[Samba] Problem in cancelling print-jobs in cups-samba
Hi All, I have managed to integrate SAMBA and CUPS on my hardware running on linux basically used as a print-server. I give print-commands from Windows PC and the printer is connected to the hardware. I am able to get the print-jobs done. Also, I am able to cancel all the jobs at a time by selecting Cancel All from the menu The problem is that I am unable to control the individual jobs furthur to cancel, pause, resume etc. I doubt that the problem lies in the SAMBA-CUPS interface. Can anybody suggest me some solution to the above problem. Also give me the details of the versions of SAMBA and CUPS to be integrated. Thanks, Arun -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Maximum samba file transfer speed on gigabit...
What Version of Samba is running? Various versions of 3.0 on multiple servers. Is it a kind of Locking Problem? Ooh, good question, I'm not sure, and I'll try your oplocks settings. What exactly am I turning off, however, if I do that? Am I turning off file locking altogether? What speed have a Filetransfer with ftp? What speed did you have with a Windows Server? Ok well along those lines, here's another thing that I've noticed since I first posted. I had been getting ~940Mb/s in iperf, so I didn't think it was a network or NIC specific issue. I was using mount -t cifs and rsync -a --stats --progress to gauge my speed, which is where I was getting the 20 MB/s speed statistics. However, copying large files through Windows Explorer from the Samba share results in 55-60 MB/s. So, I don't know if there's a problem with rsync, smbfs, or cifs or whatever, but it looks like actual file transfer speeds (whether on one large file or an entire directory) are pretty good. I wouldn't mind seeing closer to 100+ MB/s, but I guess at around 60 MB/s, that's a great start. NOW the problem is that whenever I actually OPEN a file from any of the Samba servers, it opens MUCH slower than on a comparable Windows server. A large Excel file, for example, takes 15 seconds to load instead of 6 seconds when loaded from the Windows server. A given FoxPro query takes 45-55 seconds to run over the Samba share as opposed to around 10-12 seconds over the network from the Windows server. Could this be related to the oplocks stuff you were talking about, or would this point to a completely different problem? What are the downsides to turning off these oplocks settings? Have you testet your Diskthrouput with bonnie (or such Tools)? Yes, and I'm getting at least 50-60 MB/s (probably now my bottleneck), although I've set up an SAS raid array that ought to get much faster than that, but doesn't - however that's a question for another mailing list! Thanks for your help! -BJ Quinn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Linux Installation and Basic Configuration Training on June 13-17, 2006
Global Knowledge Associates, Inc. invites you to attend. Linux Installation and Basic Configuration (LNX101) Course Fee: 12,880.00 VAT Inc. Schedule: June 13-17,2006 Duration: 5 days Why Linux? a.. Other Considerations b.. Fragmentation c.. High Cost d.. Vendor Dominance? e.. The Value Proposition f.. Reliability g.. Scalability h.. Security i.. ROI j.. TCO k.. Course Format l.. Product Development m.. Structure n.. Objectives o.. Conventions p.. Introduction to LPI Labs q.. Introduction to Lab Solutions r.. Lab Conventions Linux Fundamentals a.. What is Linux? b.. The History of Linux c.. The Free Software Model d.. Proprietary Software Under Linux e.. The GNU General Public License f.. Lesser General Public License g.. Applying the GPL to Your Programs h.. Linux Features i.. Hardware j.. Loadable Device Modules k.. Software l.. GUI Window Managers m.. Programming Languages n.. Linux Advantages o.. GUIs Are Optional p.. Remote Administration is Easy q.. Rebooting is Uncommon r.. Viruses Are Almost Non-existent s.. Greater Security t.. Linux Limitations u.. Linux Distribution Mechanism v.. Linux Standards w.. FHS and LSB x.. Linux Documentation y.. The Linux Documentation Project z.. System Administration aa.. Operational (vs Administrative) Duties ab.. Administrative (vs Operational) Duties ac.. Support ad.. System Documentation ae.. Providing User Support Installing a Linux System a.. Installation Options b.. Getting Ready c.. Types of Servers and Workstations d.. Identify Your Hardware e.. Determine Network Settings f.. Installation g.. Installing From a CD-ROM h.. Creating a Boot Floppy i.. Installing From a Network j.. General Installation Steps k.. Install or Upgrade l.. Disk Partitioning m.. Swap Space n.. File System Types o.. extfs p.. extfs q.. ReiserFS r.. XFS s.. JFS t.. Partitioning the Drive u.. fdisk v.. Sample Allocation Plan w.. Drive and Partition Names x.. Commands y.. Partition Attributes z.. Partition ID Type aa.. The fdisk Procedure ab.. Other Partitioning Methods ac.. Software Choices ad.. Hardware Configuration ae.. System Settings af.. X Window System Installation ag.. Linux Boot Loaders ah.. The Cylinder Limit ai.. Boot Loaders: LILO, Grub, and LOADLIN aj.. LILO ak.. GRUB al.. LOADLIN am.. System Initialization an.. init and /etc/inittab ao.. Boot Sequence Hardware a.. Hardware b.. System Boot Procedure c.. Floppy Drives d.. IDE Drives e.. SCSI f.. SCSI Device Configuration g.. The SCSI BIOS h.. Peripheral Devices: AGP, ISA, and PCI i.. AGP j.. ISA k.. PCI Hot Swappable Hardware a.. USB b.. IEEE c.. PCMCIA and CardBus d.. Mobile Hardware e.. Other Peripherals f.. Addresses, Channels, and Ports g.. IRQ h.. I/O Addresses i.. DMA j.. COM Ports k.. Printer Ports (LPT) l.. SCSI Device Numbering m.. Adding and Configuring Devices n.. Devices and Drivers o.. ISA/Plug and Play p.. Hard Drives q.. Network Interface Controllers r.. Adding RAM s.. Modems t.. Audio Controllers u.. The Linux Kernel v.. The ALSA Project w.. OSS Commercial Sound Drivers x.. USB y.. USB Modules Linux Usage a.. Command Line Basics b.. Command Line Syntax c.. Common Commands d.. su and sudo e.. Navigating the Directory Tree f.. The ls Command g.. Hidden Files h.. The cd Command i.. The pwd Command j.. ViewingPermissions k.. Symbolic Links (symlinks) l.. Copying, Moving, and Removing Files m.. The cp Command n.. The mv Command o.. The rm Command p.. Creating and Deleting Directories q.. The Linux Shell r.. Profiles s.. Environment t.. Using the bash Shell u.. Command History and Editing v.. Recursive Commands w.. Background jobs x.. bash Scripting y.. Variables Getting Help a.. Documentation b.. man Pages and the man Command c.. Manual Entries d.. Related Commands e.. info Command f.. Documentation in /usr/doc g.. Online Documentation h.. Linux Documentation Project i.. Usenet Newsgroups j.. Newsgroup Archives k.. Hardcopy Documentation l.. System Information m.. Identifying the System n.. System Default Files o.. Identifying and Communicating with Active Users p.. Talking to Users q.. Login Prompts r.. Finding Files s.. The find Command t.. The locate Command u.. Locating Commands v.. Interpreting Files Linux Text Editors a.. Linux Text Editors b.. Basic vi c.. vi modes d.. Moving Within a File e.. Global Replacement and Regular Expressions f.. The set Command g.. The exrc File h.. Executing Commands File Systems a.. File System Structure b.. File System
[Samba] Unable to cancel print-jobs in cups-samba combination
Hi All, I am basically working on a product in which print-server is one of its functionalities. I am using SAMBA for sharing a printer which is connected to the hardware running Linux. I am running SAMBA and CUPS to manage the printing-options on the hardware. I am able to get prints when i give a print-command on the Windows PC which is connected via ethernet to the hardware. Also I am able to Cancel All Jobs from the menu. The problem is that I am unable to process individual jobs to cancel, pause, resume, etc by right-clicking a particular job and select them to do so. I doubt if the SAMBA that I am using is properly communicating the commands to the cups running on the hardware. I will be grateful if I get any help in this regard. Also if anybody has come accross this issue and managed to make for it I need the versions of CUPS and SAMBA used and any modifications need to be done in that. Thanks, Arun -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient failing due to switch MAC addr table timeout
3.0.21c on RHEL3. I use smbclient to transfer files from Samba to WIN PCs, name resolution is through bcast on local LAN. The network is not managed by me, all PC's are connected through switches (no routers). Sometimes ago network admins started decreasing the MAC addr table timeout in the switches setting it to 300 secs, this increased dramatically the chances a MAC is not in the switch MAC table, this had some side-effects: - you lose first ping packest (or first 2) when pinging an host whose MAC addr is not in the switch MAC table - smbclient will fail to transfer files since it will immediately exit after failing to estabilish a connection - other apps (ie: telnet) will somehow wait a bit and manage to make the connection at the 1st attempt. So, is there a way to have smbclient wait a bit longer before giving up? I'd like to avoid having to do pings before calling smbclient or calling smbclient multiple times. Thanks -- [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA-LDIF
Hello! I'm using samba 3.0.14 on a debian sarge. How can i extract the samba users in a ldif file? Is it possible? Many thanks Boukari -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount and win2003 sp1
It is very likely that smbfs does not do some of the advanced authentication options that W2k3 SP1 now requires. Please test the cifs filesystem, smbfs is unsupported for a while now. Volker I tried mount.cifs, and get the following message: [EMAIL PROTECTED]:# mount -t cifs //localhost/share1 /tmp/testmount/ -o username=u1,password=u11 mount error 22 = Invalid argument Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) Anything wrong with my option? Thanks, Latrell - Original Message - From: Volker Lendecke [EMAIL PROTECTED] To: Latrell [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Monday, June 05, 2006 8:25 PM Subject: Re: [Samba] smbmount and win2003 sp1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount and win2003 sp1
I did some more tests. Local user can cifsmount correctly, but when I joined domain (2003 ad domain with sp1), cifsmount will fail. Then same condition also happened on smbmount. Why does sp1 cause smbmount and cifsmount fail? [EMAIL PROTECTED]:~# mount.cifs //localhost/share1 /tmp/testmount/ -o username=NAS\adu1,password=adu1 mount error 22 = Invalid argument Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) I also tried username=adu1, NAS\adu1, still not worked. Latrell - Original Message - From: Latrell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Tuesday, June 06, 2006 7:35 PM Subject: Re: [Samba] smbmount and win2003 sp1 It is very likely that smbfs does not do some of the advanced authentication options that W2k3 SP1 now requires. Please test the cifs filesystem, smbfs is unsupported for a while now. Volker I tried mount.cifs, and get the following message: [EMAIL PROTECTED]:# mount -t cifs //localhost/share1 /tmp/testmount/ -o username=u1,password=u11 mount error 22 = Invalid argument Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) Anything wrong with my option? Thanks, Latrell - Original Message - From: Volker Lendecke [EMAIL PROTECTED] To: Latrell [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Monday, June 05, 2006 8:25 PM Subject: Re: [Samba] smbmount and win2003 sp1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Getting NTLM group info about user
Anybody have any ideas on this? I would reallly appreciate some help. Thanks, - Jeremiah On 6/2/06, Jeremiah Martell [EMAIL PROTECTED] wrote: I use samba on my linux box to register to a remote windows domain. I start up winbindd. Then I use net join -S PDC -U user%pass to join to the domain. I can test it out by authenticating myself with wbinfo -a user%pass which works fine. Id like to get back what groups I'm in. I tried wbinfo -r ME but it doesn't work: Could not get groups for user ME. I've verified that I am actually in some groups in the windows box (active directory). What am I doing wrong? Thanks, -- - Jeremiah [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: samba Digest, Vol 42, Issue 6
Hi Scott, Good to see 64bit, I would suggest doing something like this as follows logon to a BDC that is currently accepting domain logons and is replicating the database from the PDC. as root slapcat-v -l ldiif-transfer.txt ; to dump the database. root scp ldif-transfer.txt [EMAIL PROTECTED]:/dir root net getlocalsid | cat sidtransfer.txt # vi and check the file for sid number root scp sidtransfer.txt [EMAIL PROTECTED]:/dir logon to the RHE4 BDC as root root cd /dir # you should see ldif-transfer.txt sidtransfer.txt root service ldap stop root cd /var/lib/ldap root rm -rf * # be sure to be in right dir /var/lib/ldap root cd /dir root slapadd -v -l ldif.transfer.txt root chown -R ldap.ldap /var/lib/ldap root service ldap start root smbpasswd -w secretpassword root net rpc getsid root net rpc join at this stage restart samba ldap on the RHE4BDC and do a root net getlocalsid # check that it matches ur sid from /dir/sidtransfer.txt # if not cat sidtransfer.txt and net setlocalsid sid-556S-1-5-21-3018044689.. Test again and let us know, make sure user names are been replicated from the pdc to all bdc;s. Cheers, Adrian Sender From: Scott Moorhouse [EMAIL PROTECTED] To: samba@lists.samba.org Subject: [Samba] 64-bit RHEL4 BDC doesn't allow workstation logons Date: Mon, 5 Jun 2006 12:22:07 -0500 I'm trying to set up Samba on RHEL4 as a BDC for subnet 10.6.0.0/16. The PDC is located at another site and on another network. Its IP address is 10.2.0.2. There are other BDCs on subnets 10.1.0.0/16, 10.3.0.0/16, and 10.4.0.0/16 that all function fine. This is the only one on RHEL and this is the only one on a 64 bit box. We are using ldapsam for the passdb. The important config lines are: [global] workgroup = AEI netbios name = APPDEVEL-BIS passdb backend = ldapsam:ldap://ldap.server.name local master = yes preferred master = no domain master = no os level = 33 domain logons = yes wins server = 10.2.0.2 I have used smbpasswd -w secret, as well as net rpc join with a successful domain join. Whenever someone logs in on a computer joined to the domain on this subnet (and all the computers in this domain were already joined to the domain AEI before this BDC was put into place) they get the: Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. [...] Modifying the config file to say domain logons = no passes the logon to another DC and then the logon works. Logs at log level 5 say such scary things as: [token.log, a workstation trying to log in] [2006/06/05 12:13:07, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2006/06/05 12:13:07, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2006/06/05 12:13:07, 5] auth/auth_util.c:is_trusted_domain(1491) is_trusted_domain: Checking for domain trust with [AEI] [2006/06/05 12:13:07, 5] passdb/secrets.c:secrets_fetch_trusted_domain_password( 334) secrets_fetch failed! [2006/06/05 12:13:07, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2006/06/05 12:13:07, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain AEI found. [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(133) attempting to make a user_info for () [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(143) making strings for 's user_info struct [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(185) making blobs for 's user_info struct [2006/06/05 12:13:07, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2006/06/05 12:13:07, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] At which point it looks like it tries guest access by mapping null user to nobody, which isn't allowed, and fails. I'm convinced that the machine actually doesn't believe that it's a domain member. For instance, in Printers and Faxes, it says the privileged user is APPDEVEL-BIS\Administrators, not AEI\Administrators. etc. That would seem to make some sense with its behavior, but I don't know how else to convince it it's a domain member other than what I've already done with net rpc join, which has been successful for me in the past. But what's also bizarre is that after one gets logged in, you can browse APPDEVEL-BIS's shares fine without having to log in, and with seemingly the correct access levels. Is there a 64-bit issue going on here? Or maybe a library version issue? Right now I'm using samba 3.0.10 which comes with RHEL4, but I have experienced the same problems with 3.0.22 built from source and I'm staying on 3.0.10 right now because I'm querying Red Hat support with this same question --
Re: [Samba] [PATCH] Pet peave then-than
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Wood wrote: This patch fixes all the incorrect uses of then that I could find on the whole SAMBA_4_0 branch. i.e. it is relative to svn://svnanon.samba.org/samba/branches/SAMBA_4_0 at revision 16046. Hey Michael, I you could resend this to me an atatchment (rather than inline), I'll apply it. Offlist is fine. Thanks. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEhZvWIR7qMdg1EfYRAheyAKDl7SIZjbzJBSC60oD2sDlVSIGnsACfcbNA FLUKbdGECMXJEvXVvfUG8YY= =8VH2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Getting NTLM group info about user
On Tue, Jun 06, 2006 at 09:44:24AM -0400, Jeremiah Martell wrote: I use samba on my linux box to register to a remote windows domain. I start up winbindd. Then I use net join -S PDC -U user%pass to join to the domain. I can test it out by authenticating myself with wbinfo -a user%pass which works fine. Id like to get back what groups I'm in. I tried wbinfo -r ME but it doesn't work: Could not get groups for user ME. I've verified that I am actually in some groups in the windows box (active directory). Did you log in using wbinfo -a before issuing the wbinfo -r? If not, then there is not much hope. If you did, we have a bug. We have made a lot of changes here for 3.0.23, so it would be great if you could test 3.0.23rc1 or even better current 3_0 SVN. Volker pgp37vr3QqoS2.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] DPAPI
Using Samba 3.0.22 as a domain controller, Windows XP Pro as the client. When a user changes their password, all their certificates stop working. Found: http://support.microsoft.com/default.aspx?scid=kb;en-us;331333 Before I do their workaround, is there anyway to have this work with Samba without that workaround? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Re: Getting NTLM group info about user
-- Forwarded message -- From: Jeremiah Martell [EMAIL PROTECTED] Date: Jun 6, 2006 12:02 PM Subject: Re: [Samba] Re: Getting NTLM group info about user To: [EMAIL PROTECTED] wbinfo -t checking the trust secret via RPC calls succeeded wbinfo -r test Could not get groups for user test wbinfo -a test%test challenge/response password authentication succeeded wbinfo -r test Could not get groups for user test I searched samba lists and found that I may need to try putting client schannel = no in my smb.conf file. I did that, and I get the same response. I'm currently use samba 3.0.14a. I'll try downloading the latest 3.0.22 and see how that goes. Thanks for the reply! It let me know I was at least doing everything correctly. :) - Jeremiah On 6/6/06, Volker Lendecke [EMAIL PROTECTED] wrote: On Tue, Jun 06, 2006 at 09:44:24AM -0400, Jeremiah Martell wrote: I use samba on my linux box to register to a remote windows domain. I start up winbindd. Then I use net join -S PDC -U user%pass to join to the domain. I can test it out by authenticating myself with wbinfo -a user%pass which works fine. Id like to get back what groups I'm in. I tried wbinfo -r ME but it doesn't work: Could not get groups for user ME. I've verified that I am actually in some groups in the windows box (active directory). Did you log in using wbinfo -a before issuing the wbinfo -r? If not, then there is not much hope. If you did, we have a bug. We have made a lot of changes here for 3.0.23, so it would be great if you could test 3.0.23rc1 or even better current 3_0 SVN. Volker -- - Jeremiah [EMAIL PROTECTED] -- - Jeremiah [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA-LDIF
Hello! How to get samba users in a file in ldif format? samba 3.0.14 Many thanks for all Boukari -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SAMBA-LDIF
Hello! How to get samba users in a file in ldif format? samba 3.0.14 A little more information would be good. Do you currently have a working setup you are trying to move to an LDAP backend and need an LDIF for import? Do you currently have an LDAP backend and you don't know how to get the export? Flesh out your issue a little more please. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Fwd: [Samba] Re: Getting NTLM group info about user
On Tue, Jun 06, 2006 at 12:02:42PM -0400, Jeremiah Martell wrote: wbinfo -t checking the trust secret via RPC calls succeeded wbinfo -r test Could not get groups for user test wbinfo -a test%test challenge/response password authentication succeeded wbinfo -r test Could not get groups for user test Yes, that looks correct. The idea is that this does work. But please also try 3.0.23rc1 if you can. Volker pgp99IgPAXOhw.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Unable to use 'valid users' from Active Directory
Best Regards, Brandon Shelley From: Shelley, Brandon Sent: Tue 6/6/2006 12:22 PM To: Reese,Richard Stephen Subject: RE: [Samba] Unable to use 'valid users' from Active Directory Wow finally someone with my EXACT problem :) Though no posts here are remotely close to solving the problem. I have also tried every other recommendation in this posting, as well as many others. The problem is that even though the machine has been net joined to a Windows domain, it does not want to authenticate to the server. DOMAIN\User | Password and User | Password don't work... this says to me that is is an AD complication. Our system worked fine until an upgrade to SP1 on the DC, and soon thereafter, no one could authenticate to the samba server via an AD account any longer. If anyone has ideas other than you have to type net join etc. or upgrade to 3.0.14a (when I, anyway, am using 3.0.22), I, and I'm sure Richard would too, would sincerely appreciate it! Thanks in advance, Best Regards, Brandon Shelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Unable to use 'valid users' from Active Directory
There are some issues with SP1 Server 2003 and samba. I'm able to auth fine using samba and either kerberos or winbind. The only difference I can really determine from our configs is that I have the winbind seperator commented out so that DOMAIN\someuser works, unless I'm missing something. [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = UFAD realm = ADSERVER.UFL.EDU # server string is the equivalent of the NT Description field server string = SERVER hosts allow = 10.242. load printers = no log file = /var/log/samba/%m.log max log size = 50 security = ads idmap uid = 1 - 2 idmap gid = 1 - 2 #winbind separator = + winbind enum users=yes winbind enum groups=yes template homedir = /home/win/%D/%U template shell = /bin/bash client use spnego = yes winbind use default domain = yes encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Share Definitions == [homes] comment = %U Home Directory browseable = no path = %H valid users = %U writable = yes create mode = 0664 directory mode = 0775 [public] comment = Public Stuff path = /home/ public = yes read only = no ; valid users = @_IFAS-FRE-USERS_autoGS [citrus] path = /home/httpd/html/citrus public = no read only = no write list = vmsodek rsreese From: Shelley, Brandon [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 06, 2006 12:23 PM To: Reese,Richard Stephen Subject: RE: [Samba] Unable to use 'valid users' from Active Directory Wow finally someone with my EXACT problem :) Though no posts here are remotely close to solving the problem. I have also tried every other recommendation in this posting, as well as many others. The problem is that even though the machine has been net joined to a Windows domain, it does not want to authenticate to the server. DOMAIN\User | Password and User | Password don't work... this says to me that is is an AD complication. Our system worked fine until an upgrade to SP1 on the DC, and soon thereafter, no one could authenticate to the samba server via an AD account any longer. If anyone has ideas other than you have to type net join etc. or upgrade to 3.0.14a (when I, anyway, am using 3.0.22), I, and I'm sure Richard would too, would sincerely appreciate it! Thanks in advance, Best Regards, Brandon Shelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP can't read SAMBA shares - can browse and write
Can you email me the smb.conf file you used in your Samba 3.0.14 configuration that allowed you to write to shares. I have been trying to get Samba 3.0.14 and 3.0.22 to allow writing to shares from Windows XP without success. I can read the shares, browse them, just can not write files to them. I'll email you my smb.conf file which allows reading/browsing shares from Windows XP. Thanks. -- View this message in context: http://www.nabble.com/XP-can%27t-read-SAMBA-shares---can-browse-and-write-t284992.html#a4737381 Sent from the Samba - General forum at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Fwd: [Samba] Re: Getting NTLM group info about user
Volker Lendecke wrote: On Tue, Jun 06, 2006 at 12:02:42PM -0400, Jeremiah Martell wrote: wbinfo -t checking the trust secret via RPC calls succeeded wbinfo -r test Could not get groups for user test wbinfo -a test%test challenge/response password authentication succeeded wbinfo -r test Could not get groups for user test Yes, that looks correct. The idea is that this does work. But please also try 3.0.23rc1 if you can. Hi Volker, I don't have 3.0.23rc1, but svn from just a few days ago. [EMAIL PROTECTED] ~]# smbd -V Version 3.0.23pre2-SVN-build-15985 [EMAIL PROTECTED] ~]# wbinfo -a doug% plaintext password authentication succeeded challenge/response password authentication succeeded [EMAIL PROTECTED] ~]# wbinfo -r doug Could not get groups for user doug I also tried wbinfo -K administrator%xx -r doug plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: KCM) no credentials cached plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: KCM:0) no credentials cached plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: Garbage) no credentials cached plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: (null)) no credentials cached plaintext kerberos password authentication for [administrator%xx] succeeded (requesting cctype: 0) no credentials cached Could not get groups for user doug Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA-LDIF
I currently have a working setup and I'm trying to move to an LDAP backend and need an LDIF for import. I used a samba server for authentication on the network. Im currently using an other samba server with LDAP backend. But the samba server i previously used contain about 500 samba users account. I would like to import those account into my LDAP server. I dont know how to get the previous samba account users in a LDIF file and store them in the LDAP server for a LDAP backend. Many thanks for all Boukari Ouédraogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SAMBA-LDIF
I currently have a working setup and I'm trying to move to an LDAP backend and need an LDIF for import. I used a samba server for authentication on the network. Im currently using an other samba server with LDAP backend. But the samba server i previously used contain about 500 samba users account. I would like to import those account into my LDAP server. I dont know how to get the previous samba account users in a LDIF file and store them in the LDAP server for a LDAP backend. Have you looked into the pdbedit command at all? You can specify from and to backends to work with, and if you copy your smbpasswd file over you can point it at the file and tell it to export to the LDAP directly assuming you have smb.conf set up properly. I am going entirely off memory of when we did our migration here since I'm not sure of the exact syntax. Hope that little bit helps nudge you where you need to go. Paul Gienger a écrit : Hello! How to get samba users in a file in ldif format? samba 3.0.14 A little more information would be good. Do you currently have a working setup you are trying to move to an LDAP backend and need an LDIF for import? Do you currently have an LDAP backend and you don't know how to get the export? Flesh out your issue a little more please. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Profile Directory is Full
I need to change my profile directory. My profile directory is in opt/samba/profiles. I need to move it to a bigger storage is on my system. How can I go about this with out corrupting the profiles? Mark Sarria Sylmar High School LAUSD (818) 367-0299 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] help, oplocks problem still?
Hello all, I have a foxpro application that someone else wrote that I am trying to support to XP clients. I have done what I can to disable oplocks on my end and they are all service pack 2 XP Professional workstations. in my [global] section I have the following: # http://www.drouillard.ca/TipsTricks/Samba/Oplocks.htm lock spin time = 15 lock spin count = 30 kernel oplocks = No oplocks = No level2 oplocks = No veto oplock files = /*.idx/*.dbf/*.cdx/*.fpt/*.IDX/*.DBF/*.CDX/*.FPT/ Not sure if this is useful or not, but the share is on a 3ware raid (raid-1) on a FreeBSD 6.1 box w/ samba3 from ports. If anyone can shed some light on this it would really help me.. I've been trying to make this work for over a week (40+ hours) now; and it runs ok for a few hours, then smbd gets an error and locks everyone out of that file. Until I restart samba. This is what appears in the logs: [2006/06/06 13:53:32, 0] smbd/oplock.c:release_level_2_oplocks_on_change(771) release_level_2_oplocks_on_change: failed to lock share mode entry for file data/servmst1.CDX. [2006/06/06 13:53:32, 0] lib/fault.c:fault_report(36) === [2006/06/06 13:53:32, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 97478 (3.0.22) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/06/06 13:53:32, 0] lib/fault.c:fault_report(39) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/06/06 13:53:32, 0] lib/fault.c:fault_report(40) === [2006/06/06 13:53:32, 0] lib/util.c:smb_panic2(1554) PANIC: internal error The box has been up almost 18 hours and smbd has dumped 11 times so far.. I thought it was ram, (so I changed it), powersupply (so I changed it), motherboard, (changed), cpu (changed) and I still have it.. Please if someone can help or give me something else to look at.. thank you in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Fwd: [Samba] Re: Getting NTLM group info about user
On Tue, Jun 06, 2006 at 10:24:30AM -0700, Doug VanLeuven wrote: Hi Volker, I don't have 3.0.23rc1, but svn from just a few days ago. [EMAIL PROTECTED] ~]# smbd -V Version 3.0.23pre2-SVN-build-15985 [EMAIL PROTECTED] ~]# wbinfo -a doug% plaintext password authentication succeeded challenge/response password authentication succeeded [EMAIL PROTECTED] ~]# wbinfo -r doug Could not get groups for user doug Please file a bug report at https://bugzilla.samba.org/ with your smb.conf and all winbind logfiles at debug level 10. Thanks, Volker pgpgE32r4U9op.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profile Directory is Full
Mark Sarria wrote: I need to change my profile directory. My profile directory is in opt/samba/profiles. I need to move it to a bigger storage is on my system. How can I go about this with out corrupting the profiles? Mark Sarria Sylmar High School LAUSD (818) 367-0299 I suspect the problem won't be with corrupting the profiles. It will be with slow logins and logouts. The simplest way is simply to mount your new drive as /opt/samba/profiles. Or you can just change your profiles line in smb.conf to point to the new location (then restart samba). Either way, Samba will recreate the profiles when the users log in or out. Unfortunately, recreating profiles is slow. Depending on how many users and how large their profiles are, it could lead to very long logins/outs. Providing no one is logging in or out, you can just copy the old profiles to the new location. This could be done overnight if you don't have anyone on the system at that time. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Fwd: [Samba] Re: Getting NTLM group info about user
Just out of curiousity, what should the output look like when I do a wbinfo -r user? Do I get the LDAP DN's of the groups? Just the CN attribute of the group? Thanks, - Jeremiah On 6/6/06, Volker Lendecke [EMAIL PROTECTED] wrote: On Tue, Jun 06, 2006 at 10:24:30AM -0700, Doug VanLeuven wrote: Hi Volker, I don't have 3.0.23rc1, but svn from just a few days ago. [EMAIL PROTECTED] ~]# smbd -V Version 3.0.23pre2-SVN-build-15985 [EMAIL PROTECTED] ~]# wbinfo -a doug% plaintext password authentication succeeded challenge/response password authentication succeeded [EMAIL PROTECTED] ~]# wbinfo -r doug Could not get groups for user doug Please file a bug report at https://bugzilla.samba.org/ with your smb.conf and all winbind logfiles at debug level 10. Thanks, Volker -- - Jeremiah [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Fwd: [Samba] Re: Getting NTLM group info about user
On Tue, Jun 06, 2006 at 02:47:30PM -0400, Jeremiah Martell wrote: Just out of curiousity, what should the output look like when I do a wbinfo -r user? Do I get the LDAP DN's of the groups? Just the CN attribute of the group? You should get a list of unix group ids. Volker pgpAeq7geBLFO.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] file download crashes samba
All - While trying to copy a directory containing a large number of files ( ~600 1-5 mb files ) from my samba server to a client machine ( either mac or windows ) my samba server crashes paralyzing my server machine and forcing me to reboot it. Once the behavior occurs I can no longer ssh into the server or if I happen to be in it already I can't even stop and restart samba. Is this a known issue? Could something be getting out of sync? I don't believe this is client issue as I can duplicate with both mac and windows clients easily. Any ideas resolving this issue would be great. Thanks ..Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA-LDIF
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Boukari Ouédraogo schrieb: Hello! How to get samba users in a file in ldif format? samba 3.0.14 Many thanks for all Boukari hi do it like this slapcat -l ldap.ldif - -- Mit freundlichen Gruessen Best Regards Robert Schetterer robert_at_schetterer_dot_org Munich / Bavaria / Germany https://www.schetterer.org https://www.schetterer.com/public-gpg-robert-schetterer.key -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) iD4DBQFEheWANxddAhXBw7QRAla2AJIC8aJ86kno7FHZXZEEHxQCAJ1oAJwKE0JR GH1foXq4WIVzE/NDeHeD0A== =Sz5G -END PGP SIGNATURE- -- Diese Nachricht wurde auf Viren und andere gefährliche Inhalte untersucht und ist - aktuelle Virenscanner vorausgesetzt - sauber. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Swat lets everybody into the good stuff
OK, I'm a Samba Noob, so be gentle with me. ;-) I've finally (mainly because I'm an idiot) gotten samba (Version 3.0.14a-Debian) working on a Debian Stable system (uname -a == Linux files 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686 GNU/Linux ) and I have several userid's shares built working, however, no matter which user logs in to Swat (for personal password changing) they have access to *everything*, including diddling with the smb.conf file, which would be a *bad* thing. Otherwise, things seem to be fine other than that small security glitch. ;-) The users have their own group, and their shares are listed to be owned solely by them - here's a snippet for one user: files:/etc/samba# grep missy /etc/passwd missy:x:2006:2006:missy:/home/everyone/missy:/bin/false files:/etc/samba# grep missy /etc/group missy:x:2006: I also have a few group entries like this: companies:x:1009:josh,missy,marilyn listing several people who should be in a group for a group share and here's the respective entry for this user in smb.conf: [missy] comment = Missy's Directory write list = missy create mask = 0600 directory mask = 0700 browseable = yes writable = yes path = /home/everyone/missy/files =-=-= and the group share also: [Companies] comment = B2B Company Information browseable = yes write list = missy,marilyn,josh group = companies writable = yes create mask = 0660 directory mask = 0770 path=/home/groups/companies =-=-=-=-=-=-=-= I also haven't figured out how to be able to get the shares to be visible under Nutwork Neighborhood in Winders, but the users are [gasp!] fairly competent and getting them to mount the share via the IP address really shouldn't be much of a problem; therefore I'm not really worried about it. ;-) I have the full smb.conf file available here: http://www.30below.com/~zmerch/samba/smb.conf I don't want to keep it there _forever_ but I'll leave it up for 7 days or so. Yes, I've googled. Yes, I've scanned the last few months of the archives. No, I've not been able to figure this out - anyone out there have a clue-by-4 with my name on it? ;-) Thanks! Roger Merch Merchberger -- Roger Merch Merchberger | Bugs of a feather flock together. sysadmin, Iceberg Computers | Russell Nelson [EMAIL PROTECTED] | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can anyone help?
Thanks for responding! Wouldn't this setup make all users who create files in this share to default to nobody:nobody? I want the file/folder to be owned by the user/group that this user is a member of. Rachel Warren Beldad [EMAIL PROTECTED] 06/05/06 11:34 PM try use guest account = nobody on your share guest ok = YES guest only = YES anyone who has access to this share and create a folder/document, the ownership on the new file/folder defaults to nobody:nobody provided nobody has the right permission on the share folder. On 6/1/06, Rachel Brien [EMAIL PROTECTED] wrote: Quick question pleaseA user logs into windowsXP and tries to create a folder/document and the ownership on the new file/folder defaults to nobody:nobody. I have the user set up in samba on the IRIX machine. All other users have no problem. Anyone have any suggestions? Thanks Rachel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Intermittent file server problems
Hello, I found your error-description Samba Intermittent file server problems from May, 14 2005. We have the same error after update our Server from SELS8 (Samba 2.x) to SLES9 (samba 3.0) and I want to ask you if you could solve this error? What was the problem? How did you solve it? Kind regards Dieter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
Whoops, I guess I didn't reply correctly and accidentally created a new thread with my response, so here's to hoping I get it right this time... What Version of Samba is running? Various versions of 3.0 on multiple servers. Is it a kind of Locking Problem? Ooh, good question, I'm not sure, and I'll try your oplocks settings. What exactly am I turning off, however, if I do that? Am I turning off file locking altogether? What speed have a Filetransfer with ftp? What speed did you have with a Windows Server? Ok well along those lines, here's another thing that I've noticed since I first posted. I had been getting ~940Mb/s in iperf, so I didn't think it was a network or NIC specific issue. I was using mount -t cifs and rsync -a --stats --progress to gauge my speed, which is where I was getting the 20 MB/s speed statistics. However, copying large files through Windows Explorer from the Samba share results in 55-60 MB/s. So, I don't know if there's a problem with rsync, smbfs, or cifs or whatever, but it looks like actual file transfer speeds (whether on one large file or an entire directory) are pretty good. I wouldn't mind seeing closer to 100+ MB/s, but I guess at around 60 MB/s, that's a great start. NOW the problem is that whenever I actually OPEN a file from any of the Samba servers, it opens MUCH slower than on a comparable Windows server. A large Excel file, for example, takes 15 seconds to load instead of 6 seconds when loaded from the Windows server. A given FoxPro query takes 45-55 seconds to run over the Samba share as opposed to around 10-12 seconds over the network from the Windows server. Could this be related to the oplocks stuff you were talking about, or would this point to a completely different problem? What are the downsides to turning off these oplocks settings? Have you testet your Diskthrouput with bonnie (or such Tools)? Yes, and I'm getting at least 50-60 MB/s (probably now my bottleneck), although I've set up an SAS raid array that ought to get much faster than that, but doesn't - however that's a question for another mailing list! Thanks for your help! -BJ Quinn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
You should be able to do a crude test by creating a large file (dd if=/dev/random of=test.dat bs=1048576 count=100 will create a 100MB test file) and then timing how long it takes to read the file back (time dd if=test.dat of=/dev/null) That'll tell you if your hard drives are configured properly and reading at full speed. Use a larger file for a more accurate test. Well, my 4 drive 15k RPM SAS RAID 10 configuration is performing slightly more poorly than my single drive 10k RPM SATA (~50 MB/s vs. ~55MB/s in both Bonnie and the dd test you suggested), but I guess that's the least of my concerns right now. (Besides this being the wrong list for such a concern, but thanks for your suggestions!) Although my maximum file transfer speed seems to be maxing out at about 50 MB/s (looking like now hard drive transfer speed is the bottleneck), which is almost exactly the speed I'm getting from the Windows server, I am still able to run these queries in FoxPro in around 10-12 seconds from the Windows server and around 55 seconds for the Samba server. A large Excel file (~45MB) opens up in around 6-7 seconds over the Windows share and in 15 or so seconds over the Samba share, looking like there's a big pause before it actually starts loading the file into Excel. Does this shed any light on the issue? I wouldn't think there'd be a huge overhead, but in my own experience it's certainly noticeable (as compared to say FTP.) Don't forget that if the PC on the other end isn't capable of receiving the data at full speed, then it doesn't matter how fast the server is. I've already noticed significant differences between client computers, but right now the computers I'm testing as client computers are comparable to the server from a hardware specification standpoint, differing only in that they run Windows 2000. One odd thing is that the computers that are capable only of transferring files from the server at a significantly slower rate (whether Windows or Samba) don't seem to have a significant degradation in FoxPro query time or Excel spreadsheet loading. -BJ Quinn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Problem joining into ads
Hallo Herr Deschner, ich habe mich sehr gefreut, als Sie so schnell auf meinen Eintrag in der Mailingliste geantwortet haben. Haben Sie mit den Debug Meldungen anfgefangen? Ich bin um jede Hilfe Dankbar. Sie dürfen mir auch gerne private Antworten ([EMAIL PROTECTED]). Gruß Franz Pförtsch -Ursprüngliche Nachricht- Von: Guenther Deschner [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 31. Mai 2006 19:41 An: Pförtsch, Franz Cc: samba@lists.samba.org Betreff: Re: [Samba] Problem joining into ads Hi, On Wed, May 31, 2006 at 05:58:03PM +0200, Franz Pfoertsch wrote: Hi, it try to join ads with samba 3.0.22 (SLES9 SP3) and got: holu0001:~ # kinit admin [EMAIL PROTECTED] Password: kinit: NOTICE: ticket renewable lifetime is 1 week holu0001:~ # net ads join [2006/05/31 17:42:21, 0] libads/ldap.c:ads_add_machine_acct(1507) Warning: ads_set_machine_sd: Unexpected information received ads_set_machine_password: Message stream modified holu0001:~ # logout It worked for month! I joined aprox: 15 samba servers but now it didn't work. Can you please send the output of the join command with -d 10 ? Thanks, Guenther -- Günther DeschnerGPG-ID: 8EE11688 Novell / SUSE Labs[EMAIL PROTECTED] Samba Team [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
[EMAIL PROTECTED] wrote: [...] Is it a kind of Locking Problem? Ooh, good question, I'm not sure, and I'll try your oplocks settings. What exactly am I turning off, however, if I do that? Am I turning off file locking altogether? man smb.conf Oplock's tells the Windows Client he can cache the requestet file on local machine. Should the Client change the File (or another Client would do this) the Lock must released by the first Client, or Samba break's the Lock after a certain time he doesn't become the Lock back. When you take the Settings in your Share Section with the Database File, then this Settings work only on this Share. So helped this? What speed have a Filetransfer with ftp? What speed did you have with a Windows Server? Ok well along those lines, here's another thing that I've noticed since I first posted. I had been getting ~940Mb/s in iperf, so I didn't think it was a network or NIC specific issue. I was using mount -t cifs and rsync -a --stats --progress to gauge my speed, which is where I was Sorry, i didn't understand you. You have mounted from a different Linux Workstation this Share, or did you mount a Share from the Windows Workstation? getting the 20 MB/s speed statistics. However, copying large files through Windows Explorer from the Samba share results in 55-60 MB/s. So, I don't know if there's a problem with rsync, smbfs, or cifs or whatever, but it looks like actual file transfer speeds (whether on one large file or an entire directory) are pretty good. I wouldn't mind seeing closer to 100+ MB/s, but I guess at around 60 MB/s, that's a great start. NOW the problem is that whenever I actually OPEN a file from any of the Samba servers, it opens MUCH slower than on a comparable Windows server. A large Excel file, for example, takes 15 seconds to load instead of 6 seconds when loaded from the Windows server. A given FoxPro query takes 45-55 seconds to run over the Samba share as opposed to around 10-12 seconds over the network from the Windows server. Could this be related to the oplocks stuff you were talking about, or would this point to a completely different problem? What are the downsides to turning off these oplocks settings? Take a Test. The downsite can be a slower Access to other Files in the Share (*.exe or such). But when the generelly Test have a good Result, the you can turn the Locking off only for the *dbf or *xls Files. Example: [Database] comment = FoxPro Database path = /path/to/database veto oplock files = /*.dbf/ /*.xls/ Have you testet your Diskthrouput with bonnie (or such Tools)? Yes, and I'm getting at least 50-60 MB/s (probably now my bottleneck), although I've set up an SAS raid array that ought to get much faster than that, but doesn't - however that's a question for another mailing list! And without a RAID Array, only a Simple Disk? Maybe a Problem with the RAID Controller or your Bussystem? What Kind of Mainboard? What Bussystem, PCI (PCI-X should be much better for a huge Performance in a Gigabit Environment)? How long take a time dd count=100 bs=1024 if=/dev/zero of=/tmp/testfile? Thanks for your help! -BJ Quinn Your welcome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba kills PDC
Hi! I have some domains with thrusting between. My primary domain is CAD. For this domain I have a windows NT PDC. Now I enable Samba nmbd on my SLES9-Box to make sure that the machine is accessible by name. It has been configured as BDC before, but this was not a good idea because I have multiple domains with trusting. This feature should be disabled. When samba is running on the SLES9 the NT-PDC seems to disable his PDC-facilities because no further Logons in CAD are possible. The only way to fix this is to disable Samba on SLES9 and reboot the PDC. I would like to use samba, but not configured as BDC. How can this be managed. regards Detlef -- # Detlef Jockheck # [EMAIL PROTECTED] pgp9J6IlwqRuT.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] nsswitch.conf and Samba's windbind
Hello! I'm trying to setup my machine (FreeBSD-6.1) to be able to authenticate some users against the corporate Active Directory (using Samba's windbind). Having the following line in the /etc/nsswitch.conf works to that end: passwd: files nis winbind Unfortunately, this prevents the local +/- substitutions from working... Using: passwd_compat: nis winbind restores the +/- functionality, but disables the Active Directory functionality :-( How do I get both? Thanks! -mi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Sending popup message via smbclient to w2k and winxp machines
I have a script that is attempting to notify a user that a job has finished. However, when called from within the script nothing is received by the user. When the equivalent message is sent from the command line, the user receives the message. The portion of the script that is relevant is below: - cut from script - #!/usr/bin/sh : : MESSAGE=$WINNAME, your job $_3GJOB\nhas successfully completed echo $MESSAGE | /path/to/smbclient -M trout /dev/null 21 echo $MESSAGE\n/path/to/smbclient -M trout logfile.txt - end of script - The last line was added by myself to test that all variables are being interpreted correctly, which examination of the contents of logfile.txt confirms. Why isn't the message being sent from within the script? I am running Samba 3.0.7 on Solaris 8, and the Windows Messenger service is running on all W2K and WinXP machines. Peter Oram Sys Admin 3G Mobile Support NEC Australia -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sending popup message via smbclient to w2k and winxp machines
MESSAGE=$WINNAME, your job $_3GJOB\nhas successfully completed echo $MESSAGE | /path/to/smbclient -M trout /dev/null 21 echo $MESSAGE\n/path/to/smbclient -M trout logfile.txt Why isn't the message being sent from within the script? Is it a redirect issue? What happens if you change the line to: (echo $MESSAGE | /path/to/smbclient -M trout) /dev/null 21 Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Sending popup message via smbclient to w2k and winxp machines
Changing the line makes no difference to what currently occurs. Peter -Original Message- From: Adam Nielsen [mailto:[EMAIL PROTECTED] Sent: Wednesday, 7 June 2006 11:33 AM To: Peter Oram Cc: samba@lists.samba.org Subject: Re: [Samba] Sending popup message via smbclient to w2k and winxp machines MESSAGE=$WINNAME, your job $_3GJOB\nhas successfully completed echo $MESSAGE | /path/to/smbclient -M trout /dev/null 21 echo $MESSAGE\n/path/to/smbclient -M trout logfile.txt Why isn't the message being sent from within the script? Is it a redirect issue? What happens if you change the line to: (echo $MESSAGE | /path/to/smbclient -M trout) /dev/null 21 Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sending popup message via smbclient to w2k and winxp machines
Changing the line makes no difference to what currently occurs. Well, I tried your script here and it works fine for me. There is a typo in your debugging line (missing a closing double-quote), but apart from that the message pops up on my WinXP box just as expected. I'm using Samba 3.0.21rc2. Does this definitely work if you copy and paste each line into a command prompt, line by line? Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba AutoCAD 2007 high CPU after printing
Hi List, I'm having some problems with Samba 2.0.10 and AutoCAD drawings, specifically when a user prints a CAD file, an smbd process is spawned as smbuser (my guest account) which uses 99% CPU and never gives up, even after the job is fully printed and cups has moved on. This only happens when printing CAD files. Restarting samba doesn't help, the only thing I can do is 'kill -9' the process - which doesn't appear to be affecting anything on the network I am now using 'deadtime = 5' option in smb.conf but I see this as a poor workaround at best The other thing worth noting is that I am unable to reproduce this problem using AutoCAD 2000 Any ideas? Thanks in advance, Jordan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] policies
Rodney Richison wrote: Am going thru the learning curve on using samba as a primary controller. Samba is up and running just fine. However, I'm a bit confused on the ntlogin.pol thing. I'm gathering, if all the workstations are winxp, I need to do this?? Go to the Windows 200x/XP menu Start-Programs-Administrative Tools and select the MMC snap-in called Active Directory Users and Computers Select the domain or organizational unit I don't see the mmc snap-in. Or should I still be using poledit on samba 3.1? If so, if someone has a source for the 3 common adm files, I'd appreciate it. common.adm etc.. Any other comments would be welcome. Maybe if I ask a differant way. Here, http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/PolicyMgmt.html#id2625181 It suggest using a differant tool for winxp clients. qoute ** Instead of using the tool called the System Policy Editor, commonly called Poledit (from the executable name *poledit.exe*), GPOs are created and managed using a Microsoft Management Console (MMC) snap-in as follows: 1. Go to the Windows 200x/XP menu Start-Programs-Administrative Tools and select the MMC snap-in called Active Directory Users and Computers ** I cannot find this tool??? Is it on win2k server? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Sending popup message via smbclient to w2k and winxp machines
Copy and paste each line of the script it works. If I run the script using bogus data from the command line it works. It is only when I get it to run live that it doesn't. Think I may have missed one point. The script is run from within another, but is passed all the correct variables for it to work. Peter -Original Message- From: Adam Nielsen [mailto:[EMAIL PROTECTED] Sent: Wednesday, 7 June 2006 12:21 PM To: Peter Oram Cc: samba@lists.samba.org Subject: Re: [Samba] Sending popup message via smbclient to w2k and winxp machines Changing the line makes no difference to what currently occurs. Well, I tried your script here and it works fine for me. There is a typo in your debugging line (missing a closing double-quote), but apart from that the message pops up on my WinXP box just as expected. I'm using Samba 3.0.21rc2. Does this definitely work if you copy and paste each line into a command prompt, line by line? Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sending popup message via smbclient to w2k and winxp machines
Copy and paste each line of the script it works. If I run the script using bogus data from the command line it works. It is only when I get it to run live that it doesn't. Think I may have missed one point. The script is run from within another, but is passed all the correct variables for it to work. What happens if you take off the redirect to /dev/null and point that to the logfile - then if smbclient complains about anything when run inside the script you'll see it in the logfile. Also what happens if you change the message to hello with no variables? Just in case something odd is being substituted and causing a problem. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba AutoCAD 2007 high CPU after printing
On Wed, Jun 07, 2006 at 10:19:56AM +0800, Jordan Tomkinson wrote: Hi List, I'm having some problems with Samba 2.0.10 and AutoCAD drawings, specifically when a user prints a CAD file, an smbd process is spawned as smbuser (my guest account) which uses 99% CPU and never gives up, even after the job is fully printed and cups has moved on. This only happens when printing CAD files. Samba 2.x is very old and unsupported right now Can you try upgrading to Samba3 and testing again. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to cancel print-jobs in cups-samba combination
On Fri, Jan 06, 2006 at 02:38:50AM +0530, d.arun321 wrote: Hi All, I am basically working on a product in which print-server is one of its functionalities. I am using SAMBA for sharing a printer which is connected to the hardware running Linux. I am running SAMBA and CUPS to manage the printing-options on the hardware. What Samba version ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ntlm auth and AD uptime
i get a big problem with authentication popups (with squid) when the connection to my AD dies. what options do i have to ensure less downtime when my AD backend dies ? i would like something that for example caches the users credentials , while testing for AD availability before coming back online. my setup is samba-winbind-3.0.20b-3.4 samba-3.0.20b-3.4 kerberos windows 2003 server. Who the heck is General Failure, and why is he reading my harddisk? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r16057 - branches/SAMBA_3_0/source branches/SAMBA_3_0/source/smbd trunk/source trunk/source/smbd
Author: jpeach
Date: 2006-06-06 07:43:17 + (Tue, 06 Jun 2006)
New Revision: 16057
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16057
Log:
Coalesce the DMAPI configure tests into a single macro. Add
a more specific probe to try and eliminate old, incompatible
DMAPI implementations provided by IRIX 6.4 and AIX 4.3.
Modified:
branches/SAMBA_3_0/source/aclocal.m4
branches/SAMBA_3_0/source/configure.in
branches/SAMBA_3_0/source/smbd/dmapi.c
trunk/source/aclocal.m4
trunk/source/configure.in
trunk/source/smbd/dmapi.c
Changeset:
Modified: branches/SAMBA_3_0/source/aclocal.m4
===
--- branches/SAMBA_3_0/source/aclocal.m42006-06-06 04:50:14 UTC (rev
16056)
+++ branches/SAMBA_3_0/source/aclocal.m42006-06-06 07:43:17 UTC (rev
16057)
@@ -852,3 +852,94 @@
LIBS=`echo $LIBS | sed -es/-l$1//g`
])
+dnl SMB_CHECK_DMAPI([actions if true], [actions if false])
+dnl Check whether DMAPI is available and is a version that we know
+dnl how to deal with. The default truth action is to set samba_dmapi_libs
+dnl to the list of necessary libraries, and to define USE_DMAPI.
+AC_DEFUN([SMB_CHECK_DMAPI],
+[
+samba_dmapi_libs=
+
+if test x$samba_dmapi_libs = x ; then
+ AC_CHECK_LIB(dm, dm_get_eventlist,
+ [ samba_dmapi_libs=-ldm], [])
+fi
+
+if test x$samba_dmapi_libs = x ; then
+ AC_CHECK_LIB(jfsdm, dm_get_eventlist,
+ [samba_dmapi_libs=-ljfsdm], [])
+fi
+
+if test x$samba_dmapi_libs = x ; then
+ AC_CHECK_LIB(xdsm, dm_get_eventlist,
+ [samba_dmapi_libs=-lxdsm], [])
+fi
+
+# Only bother to test ehaders if we have a candidate DMAPI library
+if test x$samba_dmapi_libs != x ; then
+ AC_CHECK_HEADERS(sys/dmi.h xfs/dmapi.h sys/jfsdmapi.h sys/dmapi.h)
+fi
+
+if test x$samba_dmapi_libs != x ; then
+ samba_dmapi_save_LIBS=$LIBS
+ LIBS=$LIBS $samba_dmapi_libs
+ AC_TRY_LINK(
+ [
+#ifdef HAVE_XFS_DMAPI_H
+#include xfs/dmapi.h
+#elif defined(HAVE_SYS_DMI_H)
+#include sys/dmi.h
+#elif defined(HAVE_SYS_JFSDMAPI_H)
+#include sys/jfsdmapi.h
+#elif defined(HAVE_SYS_DMAPI_H)
+#include sys/dmapi.h
+#endif
+ ],
+ [
+/* This link test is designed to fail on IRI 6.4, but should
+ * succeed on Linux, IRIX 6.5 and AIX.
+ */
+void main(void) {
+ char * version;
+ dm_eventset_t events;
+ /* This doesn't take an argument on IRIX 6.4. */
+ dm_init_service(version);
+ /* IRIX 6.4 expects events to be a pointer. */
+ DMEV_ISSET(DM_EVENT_READ, events);
+}
+ ],
+ [
+ true # DMAPI link test succeeded
+ ],
+ [
+ # DMAPI link failure
+ samba_dmapi_libs=
+ ])
+ LIBS=$samba_dmapi_save_LIBS
+fi
+
+if test x$samba_dmapi_libs = x ; then
+ # DMAPI detection failure actions begin
+ ifelse($2, [],
+ [
+ AC_ERROR(Failed to detect a supported DMAPI implementation)
+ ],
+ [
+ $2
+ ])
+ # DMAPI detection failure actions end
+else
+ # DMAPI detection success actions start
+ ifelse($1, [],
+ [
+ AC_DEFINE(USE_DMAPI, 1,
+ [Whether we should build DMAPI integration components])
+ AC_MSG_NOTICE(Found DMAPI support in $samba_dmapi_libs)
+ ],
+ [
+ $1
+ ])
+ # DMAPI detection success actions end
+fi
+
+])
Modified: branches/SAMBA_3_0/source/configure.in
===
--- branches/SAMBA_3_0/source/configure.in 2006-06-06 04:50:14 UTC (rev
16056)
+++ branches/SAMBA_3_0/source/configure.in 2006-06-06 07:43:17 UTC (rev
16057)
@@ -849,7 +849,6 @@
AC_CHECK_HEADERS(sys/sysmacros.h security/_pam_macros.h dlfcn.h)
AC_CHECK_HEADERS(sys/syslog.h syslog.h)
AC_CHECK_HEADERS(langinfo.h locale.h)
-AC_CHECK_HEADERS(sys/dmi.h xfs/dmapi.h sys/jfsdmapi.h sys/dmapi.h)
AC_CHECK_HEADERS(rpcsvc/yp_prot.h,,,[[
#if HAVE_RPC_RPC_H
@@ -2473,30 +2472,8 @@
#
# Check for DMAPI interfaces in libdm/libjfsdm/libxsdm
-AC_CHECK_LIB(dm, dm_get_eventlist,
- [samba_cv_HAVE_LIBDM=yes; samba_dmapi_libs=-ldm],
- [samba_cv_HAVE_LIBDM=no])
+SMB_CHECK_DMAPI([], AC_MSG_NOTICE(DMAPI support not present) )
-if test x$samba_cv_HAVE_LIBDM = xyes ; then
- AC_DEFINE(HAVE_LIBDM, 1, [Whether dmapi libdm is available])
-fi
-
-AC_CHECK_LIB(jfsdm, dm_get_eventlist,
- [samba_cv_HAVE_LIBJFSDM=yes; samba_dmapi_libs=-ljfsdm],
- [samba_cv_HAVE_LIBJFSDM=no])
-
-if test x$samba_cv_HAVE_LIBJFSDM = xyes ; then
- AC_DEFINE(HAVE_LIBJFSDM, 1, [Whether dmapi libjfsdm is available])
-fi
-
-AC_CHECK_LIB(xdsm,
svn commit: samba r16058 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: vlendec
Date: 2006-06-06 11:48:20 + (Tue, 06 Jun 2006)
New Revision: 16058
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16058
Log:
Test a Join using SetUserInfo level 25, as XP does if the user did not
exist. Samba3 right now fails to transfer the acb_info in the info21 sub-part
to the passdb backend, rendering the workstation locked.
Thanks to Tom Bork for finding this one.
Now working on a fix :-)
Volker
Modified:
branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
===
--- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-06 07:43:17 UTC
(rev 16057)
+++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-06 11:48:20 UTC
(rev 16058)
@@ -476,6 +476,7 @@
*/
static BOOL join3(struct smbcli_state *cli,
+ BOOL use_level25,
struct cli_credentials *admin_creds,
struct cli_credentials *wks_creds)
{
@@ -504,8 +505,57 @@
cli_credentials_set_domain(wks_creds, dom_name, CRED_SPECIFIED);
- {
+ if (use_level25) {
struct samr_SetUserInfo2 sui2;
+ union samr_UserInfo u_info;
+ struct samr_UserInfo21 *i21 = u_info.info25.info;
+ DATA_BLOB session_key;
+ DATA_BLOB confounded_session_key = data_blob_talloc(
+ mem_ctx, NULL, 16);
+ struct MD5Context ctx;
+ uint8_t confounder[16];
+
+ ZERO_STRUCT(u_info);
+
+ i21-full_name.string = talloc_asprintf(
+ mem_ctx, %s$,
+ cli_credentials_get_workstation(wks_creds));
+ i21-acct_flags = ACB_WSTRUST;
+ i21-fields_present = SAMR_FIELD_FULL_NAME |
+ SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD;
+
+ encode_pw_buffer(u_info.info25.password.data,
+cli_credentials_get_password(wks_creds),
+STR_UNICODE);
+ status = dcerpc_fetch_session_key(samr_pipe, session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(dcerpc_fetch_session_key failed: %s\n,
+nt_errstr(status));
+ goto done;
+ }
+ generate_random_buffer((uint8_t *)confounder, 16);
+
+ MD5Init(ctx);
+ MD5Update(ctx, confounder, 16);
+ MD5Update(ctx, session_key.data, session_key.length);
+ MD5Final(confounded_session_key.data, ctx);
+
+ arcfour_crypt_blob(u_info.info25.password.data, 516,
+ confounded_session_key);
+ memcpy(u_info.info25.password.data[516], confounder, 16);
+
+ sui2.in.user_handle = wks_handle;
+ sui2.in.level = 25;
+ sui2.in.info = u_info;
+
+ status = dcerpc_samr_SetUserInfo2(samr_pipe, mem_ctx, sui2);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(samr_SetUserInfo2(25) failed: %s\n,
+nt_errstr(status));
+ goto done;
+ }
+ } else {
+ struct samr_SetUserInfo2 sui2;
struct samr_SetUserInfo sui;
union samr_UserInfo u_info;
DATA_BLOB session_key;
@@ -878,7 +928,7 @@
status = get_usr_handle(cli, mem_ctx, admin_creds,
DCERPC_AUTH_TYPE_NTLMSSP,
- DCERPC_AUTH_LEVEL_INTEGRITY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
cli_credentials_get_workstation(wks_creds),
dom_name, samr_pipe, wks_handle);
@@ -964,7 +1014,7 @@
cli_credentials_set_workstation(wks_creds, wks_name, CRED_SPECIFIED);
cli_credentials_set_password(wks_creds, , CRED_SPECIFIED);
- if (!join3(cli, cmdline_credentials, wks_creds)) {
+ if (!join3(cli, False, cmdline_credentials, wks_creds)) {
d_printf(join failed\n);
goto done;
}
@@ -1012,6 +1062,7 @@
*/
static BOOL test_join3(TALLOC_CTX *mem_ctx,
+ BOOL use_level25,
struct cli_credentials *smb_creds,
struct cli_credentials *samr_creds,
const char *wks_name)
@@ -1040,9 +1091,11 @@
cli_credentials_set_secure_channel_type(wks_creds, SEC_CHAN_WKSTA);
cli_credentials_set_username(wks_creds, wks_name, CRED_SPECIFIED);
cli_credentials_set_workstation(wks_creds, wks_name, CRED_SPECIFIED);
- cli_credentials_set_password(wks_creds, , CRED_SPECIFIED);
+ cli_credentials_set_password(wks_creds,
+
svn commit: samba r16059 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: vlendec Date: 2006-06-06 11:50:14 + (Tue, 06 Jun 2006) New Revision: 16059 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16059 Log: Remove accidential commit Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c === --- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-06 11:48:20 UTC (rev 16058) +++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-06 11:50:14 UTC (rev 16059) @@ -1161,7 +1161,6 @@ d_printf(join using anonymous bind on an anonymous smb connection succeeded -- HUH??\n); ret = False; - goto done; } if (!test_join3(mem_ctx, False, anon_creds, cmdline_credentials,
svn commit: samba r16060 - branches/SAMBA_3_0/source/include branches/SAMBA_3_0/source/rpc_parse branches/SAMBA_3_0/source/rpc_server trunk/source/include trunk/source/rpc_parse trunk/source/rpc_serve
Author: vlendec Date: 2006-06-06 14:18:12 + (Tue, 06 Jun 2006) New Revision: 16060 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16060 Log: This is one of the more dirty patches I've put in lately. Parse enough of SetUserInfo level 25 to survive the join method XP uses if the user did not exist before. For good taste this contains way too much cutpaste, but for a real fix there is just not enough time. Up to 3.0.22 we completely ignored that a full level 21 is being sent together with level 25, but we got away with that because on creation we did not set the disabled flag on the workstation account. Now we correctly follow W2k3 in this regard, and we end up with a disabled workstation after join. Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr parsing, but this is would probably be a bit too much for .23... Thanks to Tom Bork for finding this one. Volker Modified: branches/SAMBA_3_0/source/include/rpc_samr.h branches/SAMBA_3_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c trunk/source/include/rpc_samr.h trunk/source/rpc_parse/parse_samr.c trunk/source/rpc_server/srv_samr_nt.c trunk/source/rpc_server/srv_samr_util.c Changeset: Sorry, the patch is too large (617 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16060
svn commit: samba r16061 - in branches/SAMBA_4_0: source/dsdb/samdb/ldb_modules testprogs/ejs
Author: abartlet
Date: 2006-06-06 17:19:58 + (Tue, 06 Jun 2006)
New Revision: 16061
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16061
Log:
Prove that removing the objectClass list in the samldb module breaks things.
With this fix, we now correctly detect computers again, and get the
correct objectCategory, which is important for the OSX AD plugin.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
branches/SAMBA_4_0/testprogs/ejs/ldap.js
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
===
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-06-06
14:18:12 UTC (rev 16060)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-06-06
17:19:58 UTC (rev 16061)
@@ -615,9 +615,6 @@
return LDB_ERR_OPERATIONS_ERROR;
}
- /* remove objectclasses so that they will be added in the right order
for MMC to be happy */
- ldb_msg_remove_attr(msg, objectclass);
-
if (samldb_find_attribute(msg, objectclass, computer) != NULL) {
ret = samldb_copy_template(module, msg2,
((CN=TemplateComputer)(objectclass=userTemplate)));
Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js
===
--- branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-06 14:18:12 UTC (rev
16060)
+++ branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-06 17:19:58 UTC (rev
16061)
@@ -54,6 +54,28 @@
}
}
+ var ok = ldb.add(
+dn: cn=ldaptestcomputer,cn=computers, + base_dn +
+objectClass: computer
+cn: LDAPtestCOMPUTER
+);
+ if (!ok) {
+ ok = ldb.del(cn=ldaptestcomputer,cn=computers, + base_dn);
+ if (!ok) {
+ println(ldb.errstring());
+ assert(ok);
+ }
+ ok = ldb.add(
+dn: cn=ldaptestcomputer,cn=computers, + base_dn +
+objectClass: computer
+cn: LDAPtestCOMPUTER
+);
+ if (!ok) {
+ println(ldb.errstring());
+ assert(ok);
+ }
+ }
+
ok = ldb.add(
dn: cn=ldaptestuser2,cn=users, + base_dn +
objectClass: person
@@ -134,24 +156,51 @@
assert(res[0].objectClass[3] == user);
assert(res[0].objectGUID != undefined);
assert(res[0].whenCreated != undefined);
+ assert(res[0].objectCategory == cn=Person,cn=Schema,cn=Configuration,
+ base_dn);
- println(Testing ldb.search for
((cn=ldaptestuser)(objectClass=user)));
- var res = ldb.search(((cn=ldaptestuser)(objectClass=user)));
+ println(Testing ldb.search for
((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, +
base_dn + )));
+ var res2 =
ldb.search(((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration,
+ base_dn + )));
if (res.length != 1) {
+ println(Could not find
((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, +
base_dn + )));
+ assert(res.length == 1);
+ }
+
+ assert(res[0].dn == res2[0].dn);
+
+ ok = ldb.del(res[0].dn);
+ if (!ok) {
+ println(ldb.errstring());
+ assert(ok);
+ }
+
+ println(Testing ldb.search for
((cn=ldaptestcomputer)(objectClass=user)));
+ var res = ldb.search(((cn=ldaptestcomputer)(objectClass=user)));
+ if (res.length != 1) {
println(Could not find
((cn=ldaptestuser)(objectClass=user)));
assert(res.length == 1);
}
- assert(res[0].dn == cn=ldaptestuser,cn=users, + base_dn);
- assert(res[0].cn == ldaptestuser);
- assert(res[0].name == ldaptestuser);
+ assert(res[0].dn == cn=ldaptestcomputer,cn=computers, + base_dn);
+ assert(res[0].cn == ldaptestcomputer);
+ assert(res[0].name == ldaptestcomputer);
assert(res[0].objectClass[0] == top);
assert(res[0].objectClass[1] == person);
assert(res[0].objectClass[2] == organizationalPerson);
assert(res[0].objectClass[3] == user);
+ assert(res[0].objectClass[4] == computer);
assert(res[0].objectGUID != undefined);
assert(res[0].whenCreated != undefined);
+ assert(res[0].objectCategory ==
cn=Computer,cn=Schema,cn=Configuration, + base_dn);
+ println(Testing ldb.search for
((cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration,
+ base_dn + )));
+ var res2 =
ldb.search(((cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration,
+ base_dn + )));
+ if (res.length != 1) {
+ println(Could not find
((cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration,
+ base_dn + )));
+ assert(res.length == 1);
+ }
+
+ assert(res[0].dn ==
svn commit: samba r16062 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: abartlet
Date: 2006-06-06 17:54:10 + (Tue, 06 Jun 2006)
New Revision: 16062
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16062
Log:
objectCategory is a DN, and needs to be matched as such.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c
===
--- branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-06-06
17:19:58 UTC (rev 16061)
+++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-06-06
17:54:10 UTC (rev 16062)
@@ -166,6 +166,7 @@
{ dn, LDB_SYNTAX_DN },
{ ncName, LDB_SYNTAX_DN },
{ distinguishedName, LDB_SYNTAX_DN },
+ { objectCategory, LDB_SYNTAX_DN },
{ cn, LDB_SYNTAX_DIRECTORY_STRING },
{ dc, LDB_SYNTAX_DIRECTORY_STRING },
{ ou, LDB_SYNTAX_DIRECTORY_STRING },
svn commit: samba r16063 - in branches/SAMBA_4_0/source/scripting/libjs: .
Author: abartlet
Date: 2006-06-06 17:55:41 + (Tue, 06 Jun 2006)
New Revision: 16063
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16063
Log:
Make is clearer when we can't write to the smb.conf
Find more possible posix group names for the 'domain users' group, as
the existing options don't exist in OSX.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/scripting/libjs/provision.js
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-06-06
17:54:10 UTC (rev 16062)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-06-06
17:55:41 UTC (rev 16063)
@@ -238,7 +238,7 @@
/*
setup a file in the private dir
*/
-function setup_file(template, fname, subobj)
+function setup_file(template, message, fname, subobj)
{
var lp = loadparm_init();
var f = fname;
@@ -250,7 +250,10 @@
data = substitute_var(data, subobj);
ok = sys.file_save(f, data);
- assert(ok);
+ if (!ok) {
+ message(failed to create file: + f + \n);
+ assert(ok);
+ }
}
function provision_default_paths(subobj)
@@ -355,7 +358,7 @@
var st = sys.stat(paths.smbconf);
if (st == undefined) {
message(Setting up smb.conf\n);
- setup_file(provision.smb.conf, paths.smbconf, subobj);
+ setup_file(provision.smb.conf, info.message, paths.smbconf,
subobj);
lp.reload();
}
message(Setting up secrets.ldb\n);
@@ -412,7 +415,7 @@
assert(subobj.HOSTGUID != undefined);
setup_file(provision.zone,
- paths.dns,
+ message, paths.dns,
subobj);
message(Please install the zone located in + paths.dns + into your
DNS server\n);
@@ -456,7 +459,7 @@
subobj.NOGROUP = findnss(nss.getgrnam, nogroup, nobody);
subobj.WHEEL= findnss(nss.getgrnam, wheel, root, staff);
subobj.BACKUP = findnss(nss.getgrnam, backup, wheel, root,
staff);
- subobj.USERS= findnss(nss.getgrnam, users, guest, other);
+ subobj.USERS= findnss(nss.getgrnam, users, guest, other,
unknown);
subobj.DNSDOMAIN= strlower(subobj.REALM);
subobj.DNSNAME = sprintf(%s.%s,
strlower(subobj.HOSTNAME),
svn commit: samba r16064 - branches/SAMBA_3_0/source/passdb trunk/source/passdb
Author: vlendec
Date: 2006-06-06 20:18:11 + (Tue, 06 Jun 2006)
New Revision: 16064
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16064
Log:
Bug fix for another one Tom Bork has reported:
'valid users = +unixgroup' failed with smbpasswd if 'unixgroup' has a
(non-algorithmic) group mapping.
Thanks a lot!
People out there listening, please test current code, this release is
**BIG**
:-)
Volker
Modified:
branches/SAMBA_3_0/source/passdb/lookup_sid.c
trunk/source/passdb/lookup_sid.c
Changeset:
Modified: branches/SAMBA_3_0/source/passdb/lookup_sid.c
===
--- branches/SAMBA_3_0/source/passdb/lookup_sid.c 2006-06-06 17:55:41 UTC
(rev 16063)
+++ branches/SAMBA_3_0/source/passdb/lookup_sid.c 2006-06-06 20:18:11 UTC
(rev 16064)
@@ -43,6 +43,7 @@
DOM_SID sid;
enum SID_NAME_USE type;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ struct group *grp;
if (tmp_ctx == NULL) {
DEBUG(0, (talloc_new failed\n));
@@ -128,16 +129,35 @@
* the expansion of group names coming in from smb.conf
*/
- if (flags LOOKUP_NAME_GROUP) {
- struct group *grp;
+ if ((flags LOOKUP_NAME_GROUP) ((grp = getgrnam(name)) != NULL)) {
+ GROUP_MAP map;
+
+ if (pdb_getgrgid(map, grp-gr_gid)) {
+ /* The hack gets worse. Handle the case where we have
+* 'force group = +unixgroup' but unixgroup has a
+* group mapping */
+
+ if (sid_check_is_in_builtin(map.sid)) {
+ domain = talloc_strdup(
+ tmp_ctx, builtin_domain_name());
+ } else {
+ domain = talloc_strdup(
+ tmp_ctx, get_global_sam_name());
+ }
+
+ sid_copy(sid, map.sid);
+ type = map.sid_name_use;
+ goto ok;
+ }
+
/* If we are using the smbpasswd backend, we need to use the
* algorithmic mapping for the unix group we find. This is
* necessary because when creating the NT token from the unix
* gid list we got from initgroups() we use gid_to_sid() that
* uses algorithmic mapping if pdb_rid_algorithm() is true. */
- if (pdb_rid_algorithm() ((grp = getgrnam(name)) != NULL)
+ if (pdb_rid_algorithm()
(grp-gr_gid max_algorithmic_gid())) {
domain = talloc_strdup(tmp_ctx, get_global_sam_name());
sid_compose(sid, get_global_sam_sid(),
Modified: trunk/source/passdb/lookup_sid.c
===
--- trunk/source/passdb/lookup_sid.c2006-06-06 17:55:41 UTC (rev 16063)
+++ trunk/source/passdb/lookup_sid.c2006-06-06 20:18:11 UTC (rev 16064)
@@ -43,6 +43,7 @@
DOM_SID sid;
enum SID_NAME_USE type;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ struct group *grp;
if (tmp_ctx == NULL) {
DEBUG(0, (talloc_new failed\n));
@@ -128,16 +129,35 @@
* the expansion of group names coming in from smb.conf
*/
- if (flags LOOKUP_NAME_GROUP) {
- struct group *grp;
+ if ((flags LOOKUP_NAME_GROUP) ((grp = getgrnam(name)) != NULL)) {
+ GROUP_MAP map;
+
+ if (pdb_getgrgid(map, grp-gr_gid)) {
+ /* The hack gets worse. Handle the case where we have
+* 'force group = +unixgroup' but unixgroup has a
+* group mapping */
+
+ if (sid_check_is_in_builtin(map.sid)) {
+ domain = talloc_strdup(
+ tmp_ctx, builtin_domain_name());
+ } else {
+ domain = talloc_strdup(
+ tmp_ctx, get_global_sam_name());
+ }
+
+ sid_copy(sid, map.sid);
+ type = map.sid_name_use;
+ goto ok;
+ }
+
/* If we are using the smbpasswd backend, we need to use the
* algorithmic mapping for the unix group we find. This is
* necessary because when creating the NT token from the unix
* gid list we got from initgroups() we use gid_to_sid() that
* uses algorithmic mapping if pdb_rid_algorithm() is true. */
- if (pdb_rid_algorithm() ((grp = getgrnam(name)) != NULL)
+ if (pdb_rid_algorithm()
(grp-gr_gid max_algorithmic_gid()))
svn commit: samba r16065 - branches/SAMBA_3_0/source/rpc_server trunk/source/rpc_server
Author: vlendec
Date: 2006-06-06 20:34:26 + (Tue, 06 Jun 2006)
New Revision: 16065
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16065
Log:
Re-add a strlower_m(account) in samr_create_user that was dropped for no
reason but to increase fidelity with W2k3. Tom Bork has raised valid concerns
that Unix scripts might rely on the account names being lower-case, so keep
that. We might later decide to only lower-case the unix name passed to
'add [user|group] script' but keep the passdb entry upper-case. But there are
enough user-visible changes in 3_0 already so that we should push this off to
a later date.
Tom, waiting for more bug reports from you ;-))
Thanks for insisting!
Volker
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
trunk/source/rpc_server/srv_samr_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2006-06-06 20:18:11 UTC
(rev 16064)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2006-06-06 20:34:26 UTC
(rev 16065)
@@ -2463,6 +2463,8 @@
return NT_STATUS_NO_MEMORY;
}
+ strlower_m(account);
+
nt_status = can_create(p-mem_ctx, account);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
Modified: trunk/source/rpc_server/srv_samr_nt.c
===
--- trunk/source/rpc_server/srv_samr_nt.c 2006-06-06 20:18:11 UTC (rev
16064)
+++ trunk/source/rpc_server/srv_samr_nt.c 2006-06-06 20:34:26 UTC (rev
16065)
@@ -2463,6 +2463,8 @@
return NT_STATUS_NO_MEMORY;
}
+ strlower_m(account);
+
nt_status = can_create(p-mem_ctx, account);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
svn commit: samba r16066 - in branches/SAMBA_4_0: source/lib/ldb/common source/lib/ldb/samba testprogs/ejs
Author: abartlet
Date: 2006-06-06 22:04:55 + (Tue, 06 Jun 2006)
New Revision: 16066
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16066
Log:
The OSX AD plugin uses objectCategory searches a lot, and uses them
both fully qualified and in the 'short' form. Now we test and support
this query format.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c
branches/SAMBA_4_0/source/lib/ldb/common/ldb_match.c
branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c
branches/SAMBA_4_0/testprogs/ejs/ldap.js
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c
===
--- branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-06-06
20:34:26 UTC (rev 16065)
+++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-06-06
22:04:55 UTC (rev 16066)
@@ -166,7 +166,6 @@
{ dn, LDB_SYNTAX_DN },
{ ncName, LDB_SYNTAX_DN },
{ distinguishedName, LDB_SYNTAX_DN },
- { objectCategory, LDB_SYNTAX_DN },
{ cn, LDB_SYNTAX_DIRECTORY_STRING },
{ dc, LDB_SYNTAX_DIRECTORY_STRING },
{ ou, LDB_SYNTAX_DIRECTORY_STRING },
Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_match.c
===
--- branches/SAMBA_4_0/source/lib/ldb/common/ldb_match.c2006-06-06
20:34:26 UTC (rev 16065)
+++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_match.c2006-06-06
22:04:55 UTC (rev 16066)
@@ -207,8 +207,11 @@
chunk = tree-u.substring.chunks[c];
if(h-canonicalise_fn(ldb, ldb, chunk, cnk) != 0) goto failed;
- /* FIXME: case of embedded nulls */
- if (strncmp((char *)val.data, (char *)cnk.data, cnk.length) !=
0) goto failed;
+ /* This deals with wildcard prefix searches on binary
attributes (eg objectGUID) */
+ if (cnk.length val.length) {
+ goto failed;
+ }
+ if (memcmp((char *)val.data, (char *)cnk.data, cnk.length) !=
0) goto failed;
val.length -= cnk.length;
val.data += cnk.length;
c++;
Modified: branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c
===
--- branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c 2006-06-06
20:34:26 UTC (rev 16065)
+++ branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c 2006-06-06
22:04:55 UTC (rev 16066)
@@ -1,8 +1,8 @@
/*
ldb database library - ldif handlers for Samba
- Copyright (C) Andrew Tridgell 2005
-
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Andrew Bartlett 2006
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
** under the LGPL
@@ -275,6 +275,75 @@
return 0;
}
+/*
+ canonicolise an objectCategory. We use the short form as the cannoical
form:
+ cn=Person,cn=Schema,cn=Configuration,basedn becomes 'person'
+*/
+
+static int ldif_canonicalise_objectCategory(struct ldb_context *ldb, void
*mem_ctx,
+ const struct ldb_val *in, struct
ldb_val *out)
+{
+ struct ldb_dn *dn1 = NULL;
+ const char *oc1;
+
+ dn1 = ldb_dn_explode(mem_ctx, (char *)in-data);
+ if (dn1 == NULL) {
+ oc1 = talloc_strndup(mem_ctx, in-data, in-length);
+ } else if (dn1-comp_num = 1 strcasecmp(dn1-components[0].name,
cn) == 0) {
+ oc1 = talloc_strndup(mem_ctx, dn1-components[0].value.data,
+dn1-components[0].value.length);
+ } else {
+ return -1;
+ }
+
+ oc1 = ldb_casefold(ldb, mem_ctx, oc1);
+ out-data = oc1;
+ out-length = strlen(oc1);
+ return 0;
+}
+
+static int ldif_comparison_objectCategory(struct ldb_context *ldb, void
*mem_ctx,
+ const struct ldb_val *v1,
+ const struct ldb_val *v2)
+{
+ struct ldb_dn *dn1 = NULL, *dn2 = NULL;
+ const char *oc1, *oc2;
+
+ dn1 = ldb_dn_explode(mem_ctx, (char *)v1-data);
+ if (dn1 == NULL) {
+ oc1 = talloc_strndup(mem_ctx, v1-data, v1-length);
+ } else if (dn1-comp_num = 1 strcasecmp(dn1-components[0].name,
cn) == 0) {
+ oc1 = talloc_strndup(mem_ctx, dn1-components[0].value.data,
+dn1-components[0].value.length);
+ } else {
+ oc1 = NULL;
+ }
+
+ dn2 = ldb_dn_explode(mem_ctx, (char *)v2-data);
+ if (dn2 == NULL) {
+ oc2 = talloc_strndup(mem_ctx, v2-data, v2-length);
+ } else if (dn2-comp_num = 2 strcasecmp(dn2-components[0].name,
svn commit: samba r16067 - in branches/SAMBA_4_0/source/lib/ldb/samba: .
Author: abartlet
Date: 2006-06-06 22:10:52 + (Tue, 06 Jun 2006)
New Revision: 16067
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16067
Log:
Remove const, it isn't required and just causes a warning.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c
===
--- branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c 2006-06-06
22:04:55 UTC (rev 16066)
+++ branches/SAMBA_4_0/source/lib/ldb/samba/ldif_handlers.c 2006-06-06
22:10:52 UTC (rev 16067)
@@ -284,7 +284,7 @@
const struct ldb_val *in, struct
ldb_val *out)
{
struct ldb_dn *dn1 = NULL;
- const char *oc1;
+ char *oc1;
dn1 = ldb_dn_explode(mem_ctx, (char *)in-data);
if (dn1 == NULL) {
svn commit: samba r16068 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: abartlet
Date: 2006-06-06 22:31:20 + (Tue, 06 Jun 2006)
New Revision: 16068
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16068
Log:
Check against the correct result in the ldap.js test
Andrew Bartlett
Modified:
branches/SAMBA_4_0/testprogs/ejs/ldap.js
Changeset:
Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js
===
--- branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-06 22:10:52 UTC (rev
16067)
+++ branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-06 22:31:20 UTC (rev
16068)
@@ -160,9 +160,9 @@
println(Testing ldb.search for
((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, +
base_dn + )));
var res2 =
ldb.search(((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration,
+ base_dn + )));
- if (res.length != 1) {
+ if (res2.length != 1) {
println(Could not find
((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, +
base_dn + )));
- assert(res.length == 1);
+ assert(res2.length == 1);
}
assert(res[0].dn == res2[0].dn);
svn commit: samba r16069 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet
Date: 2006-06-06 22:32:24 + (Tue, 06 Jun 2006)
New Revision: 16069
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16069
Log:
Remove unused destructor and an unused variable.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
===
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-06-06
22:31:20 UTC (rev 16068)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-06-06
22:32:24 UTC (rev 16069)
@@ -108,7 +108,6 @@
static BOOL samldb_find_or_add_attribute(struct ldb_module *module, struct
ldb_message *msg, const char *name, const char *set_value)
{
- int j;
struct ldb_message_element *el;
if (msg == NULL || name == NULL || set_value == NULL) {
@@ -857,16 +856,8 @@
return ret;
}
-static int samldb_destructor(void *module_ctx)
-{
- /* struct ldb_module *ctx = module_ctx; */
- /* put your clean-up functions here */
- return 0;
-}
-
static int samldb_init(struct ldb_module *module)
{
- talloc_set_destructor(module, samldb_destructor);
return ldb_next_init(module);
}
Build status as of Wed Jun 7 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-06-06 00:00:47.0 + +++ /home/build/master/cache/broken_results.txt 2006-06-07 00:00:42.0 + @@ -1,18 +1,18 @@ -Build status as of Tue Jun 6 00:00:02 2006 +Build status as of Wed Jun 7 00:00:02 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 -ccache 41 5 0 -distcc 40 5 0 -lorikeet-heimdal 34 27 0 +ccache 36 5 0 +distcc 37 5 0 +lorikeet-heimdal 2 2 0 ppp 19 0 0 -rsync40 2 0 +rsync40 1 0 samba5 1 0 samba-docs 0 0 0 -samba4 45 31 3 +samba4 45 29 4 samba_3_043 16 0 -smb-build32 0 0 -talloc 36 18 0 +smb-build31 0 0 +talloc 25 13 0 tdb 37 4 0
svn commit: samba r16070 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: idra
Date: 2006-06-07 00:42:19 + (Wed, 07 Jun 2006)
New Revision: 16070
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16070
Log:
Fix kludge_acls
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c
===
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c
2006-06-06 22:32:24 UTC (rev 16069)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c
2006-06-07 00:42:19 UTC (rev 16070)
@@ -229,7 +229,7 @@
{
int ret, i;
TALLOC_CTX *mem_ctx = talloc_new(module);
- const char *attrs[] = { attribute, NULL };
+ static const char *attrs[] = { passwordAttribute, NULL };
struct ldb_result *res;
struct ldb_message *msg;
struct ldb_message_element *password_attributes;
svn commit: samba r16071 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: idra
Date: 2006-06-07 00:55:48 + (Wed, 07 Jun 2006)
New Revision: 16071
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16071
Log:
tdb has nested transactions
change the code to exploit that in ldb
I still have to reintroduce transactions when you call ldb_request directly,
I have some plans I hop to be able to develop in the next weekend
Modified:
branches/SAMBA_4_0/source/lib/ldb/common/ldb.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c
===
--- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-06-07 00:42:19 UTC
(rev 16070)
+++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-06-07 00:55:48 UTC
(rev 16071)
@@ -171,13 +171,11 @@
/*
start a transaction
*/
-int ldb_transaction_start(struct ldb_context *ldb)
+static int ldb_transaction_start_internal(struct ldb_context *ldb)
{
struct ldb_module *module;
int status;
FIRST_OP(ldb, start_transaction);
-
- ldb-transaction_active++;
ldb_reset_err_string(ldb);
@@ -195,18 +193,12 @@
/*
commit a transaction
*/
-int ldb_transaction_commit(struct ldb_context *ldb)
+static int ldb_transaction_commit_internal(struct ldb_context *ldb)
{
struct ldb_module *module;
int status;
FIRST_OP(ldb, end_transaction);
- if (ldb-transaction_active 0) {
- ldb-transaction_active--;
- } else {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
ldb_reset_err_string(ldb);
status = module-ops-end_transaction(module);
@@ -223,18 +215,12 @@
/*
cancel a transaction
*/
-int ldb_transaction_cancel(struct ldb_context *ldb)
+static int ldb_transaction_cancel_internal(struct ldb_context *ldb)
{
struct ldb_module *module;
int status;
FIRST_OP(ldb, del_transaction);
- if (ldb-transaction_active 0) {
- ldb-transaction_active--;
- } else {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
status = module-ops-del_transaction(module);
if (status != LDB_SUCCESS) {
if (ldb-err_string == NULL) {
@@ -246,6 +232,89 @@
return status;
}
+int ldb_transaction_start(struct ldb_context *ldb)
+{
+ /* disable autotransactions */
+ ldb-transaction_active++;
+
+ return ldb_transaction_start_internal(ldb);
+}
+
+int ldb_transaction_commit(struct ldb_context *ldb)
+{
+ /* renable autotransactions (when we reach 0) */
+ if (ldb-transaction_active 0)
+ ldb-transaction_active--;
+
+ return ldb_transaction_commit_internal(ldb);
+}
+
+int ldb_transaction_cancel(struct ldb_context *ldb)
+{
+ /* renable autotransactions (when we reach 0) */
+ if (ldb-transaction_active 0)
+ ldb-transaction_active--;
+
+ return ldb_transaction_cancel_internal(ldb);
+}
+
+int ldb_autotransaction_start(struct ldb_context *ldb)
+{
+ /* explicit transaction active, ignore autotransaction request */
+ if (ldb-transaction_active)
+ return LDB_SUCCESS;
+
+ return ldb_transaction_start_internal(ldb);
+}
+
+int ldb_autotransaction_commit(struct ldb_context *ldb)
+{
+ /* explicit transaction active, ignore autotransaction request */
+ if (ldb-transaction_active)
+ return LDB_SUCCESS;
+
+ return ldb_transaction_commit_internal(ldb);
+}
+
+int ldb_autotransaction_cancel(struct ldb_context *ldb)
+{
+ /* explicit transaction active, ignore autotransaction request */
+ if (ldb-transaction_active)
+ return LDB_SUCCESS;
+
+ return ldb_transaction_cancel_internal(ldb);
+}
+
+/* autostarts a transacion if none active */
+static int ldb_autotransaction_request(struct ldb_context *ldb, struct
ldb_request *req)
+{
+ int ret;
+
+ ret = ldb_autotransaction_start(ldb);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ ret = ldb_request(ldb, req);
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_async_wait(req-async.handle, LDB_WAIT_ALL);
+ }
+
+ if (ret == LDB_SUCCESS) {
+ return ldb_autotransaction_commit(ldb);
+ }
+ ldb_autotransaction_cancel(ldb);
+
+ if (ldb-err_string == NULL) {
+ /* no error string was setup by the backend */
+ ldb_set_errstring(ldb,
+ talloc_asprintf(ldb, %s (%d),
+ ldb_strerror(ret), ret));
+ }
+
+ return ret;
+}
+
int ldb_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait_type
type)
{
if (!handle) {
@@ -461,43 +530,7 @@
return ret;
}
-/* autostarts a transacion if none active */
-static int ldb_autotransaction_request(struct ldb_context *ldb, struct
ldb_request *req)
-{
- int ret, close_transaction;
-
svn commit: samba r16072 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: abartlet
Date: 2006-06-07 04:16:02 + (Wed, 07 Jun 2006)
New Revision: 16072
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16072
Log:
Do basic wildcard searching in the ejs LDAP test.
Unfortunetly this didn't find the wildcard bug, but at least it tests
something...
Andrew Bartlett
Modified:
branches/SAMBA_4_0/testprogs/ejs/ldap.js
Changeset:
Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js
===
--- branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-07 00:55:48 UTC (rev
16071)
+++ branches/SAMBA_4_0/testprogs/ejs/ldap.js2006-06-07 04:16:02 UTC (rev
16072)
@@ -219,6 +219,33 @@
assert(res[0].dn == res3[0].dn);
+ println(Testing ldb.search for
((cn=ldaptest*computer)(objectCategory=compuTER)));
+ var res4 =
ldb.search(((cn=ldaptest*computer)(objectCategory=compuTER)));
+ if (res4.length != 1) {
+ println(Could not find
((cn=ldaptest*computer)(objectCategory=compuTER)));
+ assert(res4.length == 1);
+ }
+
+ assert(res[0].dn == res4[0].dn);
+
+ println(Testing ldb.search for
((cn=ldaptestcomput*)(objectCategory=compuTER)));
+ var res5 =
ldb.search(((cn=ldaptestcomput*)(objectCategory=compuTER)));
+ if (res5.length != 1) {
+ println(Could not find
((cn=ldaptestcomput*)(objectCategory=compuTER)));
+ assert(res5.length == 1);
+ }
+
+ assert(res[0].dn == res5[0].dn);
+
+ println(Testing ldb.search for
((cn=*daptestcomputer)(objectCategory=compuTER)));
+ var res6 =
ldb.search(((cn=*daptestcomputer)(objectCategory=compuTER)));
+ if (res6.length != 1) {
+ println(Could not find
((cn=*daptestcomputer)(objectCategory=compuTER)));
+ assert(res6.length == 1);
+ }
+
+ assert(res[0].dn == res6[0].dn);
+
ok = ldb.del(res[0].dn);
if (!ok) {
println(ldb.errstring());
svn commit: samba r16073 - in branches/SAMBA_4_0/source/libcli/ldap: .
Author: abartlet
Date: 2006-06-07 04:23:42 + (Wed, 07 Jun 2006)
New Revision: 16073
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16073
Log:
On an incoming wildcard search, it is critical that the size be
correct, or we try and do a memcmp on the trailing '\0'.
This happens because we now use memcmp for the prefix matching.
I just wish I had a test other than a particular invocation of the OSX
client. (I've tried and failed so far)
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/libcli/ldap/ldap.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/ldap/ldap.c
===
--- branches/SAMBA_4_0/source/libcli/ldap/ldap.c2006-06-07 04:16:02 UTC
(rev 16072)
+++ branches/SAMBA_4_0/source/libcli/ldap/ldap.c2006-06-07 04:23:42 UTC
(rev 16073)
@@ -548,9 +548,9 @@
if (chunks[chunk_num]-data == NULL) {
return NULL;
}
- chunks[chunk_num]-length = strlen(value) + 1;
+ chunks[chunk_num]-length = strlen(value);
- chunks[chunk_num + 1] = NULL;
+ chunks[chunk_num + 1] = '\0';
return chunks;
}
svn commit: samba r16074 - in branches/SOC/bnh: . windows_setup
Author: brad Date: 2006-06-07 04:26:11 + (Wed, 07 Jun 2006) New Revision: 16074 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16074 Log: WINDOWS_SETUP_README is a process to easily setup a windows host for remote access to an interactive SSH shell. windows_setup.zip contains the necessary scripts and the SSH server windows executable. win_setup.wsf is the main script which performs the installation and configuration. It requires /username:username and /password:password parameters, and accepts an optional parameter /basedir:basedir. win_setup.wsf is intended to perform the installation without user interaction on a wide variety of windows platforms. The script currently has the limitation that it will only work on a host within a domain, as it adds the user to the Domain Admins group. Eventually, it will instead add the user to the local Administrators group when necessary. Added: branches/SOC/bnh/WINDOWS_SETUP_README branches/SOC/bnh/windows_setup.zip branches/SOC/bnh/windows_setup/ branches/SOC/bnh/windows_setup/win_setup.wsf Changeset: Added: branches/SOC/bnh/WINDOWS_SETUP_README === --- branches/SOC/bnh/WINDOWS_SETUP_README 2006-06-07 04:23:42 UTC (rev 16073) +++ branches/SOC/bnh/WINDOWS_SETUP_README 2006-06-07 04:26:11 UTC (rev 16074) @@ -0,0 +1,17 @@ +To setup a windows host for testing, i've created a script to create a base +working directory, install the COP SSH server (http://itefix.no/copssh), +create an adminstrative user account, and give that user access to the SSH +server. + +Copy windows_setup.zip into a directory (C:\smbtmp in this example), and follow +these steps: + +C:\smbtmpunzip windows_setup.zip +C:\smbtmpcd windows_setup +C:\smbtmp\windows_setupcscript win_setup.wsf /username:username /password:password +(username will be created, assigned the password password, and added to +the Domain Admins group. By passing optional /basedir:basedir parameter, +basedir will be created, otherwise C:\smbtorture_root will be created.) + +Once this script finishes, username should be able to SSH into the windows +host. Added: branches/SOC/bnh/windows_setup/win_setup.wsf === --- branches/SOC/bnh/windows_setup/win_setup.wsf2006-06-07 04:23:42 UTC (rev 16073) +++ branches/SOC/bnh/windows_setup/win_setup.wsf2006-06-07 04:26:11 UTC (rev 16074) @@ -0,0 +1,176 @@ +package +job id=win_setup +script language=VBScript src=..\include\common.vbs + +const USAGE_STATEMENT = Usage: cscript win_setup.wsf /username:username /password:password /basedir:directory path +const DEFAULT_BASEDIR = C:\smbtorture_root + +execute include(..\include\fs_common.vbs) + +function setup_base_dir(pathname) + + on error resume next + + error_code = RTN_OK + + ' If basedir exists, remove it. + set fileSystemObject = createObject(scripting.fileSystemObject) + if fileSystemObject.folderExists(pathname) then + stdout.writeline Directory pathname exists. + error_code = delete_directory(pathname) + if error_code 0 then + ' There was an unexpected error. + setup_base_dir = error_code + exit function + end if + end if + + ' Create basedir. + error_code = create_directory(pathname) + setup_base_dir = error_code + +end function + +' Run the installer for the ssh server silently, installing into basedir. +function setup_sshd + + on error resume next + + set shell = wscript.createObject(wscript.shell) + install_cmd = Copssh_1.3.10_Installer.exe _ +/S + + error_code = shell.run(install_cmd, NEW_WINDOW_MINIMIZED, True) + if error_code 0 then + stdout.writeline Unhandled error calling install_cmd _ +. Returned error_code . + else + stdout.writeline SSH service installed and running. + end if + setup_sshd = error_code + +end function + +' If username exists, remove it. +' Create user. Add to Domain Admins group. +function setup_user(username, password) + + on error resume next + + set shell = wscript.createObject(wscript.shell) + netuser_cmd = net user username + error_code = shell.run(netuser_cmd, NEW_WINDOW_MINIMIZED, True) + + if error_code = 0 then + ' Try to delete the user before adding. + stdout.writeline User username exists. + netuserdel_cmd = net user username /DELETE + error_code = shell.run(netuserdel_cmd, NEW_WINDOW_MINIMIZED, _ +True) + if error_code 0 then + stdout.writeline Error calling netuserdel_cmd _ +. Returned
svn commit: samba r16075 - in trunk/source: auth passdb
Author: jra
Date: 2006-06-07 04:45:47 + (Wed, 07 Jun 2006)
New Revision: 16075
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16075
Log:
Fix for machine password timeout overflow from Shlomi Yaakobovich
[EMAIL PROTECTED].
Jeremy.
Modified:
trunk/source/auth/auth_domain.c
trunk/source/passdb/secrets.c
Changeset:
Modified: trunk/source/auth/auth_domain.c
===
--- trunk/source/auth/auth_domain.c 2006-06-07 04:26:11 UTC (rev 16074)
+++ trunk/source/auth/auth_domain.c 2006-06-07 04:45:47 UTC (rev 16075)
@@ -414,7 +414,7 @@
#if 0
/* Test if machine password is expired and need to be changed */
- if (time(NULL) last_change_time + lp_machine_password_timeout())
+ if (time(NULL) last_change_time +
(time_t)lp_machine_password_timeout())
{
global_machine_password_needs_changing = True;
}
Modified: trunk/source/passdb/secrets.c
===
--- trunk/source/passdb/secrets.c 2006-06-07 04:26:11 UTC (rev 16074)
+++ trunk/source/passdb/secrets.c 2006-06-07 04:45:47 UTC (rev 16075)
@@ -310,7 +310,7 @@
/* Test if machine password has expired and needs to be changed */
if (lp_machine_password_timeout()) {
if (pass-mod_time 0 time(NULL) (pass-mod_time +
- lp_machine_password_timeout())) {
+ (time_t)lp_machine_password_timeout())) {
global_machine_password_needs_changing = True;
}
}
svn commit: samba r16076 - in branches/SAMBA_3_0/source: auth passdb
Author: jra
Date: 2006-06-07 04:45:50 + (Wed, 07 Jun 2006)
New Revision: 16076
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16076
Log:
Fix for machine password timeout overflow from Shlomi Yaakobovich
[EMAIL PROTECTED].
Jeremy.
Modified:
branches/SAMBA_3_0/source/auth/auth_domain.c
branches/SAMBA_3_0/source/passdb/secrets.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_domain.c
===
--- branches/SAMBA_3_0/source/auth/auth_domain.c2006-06-07 04:45:47 UTC
(rev 16075)
+++ branches/SAMBA_3_0/source/auth/auth_domain.c2006-06-07 04:45:50 UTC
(rev 16076)
@@ -403,7 +403,7 @@
#if 0
/* Test if machine password is expired and need to be changed */
- if (time(NULL) last_change_time + lp_machine_password_timeout())
+ if (time(NULL) last_change_time +
(time_t)lp_machine_password_timeout())
{
global_machine_password_needs_changing = True;
}
Modified: branches/SAMBA_3_0/source/passdb/secrets.c
===
--- branches/SAMBA_3_0/source/passdb/secrets.c 2006-06-07 04:45:47 UTC (rev
16075)
+++ branches/SAMBA_3_0/source/passdb/secrets.c 2006-06-07 04:45:50 UTC (rev
16076)
@@ -310,7 +310,7 @@
/* Test if machine password has expired and needs to be changed */
if (lp_machine_password_timeout()) {
if (pass-mod_time 0 time(NULL) (pass-mod_time +
- lp_machine_password_timeout())) {
+ (time_t)lp_machine_password_timeout())) {
global_machine_password_needs_changing = True;
}
}
