[Samba] Getting Win share info through samba?
Hi! I wonder if it is possible to retreive info about a Win share in samba so that I know the physical path of the share. I.e I want to know the share Data's the physical path C:\Test\Data. Is this possible? Thanks Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User unable to change their password using smbpasswd
Hello, everyone I searched in the list, some problems are the same as it. But I can't find the resolution. Would you please help me. Now, nobody can change the password. -原始邮件- 发件人: FCG Lu Bei 发送时间: 2005年10月10日 12:18 收件人: 'samba@lists.samba.org' 主题: User unable to change their password using smbpasswd 重要性: 高 May anyone help me solve the problem? I use samba 2.2.2 on Solaris 8 ngnvob02 [** NONE **]/export/home/sitlb $ cd /usr/local/samba/bin ngnvob02 [** NONE **]/usr/local/samba/bin $ ./smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : ERRSRV - ERRbadpw. Failed to change password for sitlb But I can change the passwd as root. Thank you very much! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba 3.0.20a and Winbind crashing (bug?)
Yeah same on my other 3 light load servers. one has crashed once (which is the heavier loaded of the 3) Very frustrating :/ Cheers Ross [EMAIL PROTECTED] wrote: All running RHES 3, all with samba 3.0.20a and all have the winbind crashing problem :/ the main 2 are the filestore and email servers, also get the most usage. in fact from my systems point of view, its definatly a most usage = most frequent winbind crashing issue. I have one rhel3 (centos3 actually) server on which winbind has been running since samba-3.0.20a was released. Hasn't crashed once, though I wouldn't categorize it's usage as heavy. -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)
Yeah i forgot to mention that, i had the same problem in 3.0.14a as i do in 3.0.20a :/ Mine doesnt freeze, it actually ends the daemon. whats odd (just noticed this morning) is i checked the server at 7:40am, all is well. checked it at 8.05 am, its crashed! just had a look through logs etc, it looks like it crashes at 8am most days! always 8 am! last night when i checked it was slighly different, it seems that crash was caused due to a log rotate. :/ Any one else got any ideas? Cheers Ross This sounds like the same problem i had with winbind in both 3.0.14 abd 3.0.20. Mine freezes, and the daemon appears to be still running using ps and top, but it doesnt respond to queries. It seems like i can trigger this event by running getent passwd. It shows the accounts, but then the daemon dies. I run it on debian sarge, and i have another server with different hardware that also runs debian sarge. The other server does not have the problem (havent tested with getent passwd) but it does not see as many auth. attempts as the freezing server does. I use winbindd for pam_winbind. And some times it goes days without crashing other times it freezes several times an hour. I get this following entries in my auth.log: write to socket failed! internal module error (retval = 3 I circumvented it by running wbinfo -p every minute and restarting winbbind if wbinfo failed. JonB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error compiling Samba for MySQL Support
Is this a mysql error, don't think so coz' the error is within system quota's. are you sure your system support system quota's ?? Collen Andrew Stephen wrote: Hi I am trying to recompile samba for MySQL support and get the following error Compiling lib/sysquotas_4A.c lib/sysquotas_4A.c: In function sys_get_vfs_quota: lib/sysquotas_4A.c:102: error: struct dqblk has no member named dqb_curblocks lib/sysquotas_4A.c:119: error: struct dqblk has no member named dqb_curblocks lib/sysquotas_4A.c:165: error: struct dqblk has no member named dqb_curblocks make: *** [lib/sysquotas_4A.o] Error 1 Any suggestions on how to get past it would be greatly appreciated. Cheers Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] error , mysql and samba
Yes it's necessary to make the unix users aswel unless you make a open system and use the nobody user. but then again you miss security and all..! Collen Dnebla wrote: hello everybody , before sorry bad english . my consults is , the configuration samba with passdb backend mysql , is necessary, create user unix system ? is necessary, adduser user ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mod_ntlm_winbind on Apache vs. IE6, no POST method
Is the mod_ntlm_winbind already apache 2.XX ready ?? or is it still written for the 1.3.XX version ? Collen Andrew Bartlett wrote: On Mon, 2005-10-03 at 14:34 -0600, Todd Garrison wrote: Hello, I have setup mod_ntlm_winbind Firstly, I presume this is the version from lorikeet SVN? to provide authentication for an Apache 1.3.33 webserver running on Fedora Core 3. The authentication works, but I have run into a problem when using Internet Explorer. It seems that the problem might be with Internet Explorer itself, but here is what I think is happening - the browser will not submit any forms with a POST method on a website protected with NTLM Auth. Everything seems to work fine when using Firefox/Mozilla, but IE6 has a problem. Attached is the text extracted from a packet capture using both browsers: You can see that IE6 sends content-length: 0 and includes the NTLM hash again, whereas Firefox does not. Is this a bug in mod_ntlm_winbind, IE6, or just a configuration error? It looks like MSIE is avoiding resubmitting the POST twice for the multiple round trips of the NTLM exchange. Firefox is probably still sitting on an existing connection. So, I think the issue might be that apache is not handling the NTLM authentication request to the module, but we would need to see more server-side logs and a real (uncensored, unfortunately) packet capture. A small group of developers trying to take mod_ntlm_winbind further are gathering, I think we need to setup a public webpage and some contact details... Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: 答复: [Samba] About the group setting in smb.conf.
The groupmap function is part of the new net command (i.e. net groupmap ). It's part of Samba, not FreeBSD. Liu wrote: Hi Gary, My environment is FreeBSD 5.4 , Samba 3.0.12 and the users are authenticated by AD server(that is the password server points to this server) It seems no groupmap command on freebsd, How I can solve this issue? Thanks! Liu -邮件原件- 发件人: Gary Dale [mailto:[EMAIL PROTECTED] 发送时间: 2005年10月10日 11:07 收件人: Liu; Liu, Hong Quan 刘红泉 抄送: samba@lists.samba.org 主题: Re: [Samba] About the group setting in smb.conf. Liu wrote: Hi, This is my first time to configure Samba server as a member server in AD domain, So, I have a question about how to configure a group name with one or more spaces in smb.conf? As we know, this kind of group names are very common in Windows environment. For example, set “valid users” parameter: Usually , a name starting with @ is represented group, valid users = username, @GroupName,… But if the group name includes spaces, e.g. “it dept”, “sales dept”, How can I set them correctly? (I set them as @”it dept”, but the winbind log file tells me “group it dept in domain does not exist”, But I can list this group using wbinfo �Cg) Wish someone give me a advice! Thanks in advance! Best Regards! Liu hongquan Basically, you need to map your NT groups to Linux groups. The Linux groups should not have spaces in the names. Do a search on samba groupmap for the details. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Aix Level 5.1.9 and Samba 3.0.4.0
Danick RAHARD wrote: | On a Unix server, level 5.1.9 , i cannot run samba 3.0.4.0 : i got this | error message : | | * | | [EMAIL PROTECTED] /usr/local/samba/sbin nmbd | | Could not load program nmbd: | | Symbol resolution failed for nmbd because: | | Symbol __strtollmax (number 189) is not exported from dependent | | module /usr/lib/libc.a(shr.o). | | Examine .loader section symbols with the 'dump -Tv' command. | | * | ** | can you explain me the reason ? Cordialement RAHARD Danick Schenker-Joyau Tel : 02.43.61.48.61 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] cannot change computer name
This is a repeat post . I am waiting to hear from someone about this issue. please help me resolving this issue. I have samba PDC configured. I am unable to change the computer name for any computer . All clients are windows XP pro . It says access denied. Although i use the same Administrator username and password which i used to join these computers to samba domain. I will really appreciate if some can help me in this . thanks regards I am using samba-server-3.0.13-2mdk Here is Global section of my samba conf [global] server string = network Share workgroup = NETPDC netbios name = freeze encrypt passwords = Yes smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *new*password* %n\n *success* passwd program = /usr/bin/passwd %u passwd chat debug = yes unix password sync = Yes log level = 0 username map = /etc/samba/smbusers syslog = 0 printcap name = CUPS show add printer wizard = no printing = CUPS name resolve order = wins bcast hosts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\login.bat #logon home = \\%L\%U #logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes winbind separator = \ idmap uid = 1-2 idmap gid = 1-2 # directory security mask = 0775 # security mask = 0775 # create mask = 0775 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] cannot change computer name
You cannot change the computer namde direcly, you must disconnect from the domain, change the name and reconnect to the domain. I always use this methode --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 10/10/2005 12:31:37 : This is a repeat post . I am waiting to hear from someone about this issue. please help me resolving this issue. I have samba PDC configured. I am unable to change the computer name for any computer . All clients are windows XP pro . It says access denied. Although i use the same Administrator username and password which i used to join these computers to samba domain. I will really appreciate if some can help me in this . thanks regards I am using samba-server-3.0.13-2mdk Here is Global section of my samba conf [global] server string = network Share workgroup = NETPDC netbios name = freeze encrypt passwords = Yes smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *new*password* %n\n *success* passwd program = /usr/bin/passwd %u passwd chat debug = yes unix password sync = Yes log level = 0 username map = /etc/samba/smbusers syslog = 0 printcap name = CUPS show add printer wizard = no printing = CUPS name resolve order = wins bcast hosts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\login.bat #logon home = \\%L\%U #logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes winbind separator = \ idmap uid = 1-2 idmap gid = 1-2 # directory security mask = 0775 # security mask = 0775 # create mask = 0775 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] cannot change computer name
Try the folowing, remove the pc from the domain. logon localy with administrator and try again. Does not work ? do the folowing. Start - Run, type GPEDIT.MSC (enter) In the screen you see, klik with right on local computer on the top en get the properties. Here disable both settings for policies. type Start-run : GPUPDATE ( enter ) and try again. !!! DO NOT RENAME COMPUTERS WHEN IN DOMAIN !!! IT ALWAYS GIVES PROBLEMS !!! Louis -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens aT Verzonden: maandag 10 oktober 2005 12:32 Aan: samba@lists.samba.org Onderwerp: [Samba] cannot change computer name This is a repeat post . I am waiting to hear from someone about this issue. please help me resolving this issue. I have samba PDC configured. I am unable to change the computer name for any computer . All clients are windows XP pro . It says access denied. Although i use the same Administrator username and password which i used to join these computers to samba domain. I will really appreciate if some can help me in this . thanks regards I am using samba-server-3.0.13-2mdk Here is Global section of my samba conf [global] server string = network Share workgroup = NETPDC netbios name = freeze encrypt passwords = Yes smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *new*password* %n\n *success* passwd program = /usr/bin/passwd %u passwd chat debug = yes unix password sync = Yes log level = 0 username map = /etc/samba/smbusers syslog = 0 printcap name = CUPS show add printer wizard = no printing = CUPS name resolve order = wins bcast hosts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\login.bat #logon home = \\%L\%U #logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes winbind separator = \ idmap uid = 1-2 idmap gid = 1-2 # directory security mask = 0775 # security mask = 0775 # create mask = 0775 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mod_ntlm_winbind on Apache vs. IE6, no POST method
On Mon, 2005-10-10 at 11:42 +0200, Collen Blijenberg wrote: Is the mod_ntlm_winbind already apache 2.XX ready ?? or is it still written for the 1.3.XX version ? A team assembled to build an apache 2.0 version, but it's been ported yet. The closest we have is: http://source.grep.no/ however there are issues with that module. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dangling MS Access DB Lock Files *.ldb
I have an intermittent problem with dangling MS Access DB lock files. In a productive environment with N batch queus (each on a separate Windows XP Professional) a scheduler PC dispatches the work load to a free queue by means of modifying a simple MS Access DB file called PRIM.mdb, which resides on a Samba 3.0.20 share. Each free queue PC polls the same MS Access DB file every 60 seconds to see if there is a work packet to be executed by it. If there is a work package for it it modifies a state value of the respective work packet in this DB when it starts executing it as well as after the job has been done so that the scheduler knows what's going on. As I understand the MS Access API a client creates a lock file PRIM.ldb whenever it wishes to modify the DB file PRIM.mdb. From time to time, but generally not very often, a lock file is dropped by either a queue PC or by scheduler. Therefore no one can modify the DB file until the lock file is removed. The linux utility lsof can't see that the lock file is opened by any process but the status page of SWAT always lists it under Open Files with the smbd PID of the client which last opened it, with Sharing declared DENY_NONE, R/W as RDWR, Oplock is NONE (oplocks=no), full path name under File and the timestamp of the last access under Date. The lock file can only be removed by super user root but if the smbd process which holds it open is killed, then the problem is also solved sometimes even without removing the lock file itself. I have inspected the samba log files and identified the point at which this happens recently. To make things simpler I've removed much of the samba verbosity in the following overview of the offending client's actions (mdb is the MS Access DB file and ldb is the respective lock file): 23:55:53close mdb 1 close ldb 0 23:55:54openldb ro 1 openmdb rw 2 openldb rw 3 23:55:55close mdb 1 Share violation on PRIM.mdb, flags=2 openmdb rw 2 No other client was active at the time so there is no racing here. Only the offending client loses track of the lock file and forgets about it. Has anyone had a similar problem and lived to talk about it? Any hints? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ntlm_auth SID problem
Hello all Im using a linux box running CentOS 4.1 as a proxy server with user auth with an AD Its working for a long time, but suddenly this weekend the users cant authenticate anymore looking on logs i obtain this Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0] utils/ntlm_auth.c:get_require_membership_sid(237) Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve VILLAS+SQUID into a SID! searching for this error on google i tried on ntlm_auth command to change the DOMAIN+GROUP to SID and with SID works fine /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=VILLAS+SQUID USER PASSWORD [2005/10/10 12:18:53, 0] utils/ntlm_auth.c:get_require_membership_sid(237) Winbindd lookupname failed to resolve VILLAS+SQUID into a SID! ERR and changing /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=S-1-5-21-1390067357-573735546-682003330-1524 USER PASSWORD OK any guess? thanks anyway marcello -- Marcello Mezzanotti [EMAIL PROTECTED] Information Security UNIX / Linux / *BSD -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] About the group setting in smb.conf RE: samba Digest, Vol 34, Issue
hFrom: [EMAIL PROTECTED] Reply-To: samba@lists.samba.org To: samba@lists.samba.org Subject: samba Digest, Vol 34, Issue 14 Date: Mon, 10 Oct 2005 12:05:06 + (GMT) --- From: Liu, Hong Quan ÁõºìȪ [EMAIL PROTECTED] To: samba@lists.samba.org Subject: [Samba] About the group setting in smb.conf. Sent: Monday, 10 October 2005 12:19:13 PM Hi, This is my first time to configure Samba server as a member server in AD domain, So, I have a question about how to configure a group name with one or more spaces in smb.conf? As we know, this kind of group names are very common in Windows environment. For example, set ¡°valid users¡± parameter: Usually , a name starting with @ is represented group, valid users = username, @GroupName,¡ But if the group name includes spaces, e.g. ¡°it dept¡±, ¡°sales dept¡±, How can I set them correctly? (I set them as @¡±it dept¡±, but the winbind log file tells me ¡°group it dept in domain does not exist¡±, But I can list this group using wbinfo ¨Cg) Wish someone give me a advice! Thanks in advance! -- RE: [Samba] About the group setting in smb.conf Hello Liu, If you have have a group such as Domain members you muse use @group name. You seem to be missing hThis should solve your problem. [Video] comment = Videos Movies path = /data/Video writeable = no browsable = yes read only = yes valid users = @Domain Users Cheers, Adrian Sender -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help !!!
We are running samba-2.0.20-2 on Fedora C4. It was installed 2 weeks ago, and it was working just fine. But suddenly, today smb refuse all connections. In the log file it shows several lines like this: libsmb/unexpected.c:unexpedted_packet (53) Failed to open unexpected.tdb Nmbd/nmbd_serverlistdb.c:write_browse_list(341) Write_browse_list: Can't open file /var/lib/samba/browse.dat.. Error was Permission denied. Both files exist, and all files in /var/lib/samba have owner rw permission. Any suggest is welcome TIA Ing. Fernando Cabrera Ruiz Departamento de Sistemas Vamsa Aguascalientes, SA de CV (449)910 9393 x4023 www.nissanvamsaags.com.mx -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.11.14/127 - Release Date: 10/10/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dangling MS Access DB Lock Files *.ldb
On Mon, Oct 10, 2005 at 04:21:15PM +0100, Dragan Krnic wrote: I have an intermittent problem with dangling MS Access DB lock files. In a productive environment with N batch queus (each on a separate Windows XP Professional) a scheduler PC dispatches the work load to a free queue by means of modifying a simple MS Access DB file called PRIM.mdb, which resides on a Samba 3.0.20 share. Each free queue PC polls the same MS Access DB file every 60 seconds to see if there is a work packet to be executed by it. If there is a work package for it it modifies a state value of the respective work packet in this DB when it starts executing it as well as after the job has been done so that the scheduler knows what's going on. There's a bug in 3.0.20 that might affect this (btw it's also in 3.0.20a). I know about it because it's my fault :-(. Here's the patch for 3.0.20, and 3.0.20a. Jeremy. --- smbd/open.c 2005-07-28 06:19:42.0 -0700 +++ smbd/open.c.new 2005-10-10 09:32:25.0 -0700 @@ -1585,13 +1585,6 @@ fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,access_mask); - if (!fsp_open (flags == O_RDWR) (errno != ENOENT)) { - if((fsp_open = open_file(fsp,conn,fname,psbuf, -O_RDONLY,unx_mode,access_mask)) == True) { - flags = O_RDONLY; - } - } - if (!fsp_open) { if(file_existed) { unlock_share_entry(conn, dev, inode); --- smbd/open.c 2005-09-29 14:52:40.0 -0700 +++ smbd/open.c.new 2005-10-06 21:45:37.0 -0700 @@ -1585,22 +1585,6 @@ fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,access_mask); - if (!fsp_open (flags2 O_EXCL) (errno == EEXIST)) { - /* -* Two smbd's tried to open exclusively, but only one of them -* succeeded. -*/ - file_free(fsp); - return NULL; - } - - if (!fsp_open (flags == O_RDWR) (errno != ENOENT)) { - if((fsp_open = open_file(fsp,conn,fname,psbuf, -O_RDONLY,unx_mode,access_mask)) == True) { - flags = O_RDONLY; - } - } - if (!fsp_open) { if(file_existed) { unlock_share_entry(conn, dev, inode); -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACLs and EXT3
Hi Ian, thank you for your answer This article shows me a lot of details which help me to understand more about ACLs But my problem was not solve with it. There is discribe how I can copy files without inherit ACLs. I want to know how I can move ACLs with inheritance from the parent directory I move the file to. Greets Daniel Ian Clancy [EMAIL PROTECTED] schrieb am 07.10.05 13:12:53: Hi Daniel, You need to read up on Default ACLs. This article should cover what you need to know. http://www.vanemery.com/Linux/ACL/linux-acl.html regards, Ian Daniel Haas wrote: Hi List, I am working with ACLs and the EXT3 Filesystem and I have the same problem how already discussed in several NGs. If I move a file from one directory into another, the file do not change the persmissons. So the users who should be authorize to access the file, do not have these permissons. This is a great problem in my data structure because we have to exchange a lot of files. I know that this is the way the filesystems works. But I think there are more people who wants to work in the discribed way. So is there a filesystem which have another way to handle the scrolling of files and directories? Is there really no chance to inherit the permissions from the parent-directory? Or do anybody know a workaround to mange my problem? How do other administrators handle this? for info: I am working with Samba 3.0.13 under SuSE 9.3 The service of the smb.conf for tests: [data] comment = Daten path = /data writeable = yes create mask = 0770 directory mask = 0770 valid users = @samba Test with inherit permissions and inherit ACL was not successful. Thanks for your help Daniel __ Verschicken Sie romantische, coole und witzige Bilder per SMS! Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193 __ Verschicken Sie romantische, coole und witzige Bilder per SMS! Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)
On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote: Hi all. having major issues on all my servers at the moment. All running RHES 3, all with samba 3.0.20a and all have the winbind crashing problem :/ the main 2 are the filestore and email servers, also get the most usage. in fact from my systems point of view, its definatly a most usage = most frequent winbind crashing issue. Any help from others or the dev team gratefully received. NB i have also set a cron to restart smb at 22:00 every night. Many thanks There's a crash bug fix Jerry will be posting to the patches page within the next hour or so - this should fix the winbindd crashes you're seeing. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0.20a and Winbind crashing (bug?)
Yay! Many thanks guys, ill apply it some point tonight and report back any issues, or if it works even :) Ross -Original Message- From: Jeremy Allison [mailto:[EMAIL PROTECTED] Sent: 10 October 2005 18:03 To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?) On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote: Hi all. having major issues on all my servers at the moment. All running RHES 3, all with samba 3.0.20a and all have the winbind crashing problem :/ the main 2 are the filestore and email servers, also get the most usage. in fact from my systems point of view, its definatly a most usage = most frequent winbind crashing issue. Any help from others or the dev team gratefully received. NB i have also set a cron to restart smb at 22:00 every night. Many thanks There's a crash bug fix Jerry will be posting to the patches page within the next hour or so - this should fix the winbindd crashes you're seeing. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Poor performance between linux boxes using Samba 3
I have a network with two machines on it, both running Debian and updated with the latest Debian stable samba (3.0.14). Both machines are reasonably high spec (512MB RAM and Athlon 2200+ processors) and have little else running (console mode, no KDE/Gnome/etc). They are connected by a Netgear FS108 100-Base-T ethernet switch. When I try to copy a large file (500MB) from machine A to machine B using FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my 100-base-T network is running at full speed and full duplex, as I would expect. When I instead try to copy the same file from machine A to machine B using FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec. I have followed the instructions in the HOW-TO and in the smb.conf file and have the settings below on both machines. The smb.conf has the following line: socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Is this throughput normal ? I would have expected similar performance to the FTP, given the spec of the machines and the fact that both protocols are using TFTP. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles change when migrating from NT4 to Samba PDC
Philip Washington wrote: Craig White wrote: On Fri, 2005-10-07 at 17:52 -0700, Craig White wrote: On Fri, 2005-10-07 at 19:22 -0500, Philip Washington wrote: After migration of an NT4 domain to Samba we find that when users log in they have a new profile. Since we cannot deal with this on all of the computers with all of the users we have had to stop the migration. I have searched through the archive and not been able to find any answers to this issue, I did find a relevant article though and apparently they didn't have an answer in 2002. http://lists.samba.org/archive/samba/2002-August/050163.html Has anyone found a way to resolve this? We are not using roaming profiles. I am hoping that you really aren't looking for wild speculation as to what may be the problem. Some things that you should consider sharing with us so that we might be able to make a useful suggestion... samba version ? SID ? 'net getlocalsid' does this match the SID of the domain that the machines that were already joined to the domain? Did you actually 'net setlocalsid' to match? from your smb.conf passdb ? logon path = ? security = ? domain logons = ? domain master = ? preferred master = ? If we took an example of one or two users who had a problem with their profiles...what's output of things like pdbedit -L USER_NAME ? does the profile path actually work? Is it reachable from a Windows system? privileges on profile server permit access? otherwise, I would just say that you're having a bad day. I should have pointed out... logon path = (that's right - blank) prevents roaming profiles and perhaps, because I am not very smart and was trying to populate LDAP with which I was pretty unfamiliar, I had to run through the vampire process a lot of times before I got everything working the way I wanted it. My second time doing the vampire thing to LDAP was considerably easier. Even though the documentation was excellent, the devil is in the details. Craig We had spent 3 days on it and got it to work without the roaming profiles ( Using Ch 8 from Samba-3 by Example and help here). It sounds like we went through some of the same issues with vampire, but it looked like we had it working with our test system. We had a test machine MACHINE1 in NT4 DOMAINA. We transfered DOMAINA over to a SambaPDC-with LDAP. Moved MACHINE1 over to the test environment with a SambaPDC-with LDAP. Logged in TESTUSER1 everything looked fine, no roaming profile (we did a jig and jumped for joy ). We then moved MACHINE2 over to the test environment logged in TESTUSER1 (we had transfered TESTUSER1 from the original NT4 domain). We then logged in USER2 which was the primary user for this computer when it was in the NT4 domain. That was when we found out that Outlook treated the user as someone completely different, as well as other programs on the machine, the desktop was completely changed to default. After spending another day on it we had to move on, but we are now willing to try again from scratch. Did we still have something wrong? Has/does this work with the latest version? Goal 1: is USER1 on MACHINE1 can log into the system and not tell that something has changed (Namely there is a different PDC platform). Goal 2: The IT department doesn't have to write a bunch of scripts to move profile information on each computer. Is this possible, because I was of the impression that once we finished the client MACHINE1 and user USER1 wouldn't know or act any differently when logging into NT4 as the PDC vs logging into the transfered DOMAINA on the Samba-LDAP PDC. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Poor performance between linux boxes using Samba 3
I mean TCP not TFTP in the mail. All hail the automatic spellchecker... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Lucas Sent: 10 October 2005 18:27 To: samba@lists.samba.org Subject: [Samba] Poor performance between linux boxes using Samba 3 I have a network with two machines on it, both running Debian and updated with the latest Debian stable samba (3.0.14). Both machines are reasonably high spec (512MB RAM and Athlon 2200+ processors) and have little else running (console mode, no KDE/Gnome/etc). They are connected by a Netgear FS108 100-Base-T ethernet switch. When I try to copy a large file (500MB) from machine A to machine B using FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my 100-base-T network is running at full speed and full duplex, as I would expect. When I instead try to copy the same file from machine A to machine B using FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec. I have followed the instructions in the HOW-TO and in the smb.conf file and have the settings below on both machines. The smb.conf has the following line: socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Is this throughput normal ? I would have expected similar performance to the FTP, given the spec of the machines and the fact that both protocols are using TFTP. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Poor performance between linux boxes using Samba 3
On Mon, Oct 10, 2005 at 07:22:45PM +0100, Roger Lucas wrote: I mean TCP not TFTP in the mail. All hail the automatic spellchecker... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Lucas Sent: 10 October 2005 18:27 To: samba@lists.samba.org Subject: [Samba] Poor performance between linux boxes using Samba 3 I have a network with two machines on it, both running Debian and updated with the latest Debian stable samba (3.0.14). Both machines are reasonably high spec (512MB RAM and Athlon 2200+ processors) and have little else running (console mode, no KDE/Gnome/etc). They are connected by a Netgear FS108 100-Base-T ethernet switch. When I try to copy a large file (500MB) from machine A to machine B using FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my 100-base-T network is running at full speed and full duplex, as I would expect. When I instead try to copy the same file from machine A to machine B using FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec. Can you try using Steve French's cifsfs client instead of smbfs. Steve is actively maintaining cifsfs and is working on performance issues. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba creating multiple isntances of the deamon
(2005.10.10, 14:25) I am running Samba 3.0.14a-2 on Fedora 4. I have no problem seeing the Linux file system from any of the Windows (2000, SP4) computers attached to the network. The problem is that smbd processes are created for no apparent reason and never die. I noticed this when the computer had been up for about three days and there were some 600 active smbd processes! What could be the cause of this behaviour? More importantly, what is the solution? Clearly, this is not normal behaviour! Thanks in advance for your help. Benoît Benoît Gauthier, mailto:[EMAIL PROTECTED] Réseau Circum inc. / Circum Network Inc. Nouvelles/News http://circum.com 74, rue du Val-Perché, Gatineau, Québec (Canada) J8Z 2A6 +1 819.770.2423 télec. fax: +1 819.770.5196 http://c2005.evaluationcanada.ca/ http://evaluationcanada.ca/ http://simulation.evaluationcanada.ca/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unrecognized pam_winbind/gdm error.
Hello all, I have successfully setup winbind with clients pointing to a central ldap server, and have had great results for ssh service logins, however i get wierd problems with gdm login attempts after winbind has been running for a while. Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: request failed, but PAM error 0! Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: internal module error (retval = 3, user = `mahmed') Oct 10 14:45:29 ctilinux6 gdm-binary[2398]: Couldn't authenticate user This error can be resolved by restarting winbind, thus allowing users to login again. Ive setup a cron job to do this every few hours but I want to find the root of the problem... many thanks to to developers and supporters of the samba project, im documenting all my setup notes / issues and am going to post them to a website soon -matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ADS auth when primary AD server fails
Im having some trouble getting, or even finding out if this works. I have read through the samba by example and all the docs i can get my hands on and i cant get this to work. Maybe it isn't supposed too I have setup samba under RHEL4 QU1 to authenticate to AD. I am just using samba to authenticate users for login purposes. It works fine and dandy until my primary AD box goes down. I have a secondary AD server. It has a full replication of AD, DNS, and also hands out kerberos tickets. My AD DNS has the listings for _kerberos._tcp.gutbuster.local. `dig SRV _kerberos._tcp.gutbuster.local` returns both server entries results regardless of which DNS server I use. I dont seem to get very far once my primary has gone down. The samba host is able to get a new kerberos ticket from the secondary by running `kinit [EMAIL PROTECTED] but can no longer get winbind info with `wbinfo` and getent passwd fails to pull AD info. Have I said enough yet? my samba host is 10.180.23.69 my ad primary is 10.180.23.57 my ad secondary is 10.180.23.88 I have forced kerberos to use DNS to lookup the KDC (dns_lookup_kdc=true) in the krb5.conf and i dont have any of the KDC=10.180.23.88. I have tried using 'password server = *', 'password server = 10.180.23.88 10.180.23.57', and removing the 'password server=' line all together. Does anyone know if this setup even works? Remember, It isn't that I cant get AD to authenticate, its only when the primary AD server fails and the secondary server is all that exists. Here is my krb5.conf and my smb.conf... [EMAIL PROTECTED] ~]# cat /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = GUTBUSTER.LOCAL dns_lookup_realm = false dns_lookup_kdc = true [realms] GUTBUSTER.LOCAL = { default_domain = gutbuster.local } [domain_realm] .gutbuster.local = GUTBUSTER.LOCAL gutbuster.local = GUTBUSTER.LOCAL [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = true ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } [EMAIL PROTECTED] ~]# [EMAIL PROTECTED] ~]# cat /etc/samba/smb.conf [global] winbind separator = + winbind cache time = 10 workgroup = GUTBUSTER.LOCAL winbind use default domain = yes client schannel = no realm = GUTBUSTER.LOCAL security = ads encrypt passwords = yes idmap uid = 5000-5999 idmap gid = 6000-6999 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/%U [EMAIL PROTECTED] ~]# Thanks, Brian Gautreau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 1GB File Size Limit on Samba?
I have a problem copying and creating files from WindowsXP to a Samba share on AIX 5.2 server. When copying a file using Windows Explorer to the share, it gives the message Cannot copy filename: There is not enough free disk space. When creating a file using Windows Backup to the share, backup stops when the file is just under 1GB. The AIX 5.2.0 filesystem where the share is located has 16 GB of free space and is large-file enabled Journaled File System, which will allow files 2GB. The filesize ulimit for root and user is set to unlimted. Based on the AIX configuration, I am able to do the following with no problems: 1) FTP file 1GB from C: directly to the AIX server (not to Samba share). 2) Copy file 1 GB from the Samba share to PC's C:\ drive. Failure only occurs when copying TO a Samba share within Windows. Is there any known Samba issue/bug that would limit filesize to 1GB? Vickie Kidder Information Systems McIlhenny Company (337) 373-6126 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.20a and Winbind crashing (bug?)
On Sun, Oct 09, 2005 at 06:25:56PM +0100, [EMAIL PROTECTED] wrote: Hi all. having major issues on all my servers at the moment. All running RHES 3, all with samba 3.0.20a and all have the winbind crashing problem :/ the main 2 are the filestore and email servers, also get the most usage. in fact from my systems point of view, its definatly a most usage = most frequent winbind crashing issue. Any help from others or the dev team gratefully received. NB i have also set a cron to restart smb at 22:00 every night. Please try this patch : Jeremy. Index: nsswitch/winbindd_misc.c === --- nsswitch/winbindd_misc.c(revision 10687) +++ nsswitch/winbindd_misc.c(revision 10688) @@ -127,7 +127,8 @@ if (num_domains 0) extra_data = talloc_asprintf(state-mem_ctx, %s\\%s\\%s, -names[0], alt_names[0], +names[0], +alt_names[0] ? alt_names[0] : names[0], sid_string_static(sids[0])); for (i=1; inum_domains; i++) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba profiles
Hi, sorry for my bad English... I have a samba 2.2.6 configure as an NT PDC and I want to apply the same parameters for all of my itinerants users. As the /etc/skel directory for the home's directory should i place in an directory windows paramèters files (Application data, local settings, ...) for samba copy it for new users ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Poor performance between linux boxes using Samba 3
Hi Jeremy, Thanks for the info. I ran another test with a 100MB file as below: mount -t smbfs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test1.dat umount /mnt/machineb The above copy took 60 seconds. mount -t cifs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test2.dat umount /mnt/machineb This copy took just 20 seconds. I am running kernel 2.6.8 which apparently has CIFS built in. I am amazed by the performance increase, so CIFS definitely seems the way to go. Is there a deep reason for why this is, as CIFS seems to be part of the SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have both the smbclient and CIFS client with such massive performance differences Thanks again, Roger -Original Message- From: Jeremy Allison [mailto:[EMAIL PROTECTED] Sent: 10 October 2005 19:23 To: Roger Lucas Cc: samba@lists.samba.org Subject: Re: [Samba] Poor performance between linux boxes using Samba 3 On Mon, Oct 10, 2005 at 07:22:45PM +0100, Roger Lucas wrote: I mean TCP not TFTP in the mail. All hail the automatic spellchecker... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Lucas Sent: 10 October 2005 18:27 To: samba@lists.samba.org Subject: [Samba] Poor performance between linux boxes using Samba 3 I have a network with two machines on it, both running Debian and updated with the latest Debian stable samba (3.0.14). Both machines are reasonably high spec (512MB RAM and Athlon 2200+ processors) and have little else running (console mode, no KDE/Gnome/etc). They are connected by a Netgear FS108 100-Base-T ethernet switch. When I try to copy a large file (500MB) from machine A to machine B using FTP (Machine B running vsftpd) then I get 9.5 MB/sec throughput, so my 100-base-T network is running at full speed and full duplex, as I would expect. When I instead try to copy the same file from machine A to machine B using FTP (Machine A running smbmount -t smbfs //machineb/share /mnt/machineb -o user=xxx,password=xxx) then I get much lower throughput - around 3 MB/sec. Can you try using Steve French's cifsfs client instead of smbfs. Steve is actively maintaining cifsfs and is working on performance issues. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Poor performance between linux boxes using Samba 3
On Mon, Oct 10, 2005 at 11:31:06PM +0100, Roger Lucas wrote: Hi Jeremy, Thanks for the info. I ran another test with a 100MB file as below: mount -t smbfs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test1.dat umount /mnt/machineb The above copy took 60 seconds. mount -t cifs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test2.dat umount /mnt/machineb This copy took just 20 seconds. I am running kernel 2.6.8 which apparently has CIFS built in. I am amazed by the performance increase, so CIFS definitely seems the way to go. Is there a deep reason for why this is, as CIFS seems to be part of the SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have both the smbclient and CIFS client with such massive performance differences You're confusing smbfs with smbclient. smbfs is an old, rather unmaintained part of the Linux kernel, smbclient is the ftp command-line like client shipped with Samba. Steve tests CIFSFS with modern versions of Samba and works dilligently on performance issues. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unrecognized pam_winbind/gdm error.
On Mon, Oct 10, 2005 at 02:56:21PM -0500, Matt Sellers wrote: Hello all, I have successfully setup winbind with clients pointing to a central ldap server, and have had great results for ssh service logins, however i get wierd problems with gdm login attempts after winbind has been running for a while. Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: request failed, but PAM error 0! Oct 10 14:45:26 ctilinux6 pam_winbind[2398]: internal module error (retval = 3, user = `mahmed') Oct 10 14:45:29 ctilinux6 gdm-binary[2398]: Couldn't authenticate user This error can be resolved by restarting winbind, thus allowing users to login again. Ive setup a cron job to do this every few hours but I want to find the root of the problem... many thanks to to developers and supporters of the samba project, im documenting all my setup notes / issues and am going to post them to a website soon What version of Samba ? That would help with narrowing down any winbindd issues. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] excessive lpstat calls
I run a fairly busy samba server that only serves up users' home directory. I am running Samba v3.0.20 under Solaris 10 on a Sun v440. I'm seeing a large number of calls to '/usr/bin/lpstat -v'. These are probably occuring everytime a new client connects, but I'm not positive. The server does not have any printers attached to it, has no entries in /etc/printers.conf, and is not running lp services at all. I am unable to remove the lp packages from the system due to dependencies. I have no intention of using Samba as a print server on this machine, so I'd like to disable printing entirely and prevent Samba from calling lpstat continuously. I've attached my smb.conf file. Any suggestions? Thanks, Andy[global] netbios name = ONID-FS security = domain password server = * encrypt passwords = true interfaces = ce0 guest account = nobody domain master = no local master = no preferred master = no os level = 0 log level = 1 syslog = 6 syslog only = yes name resolve order = wins host wide links = false wins server = 128.193.4.45 workgroup = ONID server string = ONID File Server allow trusted domains = no load printers = no [homes] comment = Home Directories browseable = false read only = no create mode = 0700 hide files = /public_html/ [public_html] comment = Web page read only = no path = %H/public_html create mode = 0755 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Poor performance between linux boxes using Samba 3
Hi Jeremy, Thanks for the clarification. I had assumed that since it was the client side of the connection, that smbclient was being used (indirectly) as the program/driver/whatever that was actually doing the hard work. If this is actually being done by smbfs and smbfs is getting a bit stale, then it explains why cifsfs is so much better. (It is also nice that it is built into the kernel - an unexpected pleasant surprise ! :-) Regards, Roger -Original Message- From: Jeremy Allison [mailto:[EMAIL PROTECTED] Sent: 10 October 2005 23:36 To: Roger Lucas Cc: 'Jeremy Allison'; samba@lists.samba.org Subject: Re: [Samba] Poor performance between linux boxes using Samba 3 On Mon, Oct 10, 2005 at 11:31:06PM +0100, Roger Lucas wrote: Hi Jeremy, Thanks for the info. I ran another test with a 100MB file as below: mount -t smbfs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test1.dat umount /mnt/machineb The above copy took 60 seconds. mount -t cifs //machineb/share /mnt/machineb cp test-100mb.dat /mnt/machineb/test2.dat umount /mnt/machineb This copy took just 20 seconds. I am running kernel 2.6.8 which apparently has CIFS built in. I am amazed by the performance increase, so CIFS definitely seems the way to go. Is there a deep reason for why this is, as CIFS seems to be part of the SAMBA team (http://linux-cifs.samba.org/) so it seems weird that they have both the smbclient and CIFS client with such massive performance differences You're confusing smbfs with smbclient. smbfs is an old, rather unmaintained part of the Linux kernel, smbclient is the ftp command-line like client shipped with Samba. Steve tests CIFSFS with modern versions of Samba and works dilligently on performance issues. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ADS auth when primary AD server fails
On Mon, Oct 10, 2005 at 03:52:02PM -0500, [EMAIL PROTECTED] wrote: Im having some trouble getting, or even finding out if this works. I have read through the samba by example and all the docs i can get my hands on and i cant get this to work. Maybe it isn't supposed too I have setup samba under RHEL4 QU1 to authenticate to AD. I am just using samba to authenticate users for login purposes. It works fine and dandy until my primary AD box goes down. I have a secondary AD server. It has a full replication of AD, DNS, and also hands out kerberos tickets. My AD DNS has the listings for _kerberos._tcp.gutbuster.local. `dig SRV _kerberos._tcp.gutbuster.local` returns both server entries results regardless of which DNS server I use. I dont seem to get very far once my primary has gone down. The samba host is able to get a new kerberos ticket from the secondary by running `kinit [EMAIL PROTECTED] but can no longer get winbind info with `wbinfo` and getent passwd fails to pull AD info. Have I said enough yet? my samba host is 10.180.23.69 my ad primary is 10.180.23.57 my ad secondary is 10.180.23.88 I have forced kerberos to use DNS to lookup the KDC (dns_lookup_kdc=true) in the krb5.conf and i dont have any of the KDC=10.180.23.88. I have tried using 'password server = *', 'password server = 10.180.23.88 10.180.23.57', and removing the 'password server=' line all together. Does anyone know if this setup even works? Remember, It isn't that I cant get AD to authenticate, its only when the primary AD server fails and the secondary server is all that exists. Very thorough, execpt you neglected to tell us what version of Samba you're using. That actually does help you know :-). winbindd has been undergoing a lot of work recently - knowing the version you're using would help us investigate. Can you get an ethereal trace from your box when you're trying to get it to fail over please ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Authentication oddities
On Thu, Oct 06, 2005 at 10:49:26AM -0700, Eduard Tieseler wrote: I am running Samba 3.0.10-1.4E on RHEL 4.0. I was able to join this server to the domain using the 'net ads join' command and it created a machine account in AD with the name of the server. My issue is that I can authenticate using domain credentials when I access the server from a Windows computer using //SMBSERVERNAME/SHARE, however when I access the server using //SMBSERVERIPADDRESS/SHARE I can not authenticate with domain credentials, I must use an account local to the SMB Server. (SMBSERVERNAME/username) Please help me with this issue, I have checked a fair amount of the archive and google to no avail. I have included snippets of log files, config files, and some results from commands below: THANKS FOR THE HELP!!! In order to get a kerberos ticket, you need a server (service) name. krb5 auth doesn't work with just an IP address, it's falling back to NTLM. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles change when migrating from NT4 to Samba PDC
On Mon, 2005-10-10 at 12:47 -0500, Philip Washington wrote: Philip Washington wrote: Craig White wrote: On Fri, 2005-10-07 at 17:52 -0700, Craig White wrote: On Fri, 2005-10-07 at 19:22 -0500, Philip Washington wrote: After migration of an NT4 domain to Samba we find that when users log in they have a new profile. Since we cannot deal with this on all of the computers with all of the users we have had to stop the migration. I have searched through the archive and not been able to find any answers to this issue, I did find a relevant article though and apparently they didn't have an answer in 2002. http://lists.samba.org/archive/samba/2002-August/050163.html Has anyone found a way to resolve this? We are not using roaming profiles. I am hoping that you really aren't looking for wild speculation as to what may be the problem. Some things that you should consider sharing with us so that we might be able to make a useful suggestion... samba version ? SID ? 'net getlocalsid' does this match the SID of the domain that the machines that were already joined to the domain? Did you actually 'net setlocalsid' to match? from your smb.conf passdb ? logon path = ? security = ? domain logons = ? domain master = ? preferred master = ? If we took an example of one or two users who had a problem with their profiles...what's output of things like pdbedit -L USER_NAME ? does the profile path actually work? Is it reachable from a Windows system? privileges on profile server permit access? otherwise, I would just say that you're having a bad day. I should have pointed out... logon path = (that's right - blank) prevents roaming profiles and perhaps, because I am not very smart and was trying to populate LDAP with which I was pretty unfamiliar, I had to run through the vampire process a lot of times before I got everything working the way I wanted it. My second time doing the vampire thing to LDAP was considerably easier. Even though the documentation was excellent, the devil is in the details. Craig We had spent 3 days on it and got it to work without the roaming profiles ( Using Ch 8 from Samba-3 by Example and help here). It sounds like we went through some of the same issues with vampire, but it looked like we had it working with our test system. We had a test machine MACHINE1 in NT4 DOMAINA. We transfered DOMAINA over to a SambaPDC-with LDAP. Moved MACHINE1 over to the test environment with a SambaPDC-with LDAP. Logged in TESTUSER1 everything looked fine, no roaming profile (we did a jig and jumped for joy ). We then moved MACHINE2 over to the test environment logged in TESTUSER1 (we had transfered TESTUSER1 from the original NT4 domain). We then logged in USER2 which was the primary user for this computer when it was in the NT4 domain. That was when we found out that Outlook treated the user as someone completely different, as well as other programs on the machine, the desktop was completely changed to default. After spending another day on it we had to move on, but we are now willing to try again from scratch. Did we still have something wrong? Has/does this work with the latest version? Goal 1: is USER1 on MACHINE1 can log into the system and not tell that something has changed (Namely there is a different PDC platform). Goal 2: The IT department doesn't have to write a bunch of scripts to move profile information on each computer. Is this possible, because I was of the impression that once we finished the client MACHINE1 and user USER1 wouldn't know or act any differently when logging into NT4 as the PDC vs logging into the transfered DOMAINA on the Samba-LDAP PDC. in all fairness, I have let this go because you didn't answer any of the questions that I asked. I'm not sure why anyone else didn't follow up but perhaps they were thinking along the same lines that I was. In light of no reply, you might consider starting over, and rephrasing your questions. In short, I had absolutely no problems with migrating users from NT PDC to Samba PDC but I have always used LDAP as backend for the migration and roaming profiles. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba segment faulting - unknown cause
Hello, Recently our Samba server has started segment faulting. It happens occasionally, but is often enough to cause disruption. People notice thier network drives freeze, I am unsure of the cause of the segment fault, and have no experience debugging backtraces. Can anoyone lend a hand? We are running Samba as a primary domain controller with an Openldap backend on another server, both on debian linux sarge stable. Versions: Samba server ii samba 3.0.14a-3 ii samba-common 3.0.14a-3 ii smbclient 3.0.14a-3 ii smbfs 3.0.14a-3 ii smbldap-tools 0.8.7-4 ii libpam-ldap178-1 ii libnss-ldap238-1 ii libc6 2.3.2.ds1-22 Openldap server ii ldap-utils 2.2.23-8 OpenLDAP utilities ii libldap-2.2-7 2.2.23-8 OpenLDAP libraries ii libldap2 2.1.30-8 OpenLDAP libraries rc libnss-ldap238-1 NSS module for using LDAP as a naming servic rc libpam-ldap178-1 Pluggable Authentication Module allowing LDA ii libc6 2.3.2.ds1-22 ii libc6-sparc64 2.3.2.ds1-22 Email recieved --- The Samba 'panic action' script, /usr/share/samba/panic-action, was called for pid 5720 (/usr/sbin/smbd). Below is a backtrace for this process generated with gdb, which shows the state of the program at the time the error occured. You are encouraged to submit this information as a bug report to Debian. For information about the procedure for submitting bug reports , please see http://www.debian.org/Bugs/Reporting or the reportbug(1) manpage. (no debugging symbols found) Using host libthread_db library /lib/libthread_db.so.1. (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread 16384 (LWP 5720)] (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) 0x4023b808 in waitpid () from /lib/libc.so.6 #0 0x4023b808 in waitpid () from /lib/libc.so.6 #1 0x402c3880 in ?? () from /lib/libc.so.6 #2 0x401d44c2 in strtold_l () from /lib/libc.so.6 #3 0x081eb261 in smb_panic2 () #4 0x081eb1ea in smb_panic () #5 0x081d7368 in dbgtext () #6 0x4034e825 in __pthread_sighandler () from /lib/libpthread.so.0 #7 signal handler called #8 0x401bd7c1 in kill () from /lib/libc.so.6 #9 0x4034b771 in pthread_kill () from /lib/libpthread.so.0 #10 0x4034ba7b in raise () from /lib/libpthread.so.0 #11 0x401bd554 in raise () from /lib/libc.so.6 #12 0x401bea88 in abort () from /lib/libc.so.6 #13 0x401b6bbf in __assert_fail () from /lib/libc.so.6 #14 0x4002ddcd in ldap_int_sasl_open () from /usr/lib/libldap_r.so.2 #15 0x4002845e in ldap_int_open_connection () from /usr/lib/libldap_r.so.2 #16 0x4003a299 in ldap_new_connection () from /usr/lib/libldap_r.so.2 #17 0x40027f11 in ldap_open_defconn () from /usr/lib/libldap_r.so.2 #18 0x40039e0f in ldap_send_initial_request () from /usr/lib/libldap_r.so.2 #19 0x40030137 in ldap_sasl_bind () from /usr/lib/libldap_r.so.2 #20 0x4003040b in ldap_sasl_bind_s () from /usr/lib/libldap_r.so.2 #21 0x40030c7c in ldap_simple_bind_s () from /usr/lib/libldap_r.so.2 #22 0x08261b7d in smbldap_make_mod () #23 0x08261ebe in smbldap_make_mod () #24 0x08262214 in smbldap_make_mod () #25 0x0826240a in smbldap_search () #26 0x08262b04 in smbldap_search_suffix () #27 0x081ba9d8 in ldapsam_search_suffix_by_name () #28 0x081be181 in ldapsam_search_suffix_by_name () #29 0x081b4ac5 in smb_register_passdb () #30 0x081b6b88 in pdb_getsampwnam () #31 0x08225f3c in auth_rhosts_init () #32 0x082265b1 in auth_rhosts_init () #33 0x082239ff in smb_register_auth () #34 0x0822d809 in password_ok () #35 0x0810fad1 in ntlmssp_end () #36 0x0810f0db in ntlmssp_update () #37 0x0822db2d in auth_ntlmssp_update () #38 0x080b0a71 in reply_getattrE () #39 0x080b0d44 in reply_getattrE () #40 0x080b1d18 in reply_sesssetup_and_X () #41 0x080d7a76 in respond_to_all_remaining_local_messages () #42
[Samba] Samba 3.0 PDC + XP + roaming profile = big, strange mistery of sorts
Please bear with me as this is quite a complicated problem which has eluded me for days now... I recently upgraded a Samba 2.2 PDC to Samba 3.0 [3.0.20a as of now]. After upgrading, I had problems with two XP machines, among 16 of them. One of them didn't validate the domain users correctly. That was immediately taken care of by having said machine leave and re-join the domain. Nothing else was done here. As for the other machine... After the upgrade, when logging in to the domain in that machine, it said that the machine account didn't exist. Except it did :/ . I deleted the machine account and recreated it, having it leave and re-join the domain in the process. Now, here comes the real problem: - The user can now log on, except that all of Windows' settings were gone, and back to the default. - The profile *was* downloaded to the local machine, and all the files were present, but it acted as if the registry somehow wasn't present. - Even after redoing some configuration, on logging off, even though some files in the roaming profile were updated in the server (NTUSER.DAT included), logging in again produced the same problem. - Deleted all local copies of the profile. Same thing. I always reverted to a known-good copy of the profile between tests. - Checked permissions on the local copy of the profile. Permissions were OK, the domain user had the full control over his local profile directory. - Out of spite, said machine was reformatted. Problem repeated itself and remained. Note: said machine has no different configuration from any other; the user also has a regular roaming profile like anyone else. I'm now out of a total loss of ideas. jerry @ freenode (Jeremy Allison?) even helped out a bit, but I couldn't get anywhere, even after trying lots of things. Now, something tells me that this has something to do with domain SIDs or the like (of which I have little knowledge, I know what they are, but I'm not savvy enough to go around investigating them). I even deleted secrets.tdb so that Samba would recreate it, which wasn't a smart move, as I came to learn, but will most likely come to no harm (I hope). I'd like to know two things, and I'll take any suggestions that I can get. a) The cause, so that I know why this happens, and I can avoid it later. b) The solution, obviously. I've been delaying other work because of this and my brain now feels like jelly because of bashing my head against the table :( Hopeful for some insight on this, Bruno Ferreira -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
答复: [Samba] About the group sett ing in smb.conf RE: samba Digest ,Vol 34, Issue
Hi Adrian, Thank you for your help! I did it according your advice ,for example: [IT Dept] comment = IT Department file space path = /appl/it valid users = @all it public = No writable = yes but I cann't pass the authentication by AD. The error message in log likes this: 2005/10/11 12:05:06, 4] smbd/reply.c:reply_tcon_and_X(407) Client requested device type [?] for share [IT DEPT] [2005/10/11 12:05:06, 5] smbd/service.c:make_connection(807) making a connection to 'normal' service it dept [2005/10/11 12:05:06, 10] lib/username.c:user_in_list(529) user_in_list: checking user NWBSC\liuhongquan in list [2005/10/11 12:05:06, 10] lib/username.c:user_in_list(533) user_in_list: checking user |NWBSC\liuhongquan| against |@all it| [2005/10/11 12:05:06, 5] lib/username.c:user_in_netgroup_list(320) looking for user NWBSC\liuhongquan of domain in netgroup all it [2005/10/11 12:05:06, 5] lib/username.c:user_in_netgroup_list(336) looking for user nwbsc\liuhongquan of domain in netgroup all it [2005/10/11 12:05:06, 2] smbd/service.c:make_connection_snum(321) user 'NWBSC\liuhongquan' (from session setup) not permitted to access this sha re (IT Dept) [2005/10/11 12:05:06, 3] smbd/error.c:error_packet(105) error string = Invalid argument Why? Thanks! Liu -邮件原件- 发件人: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 代表 adrian sender 发送时间: 2005年10月10日 23:35 收件人: samba@lists.samba.org 主题: RE: [Samba] About the group setting in smb.conf RE: samba Digest,Vol 34, Issue hFrom: [EMAIL PROTECTED] Reply-To: samba@lists.samba.org To: samba@lists.samba.org Subject: samba Digest, Vol 34, Issue 14 Date: Mon, 10 Oct 2005 12:05:06 + (GMT) --- From: Liu, Hong Quan ÁõºìȪ [EMAIL PROTECTED] To: samba@lists.samba.org Subject: [Samba] About the group setting in smb.conf. Sent: Monday, 10 October 2005 12:19:13 PM Hi, This is my first time to configure Samba server as a member server in AD domain, So, I have a question about how to configure a group name with one or more spaces in smb.conf? As we know, this kind of group names are very common in Windows environment. For example, set ¡°valid users¡± parameter: Usually , a name starting with @ is represented group, valid users = username, @GroupName,¡ But if the group name includes spaces, e.g. ¡°it dept¡±, ¡°sales dept¡±, How can I set them correctly? (I set them as @¡±it dept¡±, but the winbind log file tells me ¡°group it dept in domain does not exist¡±, But I can list this group using wbinfo ¨Cg) Wish someone give me a advice! Thanks in advance! -- RE: [Samba] About the group setting in smb.conf Hello Liu, If you have have a group such as Domain members you muse use @group name. You seem to be missing hThis should solve your problem. [Video] comment = Videos Movies path = /data/Video writeable = no browsable = yes read only = yes valid users = @Domain Users Cheers, Adrian Sender -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r10859 - in branches/SAMBA_4_0/source/winbind: .
Author: vlendec Date: 2005-10-10 06:18:17 + (Mon, 10 Oct 2005) New Revision: 10859 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10859 Log: Make the flow a bit clearer Modified: branches/SAMBA_4_0/source/winbind/wb_init_domain.c Changeset: Modified: branches/SAMBA_4_0/source/winbind/wb_init_domain.c === --- branches/SAMBA_4_0/source/winbind/wb_init_domain.c 2005-10-10 01:35:26 UTC (rev 10858) +++ branches/SAMBA_4_0/source/winbind/wb_init_domain.c 2005-10-10 06:18:17 UTC (rev 10859) @@ -418,18 +418,17 @@ { struct composite_context *ctx; - if (state-domain-schannel_creds != NULL) { + if (state-domain-schannel_creds == NULL) { ctx = wb_init_lsa_send(state-conn.out.tree, - DCERPC_AUTH_TYPE_NTLMSSP, - state-domain-schannel_creds); - comp_cont(state-ctx, ctx, - init_domain_recv_lsa_ntlmssp, state); + DCERPC_AUTH_TYPE_NONE, + NULL); + comp_cont(state-ctx, ctx, init_domain_recv_lsa_none, state); return; } - ctx = wb_init_lsa_send(state-conn.out.tree, DCERPC_AUTH_TYPE_NONE, - NULL); - comp_cont(state-ctx, ctx, init_domain_recv_lsa_none, state); + ctx = wb_init_lsa_send(state-conn.out.tree, DCERPC_AUTH_TYPE_NTLMSSP, + state-domain-schannel_creds); + comp_cont(state-ctx, ctx, init_domain_recv_lsa_ntlmssp, state); } static void init_domain_recv_lsa_ntlmssp(struct composite_context *ctx)
svn commit: samba r10860 - in branches/tmp/samba4-winsrepl: . source/include source/lib/ldb source/lib/ldb/tests source/libcli/auth source/libcli/composite source/libcli/nbt source/libcli/wrepl source
Author: metze Date: 2005-10-10 06:37:57 + (Mon, 10 Oct 2005) New Revision: 10860 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10860 Log: [EMAIL PROTECTED] (orig r10836): metze | 2005-10-08 18:35:33 +0200 giving NT_STATUS_NO_MEMORY, when the connection fails wasn't a good idea... metze [EMAIL PROTECTED] (orig r10838): vlendec | 2005-10-08 19:45:27 +0200 Get us an schannel'ed netlogon pipe. Abartlet, now I think I need some assistance to implement the pam auth crap auth calls. Volker [EMAIL PROTECTED] (orig r10839): jelmer | 2005-10-08 19:55:28 +0200 Add some [ref] (required for ethereal and Samba3 parser generators) [EMAIL PROTECTED] (orig r10840): jelmer | 2005-10-08 19:55:56 +0200 Fix indentation [EMAIL PROTECTED] (orig r10842): jelmer | 2005-10-08 22:19:35 +0200 Fix some issues with [out] unions that have a discriminator that is only [in] [EMAIL PROTECTED] (orig r10843): vlendec | 2005-10-09 10:32:06 +0200 Reformatting [EMAIL PROTECTED] (orig r10844): abartlet | 2005-10-09 14:13:05 +0200 Add challenge-response authentication to Samba4's winbindd for VL. Plaintext should be simple, but I'm going to do some infrustructure work first. Andrew Bartlett [EMAIL PROTECTED] (orig r10845): abartlet | 2005-10-09 14:38:23 +0200 Add new function to decrypt the session keys in samlogon responses. Andrew Bartlett [EMAIL PROTECTED] (orig r10846): vlendec | 2005-10-09 14:50:35 +0200 Create a wbsrv_domain, change wb_finddcs to the style of the rest of the async helpers. Volker [EMAIL PROTECTED] (orig r10847): abartlet | 2005-10-09 15:03:52 +0200 Fix up new 'decrypt samlogon reply' routine to be more robust, and use it in the RPC-SAMLOGON test. Andrew Bartlett [EMAIL PROTECTED] (orig r10848): jelmer | 2005-10-09 15:40:55 +0200 Fix warning [EMAIL PROTECTED] (orig r10849): jelmer | 2005-10-09 15:53:48 +0200 Fix handling of [charset] for strings with fixed or inline size [EMAIL PROTECTED] (orig r10852): vlendec | 2005-10-09 22:32:24 +0200 Continuation-based programming can become a bit spaghetti... Initialize a domain structure properly. Excerpt from wb_init_domain.c: /* * Initialize a domain: * * - With schannel credentials, try to open the SMB connection with the machine * creds. Fall back to anonymous. * * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon * pipe. * * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back * to schannel and then to anon bind. * * - With queryinfopolicy, verify that we're talking to the right domain * * A bit complex, but with all the combinations I think it's the best we can * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we * have a signedsealed lsa connection on all of them. * * Is this overkill? In particular the authenticated SMB connection seems a * bit overkill, given that we do schannel for netlogon and ntlmssp for * lsa later on w2k3, the others don't do this anyway. */ Thanks to Jeremy for his detective work, and to the Samba4 team for providing such a great infrastructure. Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr with all we have. Volker [EMAIL PROTECTED] (orig r10853): vlendec | 2005-10-09 22:57:49 +0200 Convert wbinfo -n to properly init the domain. Volker [EMAIL PROTECTED] (orig r10854): jelmer | 2005-10-09 23:30:41 +0200 talloc_get_type() can return NULL.. [EMAIL PROTECTED] (orig r10855): abartlet | 2005-10-10 00:19:20 +0200 Put the domain SID in secrets.ldb by default, and add http as a default SPN alias. Andrew Bartlett [EMAIL PROTECTED] (orig r10856): tridge | 2005-10-10 01:29:26 +0200 we need aclocal.m4 in ldb for standalone configure [EMAIL PROTECTED] (orig r10859): vlendec | 2005-10-10 08:18:17 +0200 Make the flow a bit clearer Added: branches/tmp/samba4-winsrepl/source/lib/ldb/aclocal.m4 branches/tmp/samba4-winsrepl/source/winbind/wb_init_domain.c Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/include/structs.h branches/tmp/samba4-winsrepl/source/lib/ldb/tests/slapd.conf branches/tmp/samba4-winsrepl/source/libcli/auth/credentials.c branches/tmp/samba4-winsrepl/source/libcli/composite/composite.c branches/tmp/samba4-winsrepl/source/libcli/nbt/nbtname.c branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.c branches/tmp/samba4-winsrepl/source/librpc/idl/dfs.idl branches/tmp/samba4-winsrepl/source/nsswitch/winbindd_nss.h branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba/NDR/Client.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Client.pm branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Header.pm
svn commit: samba r10861 - in branches/SOC/SAMBA_4_0: . source/include source/lib/ldb source/lib/ldb/tests source/libcli/auth source/libcli/composite source/libcli/nbt source/librpc/idl source/nsswitc
Author: metze Date: 2005-10-10 07:45:58 + (Mon, 10 Oct 2005) New Revision: 10861 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10861 Log: [EMAIL PROTECTED] (orig r10838): vlendec | 2005-10-08 19:45:27 +0200 Get us an schannel'ed netlogon pipe. Abartlet, now I think I need some assistance to implement the pam auth crap auth calls. Volker [EMAIL PROTECTED] (orig r10839): jelmer | 2005-10-08 19:55:28 +0200 Add some [ref] (required for ethereal and Samba3 parser generators) [EMAIL PROTECTED] (orig r10840): jelmer | 2005-10-08 19:55:56 +0200 Fix indentation [EMAIL PROTECTED] (orig r10842): jelmer | 2005-10-08 22:19:35 +0200 Fix some issues with [out] unions that have a discriminator that is only [in] [EMAIL PROTECTED] (orig r10843): vlendec | 2005-10-09 10:32:06 +0200 Reformatting [EMAIL PROTECTED] (orig r10844): abartlet | 2005-10-09 14:13:05 +0200 Add challenge-response authentication to Samba4's winbindd for VL. Plaintext should be simple, but I'm going to do some infrustructure work first. Andrew Bartlett [EMAIL PROTECTED] (orig r10845): abartlet | 2005-10-09 14:38:23 +0200 Add new function to decrypt the session keys in samlogon responses. Andrew Bartlett [EMAIL PROTECTED] (orig r10846): vlendec | 2005-10-09 14:50:35 +0200 Create a wbsrv_domain, change wb_finddcs to the style of the rest of the async helpers. Volker [EMAIL PROTECTED] (orig r10847): abartlet | 2005-10-09 15:03:52 +0200 Fix up new 'decrypt samlogon reply' routine to be more robust, and use it in the RPC-SAMLOGON test. Andrew Bartlett [EMAIL PROTECTED] (orig r10848): jelmer | 2005-10-09 15:40:55 +0200 Fix warning [EMAIL PROTECTED] (orig r10849): jelmer | 2005-10-09 15:53:48 +0200 Fix handling of [charset] for strings with fixed or inline size [EMAIL PROTECTED] (orig r10852): vlendec | 2005-10-09 22:32:24 +0200 Continuation-based programming can become a bit spaghetti... Initialize a domain structure properly. Excerpt from wb_init_domain.c: /* * Initialize a domain: * * - With schannel credentials, try to open the SMB connection with the machine * creds. Fall back to anonymous. * * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon * pipe. * * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back * to schannel and then to anon bind. * * - With queryinfopolicy, verify that we're talking to the right domain * * A bit complex, but with all the combinations I think it's the best we can * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we * have a signedsealed lsa connection on all of them. * * Is this overkill? In particular the authenticated SMB connection seems a * bit overkill, given that we do schannel for netlogon and ntlmssp for * lsa later on w2k3, the others don't do this anyway. */ Thanks to Jeremy for his detective work, and to the Samba4 team for providing such a great infrastructure. Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr with all we have. Volker [EMAIL PROTECTED] (orig r10853): vlendec | 2005-10-09 22:57:49 +0200 Convert wbinfo -n to properly init the domain. Volker [EMAIL PROTECTED] (orig r10854): jelmer | 2005-10-09 23:30:41 +0200 talloc_get_type() can return NULL.. [EMAIL PROTECTED] (orig r10855): abartlet | 2005-10-10 00:19:20 +0200 Put the domain SID in secrets.ldb by default, and add http as a default SPN alias. Andrew Bartlett [EMAIL PROTECTED] (orig r10856): tridge | 2005-10-10 01:29:26 +0200 we need aclocal.m4 in ldb for standalone configure [EMAIL PROTECTED] (orig r10859): vlendec | 2005-10-10 08:18:17 +0200 Make the flow a bit clearer Added: branches/SOC/SAMBA_4_0/source/lib/ldb/aclocal.m4 branches/SOC/SAMBA_4_0/source/winbind/wb_init_domain.c Modified: branches/SOC/SAMBA_4_0/ branches/SOC/SAMBA_4_0/source/include/structs.h branches/SOC/SAMBA_4_0/source/lib/ldb/tests/slapd.conf branches/SOC/SAMBA_4_0/source/libcli/auth/credentials.c branches/SOC/SAMBA_4_0/source/libcli/composite/composite.c branches/SOC/SAMBA_4_0/source/libcli/nbt/nbtname.c branches/SOC/SAMBA_4_0/source/librpc/idl/dfs.idl branches/SOC/SAMBA_4_0/source/nsswitch/winbindd_nss.h branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Client.pm branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Types.pm branches/SOC/SAMBA_4_0/source/rpc_server/spoolss/dcesrv_spoolss.c branches/SOC/SAMBA_4_0/source/setup/provision.ldif branches/SOC/SAMBA_4_0/source/setup/secrets.ldif
svn commit: samba r10862 - in branches/SOC/SAMBA_4_0/source: libnet librpc/idl torture torture/rpc
Author: metze Date: 2005-10-10 08:31:52 + (Mon, 10 Oct 2005) New Revision: 10862 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10862 Log: remove the differences between SAMBA_4_0 and SOC/SAMBA_4_0 metze Modified: branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c branches/SOC/SAMBA_4_0/source/torture/torture.c Changeset: Modified: branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c === --- branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c 2005-10-10 07:45:58 UTC (rev 10861) +++ branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c 2005-10-10 08:31:52 UTC (rev 10862) @@ -757,7 +757,7 @@ sc.out.connect_handle = p_handle; /* 2. do a samr_Connect to get a policy handle */ - status = dcerpc_samr_Connect(samr_pipe, tmp_ctx, sc); + status = dcerpc_samr_Connect(samr_pipe, tmp_ctx, sc); if (!NT_STATUS_IS_OK(status)) { r-out.error_string = talloc_asprintf(mem_ctx, samr_Connect failed: %s, @@ -945,22 +945,6 @@ return status; } } - /* -This code still has an issue in that it isn't storing the samr_pipe and the u_handle in mem_ctx, -and so they aren't staying open once this function returns. -Because of this, the RPC-NETLOGON torture test fails when trying to use the pipe and handle to leave -the domain. - -Because they are local variables and not in a TALLOC_CTX, I can't talloc_steal() them. - */ - r-out.join_password = talloc_steal(mem_ctx, password_str); - r-out.domain_sid = talloc_steal(mem_ctx, domain_sid); - r-out.domain_name = talloc_steal(mem_ctx, domain_name); - r-out.realm = talloc_steal(mem_ctx, realm); - r-out.samr_pipe = samr_pipe; - r-out.samr_binding = talloc_steal(mem_ctx, samr_binding); - r-out.user_handle = u_handle; - r-out.error_string = talloc_steal(mem_ctx, r2.samr_handle.out.error_string); account_sid = dom_sid_add_rid(mem_ctx, domain_sid, rid); if (!account_sid) { @@ -1009,8 +993,6 @@ return cu_status; } - - static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_Join *r) @@ -1128,7 +1110,6 @@ talloc_free(tmp_mem); return NT_STATUS_NO_MEMORY; } - if (!msg) goto no_mem; msg-dn = ldb_dn_build_child(tmp_mem, flatname, r2-out.domain_name, base_dn); if (!msg-dn) { @@ -1288,10 +1269,6 @@ talloc_steal(mem_ctx, r2-out.domain_sid); talloc_free(tmp_mem); return NT_STATUS_OK; -no_mem: - r-out.error_string = NULL; - talloc_free(tmp_mem); - return NT_STATUS_NO_MEMORY; } NTSTATUS libnet_Join(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_Join *r) Modified: branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl === --- branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-10-10 07:45:58 UTC (rev 10861) +++ branches/SOC/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-10-10 08:31:52 UTC (rev 10862) @@ -371,9 +371,7 @@ */ typedef [flag(NDR_PAHEX),v1_enum] enum { - DRSUAPI_OBJECTCLASS_top = 0x0001, - DRSUAPI_OBJECTCLASS_domain = 0x000a0042, - DRSUAPI_OBJECTCLASS_domainDNS = 0x000a0043 + DRSUAPI_OBJECTCLASS_top = 0x0001 } drsuapi_DsObjectClassId; typedef [flag(NDR_PAHEX),v1_enum,public] enum { @@ -394,12 +392,7 @@ DRSUAPI_ATTRIBUTE_objectCategory= 0x0009030e, DRSUAPI_ATTRIBUTE_msDS_Behavior_Version = 0x000905b3, DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs = 0x0009071c, - DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c, - DRSUAPI_ATTRIBUTE_gPLink= 0x0009037b, - DRSUAPI_ATTRIBUTE_instanceType = 0x00020001, - DRSUAPI_ATTRIBUTE_whenCreated = 0x00020002, - DRSUAPI_ATTRIBUTE_fSMORoleOwner = 0x00090171, - DRSUAPI_ATTRIBUTE_wellKnownObjects = 0x0009026a + DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c } drsuapi_DsAttributeId; /* Generic DATA_BLOB values */ Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c === --- branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c2005-10-10 07:45:58
svn commit: samba r10863 - in branches/SOC/SAMBA_4_0/source/torture: . rpc
Author: metze Date: 2005-10-10 08:34:26 + (Mon, 10 Oct 2005) New Revision: 10863 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10863 Log: fix the build metze Modified: branches/SOC/SAMBA_4_0/source/torture/config.mk branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c Changeset: Modified: branches/SOC/SAMBA_4_0/source/torture/config.mk === --- branches/SOC/SAMBA_4_0/source/torture/config.mk 2005-10-10 08:31:52 UTC (rev 10862) +++ branches/SOC/SAMBA_4_0/source/torture/config.mk 2005-10-10 08:34:26 UTC (rev 10863) @@ -79,6 +79,7 @@ torture/rpc/dfs.o \ torture/rpc/drsuapi.o \ torture/rpc/drsuapi_cracknames.o \ + torture/rpc/dssync.o \ torture/rpc/spoolss.o \ torture/rpc/unixinfo.o \ torture/rpc/samr.o \ Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c === --- branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c 2005-10-10 08:31:52 UTC (rev 10862) +++ branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c 2005-10-10 08:34:26 UTC (rev 10863) @@ -129,7 +129,7 @@ return ctx; } -static BOOL test_DsBind(struct DsSyncTest *ctx,struct cli_credentials *credentials, struct DsSyncBindInfo *b) +static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b) { NTSTATUS status; BOOL ret = True; @@ -400,10 +400,10 @@ mem_ctx = talloc_init(torture_rpc_dssync); ctx = test_create_context(mem_ctx); - ret = test_DsBind(ctx, ctx-admin.credentials, ctx-admin.drsuapi); + ret = _test_DsBind(ctx, ctx-admin.credentials, ctx-admin.drsuapi); ret = test_LDAPBind(ctx, ctx-admin.credentials, ctx-admin.ldap); ret = test_GetInfo(ctx); - ret = test_DsBind(ctx, ctx-admin.credentials, ctx-new_dc.drsuapi); + ret = _test_DsBind(ctx, ctx-admin.credentials, ctx-new_dc.drsuapi); ret = test_FetchData(ctx); return ret;
svn commit: samba r10864 - in branches/SOC/SAMBA_4_0: .
Author: metze Date: 2005-10-10 09:10:08 + (Mon, 10 Oct 2005) New Revision: 10864 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10864 Log: remove README file to reduce, diffs to main SAMBA_4_0 branch: metze README: This project was centered around adding a torture test to Samba 4, which used drsuapi_DsGetNCChanges() to retrieve the contents of an Active Directory in the same manner as an Active Directory DC replication event. As the project unfolded, I also applied some changes to the functionality of the libnet library related to joining a machine account to a domain. One of the first things that I implemented in this project was a 'neighbour_writeable' option for the RPC-DRSUAPI torture test. The command line to execute this torture test is as follows: smbtorture --option=drsuapi:neighbour_writeable=True -W domain name -U admin username%password ncacn_ip_tcp:domain controller dns name RPC-DRSUAPI This option provides us with runtime control over the DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE flag in the struct drsuapi_DsGetNCChanges.in.req.reqlevel.replica_flags, allowing us to easily test for differences in the behaviour of AD replication with the switch on or off. In the course of the project, I also implemented two more flags for the RPC-DSSYNC test. dssync:last_usn takes an integer representing the USN (Universal Serial Number) of the last recieved replication update for a particular partition (uses the domain DN if drsuapi:parition isn't set). That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned. dssync:partition takes a string DN and uses that as the name of the AD partition to replicate. Based initially on a patch provided to me by one of my mentors, Stephan (metze) Metzmacher, the RPC-DSSYNC test was implemented for this project. Initially functionality was included to perform a DC join prior to initiating replication, but the code was removed when it was realized that replication could indeed take place without being a member of the domain in any way. It has been recently suggested that we may need a DC join after all to get all of the information we may want from the AD replication. This is probably best added using a torture_join_domain() call once the libnet code is able to keep the user policy handle and SAMR RPC pipe open. The DC join code was taken out of the RPC-DSSYNC and implemented for the most part in the libnet libraries. To test this, the RPC-NETLOGON test was modified to perform a domain join, leave and rejoin. Currently, the test has a fault in that it is unable to leave the domain using the same SAMR RPC pipe and user_policy information as was used for the first join. This is because I was unable to get the code working properly in libnet to provide that functionality. Currently missing from the DC join in libnet is the code to create the CN=NTDS Settings,CN=DC NETBIOS NAME,CN=Site-Name,CN=Sites,CN=Configuration,domain DN container using the dcerpc_drsuapi_DsAddEntry() call. I did not want to implement this functionality in libnet while there were still problems with the code. I also provided the ability in libnet and the RPC-DSSYNC test to look up the proper site name using the cldap library. In my investigations, I was unable to find out any information regarding the UnicodePwd attribute, except that the same password is represented differently for two different users in the same directory. I was also able to resolve and confirm the meaning of some DRSUAPI_ATTRIBUTE ID's. DRSUAPI_OBJECTCLASS_domain (0xA0042) DRSUAPI_OBJECTCLASS_domainDNS (0xA0043) wellKnownObjects(0x9026A) fSMORoleOwner (0x90171) name or dc (0x90001) whenCreated (0x20002) instanceType(0x20001) gPLink (0x9037B) These were added to the IDL for drsuapi (source/librpc/idl/drsuapi.idl). I would like to thank everyone on the Samba team who worked with me and assisted me with this project, specifically all the work done by Stephan Metzmacher, Andrew Bartlett and Jerry Carter. Working on this project with the Samba team really has been a life changing experience, as corny as that sounds. I've realized that I was born to be a systems developer, and it has helped confirm in my mind that Open Source (specifically Samba) development is exactly what i've been missing! I would also like to take this opportunity to thank Chris Dibona and Google for the amazing opportunity. I don't know if I would have taken the leap in other circumstances. I know these notes sound a little rushed, but it is 23:55 after all! :) Removed: branches/SOC/SAMBA_4_0/README Changeset:
svn commit: samba r10866 - in branches/SOC/SAMBA_4_0: .
Author: metze Date: 2005-10-10 09:35:15 + (Mon, 10 Oct 2005) New Revision: 10866 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10866 Log: [EMAIL PROTECTED] (orig r10865): metze | 2005-10-10 11:33:06 +0200 merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 tree metze [EMAIL PROTECTED]: metze | 2005-06-30 13:44:23 +0200 create the SAMBA_4_0 branch for the Summer Of Code Project metze [EMAIL PROTECTED]: brad | 2005-07-24 03:09:48 +0200 Branching Samba 4 [EMAIL PROTECTED]: brad | 2005-07-24 06:39:00 +0200 added 'make installmisc' to howto.txt added existing 'compression' option to level8 drsuapi torture test added new 'neighbour_writeable' option to level8 drsuapi torture test [EMAIL PROTECTED]: brad | 2005-07-24 06:42:38 +0200 added metze's dssync patch as source/torture/rpc/dssync.c [EMAIL PROTECTED]: brad | 2005-07-25 00:24:46 +0200 added a test called RPC-DSSYNC to config.mk hacking at dssync.c in an attempt to make it compile [EMAIL PROTECTED]: brad | 2005-07-25 15:19:21 +0200 Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap calls. [EMAIL PROTECTED]: brad | 2005-07-26 03:35:38 +0200 more ldb changes to test_CompleteJoin(), it mostly kind of almost works now! [EMAIL PROTECTED]: brad | 2005-07-26 03:56:00 +0200 Trying to fix the crazy nesting in the branch [EMAIL PROTECTED]: brad | 2005-07-26 04:48:29 +0200 merging latest changes [EMAIL PROTECTED]: brad | 2005-07-26 04:53:43 +0200 removing nested branch [EMAIL PROTECTED]: jerry | 2005-07-27 05:04:57 +0200 merging on of Brad missing changes from the nested 4.0 branch debacle [EMAIL PROTECTED]: jerry | 2005-07-27 05:14:42 +0200 syncing up with the main 4_0 branch for Brad [EMAIL PROTECTED]: brad | 2005-07-29 00:26:30 +0200 merging changes from branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-07-29 21:07:57 +0200 Bringing my tree up to date [EMAIL PROTECTED]: brad | 2005-07-30 00:48:04 +0200 making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get my branch to compile again. [EMAIL PROTECTED]: brad | 2005-07-30 03:20:33 +0200 I think I have the ldb code down in test_CompleteJoin (not complete yet though) [EMAIL PROTECTED]: brad | 2005-07-30 07:08:13 +0200 Changed comments to C style /**/ (thanks Richard), some more changes to test_CompleteJoin(). [EMAIL PROTECTED]: brad | 2005-07-31 04:45:32 +0200 Bringing the SOC/SAMBA_4_0 branch up to date. [EMAIL PROTECTED]: brad | 2005-07-31 20:00:41 +0200 Updated some missing files from the branch [EMAIL PROTECTED]: brad | 2005-07-31 20:25:50 +0200 Removing autogenerated files from branch [EMAIL PROTECTED]: brad | 2005-07-31 20:43:58 +0200 last of the unneeded files in SOC/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 18:51:23 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 10:44:30 -0600 [EMAIL PROTECTED]: j0j0 | 2005-08-02 22:54:13 -0600 creating a local branch of branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 20:57:48 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 13:00:11 -0600 Fixing differences between this branch and /branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 21:18:05 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 13:23:12 -0600 Updating config.mk so that smbtorture builds again [EMAIL PROTECTED]: brad | 2005-08-04 18:17:36 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 21:01:02 -0600 Start using libnet_Join() for DC join. [EMAIL PROTECTED]: brad | 2005-08-04 18:17:47 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 10:21:34 -0600 Some more work towards performing a dc join. [EMAIL PROTECTED]: brad | 2005-08-04 18:53:51 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 10:53:00 -0600 Fixed a bug (passing a TALLOC_CTX to libnet_context_init() ) [EMAIL PROTECTED]: brad | 2005-08-04 21:59:55 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 14:04:55 -0600 Some more work on the domain join [EMAIL PROTECTED]: brad | 2005-08-05 16:50:26 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-05 08:55:58 -0600 Committing minor changes before merge [EMAIL PROTECTED]: brad | 2005-08-07 17:25:25 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 09:30:12 -0600 Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED. [EMAIL PROTECTED]: brad | 2005-08-07 17:25:36 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 09:31:22 -0600 Working with libnet_Join(), code cleanup needed in the near future. [EMAIL PROTECTED]: brad | 2005-08-07 21:40:22 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 13:46:09 -0600 Some code cleanup to make things a little more readable. [EMAIL PROTECTED]: brad | 2005-08-12 01:31:48 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-11 17:38:44 -0600 Split libnet_JoinDomain() into libnet_JoinDomain() and libnet_JoinADSDomain(). [EMAIL PROTECTED]: brad |
svn commit: samba r10867 - in branches/SAMBA_4_0/source: include libcli/util
Author: metze Date: 2005-10-10 11:21:02 + (Mon, 10 Oct 2005) New Revision: 10867 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10867 Log: add WERR_UNKNOWN_REVISION errorcode metze Modified: branches/SAMBA_4_0/source/include/doserr.h branches/SAMBA_4_0/source/libcli/util/doserr.c Changeset: Modified: branches/SAMBA_4_0/source/include/doserr.h === --- branches/SAMBA_4_0/source/include/doserr.h 2005-10-10 09:35:15 UTC (rev 10866) +++ branches/SAMBA_4_0/source/include/doserr.h 2005-10-10 11:21:02 UTC (rev 10867) @@ -188,6 +188,7 @@ #define WERR_MORE_DATA W_ERROR(234) #define WERR_CAN_NOT_COMPLETE W_ERROR(1003) #define WERR_INVALID_DOMAINNAME W_ERROR(1212) +#define WERR_UNKNOWN_REVISION W_ERROR(1305) #define WERR_REVISION_MISMATCH W_ERROR(1306) #define WERR_INVALID_OWNER W_ERROR(1307) #define WERR_NO_SUCH_USER W_ERROR(1317) Modified: branches/SAMBA_4_0/source/libcli/util/doserr.c === --- branches/SAMBA_4_0/source/libcli/util/doserr.c 2005-10-10 09:35:15 UTC (rev 10866) +++ branches/SAMBA_4_0/source/libcli/util/doserr.c 2005-10-10 11:21:02 UTC (rev 10867) @@ -69,6 +69,7 @@ { WERR_DFS_INTERNAL_ERROR, WERR_DFS_INTERNAL_ERROR }, { WERR_DFS_CANT_CREATE_JUNCT, WERR_DFS_CANT_CREATE_JUNCT }, { WERR_INVALID_SECURITY_DESCRIPTOR, WERR_INVALID_SECURITY_DESCRIPTOR }, + { WERR_UNKNOWN_REVISION, WERR_UNKNOWN_REVISION }, { WERR_REVISION_MISMATCH, WERR_REVISION_MISMATCH }, { WERR_INVALID_OWNER, WERR_INVALID_OWNER }, { WERR_INVALID_DOMAINNAME, WERR_INVALID_DOMAINNAME },
svn commit: samba r10868 - in branches/SAMBA_4_0/source: librpc/ndr pidl/lib/Parse/Pidl/Samba/NDR
Author: metze Date: 2005-10-10 11:47:23 + (Mon, 10 Oct 2005) New Revision: 10868 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10868 Log: make flag(NDR_PAHEX) possible to use and show the union level in hex metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2005-10-10 11:21:02 UTC (rev 10867) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2005-10-10 11:47:23 UTC (rev 10868) @@ -711,7 +711,11 @@ void ndr_print_union(struct ndr_print *ndr, const char *name, int level, const char *type) { - ndr-print(ndr, %-25s: union %s(case %d), name, type, level); + if (ndr-flags LIBNDR_PRINT_ARRAY_HEX) { + ndr-print(ndr, %-25s: union %s(case 0x%X), name, type, level); + } else { + ndr-print(ndr, %-25s: union %s(case %d), name, type, level); + } } void ndr_print_bad_level(struct ndr_print *ndr, const char *name, uint16_t level) Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm 2005-10-10 11:21:02 UTC (rev 10867) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm 2005-10-10 11:47:23 UTC (rev 10868) @@ -1624,15 +1624,17 @@ my ($e,$name) = @_; my $have_default = 0; - pidl int level = ndr_print_get_switch_value(ndr, r);; - + pidl int level;; foreach my $el (@{$e-{ELEMENTS}}) { DeclareArrayVariables($el); } - pidl ndr_print_union(ndr, name, level, \$name\);; start_flags($e); + pidl level = ndr_print_get_switch_value(ndr, r);; + + pidl ndr_print_union(ndr, name, level, \$name\);; + pidl switch (level) {; indent; foreach my $el (@{$e-{ELEMENTS}}) {
svn commit: samba r10869 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-10-10 12:10:10 + (Mon, 10 Oct 2005) New Revision: 10869 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10869 Log: add dummy functions and dummy parsing of XPRESS decompression, this is the compression algorithm used by w2k3 for DsGetNCChanges(). This algorithm isn't known yet, but it seems to be some sort of Lempel-Ziv algorithm. metze Modified: branches/SAMBA_4_0/source/librpc/ndr/libndr.h branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/libndr.h === --- branches/SAMBA_4_0/source/librpc/ndr/libndr.h 2005-10-10 11:47:23 UTC (rev 10868) +++ branches/SAMBA_4_0/source/librpc/ndr/libndr.h 2005-10-10 12:10:10 UTC (rev 10869) @@ -170,7 +170,8 @@ }; enum ndr_compression_alg { - NDR_COMPRESSION_MSZIP + NDR_COMPRESSION_MSZIP = 2, + NDR_COMPRESSION_XPRESS = 3 }; /* Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 11:47:23 UTC (rev 10868) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 12:10:10 UTC (rev 10869) @@ -37,13 +37,13 @@ NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size)); if (plain_chunk_size 0x8000) { - return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB plain chunk size %08X 0x8000 (PULL), + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad MSZIP plain chunk size %08X 0x8000 (PULL), plain_chunk_size); } NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size)); - DEBUG(10,(plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n, + DEBUG(10,(MSZIP plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n, plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size)); comp_chunk_offset = ndrpull-offset; @@ -58,7 +58,7 @@ ret = ZIPdecompress(decomp_state, comp_chunk, plain_chunk); if (ret != DECR_OK) { - return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZIBdecompress() error %d (PULL), + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZIPdecompress() error %d (PULL), ret); } @@ -98,7 +98,7 @@ uncompressed = ndr_push_blob(ndrpush); if (uncompressed.length != decompressed_len) { - return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad uncompressed_len [%u] != [%d] (PULL), + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP uncompressed_len [%u] != [%d] (PULL), (int)uncompressed.length, (int)decompressed_len); } @@ -120,7 +120,7 @@ /* TODO: check the first 4 bytes of the header */ if (payload_header[1] != 0x) { - return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad payload_header[1] [0x%08X] != [0x] (PULL), + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP payload_header[1] [0x%08X] != [0x] (PULL), payload_header[1]); } @@ -137,11 +137,85 @@ } static NTSTATUS ndr_push_compression_mszip(struct ndr_push *subndr, - struct ndr_push *comndr) + struct ndr_push *comndr) { - return ndr_push_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP compression is not supported yet (PUSH)); + return ndr_push_error(subndr, NDR_ERR_COMPRESSION, Sorry MSZIP compression is not supported yet (PUSH)); } +static NTSTATUS ndr_pull_compression_xpress_chunk(struct ndr_pull *ndrpull, + struct ndr_push *ndrpush) +{ + DATA_BLOB comp_chunk; + uint32_t comp_chunk_offset; + uint32_t comp_chunk_size; + uint32_t plain_chunk_size; + + comp_chunk_offset = ndrpull-offset; + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size)); + if (plain_chunk_size 0x0001) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad XPRESS plain chunk size %08X 0x0001 (PULL), + plain_chunk_size); + } + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size)); + + NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); + comp_chunk.length = comp_chunk_size; + comp_chunk.data = ndrpull-data + comp_chunk_offset; + + DEBUG(10,(XPRESS plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n, + plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size)); + +
svn commit: samba r10872 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-10-10 13:25:11 + (Mon, 10 Oct 2005) New Revision: 10872 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10872 Log: fix the length of the dummy XPRESS decompressed buffer metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 12:31:05 UTC (rev 10871) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 13:25:11 UTC (rev 10872) @@ -161,7 +161,7 @@ NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size)); NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); - comp_chunk.length = comp_chunk_size; + comp_chunk.length = comp_chunk_size + 8; comp_chunk.data = ndrpull-data + comp_chunk_offset; DEBUG(10,(XPRESS plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n,
svn commit: samba r10873 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-10-10 14:10:37 + (Mon, 10 Oct 2005) New Revision: 10873 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10873 Log: check the complete payload header metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 13:25:11 UTC (rev 10872) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-10-10 14:10:37 UTC (rev 10873) @@ -116,14 +116,22 @@ NDR_CHECK(ndr_pull_uint32(comndr, NDR_SCALARS, payload_header[2])); NDR_CHECK(ndr_pull_uint32(comndr, NDR_SCALARS, payload_header[3])); - payload_size = payload_header[2]; - - /* TODO: check the first 4 bytes of the header */ + if (payload_header[0] != 0x00081001) { + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP payload_header[0] [0x%08X] != [0x00081001] (PULL), + payload_header[0]); + } if (payload_header[1] != 0x) { return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP payload_header[1] [0x%08X] != [0x] (PULL), payload_header[1]); } + payload_size = payload_header[2]; + + if (payload_header[3] != 0x) { + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad MSZIP payload_header[3] [0x%08X] != [0x] (PULL), + payload_header[3]); + } + payload_offset = comndr-offset; NDR_CHECK(ndr_pull_advance(comndr, payload_size)); payload = comndr-data + payload_offset;
svn commit: samba r10874 - in branches/tmp/vl-cluster/source: . include lib libads libsmb modules nmbd nsswitch param passdb python registry rpc_client rpc_parse rpc_server script services smbd utils
Author: vlendec Date: 2005-10-10 15:03:52 + (Mon, 10 Oct 2005) New Revision: 10874 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10874 Log: Merge trunk up to r10873 Added: branches/tmp/vl-cluster/source/.indent.pro branches/tmp/vl-cluster/source/include/modconf.h branches/tmp/vl-cluster/source/rpc_server/srv_eventlog_lib.c branches/tmp/vl-cluster/source/services/svc_wins.c branches/tmp/vl-cluster/source/utils/wr_eventlog.c Removed: branches/tmp/vl-cluster/source/include/modconf.h Modified: branches/tmp/vl-cluster/source/Makefile.in branches/tmp/vl-cluster/source/include/doserr.h branches/tmp/vl-cluster/source/include/includes.h branches/tmp/vl-cluster/source/include/ntdomain.h branches/tmp/vl-cluster/source/include/rpc_eventlog.h branches/tmp/vl-cluster/source/include/rpc_misc.h branches/tmp/vl-cluster/source/include/rpc_svcctl.h branches/tmp/vl-cluster/source/include/secrets.h branches/tmp/vl-cluster/source/include/smb.h branches/tmp/vl-cluster/source/lib/talloc.c branches/tmp/vl-cluster/source/lib/talloctort.c branches/tmp/vl-cluster/source/libads/authdata.c branches/tmp/vl-cluster/source/libsmb/clikrb5.c branches/tmp/vl-cluster/source/modules/vfs_audit.c branches/tmp/vl-cluster/source/modules/vfs_extd_audit.c branches/tmp/vl-cluster/source/modules/vfs_full_audit.c branches/tmp/vl-cluster/source/nmbd/nmbd.c branches/tmp/vl-cluster/source/nsswitch/winbindd_dual.c branches/tmp/vl-cluster/source/nsswitch/winbindd_misc.c branches/tmp/vl-cluster/source/param/loadparm.c branches/tmp/vl-cluster/source/passdb/secrets.c branches/tmp/vl-cluster/source/python/py_common.h branches/tmp/vl-cluster/source/python/py_lsa.c branches/tmp/vl-cluster/source/python/py_samr.c branches/tmp/vl-cluster/source/python/py_spoolss.h branches/tmp/vl-cluster/source/python/py_spoolss_drivers.c branches/tmp/vl-cluster/source/python/py_spoolss_forms.c branches/tmp/vl-cluster/source/python/py_spoolss_jobs.c branches/tmp/vl-cluster/source/python/py_spoolss_ports.c branches/tmp/vl-cluster/source/python/py_spoolss_printerdata.c branches/tmp/vl-cluster/source/python/py_spoolss_printers.c branches/tmp/vl-cluster/source/python/py_srvsvc.c branches/tmp/vl-cluster/source/python/setup.py branches/tmp/vl-cluster/source/registry/reg_db.c branches/tmp/vl-cluster/source/registry/reg_eventlog.c branches/tmp/vl-cluster/source/registry/reg_frontend.c branches/tmp/vl-cluster/source/rpc_client/cli_pipe.c branches/tmp/vl-cluster/source/rpc_parse/parse_misc.c branches/tmp/vl-cluster/source/rpc_parse/parse_net.c branches/tmp/vl-cluster/source/rpc_parse/parse_ntsvcs.c branches/tmp/vl-cluster/source/rpc_parse/parse_prs.c branches/tmp/vl-cluster/source/rpc_server/srv_eventlog_nt.c branches/tmp/vl-cluster/source/rpc_server/srv_netlog_nt.c branches/tmp/vl-cluster/source/rpc_server/srv_ntsvcs_nt.c branches/tmp/vl-cluster/source/rpc_server/srv_pipe.c branches/tmp/vl-cluster/source/rpc_server/srv_reg_nt.c branches/tmp/vl-cluster/source/rpc_server/srv_svcctl_nt.c branches/tmp/vl-cluster/source/script/installman.sh branches/tmp/vl-cluster/source/services/services_db.c branches/tmp/vl-cluster/source/services/svc_rcinit.c branches/tmp/vl-cluster/source/smbd/open.c branches/tmp/vl-cluster/source/smbd/oplock_irix.c branches/tmp/vl-cluster/source/smbd/reply.c branches/tmp/vl-cluster/source/smbd/server.c branches/tmp/vl-cluster/source/smbd/service.c branches/tmp/vl-cluster/source/wrepld/server.c Changeset: Sorry, the patch is too large (4809 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10874
svn commit: samba r10875 - in branches/tmp/samba4-winsrepl: . source/include source/libcli/util source/librpc/idl source/librpc/ndr source/pidl/lib/Parse/Pidl/Samba/NDR source/torture source/torture/r
Author: metze Date: 2005-10-10 15:12:56 + (Mon, 10 Oct 2005) New Revision: 10875 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10875 Log: [EMAIL PROTECTED] (orig r10865): metze | 2005-10-10 11:33:06 +0200 merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 tree metze [EMAIL PROTECTED]: metze | 2005-06-30 13:44:23 +0200 create the SAMBA_4_0 branch for the Summer Of Code Project metze [EMAIL PROTECTED]: brad | 2005-07-24 03:09:48 +0200 Branching Samba 4 [EMAIL PROTECTED]: brad | 2005-07-24 06:39:00 +0200 added 'make installmisc' to howto.txt added existing 'compression' option to level8 drsuapi torture test added new 'neighbour_writeable' option to level8 drsuapi torture test [EMAIL PROTECTED]: brad | 2005-07-24 06:42:38 +0200 added metze's dssync patch as source/torture/rpc/dssync.c [EMAIL PROTECTED]: brad | 2005-07-25 00:24:46 +0200 added a test called RPC-DSSYNC to config.mk hacking at dssync.c in an attempt to make it compile [EMAIL PROTECTED]: brad | 2005-07-25 15:19:21 +0200 Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap calls. [EMAIL PROTECTED]: brad | 2005-07-26 03:35:38 +0200 more ldb changes to test_CompleteJoin(), it mostly kind of almost works now! [EMAIL PROTECTED]: brad | 2005-07-26 03:56:00 +0200 Trying to fix the crazy nesting in the branch [EMAIL PROTECTED]: brad | 2005-07-26 04:48:29 +0200 merging latest changes [EMAIL PROTECTED]: brad | 2005-07-26 04:53:43 +0200 removing nested branch [EMAIL PROTECTED]: jerry | 2005-07-27 05:04:57 +0200 merging on of Brad missing changes from the nested 4.0 branch debacle [EMAIL PROTECTED]: jerry | 2005-07-27 05:14:42 +0200 syncing up with the main 4_0 branch for Brad [EMAIL PROTECTED]: brad | 2005-07-29 00:26:30 +0200 merging changes from branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-07-29 21:07:57 +0200 Bringing my tree up to date [EMAIL PROTECTED]: brad | 2005-07-30 00:48:04 +0200 making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get my branch to compile again. [EMAIL PROTECTED]: brad | 2005-07-30 03:20:33 +0200 I think I have the ldb code down in test_CompleteJoin (not complete yet though) [EMAIL PROTECTED]: brad | 2005-07-30 07:08:13 +0200 Changed comments to C style /**/ (thanks Richard), some more changes to test_CompleteJoin(). [EMAIL PROTECTED]: brad | 2005-07-31 04:45:32 +0200 Bringing the SOC/SAMBA_4_0 branch up to date. [EMAIL PROTECTED]: brad | 2005-07-31 20:00:41 +0200 Updated some missing files from the branch [EMAIL PROTECTED]: brad | 2005-07-31 20:25:50 +0200 Removing autogenerated files from branch [EMAIL PROTECTED]: brad | 2005-07-31 20:43:58 +0200 last of the unneeded files in SOC/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 18:51:23 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 10:44:30 -0600 [EMAIL PROTECTED]: j0j0 | 2005-08-02 22:54:13 -0600 creating a local branch of branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 20:57:48 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 13:00:11 -0600 Fixing differences between this branch and /branches/SAMBA_4_0 [EMAIL PROTECTED]: brad | 2005-08-03 21:18:05 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 13:23:12 -0600 Updating config.mk so that smbtorture builds again [EMAIL PROTECTED]: brad | 2005-08-04 18:17:36 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-03 21:01:02 -0600 Start using libnet_Join() for DC join. [EMAIL PROTECTED]: brad | 2005-08-04 18:17:47 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 10:21:34 -0600 Some more work towards performing a dc join. [EMAIL PROTECTED]: brad | 2005-08-04 18:53:51 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 10:53:00 -0600 Fixed a bug (passing a TALLOC_CTX to libnet_context_init() ) [EMAIL PROTECTED]: brad | 2005-08-04 21:59:55 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-04 14:04:55 -0600 Some more work on the domain join [EMAIL PROTECTED]: brad | 2005-08-05 16:50:26 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-05 08:55:58 -0600 Committing minor changes before merge [EMAIL PROTECTED]: brad | 2005-08-07 17:25:25 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 09:30:12 -0600 Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED. [EMAIL PROTECTED]: brad | 2005-08-07 17:25:36 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 09:31:22 -0600 Working with libnet_Join(), code cleanup needed in the near future. [EMAIL PROTECTED]: brad | 2005-08-07 21:40:22 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-07 13:46:09 -0600 Some code cleanup to make things a little more readable. [EMAIL PROTECTED]: brad | 2005-08-12 01:31:48 +0200 [EMAIL PROTECTED]: j0j0 | 2005-08-11 17:38:44 -0600 Split libnet_JoinDomain() into libnet_JoinDomain() and libnet_JoinADSDomain(). [EMAIL PROTECTED]: brad |
svn commit: samba r10876 - in trunk/source/rpc_server: .
Author: jerry Date: 2005-10-10 18:11:11 + (Mon, 10 Oct 2005) New Revision: 10876 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10876 Log: use a reference count strategy for dealing with eventlog tdbs; still have to enforce access control in user space since we can only have one open context per tdb in any given process Modified: trunk/source/rpc_server/srv_eventlog_lib.c trunk/source/rpc_server/srv_eventlog_nt.c Changeset: Sorry, the patch is too large (346 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10876
svn commit: samba-web r824 - in trunk/support: .
Author: deryck Date: 2005-10-10 18:58:15 + (Mon, 10 Oct 2005) New Revision: 824 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=824 Log: Remove company info at company rep's request. deryck Modified: trunk/support/netherlands.html Changeset: Modified: trunk/support/netherlands.html === --- trunk/support/netherlands.html 2005-10-03 16:08:54 UTC (rev 823) +++ trunk/support/netherlands.html 2005-10-10 18:58:15 UTC (rev 824) @@ -4,24 +4,7 @@ h2Commercial Support - Netherlands/h2 -!--Updated: 15 June 2004 -- -hr / -h3Den Haag/h3 -presmall -UNO Automatiseringsdiensten - v.d. Kunstraat 30 - 2521 BC Den Haag - Netherlands - a href=http://www.uno.nl/it;http://www.uno.nl/it/a - Contact:Jeroen Schellart - Email: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a - Phone: +31-70-3300502 - Fax:+31-70-3300489 - Samba Experience: Install and setup of Samba on Linux, Solaris, AIX and HP-UX -/small/pre - - !-- Added: 04 January 2005 -- hr / h3Nieuw Vennep/h3
svn commit: samba r10877 - in branches/tmp/samba4_ldap_controls: . source/include source/libcli/util source/librpc/idl source/librpc/ndr source/pidl/lib/Parse/Pidl/Samba/NDR source/torture source/tort
Author: idra Date: 2005-10-10 19:53:20 + (Mon, 10 Oct 2005) New Revision: 10877 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10877 Log: merge from main tree Added: branches/tmp/samba4_ldap_controls/source/torture/rpc/dssync.c Modified: branches/tmp/samba4_ldap_controls/ branches/tmp/samba4_ldap_controls/source/include/doserr.h branches/tmp/samba4_ldap_controls/source/libcli/util/doserr.c branches/tmp/samba4_ldap_controls/source/librpc/idl/drsuapi.idl branches/tmp/samba4_ldap_controls/source/librpc/ndr/libndr.h branches/tmp/samba4_ldap_controls/source/librpc/ndr/ndr_basic.c branches/tmp/samba4_ldap_controls/source/librpc/ndr/ndr_compression.c branches/tmp/samba4_ldap_controls/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm branches/tmp/samba4_ldap_controls/source/torture/config.mk branches/tmp/samba4_ldap_controls/source/torture/rpc/drsuapi.c branches/tmp/samba4_ldap_controls/source/torture/torture.c Changeset: Sorry, the patch is too large (417 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10877
svn commit: samba r10878 - in branches/SAMBA_4_0/source: libcli/composite libcli/raw libcli/smb_composite ntvfs/cifs winbind
Author: vlendec Date: 2005-10-10 19:57:55 + (Mon, 10 Oct 2005) New Revision: 10878 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10878 Log: Reply to some comments by tridge and metze: * rename the composite helper functions from comp_* to composite_* * Move the lsa initialization to wb_connect_lsa.c * Equip smb_composite_connect with a fallback_to_anonymous The latter two simplify wb_init_domain.c quite a bit. Volker Added: branches/SAMBA_4_0/source/winbind/wb_connect_lsa.c Modified: branches/SAMBA_4_0/source/libcli/composite/composite.c branches/SAMBA_4_0/source/libcli/raw/clitree.c branches/SAMBA_4_0/source/libcli/smb_composite/connect.c branches/SAMBA_4_0/source/libcli/smb_composite/fetchfile.c branches/SAMBA_4_0/source/libcli/smb_composite/fsinfo.c branches/SAMBA_4_0/source/libcli/smb_composite/smb_composite.h branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c branches/SAMBA_4_0/source/winbind/config.mk branches/SAMBA_4_0/source/winbind/wb_async_helpers.c branches/SAMBA_4_0/source/winbind/wb_init_domain.c Changeset: Sorry, the patch is too large (1327 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10878
svn commit: samba r10879 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3: .
Author: jra Date: 2005-10-10 20:03:34 + (Mon, 10 Oct 2005) New Revision: 10879 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10879 Log: Added the ZERO_STRUCT(q_u), (r_u) entries to the generated Samba3 code. Jelmer please check ! Jeremy. Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm 2005-10-10 19:57:55 UTC (rev 10878) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm 2005-10-10 20:03:34 UTC (rev 10879) @@ -36,6 +36,9 @@ pidl prs_struct *data = p-in_data.data;; pidl prs_struct *rdata = p-out_data.rdata;; pidl ; + pidl ZERO_STRUCT(q_u); + pidl ZERO_STRUCT(r_u); + pidl ; pidl if (!$if-{NAME}_io_q_$fn-{NAME}(\\, q_u, data, 0)); pidl \treturn False;; pidl ;
svn commit: samba r10880 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3: .
Author: jra Date: 2005-10-10 20:05:29 + (Mon, 10 Oct 2005) New Revision: 10880 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10880 Log: Missed terminating ';', sorry. Jeremy. Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm 2005-10-10 20:03:34 UTC (rev 10879) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Server.pm 2005-10-10 20:05:29 UTC (rev 10880) @@ -36,8 +36,8 @@ pidl prs_struct *data = p-in_data.data;; pidl prs_struct *rdata = p-out_data.rdata;; pidl ; - pidl ZERO_STRUCT(q_u); - pidl ZERO_STRUCT(r_u); + pidl ZERO_STRUCT(q_u);; + pidl ZERO_STRUCT(r_u);; pidl ; pidl if (!$if-{NAME}_io_q_$fn-{NAME}(\\, q_u, data, 0)); pidl \treturn False;;
svn commit: samba r10881 - in trunk/source: . include rpc_client rpc_parse rpc_server rpcclient
Author: jra Date: 2005-10-10 21:44:01 + (Mon, 10 Oct 2005) New Revision: 10881 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10881 Log: Add in the first Samba4 pidl auto-generated parsing code. Thanks a *lot* to Jelmer for all his work on this. Jeremy. Modified: trunk/source/configure.in trunk/source/include/rpc_dfs.h trunk/source/rpc_client/cli_dfs.c trunk/source/rpc_parse/parse_dfs.c trunk/source/rpc_server/srv_dfs.c trunk/source/rpc_server/srv_dfs_nt.c trunk/source/rpcclient/cmd_dfs.c Changeset: Sorry, the patch is too large (5802 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10881
svn commit: samba r10882 - in trunk/source: include rpc_server utils
Author: jerry Date: 2005-10-10 22:05:06 + (Mon, 10 Oct 2005) New Revision: 10882 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10882 Log: renames for #defines of event lgo tdb keys (for consistency) fix wr_eventlog for new elog_open_tdb() semantics Modified: trunk/source/include/rpc_eventlog.h trunk/source/rpc_server/srv_eventlog_lib.c trunk/source/rpc_server/srv_eventlog_nt.c trunk/source/utils/wr_eventlog.c Changeset: Modified: trunk/source/include/rpc_eventlog.h === --- trunk/source/include/rpc_eventlog.h 2005-10-10 21:44:01 UTC (rev 10881) +++ trunk/source/include/rpc_eventlog.h 2005-10-10 22:05:06 UTC (rev 10882) @@ -47,11 +47,11 @@ #define EVENTLOG_AUDIT_FAILURE0x0010 /* Defines for TDB keys */ -#define VN_oldest_entry INFO/oldest_entry -#define VN_next_record INFO/next_record -#define VN_version INFO/version -#define VN_maxsize INFO/maxsize -#define VN_retention INFO/retention +#define EVT_OLDEST_ENTRY INFO/oldest_entry +#define EVT_NEXT_RECORD INFO/next_record +#define EVT_VERSION INFO/version +#define EVT_MAXSIZE INFO/maxsize +#define EVT_RETENTION INFO/retention #define ELOG_APPL Application #define ELOG_SYS System Modified: trunk/source/rpc_server/srv_eventlog_lib.c === --- trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-10 21:44:01 UTC (rev 10881) +++ trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-10 22:05:06 UTC (rev 10882) @@ -55,12 +55,12 @@ /* initialize with defaults, copy real values in here from registry */ - tdb_store_int32( tdb, VN_oldest_entry, 1 ); - tdb_store_int32( tdb, VN_next_record, 1 ); - tdb_store_int32( tdb, VN_maxsize, 0x8 ); - tdb_store_int32( tdb, VN_retention, 0x93A80 ); + tdb_store_int32( tdb, EVT_OLDEST_ENTRY, 1 ); + tdb_store_int32( tdb, EVT_NEXT_RECORD, 1 ); + tdb_store_int32( tdb, EVT_MAXSIZE, 0x8 ); + tdb_store_int32( tdb, EVT_RETENTION, 0x93A80 ); - tdb_store_int32( tdb, VN_version, EVENTLOG_DATABASE_VERSION_V1 ); + tdb_store_int32( tdb, EVT_VERSION, EVENTLOG_DATABASE_VERSION_V1 ); return tdb; } @@ -120,11 +120,11 @@ tdb_traverse( tdb, eventlog_tdb_size_fn, tsize ); if ( MaxSize != NULL ) { - *MaxSize = tdb_fetch_int32( tdb, VN_maxsize ); + *MaxSize = tdb_fetch_int32( tdb, EVT_MAXSIZE ); } if ( Retention != NULL ) { - *Retention = tdb_fetch_int32( tdb, VN_retention ); + *Retention = tdb_fetch_int32( tdb, EVT_RETENTION ); } DEBUG( 1, @@ -168,12 +168,12 @@ if ( mem_ctx == NULL ) return False; /* can't allocate memory indicates bigger problems */ /* lock */ - tdb_lock_bystring( the_tdb, VN_next_record, 1 ); + tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ - end_record = tdb_fetch_int32( the_tdb, VN_next_record ); - start_record = tdb_fetch_int32( the_tdb, VN_oldest_entry ); - Retention = tdb_fetch_int32( the_tdb, VN_retention ); - MaxSize = tdb_fetch_int32( the_tdb, VN_maxsize ); + end_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); + start_record = tdb_fetch_int32( the_tdb, EVT_OLDEST_ENTRY ); + Retention = tdb_fetch_int32( the_tdb, EVT_RETENTION ); + MaxSize = tdb_fetch_int32( the_tdb, EVT_MAXSIZE ); time( current_time ); @@ -199,7 +199,7 @@ DEBUG( 8, ( Can't find a record for the key, record [%d]\n, i ) ); - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); return False; } nbytes += ret.dsize;/* note this includes overhead */ @@ -236,9 +236,9 @@ tdb_delete( the_tdb, key ); } - tdb_store_int32( the_tdb, VN_oldest_entry, new_start ); + tdb_store_int32( the_tdb, EVT_OLDEST_ENTRY, new_start ); } - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); return True; } @@ -340,7 +340,7 @@ tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); if ( tdb ) { - vers_id = tdb_fetch_int32( tdb, VN_version ); + vers_id = tdb_fetch_int32( tdb, EVT_VERSION ); if ( vers_id != EVENTLOG_DATABASE_VERSION_V1 ) { DEBUG(1,(elog_open_tdb: Invalid version [%d] on file [%s].\n, @@ -466,9 +466,9 @@ /* need to read the record number and insert it into the entry here */ /* lock */ -
svn commit: samba r10883 - in trunk/source/rpc_server: .
Author: jerry Date: 2005-10-10 22:17:41 + (Mon, 10 Oct 2005) New Revision: 10883 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10883 Log: cleaning up comments Modified: trunk/source/rpc_server/srv_eventlog_lib.c Changeset: Modified: trunk/source/rpc_server/srv_eventlog_lib.c === --- trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-10 22:05:06 UTC (rev 10882) +++ trunk/source/rpc_server/srv_eventlog_lib.c 2005-10-10 22:17:41 UTC (rev 10883) @@ -104,9 +104,12 @@ return 0; } -/* returns the size of the eventlog, and if MaxSize is a non-null ptr, puts - the MaxSize there. This is purely a way not to have yet another function that solely - reads the maxsize of the eventlog. Yeah, that's it. */ +/ + returns the size of the eventlog, and if MaxSize is a non-null + ptr, puts the MaxSize there. This is purely a way not to have yet + another function that solely reads the maxsize of the eventlog. + Yeah, that's it. +/ int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) { @@ -133,20 +136,18 @@ return tsize.size; } +/ + Discard early event logs until we have enough for 'needed' bytes... + NO checking done beforehand to see that we actually need to do + this, and it's going to pluck records one-by-one. So, it's best + to determine that this needs to be done before doing it. -/* - Discard early event logs until we have enough for 'needed' bytes... - NO checking done beforehand to see that we actually need to do this, and - it's going to pluck records one-by-one. So, it's best to determine that this - needs to be done before doing it. + Setting whack_by_date to True indicates that eventlogs falling + outside of the retention range need to go... + + return True if we made enough room to accommodate needed bytes +/ - Setting whack_by_date to True indicates that eventlogs falling outside of the - retention range need to go... - -*/ - -/* return True if we made enough room to accommodate needed bytes */ - BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, BOOL whack_by_date ) { @@ -242,10 +243,10 @@ return True; } -/* +/ some hygiene for an eventlog - see how big it is, and then calculate how many bytes we need to remove -*/ +/ BOOL prune_eventlog( TDB_CONTEXT * tdb ) { @@ -269,6 +270,9 @@ return make_way_for_eventlogs( tdb, 0, True ); } +/ +/ + BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) { int calcd_size;
svn commit: samba r10884 - in trunk/source/rpc_server: .
Author: jerry Date: 2005-10-10 22:18:12 + (Mon, 10 Oct 2005) New Revision: 10884 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10884 Log: adding placeholder for access check in eventlog open Modified: trunk/source/rpc_server/srv_eventlog_nt.c Changeset: Modified: trunk/source/rpc_server/srv_eventlog_nt.c === --- trunk/source/rpc_server/srv_eventlog_nt.c 2005-10-10 22:17:41 UTC (rev 10883) +++ trunk/source/rpc_server/srv_eventlog_nt.c 2005-10-10 22:18:12 UTC (rev 10884) @@ -31,6 +31,7 @@ uint32 num_records; uint32 oldest_entry; uint32 flags; + uint32 access_granted; } EVENTLOG_INFO; / @@ -64,6 +65,14 @@ } / +/ + +static BOOL elog_check_access( EVENTLOG_INFO *info ) +{ + return True; +} + +/ / static BOOL elog_validate_logname( const char *name ) @@ -95,11 +104,16 @@ return WERR_NOMEM; elog-logname = talloc_strdup( elog, logname ); + + /* do the access check */ + if ( !elog_check_access( elog ) ) { + TALLOC_FREE( elog ); + return WERR_ACCESS_DENIED; + } /* having done the nexessary access checks, surround the tdb open with a {un}become_root() pair since we can only have one tdb context per eventlog per process */ - become_root(); elog-tdb = elog_open_tdb( elog-logname ); @@ -115,6 +129,12 @@ elog-logname = talloc_strdup( elog, ELOG_APPL ); + /* do the access check */ + if ( !elog_check_access( elog ) ) { + TALLOC_FREE( elog ); + return WERR_ACCESS_DENIED; + } + become_root(); elog-tdb = elog_open_tdb( elog-logname ); unbecome_root(); @@ -124,7 +144,7 @@ TALLOC_FREE( elog ); return WERR_OBJECT_PATH_INVALID;/* ??? */ } - } + } /* create the policy handle */
Build status as of Tue Oct 11 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-10-10 00:00:29.0 + +++ /home/build/master/cache/broken_results.txt 2005-10-11 00:00:33.0 + @@ -1,17 +1,17 @@ -Build status as of Mon Oct 10 00:00:02 2005 +Build status as of Tue Oct 11 00:00:02 2005 Build counts: Tree Total Broken Panic -ccache 9 2 0 -distcc 11 2 0 -lorikeet-heimdal 14 9 0 +ccache 10 2 0 +distcc 11 3 0 +lorikeet-heimdal 12 6 0 ppp 18 0 0 -rsync38 3 0 +rsync37 2 0 samba2 0 0 samba-docs 0 0 0 samba4 38 16 4 samba_3_038 10 0 smb-build29 5 0 -talloc 13 5 0 -tdb 8 3 0 +talloc 11 5 0 +tdb 9 4 0
svn commit: samba r10885 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-10-11 04:25:47 + (Tue, 11 Oct 2005) New Revision: 10885 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10885 Log: Fix bug where read-only share files are always seen as read-only. Noticed by Andrew Bartlett. Jeremy Modified: branches/SAMBA_3_0/source/smbd/dosmode.c branches/SAMBA_3_0/source/smbd/posix_acls.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/dosmode.c === --- branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-10 22:18:12 UTC (rev 10884) +++ branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:25:47 UTC (rev 10885) @@ -479,7 +479,7 @@ */ /* Check if we have write access. */ - if (can_write_to_file(conn, fname, sbuf)) { + if (CAN_WRITE(conn) can_write_to_file(conn, fname, sbuf)) { /* We are allowed to become root and change the filetime. */ become_root(); ret = SMB_VFS_UTIME(conn,fname, times); Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c === --- branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-10-10 22:18:12 UTC (rev 10884) +++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2005-10-11 04:25:47 UTC (rev 10885) @@ -4149,16 +4149,13 @@ / Actually emulate the in-kernel access checking for write access. We need this to successfully check for ability to write for dos filetimes. + Note this doesn't take into account share write permissions. / BOOL can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf) { int ret; - if (!CAN_WRITE(conn)) { - return False; - } - if (current_user.uid == 0 || conn-admin_user) { /* I'm sorry sir, I didn't know you were root... */ return True;
svn commit: samba r10886 - in trunk/source/smbd: .
Author: jra Date: 2005-10-11 04:26:09 + (Tue, 11 Oct 2005) New Revision: 10886 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10886 Log: Fix bug where read-only share files are always seen as read-only. Noticed by Andrew Bartlett. Jeremy Modified: trunk/source/smbd/dosmode.c trunk/source/smbd/posix_acls.c Changeset: Modified: trunk/source/smbd/dosmode.c === --- trunk/source/smbd/dosmode.c 2005-10-11 04:25:47 UTC (rev 10885) +++ trunk/source/smbd/dosmode.c 2005-10-11 04:26:09 UTC (rev 10886) @@ -479,7 +479,7 @@ */ /* Check if we have write access. */ - if (can_write_to_file(conn, fname, sbuf)) { + if (CAN_WRITE(conn) can_write_to_file(conn, fname, sbuf)) { /* We are allowed to become root and change the filetime. */ become_root(); ret = SMB_VFS_UTIME(conn,fname, times); Modified: trunk/source/smbd/posix_acls.c === --- trunk/source/smbd/posix_acls.c 2005-10-11 04:25:47 UTC (rev 10885) +++ trunk/source/smbd/posix_acls.c 2005-10-11 04:26:09 UTC (rev 10886) @@ -4149,16 +4149,13 @@ / Actually emulate the in-kernel access checking for write access. We need this to successfully check for ability to write for dos filetimes. + Note this doesn't take into account share write permissions. / BOOL can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf) { int ret; - if (!CAN_WRITE(conn)) { - return False; - } - if (current_user.uid == 0 || conn-admin_user) { /* I'm sorry sir, I didn't know you were root... */ return True;
svn commit: samba r10887 - in trunk/source/smbd: .
Author: jra Date: 2005-10-11 04:28:29 + (Tue, 11 Oct 2005) New Revision: 10887 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10887 Log: We've already checked 'CAN_WRITE' so we don't need to do it again. Jeremy. Modified: trunk/source/smbd/dosmode.c Changeset: Modified: trunk/source/smbd/dosmode.c === --- trunk/source/smbd/dosmode.c 2005-10-11 04:26:09 UTC (rev 10886) +++ trunk/source/smbd/dosmode.c 2005-10-11 04:28:29 UTC (rev 10887) @@ -479,7 +479,7 @@ */ /* Check if we have write access. */ - if (CAN_WRITE(conn) can_write_to_file(conn, fname, sbuf)) { + if (can_write_to_file(conn, fname, sbuf)) { /* We are allowed to become root and change the filetime. */ become_root(); ret = SMB_VFS_UTIME(conn,fname, times);
svn commit: samba r10888 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-10-11 04:28:46 + (Tue, 11 Oct 2005) New Revision: 10888 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10888 Log: We've already checked 'CAN_WRITE' so we don't need to do it again. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/dosmode.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/dosmode.c === --- branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:28:29 UTC (rev 10887) +++ branches/SAMBA_3_0/source/smbd/dosmode.c2005-10-11 04:28:46 UTC (rev 10888) @@ -479,7 +479,7 @@ */ /* Check if we have write access. */ - if (CAN_WRITE(conn) can_write_to_file(conn, fname, sbuf)) { + if (can_write_to_file(conn, fname, sbuf)) { /* We are allowed to become root and change the filetime. */ become_root(); ret = SMB_VFS_UTIME(conn,fname, times);
svn commit: samba r10889 - in branches/SAMBA_4_0/source/lib/ldb/ldb_tdb: .
Author: tridge Date: 2005-10-11 04:34:15 + (Tue, 11 Oct 2005) New Revision: 10889 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10889 Log: make searches for dn's less of a special case, and much faster when part of more complex expressions Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2005-10-11 04:28:46 UTC (rev 10888) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_index.c 2005-10-11 04:34:15 UTC (rev 10889) @@ -319,6 +319,13 @@ if (ldb_attr_cmp(tree-u.equality.attr, LTDB_OBJECTCLASS) == 0) { return ltdb_index_dn_objectclass(module, tree, index_list, list); } + if (ldb_attr_cmp(tree-u.equality.attr, distinguishedName) == 0 || + ldb_attr_cmp(tree-u.equality.attr, dn) == 0) { + char *dn = talloc_strdup(list, (char *)tree-u.equality.value.data); + list-count = 1; + list-dn = dn; + return 1; + } return ltdb_index_dn_simple(module, tree, index_list, list); } Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c 2005-10-11 04:28:46 UTC (rev 10888) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_search.c 2005-10-11 04:34:15 UTC (rev 10889) @@ -501,21 +501,6 @@ if ((base == NULL || base-comp_num == 0) (scope == LDB_SCOPE_BASE || scope == LDB_SCOPE_ONELEVEL)) return -1; - /* it is important that we handle dn queries this way, and not - via a full db search, otherwise ldb is horribly slow */ - if (tree-operation == LDB_OP_EQUALITY - (ldb_attr_cmp(tree-u.equality.attr, dn) == 0 || -ldb_attr_cmp(tree-u.equality.attr, distinguishedName) == 0)) { - struct ldb_dn *dn; - dn = ldb_dn_explode(module-ldb, tree-u.equality.value.data); - if (dn == NULL) { - return LDB_ERR_INVALID_DN_SYNTAX; - } - ret = ltdb_search_dn(module, dn, attrs, res); - talloc_free(dn); - return ret; - } - if (ltdb_lock_read(module) != 0) { return -1; }
svn commit: samba r10890 - in branches/tmp/samba4-winsrepl: . source/lib/ldb/ldb_tdb source/libcli/composite source/libcli/raw source/libcli/smb_composite source/ntvfs/cifs source/pidl/lib/Parse/Pidl/
Author: metze Date: 2005-10-11 04:43:44 + (Tue, 11 Oct 2005) New Revision: 10890 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10890 Log: [EMAIL PROTECTED] (orig r10878): vlendec | 2005-10-10 21:57:55 +0200 Reply to some comments by tridge and metze: * rename the composite helper functions from comp_* to composite_* * Move the lsa initialization to wb_connect_lsa.c * Equip smb_composite_connect with a fallback_to_anonymous The latter two simplify wb_init_domain.c quite a bit. Volker [EMAIL PROTECTED] (orig r10879): jra | 2005-10-10 22:03:34 +0200 Added the ZERO_STRUCT(q_u), (r_u) entries to the generated Samba3 code. Jelmer please check ! Jeremy. [EMAIL PROTECTED] (orig r10880): jra | 2005-10-10 22:05:29 +0200 Missed terminating ';', sorry. Jeremy. [EMAIL PROTECTED] (orig r10889): tridge | 2005-10-11 06:34:15 +0200 make searches for dn's less of a special case, and much faster when part of more complex expressions Added: branches/tmp/samba4-winsrepl/source/winbind/wb_connect_lsa.c Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_index.c branches/tmp/samba4-winsrepl/source/lib/ldb/ldb_tdb/ldb_search.c branches/tmp/samba4-winsrepl/source/libcli/composite/composite.c branches/tmp/samba4-winsrepl/source/libcli/raw/clitree.c branches/tmp/samba4-winsrepl/source/libcli/smb_composite/connect.c branches/tmp/samba4-winsrepl/source/libcli/smb_composite/fetchfile.c branches/tmp/samba4-winsrepl/source/libcli/smb_composite/fsinfo.c branches/tmp/samba4-winsrepl/source/libcli/smb_composite/smb_composite.h branches/tmp/samba4-winsrepl/source/ntvfs/cifs/vfs_cifs.c branches/tmp/samba4-winsrepl/source/pidl/lib/Parse/Pidl/Samba3/Server.pm branches/tmp/samba4-winsrepl/source/winbind/config.mk branches/tmp/samba4-winsrepl/source/winbind/wb_async_helpers.c branches/tmp/samba4-winsrepl/source/winbind/wb_init_domain.c Changeset: Sorry, the patch is too large (1403 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10890
svn commit: samba r10891 - in branches/SAMBA_4_0/source/lib/tdb/common: .
Author: tridge Date: 2005-10-11 05:01:52 + (Tue, 11 Oct 2005) New Revision: 10891 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10891 Log: I noticed that the secrets.db was not being backed up on my system due to msync/mmap not changing the mtime of the file. This patch ensures that for successfully completed transactions we update the mtime. I don't do this on all tdb writes as its too expensive, but doing it just on transactions is bearable, as those cost quite a lot anyway. Modified: branches/SAMBA_4_0/source/lib/tdb/common/transaction.c Changeset: Modified: branches/SAMBA_4_0/source/lib/tdb/common/transaction.c === --- branches/SAMBA_4_0/source/lib/tdb/common/transaction.c 2005-10-11 04:43:44 UTC (rev 10890) +++ branches/SAMBA_4_0/source/lib/tdb/common/transaction.c 2005-10-11 05:01:52 UTC (rev 10891) @@ -857,6 +857,15 @@ tdb_brlock_len(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1); + /* on some systems (like Linux 2.6.x) changes via mmap/msync + don't change the mtime of the file, this means the file may + not be backed up (as tdb rounding to block sizes means that + file size changes are quite rare too). The following forces + mtime changes when a transaction completes */ +#ifdef HAVE_UTIME + utime(tdb-name, NULL); +#endif + /* use a transaction cancel to free memory and remove the transaction locks */ tdb_transaction_cancel(tdb);