.6
#9  0x4034b771 in pthread_kill () from /lib/libpthread.so.0
#10 0x4034ba7b in raise () from /lib/libpthread.so.0
#11 0x401bd554 in raise () from /lib/libc.so.6
#12 0x401bea88 in abort () from /lib/libc.so.6
#13 0x401b6bbf in __assert_fail () from /lib/libc.so.6
#14 0x4002ddcd in ldap_int_sasl_open () from /usr/lib/libldap_r.so.2
#15 0x4002845e in ldap_int_open_connection () from /usr/lib/libldap_r.so.2
#16 0x4003a299 in ldap_new_connection () from /usr/lib/libldap_r.so.2
#17 0x40027f11 in ldap_open_defconn () from /usr/lib/libldap_r.so.2
#18 0x40039e0f in ldap_send_initial_request () from /usr/lib/libldap_r.so.2
#19 0x40030137 in ldap_sasl_bind () from /usr/lib/libldap_r.so.2
#20 0x4003040b in ldap_sasl_bind_s () from /usr/lib/libldap_r.so.2
#21 0x40030c7c in ldap_simple_bind_s () from /usr/lib/libldap_r.so.2
#22 0x08261b7d in smbldap_make_mod ()
#23 0x08261ebe in smbldap_make_mod ()
#24 0x08262214 in smbldap_make_mod ()
#25 0x0826240a in smbldap_search ()
#26 0x08262b04 in smbldap_search_suffix ()
#27 0x081ba9d8 in ldapsam_search_suffix_by_name ()
#28 0x081be181 in ldapsam_search_suffix_by_name ()
#29 0x081b4ac5 in smb_register_passdb ()
#30 0x081b6b88 in pdb_getsampwnam ()
#31 0x08225f3c in auth_rhosts_init ()
#32 0x082265b1 in auth_rhosts_init ()
#33 0x082239ff in smb_register_auth ()
#34 0x0822d809 in password_ok ()
#35 0x0810fad1 in ntlmssp_end ()
#36 0x0810f0db in ntlmssp_update ()
#37 0x0822db2d in auth_ntlmssp_update ()
#38 0x080b0a71 in reply_getattrE ()
#39 0x080b0d44 in reply_getattrE ()
#40 0x080b1d18 in reply_sesssetup_and_X ()
#41 0x080d7a76 in respond_to_all_remaining_local_messages ()
#42 

[Samba] Samba 3.0 PDC + XP + roaming profile = big, strange mistery of sorts

[Bruno Ferreira]

Please bear with me as this is quite a complicated problem which has 
eluded me for days now...


I recently upgraded a Samba 2.2 PDC to Samba 3.0 [3.0.20a as of now]. 
After upgrading, I had problems with two XP machines, among 16 of them. 
One of them didn't validate the domain users correctly. That was 
immediately taken care of by having said machine leave and re-join the 
domain. Nothing else was done here. As for the other machine...


After the upgrade, when logging in to the domain in that machine, it 
said that the machine account didn't exist. Except it did :/ . I deleted 
the machine account and recreated it, having it leave and re-join the 
domain in the process.


Now, here comes the real problem:


- The user can now log on, except that all of Windows' settings were 
gone, and back to the default.
- The profile *was* downloaded to the local machine, and all the files 
were present, but it acted as if the registry somehow wasn't present.
- Even after redoing some configuration, on logging off, even though 
some files in the roaming profile were updated in the server (NTUSER.DAT 
included), logging in again produced the same problem.
- Deleted all local copies of the profile. Same thing. I always reverted 
to a known-good copy of the profile between tests.
- Checked permissions on the local copy of the profile. Permissions were 
OK, the domain user had the full control over his local profile directory.
- Out of spite, said machine was reformatted. Problem repeated itself 
and remained. Note: said machine has no different configuration from any 
other; the user also has a regular roaming profile like anyone else.



I'm now out of a total loss of ideas. jerry @ freenode (Jeremy Allison?) 
even helped out a bit, but I couldn't get anywhere, even after trying 
lots of things.


Now, something tells me that this has something to do with domain SIDs 
or the like (of which I have little knowledge, I know what they are, but 
I'm not savvy enough to go around investigating them). I even deleted 
secrets.tdb so that Samba would recreate it, which wasn't a smart move, 
as I came to learn, but will most likely come to no harm (I hope).



I'd like to know two things, and I'll take any suggestions that I can get.

a) The cause, so that I know why this happens, and I can avoid it later.
b) The solution, obviously. I've been delaying other work because of 
this and my brain now feels like jelly because of bashing my head 
against the table :(



Hopeful for some insight on this,

Bruno Ferreira
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

答复: [Samba] About the group sett ing in smb.conf RE: samba Digest ,Vol 34, Issue

[Liu , Hong Quan 刘红泉]

Hi Adrian,
Thank you for your help!
I did it according your advice ,for example:
[IT Dept]
comment = IT Department file space
path = /appl/it
valid users = @all it
public = No
writable = yes
but I cann't pass the authentication by AD.
The error message in log likes this:
2005/10/11 12:05:06, 4] smbd/reply.c:reply_tcon_and_X(407)
  Client requested device type [?] for share [IT DEPT]
[2005/10/11 12:05:06, 5] smbd/service.c:make_connection(807)
  making a connection to 'normal' service it dept
[2005/10/11 12:05:06, 10] lib/username.c:user_in_list(529)
  user_in_list: checking user NWBSC\liuhongquan in list
[2005/10/11 12:05:06, 10] lib/username.c:user_in_list(533)
  user_in_list: checking user |NWBSC\liuhongquan| against |@all it|
[2005/10/11 12:05:06, 5] lib/username.c:user_in_netgroup_list(320)
  looking for user NWBSC\liuhongquan of domain  in netgroup all it
[2005/10/11 12:05:06, 5] lib/username.c:user_in_netgroup_list(336)
  looking for user nwbsc\liuhongquan of domain  in netgroup all it
[2005/10/11 12:05:06, 2] smbd/service.c:make_connection_snum(321)
  user 'NWBSC\liuhongquan' (from session setup) not permitted to access this sha
re (IT Dept)
[2005/10/11 12:05:06, 3] smbd/error.c:error_packet(105)
  error string = Invalid argument

Why?

Thanks!
Liu

-邮件原件-
发件人: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 代表 adrian sender
发送时间: 2005年10月10日 23:35
收件人: samba@lists.samba.org
主题: RE: [Samba] About the group setting in smb.conf RE: samba Digest,Vol 34, 
Issue

hFrom: [EMAIL PROTECTED]
Reply-To: samba@lists.samba.org
To: samba@lists.samba.org
Subject: samba Digest, Vol 34, Issue 14
Date: Mon, 10 Oct 2005 12:05:06 + (GMT)

---
From: Liu, Hong Quan ÁõºìȪ [EMAIL PROTECTED]
To: samba@lists.samba.org
Subject: [Samba] About the group setting in smb.conf.
Sent: Monday, 10 October 2005 12:19:13 PM
Hi,

This is my first time to configure Samba server as a member server in AD 
domain,

So, I have a question about how to configure a group name with one or more
spaces in smb.conf?

As we know, this kind of group names are very common in Windows environment.

For example, set ¡°valid users¡± parameter:

Usually , a name starting with @ is represented group,

   valid users = username, @GroupName,¡­

But if the group name includes spaces, e.g. ¡°it dept¡±, ¡°sales dept¡±,

How can I set them correctly?

(I set them as @¡±it dept¡±, but the winbind log file tells me ¡°group it 
dept
in domain  does not exist¡±,

But I can list this group using wbinfo ¨Cg)

Wish someone give me a advice!

Thanks in advance!
--

RE: [Samba] About the group setting in smb.conf

Hello Liu,

If you have have a group such as Domain members you muse use @group name. 
You seem to be missing   hThis should solve your problem.


[Video]
  comment = Videos  Movies
  path = /data/Video
  writeable = no
  browsable = yes
  read only = yes
  valid users = @Domain Users

Cheers,

Adrian Sender


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

svn commit: samba r10859 - in branches/SAMBA_4_0/source/winbind: .

[vlendec]

Author: vlendec
Date: 2005-10-10 06:18:17 + (Mon, 10 Oct 2005)
New Revision: 10859

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10859

Log:
Make the flow a bit clearer
Modified:
   branches/SAMBA_4_0/source/winbind/wb_init_domain.c


Changeset:
Modified: branches/SAMBA_4_0/source/winbind/wb_init_domain.c
===
--- branches/SAMBA_4_0/source/winbind/wb_init_domain.c  2005-10-10 01:35:26 UTC 
(rev 10858)
+++ branches/SAMBA_4_0/source/winbind/wb_init_domain.c  2005-10-10 06:18:17 UTC 
(rev 10859)
@@ -418,18 +418,17 @@
 {
struct composite_context *ctx;
 
-   if (state-domain-schannel_creds != NULL) {
+   if (state-domain-schannel_creds == NULL) {
ctx = wb_init_lsa_send(state-conn.out.tree,
-  DCERPC_AUTH_TYPE_NTLMSSP,
-  state-domain-schannel_creds);
-   comp_cont(state-ctx, ctx,
- init_domain_recv_lsa_ntlmssp, state);
+  DCERPC_AUTH_TYPE_NONE,
+  NULL);
+   comp_cont(state-ctx, ctx, init_domain_recv_lsa_none, state);
return;
}
 
-   ctx = wb_init_lsa_send(state-conn.out.tree, DCERPC_AUTH_TYPE_NONE,
-  NULL);
-   comp_cont(state-ctx, ctx, init_domain_recv_lsa_none, state);
+   ctx = wb_init_lsa_send(state-conn.out.tree, DCERPC_AUTH_TYPE_NTLMSSP,
+  state-domain-schannel_creds);
+   comp_cont(state-ctx, ctx, init_domain_recv_lsa_ntlmssp, state);
 }
 
 static void init_domain_recv_lsa_ntlmssp(struct composite_context *ctx)

svn commit: samba r10860 - in branches/tmp/samba4-winsrepl: . source/include source/lib/ldb source/lib/ldb/tests source/libcli/auth source/libcli/composite source/libcli/nbt source/libcli/wrepl source

[metze]

Author: metze
Date: 2005-10-10 06:37:57 + (Mon, 10 Oct 2005)
New Revision: 10860

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10860

Log:
 [EMAIL PROTECTED] (orig r10836):  metze | 2005-10-08 18:35:33 +0200
 giving NT_STATUS_NO_MEMORY, when the connection fails wasn't a good idea...
 
 metze
 [EMAIL PROTECTED] (orig r10838):  vlendec | 2005-10-08 19:45:27 +0200
 Get us an schannel'ed netlogon pipe.
 
 Abartlet, now I think I need some assistance to implement the pam auth  crap
 auth calls.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10839):  jelmer | 2005-10-08 19:55:28 +0200
 Add some [ref] (required for ethereal and Samba3 parser generators)
 
 [EMAIL PROTECTED] (orig r10840):  jelmer | 2005-10-08 19:55:56 +0200
 Fix indentation
 
 [EMAIL PROTECTED] (orig r10842):  jelmer | 2005-10-08 22:19:35 +0200
 Fix some issues with [out] unions that have a discriminator that is only 
 [in]
 
 [EMAIL PROTECTED] (orig r10843):  vlendec | 2005-10-09 10:32:06 +0200
 Reformatting
 [EMAIL PROTECTED] (orig r10844):  abartlet | 2005-10-09 14:13:05 +0200
 Add challenge-response authentication to Samba4's winbindd for VL.
 
 Plaintext should be simple, but I'm going to do some infrustructure
 work first.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10845):  abartlet | 2005-10-09 14:38:23 +0200
 Add new function to decrypt the session keys in samlogon responses.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10846):  vlendec | 2005-10-09 14:50:35 +0200
 Create a wbsrv_domain, change wb_finddcs to the style of the rest of the
 async helpers.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10847):  abartlet | 2005-10-09 15:03:52 +0200
 Fix up new 'decrypt samlogon reply' routine to be more robust, and use
 it in the RPC-SAMLOGON test.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10848):  jelmer | 2005-10-09 15:40:55 +0200
 Fix warning
 
 [EMAIL PROTECTED] (orig r10849):  jelmer | 2005-10-09 15:53:48 +0200
 Fix handling of [charset] for strings with fixed or inline size
 
 [EMAIL PROTECTED] (orig r10852):  vlendec | 2005-10-09 22:32:24 +0200
 Continuation-based programming can become a bit spaghetti...
 
 Initialize a domain structure properly. Excerpt from wb_init_domain.c:
 
 /*
  * Initialize a domain:
  *
  * - With schannel credentials, try to open the SMB connection with the machine
  *   creds. Fall back to anonymous.
  *
  * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
  *   pipe.
  *
  * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
  *   to schannel and then to anon bind.
  *
  * - With queryinfopolicy, verify that we're talking to the right domain
  *
  * A bit complex, but with all the combinations I think it's the best we can
  * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
  * have a signedsealed lsa connection on all of them.
  *
  * Is this overkill? In particular the authenticated SMB connection seems a
  * bit overkill, given that we do schannel for netlogon and ntlmssp for 
  * lsa later on w2k3, the others don't do this anyway.
  */
 
 Thanks to Jeremy for his detective work, and to the Samba4 team for providing
 such a great infrastructure.
 
 Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
 with all we have.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10853):  vlendec | 2005-10-09 22:57:49 +0200
 Convert wbinfo -n to properly init the domain.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10854):  jelmer | 2005-10-09 23:30:41 +0200
 talloc_get_type() can return NULL..
 
 [EMAIL PROTECTED] (orig r10855):  abartlet | 2005-10-10 00:19:20 +0200
 Put the domain SID in secrets.ldb by default, and add http as a
 default SPN alias.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10856):  tridge | 2005-10-10 01:29:26 +0200
 we need aclocal.m4 in ldb for standalone configure
 [EMAIL PROTECTED] (orig r10859):  vlendec | 2005-10-10 08:18:17 +0200
 Make the flow a bit clearer

Added:
   branches/tmp/samba4-winsrepl/source/lib/ldb/aclocal.m4
   branches/tmp/samba4-winsrepl/source/winbind/wb_init_domain.c
Modified:
   branches/tmp/samba4-winsrepl/
   branches/tmp/samba4-winsrepl/source/include/structs.h
   branches/tmp/samba4-winsrepl/source/lib/ldb/tests/slapd.conf
   branches/tmp/samba4-winsrepl/source/libcli/auth/credentials.c
   branches/tmp/samba4-winsrepl/source/libcli/composite/composite.c
   branches/tmp/samba4-winsrepl/source/libcli/nbt/nbtname.c
   branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.c
   branches/tmp/samba4-winsrepl/source/librpc/idl/dfs.idl
   branches/tmp/samba4-winsrepl/source/nsswitch/winbindd_nss.h
   branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba/NDR/Client.pm
   branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm
   branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Client.pm
   branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Header.pm
   

svn commit: samba r10861 - in branches/SOC/SAMBA_4_0: . source/include source/lib/ldb source/lib/ldb/tests source/libcli/auth source/libcli/composite source/libcli/nbt source/librpc/idl source/nsswitc

[metze]

Author: metze
Date: 2005-10-10 07:45:58 + (Mon, 10 Oct 2005)
New Revision: 10861

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10861

Log:
 [EMAIL PROTECTED] (orig r10838):  vlendec | 2005-10-08 19:45:27 +0200
 Get us an schannel'ed netlogon pipe.
 
 Abartlet, now I think I need some assistance to implement the pam auth  crap
 auth calls.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10839):  jelmer | 2005-10-08 19:55:28 +0200
 Add some [ref] (required for ethereal and Samba3 parser generators)
 
 [EMAIL PROTECTED] (orig r10840):  jelmer | 2005-10-08 19:55:56 +0200
 Fix indentation
 
 [EMAIL PROTECTED] (orig r10842):  jelmer | 2005-10-08 22:19:35 +0200
 Fix some issues with [out] unions that have a discriminator that is only 
 [in]
 
 [EMAIL PROTECTED] (orig r10843):  vlendec | 2005-10-09 10:32:06 +0200
 Reformatting
 [EMAIL PROTECTED] (orig r10844):  abartlet | 2005-10-09 14:13:05 +0200
 Add challenge-response authentication to Samba4's winbindd for VL.
 
 Plaintext should be simple, but I'm going to do some infrustructure
 work first.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10845):  abartlet | 2005-10-09 14:38:23 +0200
 Add new function to decrypt the session keys in samlogon responses.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10846):  vlendec | 2005-10-09 14:50:35 +0200
 Create a wbsrv_domain, change wb_finddcs to the style of the rest of the
 async helpers.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10847):  abartlet | 2005-10-09 15:03:52 +0200
 Fix up new 'decrypt samlogon reply' routine to be more robust, and use
 it in the RPC-SAMLOGON test.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10848):  jelmer | 2005-10-09 15:40:55 +0200
 Fix warning
 
 [EMAIL PROTECTED] (orig r10849):  jelmer | 2005-10-09 15:53:48 +0200
 Fix handling of [charset] for strings with fixed or inline size
 
 [EMAIL PROTECTED] (orig r10852):  vlendec | 2005-10-09 22:32:24 +0200
 Continuation-based programming can become a bit spaghetti...
 
 Initialize a domain structure properly. Excerpt from wb_init_domain.c:
 
 /*
  * Initialize a domain:
  *
  * - With schannel credentials, try to open the SMB connection with the machine
  *   creds. Fall back to anonymous.
  *
  * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
  *   pipe.
  *
  * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
  *   to schannel and then to anon bind.
  *
  * - With queryinfopolicy, verify that we're talking to the right domain
  *
  * A bit complex, but with all the combinations I think it's the best we can
  * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
  * have a signedsealed lsa connection on all of them.
  *
  * Is this overkill? In particular the authenticated SMB connection seems a
  * bit overkill, given that we do schannel for netlogon and ntlmssp for 
  * lsa later on w2k3, the others don't do this anyway.
  */
 
 Thanks to Jeremy for his detective work, and to the Samba4 team for providing
 such a great infrastructure.
 
 Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
 with all we have.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10853):  vlendec | 2005-10-09 22:57:49 +0200
 Convert wbinfo -n to properly init the domain.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10854):  jelmer | 2005-10-09 23:30:41 +0200
 talloc_get_type() can return NULL..
 
 [EMAIL PROTECTED] (orig r10855):  abartlet | 2005-10-10 00:19:20 +0200
 Put the domain SID in secrets.ldb by default, and add http as a
 default SPN alias.
 
 Andrew Bartlett
 
 [EMAIL PROTECTED] (orig r10856):  tridge | 2005-10-10 01:29:26 +0200
 we need aclocal.m4 in ldb for standalone configure
 [EMAIL PROTECTED] (orig r10859):  vlendec | 2005-10-10 08:18:17 +0200
 Make the flow a bit clearer

Added:
   branches/SOC/SAMBA_4_0/source/lib/ldb/aclocal.m4
   branches/SOC/SAMBA_4_0/source/winbind/wb_init_domain.c
Modified:
   branches/SOC/SAMBA_4_0/
   branches/SOC/SAMBA_4_0/source/include/structs.h
   branches/SOC/SAMBA_4_0/source/lib/ldb/tests/slapd.conf
   branches/SOC/SAMBA_4_0/source/libcli/auth/credentials.c
   branches/SOC/SAMBA_4_0/source/libcli/composite/composite.c
   branches/SOC/SAMBA_4_0/source/libcli/nbt/nbtname.c
   branches/SOC/SAMBA_4_0/source/librpc/idl/dfs.idl
   branches/SOC/SAMBA_4_0/source/nsswitch/winbindd_nss.h
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Client.pm
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm
   branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Types.pm
   branches/SOC/SAMBA_4_0/source/rpc_server/spoolss/dcesrv_spoolss.c
   branches/SOC/SAMBA_4_0/source/setup/provision.ldif
   branches/SOC/SAMBA_4_0/source/setup/secrets.ldif
   

svn commit: samba r10862 - in branches/SOC/SAMBA_4_0/source: libnet librpc/idl torture torture/rpc

[metze]

Author: metze
Date: 2005-10-10 08:31:52 + (Mon, 10 Oct 2005)
New Revision: 10862

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10862

Log:
remove the differences between SAMBA_4_0 and SOC/SAMBA_4_0

metze
Modified:
   branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c
   branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl
   branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c
   branches/SOC/SAMBA_4_0/source/torture/torture.c


Changeset:
Modified: branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c
===
--- branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c  2005-10-10 07:45:58 UTC 
(rev 10861)
+++ branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c  2005-10-10 08:31:52 UTC 
(rev 10862)
@@ -757,7 +757,7 @@
sc.out.connect_handle = p_handle;
 
/* 2. do a samr_Connect to get a policy handle */
-   status = dcerpc_samr_Connect(samr_pipe, tmp_ctx, sc);  

+   status = dcerpc_samr_Connect(samr_pipe, tmp_ctx, sc);
if (!NT_STATUS_IS_OK(status)) {
r-out.error_string = talloc_asprintf(mem_ctx,
samr_Connect failed: %s,
@@ -945,22 +945,6 @@
return status;
}
}
-   /*
-This code still has an issue in that it isn't storing the samr_pipe 
and the u_handle in mem_ctx,
-and so they aren't staying open once this function returns.
-Because of this, the RPC-NETLOGON torture test fails when trying to 
use the pipe and handle to leave 
-the domain. 
-
-Because they are local variables and not in a TALLOC_CTX, I can't 
talloc_steal() them.  
-   */
-   r-out.join_password = talloc_steal(mem_ctx, password_str);
-   r-out.domain_sid = talloc_steal(mem_ctx, domain_sid);
-   r-out.domain_name = talloc_steal(mem_ctx, domain_name);
-   r-out.realm = talloc_steal(mem_ctx, realm);
-   r-out.samr_pipe = samr_pipe;
-   r-out.samr_binding = talloc_steal(mem_ctx, samr_binding);
-   r-out.user_handle = u_handle;
-   r-out.error_string = talloc_steal(mem_ctx, 
r2.samr_handle.out.error_string);
 
account_sid = dom_sid_add_rid(mem_ctx, domain_sid, rid);
if (!account_sid) {
@@ -1009,8 +993,6 @@
return cu_status;
 }
 
-
-
 static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx, 
   TALLOC_CTX *mem_ctx, 
   struct libnet_Join *r)
@@ -1128,7 +1110,6 @@
talloc_free(tmp_mem);
return NT_STATUS_NO_MEMORY;
}
-   if (!msg) goto no_mem;
 
msg-dn = ldb_dn_build_child(tmp_mem, flatname, r2-out.domain_name, 
base_dn);
if (!msg-dn) {
@@ -1288,10 +1269,6 @@
talloc_steal(mem_ctx, r2-out.domain_sid);
talloc_free(tmp_mem);
return NT_STATUS_OK;
-no_mem:
-   r-out.error_string = NULL;
-   talloc_free(tmp_mem);   
-   return NT_STATUS_NO_MEMORY;
 }
 
 NTSTATUS libnet_Join(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct 
libnet_Join *r)

Modified: branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl
===
--- branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-10-10 
07:45:58 UTC (rev 10861)
+++ branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-10-10 
08:31:52 UTC (rev 10862)
@@ -371,9 +371,7 @@
 */
 
typedef [flag(NDR_PAHEX),v1_enum] enum {
-   DRSUAPI_OBJECTCLASS_top = 0x0001,
-   DRSUAPI_OBJECTCLASS_domain  = 0x000a0042,
-   DRSUAPI_OBJECTCLASS_domainDNS   = 0x000a0043
+   DRSUAPI_OBJECTCLASS_top = 0x0001
} drsuapi_DsObjectClassId;
 
typedef [flag(NDR_PAHEX),v1_enum,public] enum {
@@ -394,12 +392,7 @@
DRSUAPI_ATTRIBUTE_objectCategory= 0x0009030e,
DRSUAPI_ATTRIBUTE_msDS_Behavior_Version = 0x000905b3,
DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs = 0x0009071c,
-   DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c,
-   DRSUAPI_ATTRIBUTE_gPLink= 0x0009037b,
-   DRSUAPI_ATTRIBUTE_instanceType  = 0x00020001,
-   DRSUAPI_ATTRIBUTE_whenCreated   = 0x00020002,
-   DRSUAPI_ATTRIBUTE_fSMORoleOwner = 0x00090171,
-   DRSUAPI_ATTRIBUTE_wellKnownObjects  = 0x0009026a
+   DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c
} drsuapi_DsAttributeId;
 
/* Generic DATA_BLOB values */

Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c
===
--- branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c2005-10-10 
07:45:58 

svn commit: samba r10863 - in branches/SOC/SAMBA_4_0/source/torture: . rpc

[metze]

Author: metze
Date: 2005-10-10 08:34:26 + (Mon, 10 Oct 2005)
New Revision: 10863

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10863

Log:
fix the build 

metze
Modified:
   branches/SOC/SAMBA_4_0/source/torture/config.mk
   branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c


Changeset:
Modified: branches/SOC/SAMBA_4_0/source/torture/config.mk
===
--- branches/SOC/SAMBA_4_0/source/torture/config.mk 2005-10-10 08:31:52 UTC 
(rev 10862)
+++ branches/SOC/SAMBA_4_0/source/torture/config.mk 2005-10-10 08:34:26 UTC 
(rev 10863)
@@ -79,6 +79,7 @@
torture/rpc/dfs.o \
torture/rpc/drsuapi.o \
torture/rpc/drsuapi_cracknames.o \
+   torture/rpc/dssync.o \
torture/rpc/spoolss.o \
torture/rpc/unixinfo.o \
torture/rpc/samr.o \

Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c
===
--- branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c  2005-10-10 08:31:52 UTC 
(rev 10862)
+++ branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c  2005-10-10 08:34:26 UTC 
(rev 10863)
@@ -129,7 +129,7 @@
return ctx;
 }
 
-static BOOL test_DsBind(struct DsSyncTest *ctx,struct cli_credentials 
*credentials, struct DsSyncBindInfo *b)
+static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials 
*credentials, struct DsSyncBindInfo *b)
 {
NTSTATUS status;
BOOL ret = True;
@@ -400,10 +400,10 @@
mem_ctx = talloc_init(torture_rpc_dssync);
ctx = test_create_context(mem_ctx);

-   ret = test_DsBind(ctx, ctx-admin.credentials, ctx-admin.drsuapi);
+   ret = _test_DsBind(ctx, ctx-admin.credentials, ctx-admin.drsuapi);
ret = test_LDAPBind(ctx, ctx-admin.credentials, ctx-admin.ldap);
ret = test_GetInfo(ctx);
-   ret = test_DsBind(ctx, ctx-admin.credentials, ctx-new_dc.drsuapi);
+   ret = _test_DsBind(ctx, ctx-admin.credentials, ctx-new_dc.drsuapi);
ret = test_FetchData(ctx);
 
return ret;

svn commit: samba r10864 - in branches/SOC/SAMBA_4_0: .

[metze]

Author: metze
Date: 2005-10-10 09:10:08 + (Mon, 10 Oct 2005)
New Revision: 10864

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10864

Log:
remove README file to reduce, diffs to main SAMBA_4_0 branch:

metze

README:
This project was centered around adding a torture test to Samba 4, which used 
drsuapi_DsGetNCChanges() to retrieve the contents of an Active Directory in the 
same manner as an Active Directory DC replication event.

As the project unfolded, I also applied some changes to the functionality of 
the libnet library related to joining a machine account to a domain.

One of the first things that I implemented in this project was a 
'neighbour_writeable' option for the RPC-DRSUAPI torture test. The command line 
to execute this torture test is as follows:

smbtorture --option=drsuapi:neighbour_writeable=True -W domain name -U admin 
username%password ncacn_ip_tcp:domain controller dns name RPC-DRSUAPI

This option provides us with runtime control over the 
DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE flag in the struct 
drsuapi_DsGetNCChanges.in.req.reqlevel.replica_flags, allowing us to easily 
test for differences in the behaviour of AD replication with the switch on or 
off.

In the course of the project, I also implemented two more flags for the 
RPC-DSSYNC test. dssync:last_usn takes an integer representing the USN 
(Universal Serial Number) of the last recieved replication update for a 
particular partition (uses the domain DN if drsuapi:parition isn't set).   That 
value is passed in the DsGetNCChanges() call so that only info which has been 
updated since that point in time is returned. If this option is not set, 0 is 
used by default, and all updates for that partition are returned.  
dssync:partition takes a string DN and uses that as the name of the AD 
partition to replicate.

Based initially on a patch provided to me by one of my mentors, Stephan (metze) 
Metzmacher, the RPC-DSSYNC test was implemented for this project. Initially 
functionality was included to perform a DC join prior to initiating 
replication, but the code was removed when it was realized that replication 
could indeed take place without being a member of the domain in any way. It has 
been recently suggested that we may need a DC join after all to get all of the 
information we may want from the AD replication. This is probably best added 
using a torture_join_domain() call once the libnet code is able to keep the 
user policy handle and SAMR RPC pipe open.

The DC join code was taken out of the RPC-DSSYNC and implemented for the most 
part in the libnet libraries. To test this, the RPC-NETLOGON test was modified 
to perform a domain join, leave and rejoin. Currently, the test has a fault in 
that it is unable to leave the domain using the same SAMR RPC pipe and 
user_policy information as was used for the first join. This is because I was 
unable to get the code working properly in libnet to provide that 
functionality. Currently missing from the DC join in libnet is the code to 
create the CN=NTDS Settings,CN=DC NETBIOS 
NAME,CN=Site-Name,CN=Sites,CN=Configuration,domain DN container using the 
dcerpc_drsuapi_DsAddEntry() call. I did not want to implement this 
functionality in libnet while there were still problems with the code.


I also provided the ability in libnet and the RPC-DSSYNC test to look up the 
proper site name using the cldap library.

In my investigations, I was unable to find out any information regarding the 
UnicodePwd attribute, except that the same password is represented differently 
for two different users in the same directory.

I was also able to resolve and confirm the meaning of some DRSUAPI_ATTRIBUTE 
ID's.
DRSUAPI_OBJECTCLASS_domain  (0xA0042)
DRSUAPI_OBJECTCLASS_domainDNS   (0xA0043)
wellKnownObjects(0x9026A)
fSMORoleOwner   (0x90171)
name or dc  (0x90001)
whenCreated (0x20002)
instanceType(0x20001)
gPLink  (0x9037B)
These were added to the IDL for drsuapi (source/librpc/idl/drsuapi.idl).

I would like to thank everyone on the Samba team who worked with me and 
assisted me with this project, specifically all the work done by Stephan 
Metzmacher, Andrew Bartlett and Jerry Carter. Working on this project with the 
Samba team really has been a life changing experience, as corny as that sounds. 

I've realized that I was born to be a systems developer, and it has helped 
confirm in my mind that Open Source (specifically Samba) development is exactly 
what i've been missing! 

I would also like to take this opportunity to thank Chris Dibona and Google for 
the amazing opportunity. I don't know if I would have taken the leap in other 
circumstances.

I know these notes sound a little rushed, but it is 23:55 after all! :)

Removed:
   branches/SOC/SAMBA_4_0/README


Changeset:

svn commit: samba r10866 - in branches/SOC/SAMBA_4_0: .

[metze]

Author: metze
Date: 2005-10-10 09:35:15 + (Mon, 10 Oct 2005)
New Revision: 10866

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10866

Log:
 [EMAIL PROTECTED] (orig r10865):  metze | 2005-10-10 11:33:06 +0200
 merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 tree
 
 metze
 
  [EMAIL PROTECTED]:  metze | 2005-06-30 13:44:23 +0200
  create the SAMBA_4_0 branch for the Summer Of Code Project
  
  metze
  
  [EMAIL PROTECTED]:  brad | 2005-07-24 03:09:48 +0200
  Branching Samba 4
  [EMAIL PROTECTED]:  brad | 2005-07-24 06:39:00 +0200
  added 'make installmisc' to howto.txt
  added existing 'compression' option to level8 drsuapi torture test
  added new 'neighbour_writeable' option to level8 drsuapi torture test
  [EMAIL PROTECTED]:  brad | 2005-07-24 06:42:38 +0200
  added metze's dssync patch as source/torture/rpc/dssync.c
  [EMAIL PROTECTED]:  brad | 2005-07-25 00:24:46 +0200
  added a test called RPC-DSSYNC to config.mk
  hacking at dssync.c in an attempt to make it compile
  [EMAIL PROTECTED]:  brad | 2005-07-25 15:19:21 +0200
  Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap 
calls.
  
  [EMAIL PROTECTED]:  brad | 2005-07-26 03:35:38 +0200
  more ldb changes to test_CompleteJoin(), it mostly kind of almost works now!
  
  [EMAIL PROTECTED]:  brad | 2005-07-26 03:56:00 +0200
  Trying to fix the crazy nesting in the branch
  [EMAIL PROTECTED]:  brad | 2005-07-26 04:48:29 +0200
  merging latest changes
  [EMAIL PROTECTED]:  brad | 2005-07-26 04:53:43 +0200
  removing nested branch
  [EMAIL PROTECTED]:  jerry | 2005-07-27 05:04:57 +0200
  merging on of Brad missing changes from the nested 4.0 branch debacle
  [EMAIL PROTECTED]:  jerry | 2005-07-27 05:14:42 +0200
  syncing up with the main 4_0 branch for Brad
  [EMAIL PROTECTED]:  brad | 2005-07-29 00:26:30 +0200
  merging changes from branches/SAMBA_4_0
  [EMAIL PROTECTED]:  brad | 2005-07-29 21:07:57 +0200
  Bringing my tree up to date
  [EMAIL PROTECTED]:  brad | 2005-07-30 00:48:04 +0200
  making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get 
my branch to compile again.
  [EMAIL PROTECTED]:  brad | 2005-07-30 03:20:33 +0200
  I think I have the ldb code down in test_CompleteJoin (not complete yet 
though)
  [EMAIL PROTECTED]:  brad | 2005-07-30 07:08:13 +0200
  Changed comments to C style /**/ (thanks Richard), some more changes to 
test_CompleteJoin(). 
  [EMAIL PROTECTED]:  brad | 2005-07-31 04:45:32 +0200
  Bringing the SOC/SAMBA_4_0 branch up to date.
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:00:41 +0200
  Updated some missing files from the branch
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:25:50 +0200
  Removing autogenerated files from branch
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:43:58 +0200
  last of the unneeded files in SOC/SAMBA_4_0
  [EMAIL PROTECTED]:  brad | 2005-08-03 18:51:23 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 10:44:30 -0600
[EMAIL PROTECTED]:  j0j0 | 2005-08-02 22:54:13 -0600
creating a local branch of branches/SAMBA_4_0

   
  
  [EMAIL PROTECTED]:  brad | 2005-08-03 20:57:48 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 13:00:11 -0600
   Fixing differences between this branch and /branches/SAMBA_4_0
  
  [EMAIL PROTECTED]:  brad | 2005-08-03 21:18:05 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 13:23:12 -0600
   Updating config.mk so that smbtorture builds again
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:17:36 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 21:01:02 -0600
   Start using libnet_Join() for DC join.
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:17:47 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 10:21:34 -0600
   Some more work towards performing a dc join.
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:53:51 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 10:53:00 -0600
   Fixed a bug (passing a TALLOC_CTX to libnet_context_init() )
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 21:59:55 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 14:04:55 -0600
   Some more work on the domain join
  
  [EMAIL PROTECTED]:  brad | 2005-08-05 16:50:26 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-05 08:55:58 -0600
   Committing minor changes before merge
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 17:25:25 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 09:30:12 -0600
   Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED.
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 17:25:36 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 09:31:22 -0600
   Working with libnet_Join(), code cleanup needed in the near future.
   
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 21:40:22 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 13:46:09 -0600
   Some code cleanup to make things a little more readable.
  
  [EMAIL PROTECTED]:  brad | 2005-08-12 01:31:48 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-11 17:38:44 -0600
   Split libnet_JoinDomain() into libnet_JoinDomain() and 
libnet_JoinADSDomain().
  
  [EMAIL PROTECTED]:  brad | 

svn commit: samba r10867 - in branches/SAMBA_4_0/source: include libcli/util

[metze]

Author: metze
Date: 2005-10-10 11:21:02 + (Mon, 10 Oct 2005)
New Revision: 10867

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10867

Log:
add WERR_UNKNOWN_REVISION errorcode

metze
Modified:
   branches/SAMBA_4_0/source/include/doserr.h
   branches/SAMBA_4_0/source/libcli/util/doserr.c


Changeset:
Modified: branches/SAMBA_4_0/source/include/doserr.h
===
--- branches/SAMBA_4_0/source/include/doserr.h  2005-10-10 09:35:15 UTC (rev 
10866)
+++ branches/SAMBA_4_0/source/include/doserr.h  2005-10-10 11:21:02 UTC (rev 
10867)
@@ -188,6 +188,7 @@
 #define WERR_MORE_DATA W_ERROR(234)
 #define WERR_CAN_NOT_COMPLETE W_ERROR(1003)
 #define WERR_INVALID_DOMAINNAME W_ERROR(1212)
+#define WERR_UNKNOWN_REVISION W_ERROR(1305)
 #define WERR_REVISION_MISMATCH W_ERROR(1306)
 #define WERR_INVALID_OWNER W_ERROR(1307)
 #define WERR_NO_SUCH_USER W_ERROR(1317)

Modified: branches/SAMBA_4_0/source/libcli/util/doserr.c
===
--- branches/SAMBA_4_0/source/libcli/util/doserr.c  2005-10-10 09:35:15 UTC 
(rev 10866)
+++ branches/SAMBA_4_0/source/libcli/util/doserr.c  2005-10-10 11:21:02 UTC 
(rev 10867)
@@ -69,6 +69,7 @@
{ WERR_DFS_INTERNAL_ERROR, WERR_DFS_INTERNAL_ERROR },
{ WERR_DFS_CANT_CREATE_JUNCT, WERR_DFS_CANT_CREATE_JUNCT },
{ WERR_INVALID_SECURITY_DESCRIPTOR, WERR_INVALID_SECURITY_DESCRIPTOR 
},
+   { WERR_UNKNOWN_REVISION, WERR_UNKNOWN_REVISION },
{ WERR_REVISION_MISMATCH, WERR_REVISION_MISMATCH },
{ WERR_INVALID_OWNER, WERR_INVALID_OWNER },
{ WERR_INVALID_DOMAINNAME, WERR_INVALID_DOMAINNAME },

svn commit: samba r10868 - in branches/SAMBA_4_0/source: librpc/ndr pidl/lib/Parse/Pidl/Samba/NDR

[metze]

Author: metze
Date: 2005-10-10 11:47:23 + (Mon, 10 Oct 2005)
New Revision: 10868

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10868

Log:
make flag(NDR_PAHEX) possible to use and show the union level in hex

metze
Modified:
   branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c
   branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c
===
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2005-10-10 11:21:02 UTC 
(rev 10867)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2005-10-10 11:47:23 UTC 
(rev 10868)
@@ -711,7 +711,11 @@
 
 void ndr_print_union(struct ndr_print *ndr, const char *name, int level, const 
char *type)
 {
-   ndr-print(ndr, %-25s: union %s(case %d), name, type, level);
+   if (ndr-flags  LIBNDR_PRINT_ARRAY_HEX) {
+   ndr-print(ndr, %-25s: union %s(case 0x%X), name, type, 
level);
+   } else {
+   ndr-print(ndr, %-25s: union %s(case %d), name, type, level);
+   }
 }
 
 void ndr_print_bad_level(struct ndr_print *ndr, const char *name, uint16_t 
level)

Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm
===
--- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm   
2005-10-10 11:21:02 UTC (rev 10867)
+++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm   
2005-10-10 11:47:23 UTC (rev 10868)
@@ -1624,15 +1624,17 @@
my ($e,$name) = @_;
my $have_default = 0;
 
-   pidl int level = ndr_print_get_switch_value(ndr, r);;
-
+   pidl int level;;
foreach my $el (@{$e-{ELEMENTS}}) {
DeclareArrayVariables($el);
}
 
-   pidl ndr_print_union(ndr, name, level, \$name\);;
start_flags($e);
 
+   pidl level = ndr_print_get_switch_value(ndr, r);;
+
+   pidl ndr_print_union(ndr, name, level, \$name\);;
+
pidl switch (level) {;
indent;
foreach my $el (@{$e-{ELEMENTS}}) {

svn commit: samba r10869 - in branches/SAMBA_4_0/source/librpc/ndr: .

[metze]

Author: metze
Date: 2005-10-10 12:10:10 + (Mon, 10 Oct 2005)
New Revision: 10869

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10869

Log:
add dummy functions and dummy parsing of XPRESS decompression,
this is the compression algorithm used by w2k3 for DsGetNCChanges().

This algorithm isn't known yet, but it seems to be some sort of Lempel-Ziv
algorithm.

metze
Modified:
   branches/SAMBA_4_0/source/librpc/ndr/libndr.h
   branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/libndr.h
===
--- branches/SAMBA_4_0/source/librpc/ndr/libndr.h   2005-10-10 11:47:23 UTC 
(rev 10868)
+++ branches/SAMBA_4_0/source/librpc/ndr/libndr.h   2005-10-10 12:10:10 UTC 
(rev 10869)
@@ -170,7 +170,8 @@
 };
 
 enum ndr_compression_alg {
-   NDR_COMPRESSION_MSZIP
+   NDR_COMPRESSION_MSZIP   = 2,
+   NDR_COMPRESSION_XPRESS  = 3
 };
 
 /*

Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c
===
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
11:47:23 UTC (rev 10868)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
12:10:10 UTC (rev 10869)
@@ -37,13 +37,13 @@
 
NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size));
if (plain_chunk_size  0x8000) {
-   return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB 
plain chunk size %08X  0x8000 (PULL), 
+   return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad MSZIP 
plain chunk size %08X  0x8000 (PULL), 
  plain_chunk_size);
}
 
NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size));
 
-   DEBUG(10,(plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n,
+   DEBUG(10,(MSZIP plain_chunk_size: %08X (%u) comp_chunk_size: %08X 
(%u)\n,
  plain_chunk_size, plain_chunk_size, comp_chunk_size, 
comp_chunk_size));
 
comp_chunk_offset = ndrpull-offset;
@@ -58,7 +58,7 @@
 
ret = ZIPdecompress(decomp_state, comp_chunk, plain_chunk);
if (ret != DECR_OK) {
-   return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad 
ZIBdecompress() error %d (PULL),
+   return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad 
ZIPdecompress() error %d (PULL),
  ret);
}
 
@@ -98,7 +98,7 @@
uncompressed = ndr_push_blob(ndrpush);
 
if (uncompressed.length != decompressed_len) {
-   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad 
uncompressed_len [%u] != [%d] (PULL),
+   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
uncompressed_len [%u] != [%d] (PULL),
  (int)uncompressed.length, 
(int)decompressed_len);
}
 
@@ -120,7 +120,7 @@
 
/* TODO: check the first 4 bytes of the header */
if (payload_header[1] != 0x) {
-   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad 
payload_header[1] [0x%08X] != [0x] (PULL),
+   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
payload_header[1] [0x%08X] != [0x] (PULL),
  payload_header[1]);
}
 
@@ -137,11 +137,85 @@
 }
 
 static NTSTATUS ndr_push_compression_mszip(struct ndr_push *subndr,
- struct ndr_push *comndr)
+  struct ndr_push *comndr)
 {
-   return ndr_push_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
compression is not supported yet (PUSH));
+   return ndr_push_error(subndr, NDR_ERR_COMPRESSION, Sorry MSZIP 
compression is not supported yet (PUSH));
 }
 
+static NTSTATUS ndr_pull_compression_xpress_chunk(struct ndr_pull *ndrpull,
+ struct ndr_push *ndrpush)
+{
+   DATA_BLOB comp_chunk;
+   uint32_t comp_chunk_offset;
+   uint32_t comp_chunk_size;
+   uint32_t plain_chunk_size;
+
+   comp_chunk_offset = ndrpull-offset;
+
+   NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size));
+   if (plain_chunk_size  0x0001) {
+   return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad XPRESS 
plain chunk size %08X  0x0001 (PULL), 
+ plain_chunk_size);
+   }
+
+   NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size));
+
+   NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size));
+   comp_chunk.length = comp_chunk_size;
+   comp_chunk.data = ndrpull-data + comp_chunk_offset;
+
+   DEBUG(10,(XPRESS plain_chunk_size: %08X (%u) comp_chunk_size: %08X 
(%u)\n,
+ plain_chunk_size, plain_chunk_size, comp_chunk_size, 
comp_chunk_size));
+
+ 

svn commit: samba r10872 - in branches/SAMBA_4_0/source/librpc/ndr: .

[metze]

Author: metze
Date: 2005-10-10 13:25:11 + (Mon, 10 Oct 2005)
New Revision: 10872

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10872

Log:
fix the length of the dummy XPRESS decompressed buffer

metze
Modified:
   branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c
===
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
12:31:05 UTC (rev 10871)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
13:25:11 UTC (rev 10872)
@@ -161,7 +161,7 @@
NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size));
 
NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size));
-   comp_chunk.length = comp_chunk_size;
+   comp_chunk.length = comp_chunk_size + 8;
comp_chunk.data = ndrpull-data + comp_chunk_offset;
 
DEBUG(10,(XPRESS plain_chunk_size: %08X (%u) comp_chunk_size: %08X 
(%u)\n,

svn commit: samba r10873 - in branches/SAMBA_4_0/source/librpc/ndr: .

[metze]

Author: metze
Date: 2005-10-10 14:10:37 + (Mon, 10 Oct 2005)
New Revision: 10873

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10873

Log:
check the complete payload header

metze
Modified:
   branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c
===
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
13:25:11 UTC (rev 10872)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c  2005-10-10 
14:10:37 UTC (rev 10873)
@@ -116,14 +116,22 @@
NDR_CHECK(ndr_pull_uint32(comndr, NDR_SCALARS, payload_header[2]));
NDR_CHECK(ndr_pull_uint32(comndr, NDR_SCALARS, payload_header[3]));
 
-   payload_size = payload_header[2];
-
-   /* TODO: check the first 4 bytes of the header */
+   if (payload_header[0] != 0x00081001) {
+   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
payload_header[0] [0x%08X] != [0x00081001] (PULL),
+ payload_header[0]);
+   }
if (payload_header[1] != 0x) {
return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
payload_header[1] [0x%08X] != [0x] (PULL),
  payload_header[1]);
}
 
+   payload_size = payload_header[2];
+
+   if (payload_header[3] != 0x) {
+   return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP 
payload_header[3] [0x%08X] != [0x] (PULL),
+ payload_header[3]);
+   }
+
payload_offset = comndr-offset;
NDR_CHECK(ndr_pull_advance(comndr, payload_size));
payload = comndr-data + payload_offset;

svn commit: samba r10874 - in branches/tmp/vl-cluster/source: . include lib libads libsmb modules nmbd nsswitch param passdb python registry rpc_client rpc_parse rpc_server script services smbd utils

[vlendec]

Author: vlendec
Date: 2005-10-10 15:03:52 + (Mon, 10 Oct 2005)
New Revision: 10874

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10874

Log:
Merge trunk up to r10873
Added:
   branches/tmp/vl-cluster/source/.indent.pro
   branches/tmp/vl-cluster/source/include/modconf.h
   branches/tmp/vl-cluster/source/rpc_server/srv_eventlog_lib.c
   branches/tmp/vl-cluster/source/services/svc_wins.c
   branches/tmp/vl-cluster/source/utils/wr_eventlog.c
Removed:
   branches/tmp/vl-cluster/source/include/modconf.h
Modified:
   branches/tmp/vl-cluster/source/Makefile.in
   branches/tmp/vl-cluster/source/include/doserr.h
   branches/tmp/vl-cluster/source/include/includes.h
   branches/tmp/vl-cluster/source/include/ntdomain.h
   branches/tmp/vl-cluster/source/include/rpc_eventlog.h
   branches/tmp/vl-cluster/source/include/rpc_misc.h
   branches/tmp/vl-cluster/source/include/rpc_svcctl.h
   branches/tmp/vl-cluster/source/include/secrets.h
   branches/tmp/vl-cluster/source/include/smb.h
   branches/tmp/vl-cluster/source/lib/talloc.c
   branches/tmp/vl-cluster/source/lib/talloctort.c
   branches/tmp/vl-cluster/source/libads/authdata.c
   branches/tmp/vl-cluster/source/libsmb/clikrb5.c
   branches/tmp/vl-cluster/source/modules/vfs_audit.c
   branches/tmp/vl-cluster/source/modules/vfs_extd_audit.c
   branches/tmp/vl-cluster/source/modules/vfs_full_audit.c
   branches/tmp/vl-cluster/source/nmbd/nmbd.c
   branches/tmp/vl-cluster/source/nsswitch/winbindd_dual.c
   branches/tmp/vl-cluster/source/nsswitch/winbindd_misc.c
   branches/tmp/vl-cluster/source/param/loadparm.c
   branches/tmp/vl-cluster/source/passdb/secrets.c
   branches/tmp/vl-cluster/source/python/py_common.h
   branches/tmp/vl-cluster/source/python/py_lsa.c
   branches/tmp/vl-cluster/source/python/py_samr.c
   branches/tmp/vl-cluster/source/python/py_spoolss.h
   branches/tmp/vl-cluster/source/python/py_spoolss_drivers.c
   branches/tmp/vl-cluster/source/python/py_spoolss_forms.c
   branches/tmp/vl-cluster/source/python/py_spoolss_jobs.c
   branches/tmp/vl-cluster/source/python/py_spoolss_ports.c
   branches/tmp/vl-cluster/source/python/py_spoolss_printerdata.c
   branches/tmp/vl-cluster/source/python/py_spoolss_printers.c
   branches/tmp/vl-cluster/source/python/py_srvsvc.c
   branches/tmp/vl-cluster/source/python/setup.py
   branches/tmp/vl-cluster/source/registry/reg_db.c
   branches/tmp/vl-cluster/source/registry/reg_eventlog.c
   branches/tmp/vl-cluster/source/registry/reg_frontend.c
   branches/tmp/vl-cluster/source/rpc_client/cli_pipe.c
   branches/tmp/vl-cluster/source/rpc_parse/parse_misc.c
   branches/tmp/vl-cluster/source/rpc_parse/parse_net.c
   branches/tmp/vl-cluster/source/rpc_parse/parse_ntsvcs.c
   branches/tmp/vl-cluster/source/rpc_parse/parse_prs.c
   branches/tmp/vl-cluster/source/rpc_server/srv_eventlog_nt.c
   branches/tmp/vl-cluster/source/rpc_server/srv_netlog_nt.c
   branches/tmp/vl-cluster/source/rpc_server/srv_ntsvcs_nt.c
   branches/tmp/vl-cluster/source/rpc_server/srv_pipe.c
   branches/tmp/vl-cluster/source/rpc_server/srv_reg_nt.c
   branches/tmp/vl-cluster/source/rpc_server/srv_svcctl_nt.c
   branches/tmp/vl-cluster/source/script/installman.sh
   branches/tmp/vl-cluster/source/services/services_db.c
   branches/tmp/vl-cluster/source/services/svc_rcinit.c
   branches/tmp/vl-cluster/source/smbd/open.c
   branches/tmp/vl-cluster/source/smbd/oplock_irix.c
   branches/tmp/vl-cluster/source/smbd/reply.c
   branches/tmp/vl-cluster/source/smbd/server.c
   branches/tmp/vl-cluster/source/smbd/service.c
   branches/tmp/vl-cluster/source/wrepld/server.c


Changeset:
Sorry, the patch is too large (4809 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10874

svn commit: samba r10875 - in branches/tmp/samba4-winsrepl: . source/include source/libcli/util source/librpc/idl source/librpc/ndr source/pidl/lib/Parse/Pidl/Samba/NDR source/torture source/torture/r

[metze]

Author: metze
Date: 2005-10-10 15:12:56 + (Mon, 10 Oct 2005)
New Revision: 10875

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10875

Log:
 [EMAIL PROTECTED] (orig r10865):  metze | 2005-10-10 11:33:06 +0200
 merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 tree
 
 metze
 
  [EMAIL PROTECTED]:  metze | 2005-06-30 13:44:23 +0200
  create the SAMBA_4_0 branch for the Summer Of Code Project
  
  metze
  
  [EMAIL PROTECTED]:  brad | 2005-07-24 03:09:48 +0200
  Branching Samba 4
  [EMAIL PROTECTED]:  brad | 2005-07-24 06:39:00 +0200
  added 'make installmisc' to howto.txt
  added existing 'compression' option to level8 drsuapi torture test
  added new 'neighbour_writeable' option to level8 drsuapi torture test
  [EMAIL PROTECTED]:  brad | 2005-07-24 06:42:38 +0200
  added metze's dssync patch as source/torture/rpc/dssync.c
  [EMAIL PROTECTED]:  brad | 2005-07-25 00:24:46 +0200
  added a test called RPC-DSSYNC to config.mk
  hacking at dssync.c in an attempt to make it compile
  [EMAIL PROTECTED]:  brad | 2005-07-25 15:19:21 +0200
  Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap 
calls.
  
  [EMAIL PROTECTED]:  brad | 2005-07-26 03:35:38 +0200
  more ldb changes to test_CompleteJoin(), it mostly kind of almost works now!
  
  [EMAIL PROTECTED]:  brad | 2005-07-26 03:56:00 +0200
  Trying to fix the crazy nesting in the branch
  [EMAIL PROTECTED]:  brad | 2005-07-26 04:48:29 +0200
  merging latest changes
  [EMAIL PROTECTED]:  brad | 2005-07-26 04:53:43 +0200
  removing nested branch
  [EMAIL PROTECTED]:  jerry | 2005-07-27 05:04:57 +0200
  merging on of Brad missing changes from the nested 4.0 branch debacle
  [EMAIL PROTECTED]:  jerry | 2005-07-27 05:14:42 +0200
  syncing up with the main 4_0 branch for Brad
  [EMAIL PROTECTED]:  brad | 2005-07-29 00:26:30 +0200
  merging changes from branches/SAMBA_4_0
  [EMAIL PROTECTED]:  brad | 2005-07-29 21:07:57 +0200
  Bringing my tree up to date
  [EMAIL PROTECTED]:  brad | 2005-07-30 00:48:04 +0200
  making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get 
my branch to compile again.
  [EMAIL PROTECTED]:  brad | 2005-07-30 03:20:33 +0200
  I think I have the ldb code down in test_CompleteJoin (not complete yet 
though)
  [EMAIL PROTECTED]:  brad | 2005-07-30 07:08:13 +0200
  Changed comments to C style /**/ (thanks Richard), some more changes to 
test_CompleteJoin(). 
  [EMAIL PROTECTED]:  brad | 2005-07-31 04:45:32 +0200
  Bringing the SOC/SAMBA_4_0 branch up to date.
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:00:41 +0200
  Updated some missing files from the branch
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:25:50 +0200
  Removing autogenerated files from branch
  [EMAIL PROTECTED]:  brad | 2005-07-31 20:43:58 +0200
  last of the unneeded files in SOC/SAMBA_4_0
  [EMAIL PROTECTED]:  brad | 2005-08-03 18:51:23 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 10:44:30 -0600
[EMAIL PROTECTED]:  j0j0 | 2005-08-02 22:54:13 -0600
creating a local branch of branches/SAMBA_4_0

   
  
  [EMAIL PROTECTED]:  brad | 2005-08-03 20:57:48 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 13:00:11 -0600
   Fixing differences between this branch and /branches/SAMBA_4_0
  
  [EMAIL PROTECTED]:  brad | 2005-08-03 21:18:05 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 13:23:12 -0600
   Updating config.mk so that smbtorture builds again
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:17:36 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-03 21:01:02 -0600
   Start using libnet_Join() for DC join.
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:17:47 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 10:21:34 -0600
   Some more work towards performing a dc join.
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 18:53:51 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 10:53:00 -0600
   Fixed a bug (passing a TALLOC_CTX to libnet_context_init() )
  
  [EMAIL PROTECTED]:  brad | 2005-08-04 21:59:55 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-04 14:04:55 -0600
   Some more work on the domain join
  
  [EMAIL PROTECTED]:  brad | 2005-08-05 16:50:26 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-05 08:55:58 -0600
   Committing minor changes before merge
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 17:25:25 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 09:30:12 -0600
   Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED.
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 17:25:36 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 09:31:22 -0600
   Working with libnet_Join(), code cleanup needed in the near future.
   
  
  [EMAIL PROTECTED]:  brad | 2005-08-07 21:40:22 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-07 13:46:09 -0600
   Some code cleanup to make things a little more readable.
  
  [EMAIL PROTECTED]:  brad | 2005-08-12 01:31:48 +0200
   [EMAIL PROTECTED]:  j0j0 | 2005-08-11 17:38:44 -0600
   Split libnet_JoinDomain() into libnet_JoinDomain() and 
libnet_JoinADSDomain().
  
  [EMAIL PROTECTED]:  brad | 

svn commit: samba r10876 - in trunk/source/rpc_server: .

[jerry]

Author: jerry
Date: 2005-10-10 18:11:11 + (Mon, 10 Oct 2005)
New Revision: 10876

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10876

Log:
use a reference count strategy for dealing with eventlog tdbs; still have to 
enforce access control in user space since we can only have one open context 
per tdb in any given process
Modified:
   trunk/source/rpc_server/srv_eventlog_lib.c
   trunk/source/rpc_server/srv_eventlog_nt.c


Changeset:
Sorry, the patch is too large (346 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10876

svn commit: samba-web r824 - in trunk/support: .

[deryck]

Author: deryck
Date: 2005-10-10 18:58:15 + (Mon, 10 Oct 2005)
New Revision: 824

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=824

Log:
Remove company info at company rep's request.

deryck

Modified:
   trunk/support/netherlands.html


Changeset:
Modified: trunk/support/netherlands.html
===
--- trunk/support/netherlands.html  2005-10-03 16:08:54 UTC (rev 823)
+++ trunk/support/netherlands.html  2005-10-10 18:58:15 UTC (rev 824)
@@ -4,24 +4,7 @@
 
 h2Commercial Support - Netherlands/h2
 
-!--Updated: 15 June 2004 --
-hr /
-h3Den Haag/h3
-presmall
-UNO Automatiseringsdiensten
- v.d. Kunstraat 30
- 2521 BC Den Haag
- Netherlands
- a href=http://www.uno.nl/it;http://www.uno.nl/it/a
 
- Contact:Jeroen Schellart
- Email:  a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a
- Phone:  +31-70-3300502
- Fax:+31-70-3300489
- Samba Experience:   Install and setup of Samba on Linux, Solaris, AIX and 
HP-UX
-/small/pre
-
-
 !-- Added: 04 January 2005 --
 hr /
 h3Nieuw Vennep/h3

svn commit: samba r10877 - in branches/tmp/samba4_ldap_controls: . source/include source/libcli/util source/librpc/idl source/librpc/ndr source/pidl/lib/Parse/Pidl/Samba/NDR source/torture source/tort

[idra]

Author: idra
Date: 2005-10-10 19:53:20 + (Mon, 10 Oct 2005)
New Revision: 10877

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10877

Log:
 merge from main tree

Added:
   branches/tmp/samba4_ldap_controls/source/torture/rpc/dssync.c
Modified:
   branches/tmp/samba4_ldap_controls/
   branches/tmp/samba4_ldap_controls/source/include/doserr.h
   branches/tmp/samba4_ldap_controls/source/libcli/util/doserr.c
   branches/tmp/samba4_ldap_controls/source/librpc/idl/drsuapi.idl
   branches/tmp/samba4_ldap_controls/source/librpc/ndr/libndr.h
   branches/tmp/samba4_ldap_controls/source/librpc/ndr/ndr_basic.c
   branches/tmp/samba4_ldap_controls/source/librpc/ndr/ndr_compression.c
   
branches/tmp/samba4_ldap_controls/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm
   branches/tmp/samba4_ldap_controls/source/torture/config.mk
   branches/tmp/samba4_ldap_controls/source/torture/rpc/drsuapi.c
   branches/tmp/samba4_ldap_controls/source/torture/torture.c


Changeset:
Sorry, the patch is too large (417 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10877

svn commit: samba r10878 - in branches/SAMBA_4_0/source: libcli/composite libcli/raw libcli/smb_composite ntvfs/cifs winbind

[vlendec]

Author: vlendec
Date: 2005-10-10 19:57:55 + (Mon, 10 Oct 2005)
New Revision: 10878

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10878

Log:
Reply to some comments by tridge and metze:

* rename the composite helper functions from comp_* to composite_*

* Move the lsa initialization to wb_connect_lsa.c

* Equip smb_composite_connect with a fallback_to_anonymous

The latter two simplify wb_init_domain.c quite a bit.

Volker

Added:
   branches/SAMBA_4_0/source/winbind/wb_connect_lsa.c
Modified:
   branches/SAMBA_4_0/source/libcli/composite/composite.c
   branches/SAMBA_4_0/source/libcli/raw/clitree.c
   branches/SAMBA_4_0/source/libcli/smb_composite/connect.c
   branches/SAMBA_4_0/source/libcli/smb_composite/fetchfile.c
   branches/SAMBA_4_0/source/libcli/smb_composite/fsinfo.c
   branches/SAMBA_4_0/source/libcli/smb_composite/smb_composite.h
   branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c
   branches/SAMBA_4_0/source/winbind/config.mk
   branches/SAMBA_4_0/source/winbind/wb_async_helpers.c
   branches/SAMBA_4_0/source/winbind/wb_init_domain.c


Changeset:
Sorry, the patch is too large (1327 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10878

svn commit: samba r10879 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3: .

[jra]

Author: jra
Date: 2005-10-10 20:03:34 + (Mon, 10 Oct 2005)
New Revision: 10879

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10879

Log:
Added the ZERO_STRUCT(q_u), (r_u) entries to the generated
Samba3 code. Jelmer please check !
Jeremy.

Modified:
   branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm


Changeset:
Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm
===
--- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm  
2005-10-10 19:57:55 UTC (rev 10878)
+++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm  
2005-10-10 20:03:34 UTC (rev 10879)
@@ -36,6 +36,9 @@
pidl prs_struct *data = p-in_data.data;;
pidl prs_struct *rdata = p-out_data.rdata;;
pidl ;
+   pidl ZERO_STRUCT(q_u);
+   pidl ZERO_STRUCT(r_u);
+   pidl ;
pidl if (!$if-{NAME}_io_q_$fn-{NAME}(\\, q_u, data, 0));
pidl \treturn False;;
pidl ;

svn commit: samba r10880 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3: .

[jra]

Author: jra
Date: 2005-10-10 20:05:29 + (Mon, 10 Oct 2005)
New Revision: 10880

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10880

Log:
Missed terminating ';', sorry.
Jeremy.

Modified:
   branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm


Changeset:
Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm
===
--- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm  
2005-10-10 20:03:34 UTC (rev 10879)
+++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm  
2005-10-10 20:05:29 UTC (rev 10880)
@@ -36,8 +36,8 @@
pidl prs_struct *data = p-in_data.data;;
pidl prs_struct *rdata = p-out_data.rdata;;
pidl ;
-   pidl ZERO_STRUCT(q_u);
-   pidl ZERO_STRUCT(r_u);
+   pidl ZERO_STRUCT(q_u);;
+   pidl ZERO_STRUCT(r_u);;
pidl ;
pidl if (!$if-{NAME}_io_q_$fn-{NAME}(\\, q_u, data, 0));
pidl \treturn False;;

svn commit: samba r10881 - in trunk/source: . include rpc_client rpc_parse rpc_server rpcclient

[jra]

Author: jra
Date: 2005-10-10 21:44:01 + (Mon, 10 Oct 2005)
New Revision: 10881

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10881

Log:
Add in the first Samba4 pidl auto-generated parsing code.
Thanks a *lot* to Jelmer for all his work on this.
Jeremy.

Modified:
   trunk/source/configure.in
   trunk/source/include/rpc_dfs.h
   trunk/source/rpc_client/cli_dfs.c
   trunk/source/rpc_parse/parse_dfs.c
   trunk/source/rpc_server/srv_dfs.c
   trunk/source/rpc_server/srv_dfs_nt.c
   trunk/source/rpcclient/cmd_dfs.c


Changeset:
Sorry, the patch is too large (5802 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10881

svn commit: samba r10882 - in trunk/source: include rpc_server utils

[jerry]

Author: jerry
Date: 2005-10-10 22:05:06 + (Mon, 10 Oct 2005)
New Revision: 10882

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10882

Log:
renames for #defines of event lgo tdb keys (for consistency)  fix wr_eventlog 
for new elog_open_tdb() semantics
Modified:
   trunk/source/include/rpc_eventlog.h
   trunk/source/rpc_server/srv_eventlog_lib.c
   trunk/source/rpc_server/srv_eventlog_nt.c
   trunk/source/utils/wr_eventlog.c


Changeset:
Modified: trunk/source/include/rpc_eventlog.h
===
--- trunk/source/include/rpc_eventlog.h 2005-10-10 21:44:01 UTC (rev 10881)
+++ trunk/source/include/rpc_eventlog.h 2005-10-10 22:05:06 UTC (rev 10882)
@@ -47,11 +47,11 @@
 #define EVENTLOG_AUDIT_FAILURE0x0010
 
 /* Defines for TDB keys */
-#define  VN_oldest_entry  INFO/oldest_entry
-#define  VN_next_record   INFO/next_record
-#define  VN_version   INFO/version
-#define  VN_maxsize   INFO/maxsize
-#define  VN_retention INFO/retention
+#define  EVT_OLDEST_ENTRY  INFO/oldest_entry
+#define  EVT_NEXT_RECORD   INFO/next_record
+#define  EVT_VERSION   INFO/version
+#define  EVT_MAXSIZE   INFO/maxsize
+#define  EVT_RETENTION INFO/retention
 
 #define ELOG_APPL  Application
 #define ELOG_SYS   System

Modified: trunk/source/rpc_server/srv_eventlog_lib.c
===
--- trunk/source/rpc_server/srv_eventlog_lib.c  2005-10-10 21:44:01 UTC (rev 
10881)
+++ trunk/source/rpc_server/srv_eventlog_lib.c  2005-10-10 22:05:06 UTC (rev 
10882)
@@ -55,12 +55,12 @@
 
/* initialize with defaults, copy real values in here from registry */
 
-   tdb_store_int32( tdb, VN_oldest_entry, 1 );
-   tdb_store_int32( tdb, VN_next_record, 1 );
-   tdb_store_int32( tdb, VN_maxsize, 0x8 );
-   tdb_store_int32( tdb, VN_retention, 0x93A80 );
+   tdb_store_int32( tdb, EVT_OLDEST_ENTRY, 1 );
+   tdb_store_int32( tdb, EVT_NEXT_RECORD, 1 );
+   tdb_store_int32( tdb, EVT_MAXSIZE, 0x8 );
+   tdb_store_int32( tdb, EVT_RETENTION, 0x93A80 );
 
-   tdb_store_int32( tdb, VN_version, EVENTLOG_DATABASE_VERSION_V1 );
+   tdb_store_int32( tdb, EVT_VERSION, EVENTLOG_DATABASE_VERSION_V1 );
 
return tdb;
 }
@@ -120,11 +120,11 @@
tdb_traverse( tdb, eventlog_tdb_size_fn, tsize );
 
if ( MaxSize != NULL ) {
-   *MaxSize = tdb_fetch_int32( tdb, VN_maxsize );
+   *MaxSize = tdb_fetch_int32( tdb, EVT_MAXSIZE );
}
 
if ( Retention != NULL ) {
-   *Retention = tdb_fetch_int32( tdb, VN_retention );
+   *Retention = tdb_fetch_int32( tdb, EVT_RETENTION );
}
 
DEBUG( 1,
@@ -168,12 +168,12 @@
if ( mem_ctx == NULL )
return False;   /* can't allocate memory indicates bigger 
problems */
/* lock */
-   tdb_lock_bystring( the_tdb, VN_next_record, 1 );
+   tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 );
/* read */
-   end_record = tdb_fetch_int32( the_tdb, VN_next_record );
-   start_record = tdb_fetch_int32( the_tdb, VN_oldest_entry );
-   Retention = tdb_fetch_int32( the_tdb, VN_retention );
-   MaxSize = tdb_fetch_int32( the_tdb, VN_maxsize );
+   end_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD );
+   start_record = tdb_fetch_int32( the_tdb, EVT_OLDEST_ENTRY );
+   Retention = tdb_fetch_int32( the_tdb, EVT_RETENTION );
+   MaxSize = tdb_fetch_int32( the_tdb, EVT_MAXSIZE );
 
time( current_time );
 
@@ -199,7 +199,7 @@
DEBUG( 8,
   ( Can't find a record for the key, record 
[%d]\n,
 i ) );
-   tdb_unlock_bystring( the_tdb, VN_next_record );
+   tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD );
return False;
}
nbytes += ret.dsize;/* note this includes overhead */
@@ -236,9 +236,9 @@
tdb_delete( the_tdb, key );
}
 
-   tdb_store_int32( the_tdb, VN_oldest_entry, new_start );
+   tdb_store_int32( the_tdb, EVT_OLDEST_ENTRY, new_start );
}
-   tdb_unlock_bystring( the_tdb, VN_next_record );
+   tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD );
return True;
 }
 
@@ -340,7 +340,7 @@
 
tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 );  
if ( tdb ) {
-   vers_id = tdb_fetch_int32( tdb, VN_version );
+   vers_id = tdb_fetch_int32( tdb, EVT_VERSION );
 
if ( vers_id != EVENTLOG_DATABASE_VERSION_V1 ) {
DEBUG(1,(elog_open_tdb: Invalid version [%d] on file 
[%s].\n,
@@ -466,9 +466,9 @@
/* need to read the record number and insert it into the entry here */
 
/* lock */
-   

svn commit: samba r10883 - in trunk/source/rpc_server: .

[jerry]

Author: jerry
Date: 2005-10-10 22:17:41 + (Mon, 10 Oct 2005)
New Revision: 10883

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10883

Log:
cleaning up comments
Modified:
   trunk/source/rpc_server/srv_eventlog_lib.c


Changeset:
Modified: trunk/source/rpc_server/srv_eventlog_lib.c
===
--- trunk/source/rpc_server/srv_eventlog_lib.c  2005-10-10 22:05:06 UTC (rev 
10882)
+++ trunk/source/rpc_server/srv_eventlog_lib.c  2005-10-10 22:17:41 UTC (rev 
10883)
@@ -104,9 +104,12 @@
return 0;
 }
 
-/* returns the size of the eventlog, and if MaxSize is a non-null ptr, puts 
-   the MaxSize there. This is purely a way not to have yet another function 
that solely
-   reads the maxsize of the eventlog. Yeah, that's it.  */
+/
+ returns the size of the eventlog, and if MaxSize is a non-null 
+ ptr, puts the MaxSize there. This is purely a way not to have yet 
+ another function that solely reads the maxsize of the eventlog. 
+ Yeah, that's it.
+/
 
 int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention )
 {
@@ -133,20 +136,18 @@
return tsize.size;
 }
 
+/
+ Discard early event logs until we have enough for 'needed' bytes...
+ NO checking done beforehand to see that we actually need to do 
+ this, and it's going to pluck records one-by-one. So, it's best 
+ to determine that this needs to be done before doing it.  
 
-/* 
-   Discard early event logs until we have enough for 'needed' bytes...
-   NO checking done beforehand to see that we actually need to do this, and
-   it's going to pluck records one-by-one. So, it's best to determine that 
this 
-   needs to be done before doing it.  
+ Setting whack_by_date to True indicates that eventlogs falling 
+ outside of the retention range need to go...
+ 
+ return True if we made enough room to accommodate needed bytes
+/
 
-   Setting whack_by_date to True indicates that eventlogs falling outside of 
the 
-   retention range need to go...
-
-*/
-
-/* return True if we made enough room to accommodate needed bytes */
-
 BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed,
 BOOL whack_by_date )
 {
@@ -242,10 +243,10 @@
return True;
 }
 
-/*
+/
   some hygiene for an eventlog - see how big it is, and then 
   calculate how many bytes we need to remove   
-*/
+/
 
 BOOL prune_eventlog( TDB_CONTEXT * tdb )
 {
@@ -269,6 +270,9 @@
return make_way_for_eventlogs( tdb, 0, True );
 }
 
+/
+/
+
 BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed )
 {
int calcd_size;

svn commit: samba r10884 - in trunk/source/rpc_server: .

[jerry]

Author: jerry
Date: 2005-10-10 22:18:12 + (Mon, 10 Oct 2005)
New Revision: 10884

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10884

Log:
adding placeholder for access check in eventlog open
Modified:
   trunk/source/rpc_server/srv_eventlog_nt.c


Changeset:
Modified: trunk/source/rpc_server/srv_eventlog_nt.c
===
--- trunk/source/rpc_server/srv_eventlog_nt.c   2005-10-10 22:17:41 UTC (rev 
10883)
+++ trunk/source/rpc_server/srv_eventlog_nt.c   2005-10-10 22:18:12 UTC (rev 
10884)
@@ -31,6 +31,7 @@
uint32 num_records;
uint32 oldest_entry;
uint32 flags;
+   uint32 access_granted;
 } EVENTLOG_INFO;
 
 /
@@ -64,6 +65,14 @@
 }
 
 /
+/
+
+static BOOL elog_check_access( EVENTLOG_INFO *info )
+{
+   return True;
+}
+
+/
  /
 
 static BOOL elog_validate_logname( const char *name )
@@ -95,11 +104,16 @@
return WERR_NOMEM;

elog-logname = talloc_strdup( elog, logname );
+   
+   /* do the access check */
+   if ( !elog_check_access( elog ) ) {
+   TALLOC_FREE( elog );
+   return WERR_ACCESS_DENIED;
+   }
 
/* having done the nexessary access checks, surround the
   tdb open with a {un}become_root() pair since we can
   only have one tdb context per eventlog per process */
-

become_root();
elog-tdb = elog_open_tdb( elog-logname );
@@ -115,6 +129,12 @@

elog-logname = talloc_strdup( elog, ELOG_APPL );   

 
+   /* do the access check */
+   if ( !elog_check_access( elog ) ) {
+   TALLOC_FREE( elog );
+   return WERR_ACCESS_DENIED;
+   }
+   
become_root();
elog-tdb = elog_open_tdb( elog-logname );
unbecome_root();
@@ -124,7 +144,7 @@
TALLOC_FREE( elog );
return WERR_OBJECT_PATH_INVALID;/* ??? */   

}
-   }   
+   }

/* create the policy handle */

Build status as of Tue Oct 11 00:00:02 2005

[build]

URL: http://build.samba.org/

--- /home/build/master/cache/broken_results.txt.old 2005-10-10 
00:00:29.0 +
+++ /home/build/master/cache/broken_results.txt 2005-10-11 00:00:33.0 
+
@@ -1,17 +1,17 @@
-Build status as of Mon Oct 10 00:00:02 2005
+Build status as of Tue Oct 11 00:00:02 2005
 
 Build counts:
 Tree Total  Broken Panic 
-ccache   9  2  0 
-distcc   11 2  0 
-lorikeet-heimdal 14 9  0 
+ccache   10 2  0 
+distcc   11 3  0 
+lorikeet-heimdal 12 6  0 
 ppp  18 0  0 
-rsync38 3  0 
+rsync37 2  0 
 samba2  0  0 
 samba-docs   0  0  0 
 samba4   38 16 4 
 samba_3_038 10 0 
 smb-build29 5  0 
-talloc   13 5  0 
-tdb  8  3  0 
+talloc   11 5  0 
+tdb  9  4  0 
 

svn commit: samba r10885 - in branches/SAMBA_3_0/source/smbd: .

[jra]

Author: jra
Date: 2005-10-11 04:25:47 + (Tue, 11 Oct 2005)
New Revision: 10885

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10885

Log:
Fix bug where read-only share files are always seen as
read-only. Noticed by Andrew Bartlett.
Jeremy

Modified:
   branches/SAMBA_3_0/source/smbd/dosmode.c
   branches/SAMBA_3_0/source/smbd/posix_acls.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dosmode.c
===
--- branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-10 22:18:12 UTC (rev 
10884)
+++ branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:25:47 UTC (rev 
10885)
@@ -479,7 +479,7 @@
 */
 
/* Check if we have write access. */
-   if (can_write_to_file(conn, fname, sbuf)) {
+   if (CAN_WRITE(conn)  can_write_to_file(conn, fname, sbuf)) {
/* We are allowed to become root and change the filetime. */
become_root();
ret = SMB_VFS_UTIME(conn,fname, times);

Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c
===
--- branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-10-10 22:18:12 UTC (rev 
10884)
+++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-10-11 04:25:47 UTC (rev 
10885)
@@ -4149,16 +4149,13 @@
 /
  Actually emulate the in-kernel access checking for write access. We need
  this to successfully check for ability to write for dos filetimes.
+ Note this doesn't take into account share write permissions.
 /
 
 BOOL can_write_to_file(connection_struct *conn, const char *fname, 
SMB_STRUCT_STAT *psbuf)
 {
int ret;
 
-   if (!CAN_WRITE(conn)) {
-   return False;
-   }
-
if (current_user.uid == 0 || conn-admin_user) {
/* I'm sorry sir, I didn't know you were root... */
return True;

svn commit: samba r10886 - in trunk/source/smbd: .

[jra]

Author: jra
Date: 2005-10-11 04:26:09 + (Tue, 11 Oct 2005)
New Revision: 10886

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10886

Log:
Fix bug where read-only share files are always seen as
read-only. Noticed by Andrew Bartlett.
Jeremy

Modified:
   trunk/source/smbd/dosmode.c
   trunk/source/smbd/posix_acls.c


Changeset:
Modified: trunk/source/smbd/dosmode.c
===
--- trunk/source/smbd/dosmode.c 2005-10-11 04:25:47 UTC (rev 10885)
+++ trunk/source/smbd/dosmode.c 2005-10-11 04:26:09 UTC (rev 10886)
@@ -479,7 +479,7 @@
 */
 
/* Check if we have write access. */
-   if (can_write_to_file(conn, fname, sbuf)) {
+   if (CAN_WRITE(conn)  can_write_to_file(conn, fname, sbuf)) {
/* We are allowed to become root and change the filetime. */
become_root();
ret = SMB_VFS_UTIME(conn,fname, times);

Modified: trunk/source/smbd/posix_acls.c
===
--- trunk/source/smbd/posix_acls.c  2005-10-11 04:25:47 UTC (rev 10885)
+++ trunk/source/smbd/posix_acls.c  2005-10-11 04:26:09 UTC (rev 10886)
@@ -4149,16 +4149,13 @@
 /
  Actually emulate the in-kernel access checking for write access. We need
  this to successfully check for ability to write for dos filetimes.
+ Note this doesn't take into account share write permissions.
 /
 
 BOOL can_write_to_file(connection_struct *conn, const char *fname, 
SMB_STRUCT_STAT *psbuf)
 {
int ret;
 
-   if (!CAN_WRITE(conn)) {
-   return False;
-   }
-
if (current_user.uid == 0 || conn-admin_user) {
/* I'm sorry sir, I didn't know you were root... */
return True;

svn commit: samba r10887 - in trunk/source/smbd: .

[jra]

Author: jra
Date: 2005-10-11 04:28:29 + (Tue, 11 Oct 2005)
New Revision: 10887

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10887

Log:
We've already checked 'CAN_WRITE' so we don't need to do it again.
Jeremy.

Modified:
   trunk/source/smbd/dosmode.c


Changeset:
Modified: trunk/source/smbd/dosmode.c
===
--- trunk/source/smbd/dosmode.c 2005-10-11 04:26:09 UTC (rev 10886)
+++ trunk/source/smbd/dosmode.c 2005-10-11 04:28:29 UTC (rev 10887)
@@ -479,7 +479,7 @@
 */
 
/* Check if we have write access. */
-   if (CAN_WRITE(conn)  can_write_to_file(conn, fname, sbuf)) {
+   if (can_write_to_file(conn, fname, sbuf)) {
/* We are allowed to become root and change the filetime. */
become_root();
ret = SMB_VFS_UTIME(conn,fname, times);

svn commit: samba r10888 - in branches/SAMBA_3_0/source/smbd: .

[jra]

Author: jra
Date: 2005-10-11 04:28:46 + (Tue, 11 Oct 2005)
New Revision: 10888

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10888

Log:
We've already checked 'CAN_WRITE' so we don't need to do it again.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/smbd/dosmode.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dosmode.c
===
--- branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:28:29 UTC (rev 
10887)
+++ branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:28:46 UTC (rev 
10888)
@@ -479,7 +479,7 @@
 */
 
/* Check if we have write access. */
-   if (CAN_WRITE(conn)  can_write_to_file(conn, fname, sbuf)) {
+   if (can_write_to_file(conn, fname, sbuf)) {
/* We are allowed to become root and change the filetime. */
become_root();
ret = SMB_VFS_UTIME(conn,fname, times);

svn commit: samba r10889 - in branches/SAMBA_4_0/source/lib/ldb/ldb_tdb: .

[tridge]

Author: tridge
Date: 2005-10-11 04:34:15 + (Tue, 11 Oct 2005)
New Revision: 10889

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10889

Log:

make searches for dn's less of a special case, and much faster when
part of more complex expressions

Modified:
   branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c
   branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c
===
--- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c   2005-10-11 
04:28:46 UTC (rev 10888)
+++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c   2005-10-11 
04:34:15 UTC (rev 10889)
@@ -319,6 +319,13 @@
if (ldb_attr_cmp(tree-u.equality.attr, LTDB_OBJECTCLASS) == 0) {
return ltdb_index_dn_objectclass(module, tree, index_list, 
list);
}
+   if (ldb_attr_cmp(tree-u.equality.attr, distinguishedName) == 0 ||
+   ldb_attr_cmp(tree-u.equality.attr, dn) == 0) {
+   char *dn = talloc_strdup(list, (char 
*)tree-u.equality.value.data);
+   list-count = 1;
+   list-dn = dn;
+   return 1;
+   }
return ltdb_index_dn_simple(module, tree, index_list, list);
 }
 

Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c
===
--- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c  2005-10-11 
04:28:46 UTC (rev 10888)
+++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c  2005-10-11 
04:34:15 UTC (rev 10889)
@@ -501,21 +501,6 @@
if ((base == NULL || base-comp_num == 0) 
(scope == LDB_SCOPE_BASE || scope == LDB_SCOPE_ONELEVEL)) return -1;
 
-   /* it is important that we handle dn queries this way, and not
-  via a full db search, otherwise ldb is horribly slow */
-   if (tree-operation == LDB_OP_EQUALITY 
-   (ldb_attr_cmp(tree-u.equality.attr, dn) == 0 ||
-ldb_attr_cmp(tree-u.equality.attr, distinguishedName) == 0)) {
-   struct ldb_dn *dn;
-   dn = ldb_dn_explode(module-ldb, tree-u.equality.value.data);
-   if (dn == NULL) {
-   return LDB_ERR_INVALID_DN_SYNTAX;
-   }
-   ret = ltdb_search_dn(module, dn, attrs, res);
-   talloc_free(dn);
-   return ret;
-   }
-
if (ltdb_lock_read(module) != 0) {
return -1;
}

svn commit: samba r10890 - in branches/tmp/samba4-winsrepl: . source/lib/ldb/ldb_tdb source/libcli/composite source/libcli/raw source/libcli/smb_composite source/ntvfs/cifs source/pidl/lib/Parse/Pidl/

[metze]

Author: metze
Date: 2005-10-11 04:43:44 + (Tue, 11 Oct 2005)
New Revision: 10890

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10890

Log:
 [EMAIL PROTECTED] (orig r10878):  vlendec | 2005-10-10 21:57:55 +0200
 Reply to some comments by tridge and metze:
 
 * rename the composite helper functions from comp_* to composite_*
 
 * Move the lsa initialization to wb_connect_lsa.c
 
 * Equip smb_composite_connect with a fallback_to_anonymous
 
 The latter two simplify wb_init_domain.c quite a bit.
 
 Volker
 
 [EMAIL PROTECTED] (orig r10879):  jra | 2005-10-10 22:03:34 +0200
 Added the ZERO_STRUCT(q_u), (r_u) entries to the generated
 Samba3 code. Jelmer please check !
 Jeremy.
 
 [EMAIL PROTECTED] (orig r10880):  jra | 2005-10-10 22:05:29 +0200
 Missed terminating ';', sorry.
 Jeremy.
 
 [EMAIL PROTECTED] (orig r10889):  tridge | 2005-10-11 06:34:15 +0200
 
 make searches for dn's less of a special case, and much faster when
 part of more complex expressions
 

Added:
   branches/tmp/samba4-winsrepl/source/winbind/wb_connect_lsa.c
Modified:
   branches/tmp/samba4-winsrepl/
   branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_index.c
   branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_search.c
   branches/tmp/samba4-winsrepl/source/libcli/composite/composite.c
   branches/tmp/samba4-winsrepl/source/libcli/raw/clitree.c
   branches/tmp/samba4-winsrepl/source/libcli/smb_composite/connect.c
   branches/tmp/samba4-winsrepl/source/libcli/smb_composite/fetchfile.c
   branches/tmp/samba4-winsrepl/source/libcli/smb_composite/fsinfo.c
   branches/tmp/samba4-winsrepl/source/libcli/smb_composite/smb_composite.h
   branches/tmp/samba4-winsrepl/source/ntvfs/cifs/vfs_cifs.c
   branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Server.pm
   branches/tmp/samba4-winsrepl/source/winbind/config.mk
   branches/tmp/samba4-winsrepl/source/winbind/wb_async_helpers.c
   branches/tmp/samba4-winsrepl/source/winbind/wb_init_domain.c


Changeset:
Sorry, the patch is too large (1403 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10890

svn commit: samba r10891 - in branches/SAMBA_4_0/source/lib/tdb/common: .

[tridge]

Author: tridge
Date: 2005-10-11 05:01:52 + (Tue, 11 Oct 2005)
New Revision: 10891

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10891

Log:

I noticed that the secrets.db was not being backed up on my system due
to msync/mmap not changing the mtime of the file. This patch ensures
that for successfully completed transactions we update the mtime.

I don't do this on all tdb writes as its too expensive, but doing it
just on transactions is bearable, as those cost quite a lot anyway.


Modified:
   branches/SAMBA_4_0/source/lib/tdb/common/transaction.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/tdb/common/transaction.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/transaction.c  2005-10-11 
04:43:44 UTC (rev 10890)
+++ branches/SAMBA_4_0/source/lib/tdb/common/transaction.c  2005-10-11 
05:01:52 UTC (rev 10891)
@@ -857,6 +857,15 @@
 
tdb_brlock_len(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
 
+   /* on some systems (like Linux 2.6.x) changes via mmap/msync
+  don't change the mtime of the file, this means the file may
+  not be backed up (as tdb rounding to block sizes means that
+  file size changes are quite rare too). The following forces
+  mtime changes when a transaction completes */
+#ifdef HAVE_UTIME
+   utime(tdb-name, NULL);
+#endif
+
/* use a transaction cancel to free memory and remove the
   transaction locks */
tdb_transaction_cancel(tdb);