Re: [Samba] wbinfo: Client not found in Kerberos database
simo wrote: On Mon, 2006-08-14 at 17:48 -0700, Ian Brandt wrote: # net ads join -U Administrator Administrator's password: realm must be set in in smb.conf for ADS join to succeed. and probably you better configure also krb5.conf accordingly I asked my sysadmin what our realm is, but he didn't know what I was referring to. I suggested it might have something to do with Kerberos, and he said we're using ActiveDirectory without Kerberos. There exist no such thing like AD without Kerberos, in windows the REALM is the same as the AD DNS Domain. Much appreciated! I set up Kerberos per: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member and all is well now. Thanks, Ian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] POSSIBLE BUG in Samba!!
Gentlemen, Developers, Please take a look at my post below. Especially the part that starts with What I know so far and BUT!!!... Could this be a bug in Samba? Please respond... On ma, 2006-08-14 at 13:04 +0200, S. J. van Harmelen wrote: Hi ho there... Environment: IIS 6.0 with everything mapped to aspnet_isapi.dll and the webiste files on a Debian Sarge Samba 3.0.23a-1 server. Problem: When a file is changed on the Samba server, IIS keeps serving the old content as long as you keep requesting the file. What I know so far: Because everything is mapped to aspnet_isapi.dll, everything is cached in the kernel-mode-cache on the Windows machine. When changing the change notify timeout to 5 seconds it takes 5 seconds for the content to change... BUT!!! But when I don't wait 5 seconds en keep refreshing/requesting the page every 2 seconds, the content never changes?!?! Only when I stop refreshing for at least the time set as the change notify timeout, the content will be updated... Any advice on this? If not I'm affraid I'll have to set the change notify timeout to 1 second which is quit costly for my system (if I understand correctly that is)... Regards, Sander -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] POSSIBLE BUG in Samba!!
On Tue, Aug 15, 2006 at 09:28:38AM +0200, S. J. van Harmelen wrote: Please take a look at my post below. Especially the part that starts with What I know so far and BUT!!!... Could this be a bug in Samba? Yes, it is a known bug in Samba that is not easy to fix. Tridge has figured out how the notify stuff should really work only a couple of months ago. It is on our list of things to implement in Samba3. Volker pgpSsTYWuYUyJ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems syncing smbpasswd/passwd
Dear all! Since several days I'm trying to get Samba's unix password sync to work for me, but I still have problems. I'm using the Samba 3.0.22 binaries that come with Ubuntu 6.06 and this is the [global] section of my smb.conf: [global] workgroup = TEST domain logons = yes preferred master = yes wins support = yes username map = /etc/samba/smbusers syslog = 100 add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u' logon path = \\%L\profiles\%U unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n When I'm logged on to my WinXP workstation and try to change my SMB password, Windows hangs, doesn't respond anymore. Im my log.smbd I get the following message: [2006/07/24 13:03:55, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied Any idea how to solve this problem? Cheers Bernd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] POSSIBLE BUG in Samba!!
Thank you very much! That was what I needed to know... Now I can stop searching and wait for the update to come out... Any idea when this should be implemented? A few weeks? A few months? Thanks again! On di, 2006-08-15 at 09:42 +0200, Volker Lendecke wrote: On Tue, Aug 15, 2006 at 09:28:38AM +0200, S. J. van Harmelen wrote: Please take a look at my post below. Especially the part that starts with What I know so far and BUT!!!... Could this be a bug in Samba? Yes, it is a known bug in Samba that is not easy to fix. Tridge has figured out how the notify stuff should really work only a couple of months ago. It is on our list of things to implement in Samba3. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] POSSIBLE BUG in Samba!!
On Tue, Aug 15, 2006 at 09:50:37AM +0200, S. J. van Harmelen wrote: Thank you very much! That was what I needed to know... Now I can stop searching and wait for the update to come out... Any idea when this should be implemented? A few weeks? A few months? I'd say a few months rather than a few weeks. Volker pgpHf5Lc1JOAh.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Rejecting auth request from client error after power outage
Jeremy Allison wrote: On Mon, Aug 14, 2006 at 10:06:49PM -0500, Mark wrote: _net_auth2: creds_server_check failed. Rejecting auth request from client FLUENT02 machine account FLUENT02$ That looks like a problem with machine account verification. Can you try rebooting a client and seeing it it gets it back in sync ? Fedora Core 4 Samba 3.0.23b using tdbsam What backend filesystem are you using the the tdbsam files ? Jeremy. How many of the files, for example, in /var/lib/samba are critical to operation? I assume most but I figure that files like wins.dat and wins.tdb aren't maybe that important and get regenerated if necessary. Just thinking that maybe there was something cached from before the crash that might have caused the problem. But I did reboot several times, restarted services and I overwrote everything in both /etc/samba and /var/lib/samba from backup so I figured it would have put everything back the way it was the previous day. And I didn't mention it earlier but none of the XP clients crashed as they were off at the time, just to rule out corruption on the Windows clients. Although they've been known to get corrupted just sitting there. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems syncing smbpasswd/passwd
Bernd Pörner wrote: Dear all! Since several days I'm trying to get Samba's unix password sync to work for me, but I still have problems. I'm using the Samba 3.0.22 binaries that come with Ubuntu 6.06 and this is the [global] section of my smb.conf: [global] workgroup = TEST domain logons = yes preferred master = yes wins support = yes username map = /etc/samba/smbusers syslog = 100 add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u' logon path = \\%L\profiles\%U unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n When I'm logged on to my WinXP workstation and try to change my SMB password, Windows hangs, doesn't respond anymore. Im my log.smbd I get the following message: [2006/07/24 13:03:55, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied Any idea how to solve this problem? Cheers Bernd I had the same problem myself. Your passwd chat entry likely doesn't match what your Samba box is looking for. The first part looks OK, but I'd end it with *success*. Without that, you don't get the response. You also could shorten the entry to something like: passwd chat = *Enter*password* %n\n *Retype*password* %n\n *success* The password chat uses expect so the * is any sequence of characters. As long as it sees something it can match without giving a false positive, things should work. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] What gui works with samba 3.x and tdbsam ???
Swat does not have anything for adding/editing/deleting users. Gary MacKay wrote: / I just setup a new server for a client and everything is running well. // I added and setup all the users from the cli just because that's how // I'm used to doing it. I tried using the samba gui that comes with // CentOS 4.03 and I tried Webmin but nether one will add the user // proberly to the tdbsam database. They add the user fine to the // /etc/passwd file but samba does not get updated properly. My client // wants to be able to do this himself and not call me everytime and I'd // prefer not to have to type out CLI type instructions. There must be a // gui of some sort that works? // // // - Gary // / Have you tried SWAT? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbds stuck in close_wait state
Hello! I can't find the cause of the above problem. Some smbd processes stuck in close_wait state and some file locks remain behind too. /any clue would be apreciated Attila / -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection scripts with the 'prexec' clause
Shaun, I am little confused by your response when you say LDAP could help. Our Samba server runs on AIX box which has been configured to point to an LDAP backend for the management of the AIX userids. Our Windows clients userid/passwords have to match our AIX userid/smb password in order for them to be able to perform a 'net use' to shares. Here is a snippet of my smb.conf file: [global] security = user encrypt passwords = yes netbios name = NSCC04 workgroup = WBS passdb backend = ldapsam:ldap://nsldap.raleigh.ibm.com:389 ldap admin dn = cn=root ldap ssl = on ldap suffix = ou=swg,o=ibm.com ldap passwd sync = no create mask = 0775 directory mask = 0775 oplocks = no kernel oplocks = no case sensitive = no preserve case = yes max log size = 1 log level = 2 max xmit = 65535 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 getwd cache = yes wide links = no invalid users = root daemon bin sys adm uucp nuucp lpd imnadm \ ipsec lp snapp invscout guest account = nobody [clearcase] comment = ClearCase Release Area path = /samba/release_area valid users = @install read only = yes wide links = yes [ccupdate] comment = ClearCase Release Area path = /samba/release_area valid users = @wbs writeable = yes browseable = no wide links = yes [euss] comment = EUSS Production Vob path = /vbsstore/euss valid users = @eussdev @a2cs @acsa @eussjava @nhpe @gcapi @eussold @euss writeable = yes [esadt] comment = ESADT Production Vob path = /vbsstore/esadt valid users = @esadt @rzos_dev @esadt_pi @wsed_dev writeable = yes My problem scenario is as follows: I use Rational Clearcase which depends on Samba to serve shares from our AIX server to Windows clients. A user can 'spoof' another user by simply logging on their windows workstation as userB(which is a valid ID that they created on their local workstation because they have administrator privileges but they don't know userB Samba password) and then performing a 'net use * \\some share /userA'(userA happens to be their own valid Samba ID/PWD) and then bringing up ClearCase and performing checkins/checkouts as userB. I know the security problem lies in the way ClearCase works but if I can stop the userA from 'net using' as himself while logged into his workstation as userB, then I can eliminate the security hole in ClearCase.So, in my case, if their Windows login(%USERNAME%) doesn't match the user they are connecting to the share with(I can get this via Samba environment variable%u and a preexec clause), then I don't allow them to access the share. I am trying to figure out how to grab the userid(%USERNAME%) they are logged onto their workstation as at the time of when they perform their 'net use'. Thanks, Maurice Shaun Marolf [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 08/14/2006 04:16 PM To samba@lists.samba.org cc Subject Re: [Samba] Connection scripts with the 'prexec' clause On Monday 14 August 2006 14:57, Maurice Forte wrote: Hi all, I am running Samba 3.0.20B on an AIX server with SECURITY=USER using an LDAP backend.I am looking for a way to capture the actual username(%USER_NAME%) that the client user is logged onto his individual workstation with and compare it with the user(%u) they are connecting with the share as.If they are different, I want to reject the user's connection. After doing some reading, it appears that a connection script with the 'preexec' clause is the way to go but the Samba environment variables only can intrepret client's hostname, netbios name, and ip address. Is there a way for me to capture the client's logon id(%USERNAME%) or accomplish this task another way? Thanks in advance, Maurice Forte I believe you can use LDAP to handle the security measures you are talking about. I don't know how to set LDAP to do that but someone in a LDAP forum should. However, keep in mind such a scheme may cause an issue if you have users working on a shared project that is kept in one, or both, of their users folders on the server. You should allow users the option to let other users access their files if need be. Again I have no clue how to setup LDAP to handle this but I believe it can be done. --Shaun -- It isn't about it being free. Rather its about the freedom it brings. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the
[Samba] Domain Login
Im trying to get my Samba Server running. The file sharing works well.. however, when I try to add machines to the domain, I get an error saying Access Denied (On the Windows XP machines...). Im running Samba 2.2.12 on a FreeBSD 5.4 Box. Included is my smb.conf... +++=== # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # For a step to step guide on installing, configuring and using samba, # read the Samba-HOWTO-Collection. This may be obtained from: # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf # # Many working examples of smb.conf files can be found in the # Samba-Guide which is generated daily and can be downloaded from: # http://www.samba.org/samba/docs/Samba-Guide.pdf # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH workgroup = SOCRATES netbios name = AJAY # interfaces = fxp0 192.168.170.3/255.255.0.0 # server string is the equivalent of the NT Description field server string = Samba Server # Security mode. Defines in which mode Samba will operate. Possible # values are share, user, server, domain and ads. Most people will want # user level security. See the Samba-HOWTO-Collection for details. security = user encrypt passwords = yes # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the loopback interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, cups, sysv, plp, lprng, aix, hpux, qnx ; printing = cups # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user nobody is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Use password server option only with security = server # The argument list may include: # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # or to auto-locate the domain controller/s # password server = * ; password server = NT-Server-Name # Use the realm option only with security = ads # Specifies the Active Directory realm the host is part of ; realm = MY_REALM # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. # passdb backend = tdbsam # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting. # Note: Consider carefully the location in the configuration file of # this line. The included file is read at that point. ; include = /usr/local/etc/smb.conf.%m # Most people will find that this option gives better performance. # See the chapter 'Samba performance issues' in the Samba HOWTO Collection # and the manual pages for details. # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 # Domain Master specifies Samba to
Re: [Samba] building of libnss_wins.so
On Monday 14 August 2006 16:54, Chris wrote: It appears that nsswitch/libnss_wins.so doesn't get built when the configure option --without-winbind is specified. Is this not useful when not using winbind? I thought it would allow a wins lookup for hosts on a Samba PDC regardless of whether or not winbind was being used. Anyone? I have verified that using wins in nsswitch.conf does nothing without libnss_wins.so. So I still suspect it should be built even when using --without-winbind. Yes? No? Maybe? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Login
[EMAIL PROTECTED] wrote: Im trying to get my Samba Server running. The file sharing works well.. however, when I try to add machines to the domain, I get an error saying Access Denied (On the Windows XP machines...). Im running Samba 2.2.12 on a FreeBSD 5.4 Box. Included is my smb.conf... Are you using the root account password when trying to add the machine? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Login
Yes. I added root to the samba user list.. Im trying to use the root account but I get the access denied... Quoting Gary Dale [EMAIL PROTECTED]: [EMAIL PROTECTED] wrote: Im trying to get my Samba Server running. The file sharing works well.. however, when I try to add machines to the domain, I get an error saying Access Denied (On the Windows XP machines...). Im running Samba 2.2.12 on a FreeBSD 5.4 Box. Included is my smb.conf... Are you using the root account password when trying to add the machine? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem looking up SIDs after Windows Rollup 5 on DCs
Hello to everyone! Recently we updated one of our DCs with the MS Windows Rollup 5. After this, watching our logs, we noticed that many problems are happening when wbinfo tries to lookup SIDs, for the script wbinfo_group.pl (that verifies user on certain groups). Well, after many researches about this, we discovered also that we should include our proxies that authenticate on the DCs, on a group called pre-win2000 machines (or something like that). But the problem now is: it works on one proxy, but not on other one. So, i would like to know if anyone of you know if the fact of different versions being used, can affect this feature (lookup SIDs), cause the versions for them are different. The proxy that find success on looking up SIDs is with samba-3.0.22-1.fc5 and the other is with version samba-3.0.8-0.pre1.3. This old version is working good on the DC tha was not updated, but not on the updated DC, even being put on the correct group, that has permission to lookup on the DCs. Any advise? Any help is appreciated! :) Thanks a lot! André ___ Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora! http://br.acesso.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Login
You don't need root in the user list. Also, try bumping up the log level (in smb.conf), restarting samba and checking the logs when you try to add the machine. [EMAIL PROTECTED] wrote: Yes. I added root to the samba user list.. Im trying to use the root account but I get the access denied... Quoting Gary Dale [EMAIL PROTECTED]: [EMAIL PROTECTED] wrote: Im trying to get my Samba Server running. The file sharing works well.. however, when I try to add machines to the domain, I get an error saying Access Denied (On the Windows XP machines...). Im running Samba 2.2.12 on a FreeBSD 5.4 Box. Included is my smb.conf... Are you using the root account password when trying to add the machine? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount uclinux
Hello All, Is there any information other than uclinux-dev mailing list that outlines the proper way to use smbmount on uclinux? I have looked through the mail lists on uclinux-dev and googled everything that I could think of. I have tried every form of the smbmount //windowsbox/share /mnt -o options I can think of. I always get ERRDOS ERRnoaccess (Access Denied). Robert Armenta /table /Pre HTML br br br The information contained in, or attached to, this e-mail, may contain confidential information and is intended solely for the use of the individual or entity to whom they are addressed and may be subject to legal privilege. If you have received this e-mail in error you should notify the sender immediately by reply e-mail, delete the message from your system and notify your system manager. Please do not copy it for any purpose, or disclose its contents to any other person. The views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the company. The recipient should check this e-mail and any attachments for the presence of viruses. The company accepts no liability for any damage caused, directly or indirectly, by any virus transmitted in this email.br br /HTML -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] printer-access not possible after change of dns-name
Hi there, I ran 2 years a perfect samba 2.2.12 on a suse 8 machine, acting as a pdc with w2k-clients. Printing was done with raw-printing over smb to cups (client-side drivers). The old dns-name was server.localnet, the netbios-name server. After changing my internal dns-system to *.example there is no access to my printer (hp photosmart 1000) possible. If I try to access the property-dialoge of my printer, I get an error like this: Error at adress 0x6062c92f (Errorcode 0xc005) An upgrade to 3.0.22 didn't help me. What can I do? server:/etc/samba # cat smb.conf [global] add group script= /usr/sbin/groupadd %g add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u #add user script= /usr/sbin/useradd -d /dev/null -g smbpc -c 'Maschinenkonto' -s /bin/false -M %m$ add user script = /usr/sbin/useradd -m %u add user to group script= /usr/sbin/usermod -G %g %u delete group script = /usr/sbin/groupdel %g delete user script = /usr/sbin/userdel -r %u domain logons = Yes domain master = Yes encrypt passwords = yes idmap gid = 1-2 idmap uid = 1-2 interfaces = 192.168.10.100/255.255.255.0 local master= yes logon drive = H: logon home = \\%L\%U logon path = \\%L\Profiles\%m-%U #logon script = %U.cmd logon script= %m.cmd log file= /var/log/samba/%m log level = 2 map to guest= Bad User os level= 255 #passdb backend = tdbsam, smbpasswd passdb backend = tdbsam preferred master= Yes protocol= NT1 security= user socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=16384 SO_RCVBUF=16384 #socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 time server = yes username map= /etc/samba/smbusers #veto files = /*.eml/*.nws/riched20.dll/*.{*}/ veto files = /*.eml/*.nws/*.{*}/ wins support= yes workgroup = wuerggrub # # Drucker-Ansteuerung # print command = /usr/bin/lp -d%p -oraw %s; rm %s printing= cups printcap name = /etc/printcap load printers = yes # # Zeichensaetze und Names-Konventionen # case sensitive = no default case= lower display Charset = CP850 dos charset = CP850 mangled names = yes preserve case = yes short preserve case = yes # # Share Definitionen # [homes] browseable = Yes comment = Eigene Dateien (Netzwerk) create mask = 0600 directory mask = 0700 hide dot files = yes public = no writeable = yes [netlogon] admin users = domadmin @domadmin comment = Network Logon Service path= /server/netlogon read only = no writeable = yes [Profiles] admin users = domadmin @domadmin browseable = No comment = Network Profiles Service create mode = 0600 directory mode = 0700 nt acl support = yes path= /server/Profiles read only = no writeable = yes [user] admin users = domadmin @domadmin browseable = yes comment = Das User-Volumen create mask = 0666 directory mask = 0777 nt acl support = yes path= /server/freigaben/user public = no read list = @smbusrro writeable = yes #[printers] #comment= All Printers #path = /var/tmp #create mask= 0700 #printable = Yes #browseable = Yes #writeable = Yes [HP] browseable = yes comment = HP PhotoSmart P1000 create mask = 0775 default devmode = no path= /tmp printable = yes printer name= lp public
Re: [Samba] Problems syncing smbpasswd/passwd
Gary Dale wrote: Bernd Pörner wrote: Dear all! Since several days I'm trying to get Samba's unix password sync to work for me, but I still have problems. I'm using the Samba 3.0.22 binaries that come with Ubuntu 6.06 and this is the [global] section of my smb.conf: [global] workgroup = TEST domain logons = yes preferred master = yes wins support = yes username map = /etc/samba/smbusers syslog = 100 add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u' logon path = \\%L\profiles\%U unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n When I'm logged on to my WinXP workstation and try to change my SMB password, Windows hangs, doesn't respond anymore. Im my log.smbd I get the following message: [2006/07/24 13:03:55, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied Any idea how to solve this problem? Cheers Bernd I had the same problem myself. Your passwd chat entry likely doesn't match what your Samba box is looking for. The first part looks OK, but I'd end it with *success*. Without that, you don't get the response. You also could shorten the entry to something like: passwd chat = *Enter*password* %n\n *Retype*password* %n\n *success* The password chat uses expect so the * is any sequence of characters. As long as it sees something it can match without giving a false positive, things should work. I tried as you suggested. When trying to change my password I get the following error message from Windows: You don't have permission to change your password. The log.smbd has the following error messages: [2006/08/15 22:16:38, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied [2006/08/15 22:16:43, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied Any ideas? B. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
SOLVED - Re: [Samba] Problems syncing smbpasswd/passwd
Bernd Pörner wrote: Gary Dale wrote: Bernd Pörner wrote: Dear all! Since several days I'm trying to get Samba's unix password sync to work for me, but I still have problems. I'm using the Samba 3.0.22 binaries that come with Ubuntu 6.06 and this is the [global] section of my smb.conf: [global] workgroup = TEST domain logons = yes preferred master = yes wins support = yes username map = /etc/samba/smbusers syslog = 100 add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u' logon path = \\%L\profiles\%U unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n When I'm logged on to my WinXP workstation and try to change my SMB password, Windows hangs, doesn't respond anymore. Im my log.smbd I get the following message: [2006/07/24 13:03:55, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied Any idea how to solve this problem? Cheers Bernd I had the same problem myself. Your passwd chat entry likely doesn't match what your Samba box is looking for. The first part looks OK, but I'd end it with *success*. Without that, you don't get the response. You also could shorten the entry to something like: passwd chat = *Enter*password* %n\n *Retype*password* %n\n *success* The password chat uses expect so the * is any sequence of characters. As long as it sees something it can match without giving a false positive, things should work. I tried as you suggested. When trying to change my password I get the following error message from Windows: You don't have permission to change your password. The log.smbd has the following error messages: [2006/08/15 22:16:38, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied [2006/08/15 22:16:43, 0] lib/debug.c:reopen_logs(597) Unable to open new log file /var/log/samba/log.smbd: Permission denied I've checked my passwd chat script and found some typos in it. Now it works. Thanks for your help! B. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pam_winbind says I need new password
Hello all, I have a pretty large DC and am using winbind for our linux workstations and im having a preculiar issue. Not all accounts but some...including mine are recieving the pam error to change password. example... ... WARNING: Your password has expired. You must change your password now and login again! Changing password for user msellers. Changing password for msellers (current) NT password: Changing my password works, but reconnecting results in the same prompt, thus going over and over again. Aug 15 16:02:38 ctilinux2 pam_winbind[1081]: user 'msellers' granted access Aug 15 16:02:38 ctilinux2 pam_winbind[1081]: user 'msellers' OK Aug 15 16:02:38 ctilinux2 pam_winbind[1081]: pam_sm_acct_mgmt success but PAM_WINBIND_NEW_AUTHTOK_REQD is set Aug 15 16:02:38 ctilinux2 pam_winbind[1081]: user 'msellers' needs new password Im never able to login with this account. Ive looked at debug 10 of winbind and cant see anything exciting. Ive seen a few posts in the past but no resolutions any ideas? Thanks Much! Matt Sellers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-tools and disabling a user
Hey everyone, When someone leaves the company, I prefer to disable their account rather than remove it (so that you can see who owns any files they might leave on a filesystem somewhere). I'm using an LDAP backend for Samba, and I'm using smbldap-tools to manage accounts. So, today I was going to disable an account for the first time since switching over from plain /etc/passwd and /etc/samba/smbpasswd, and it doesn't seem like there is any tool that can handle both Unix and Samba accounts. Specifically, smbldap-usermod has a -I option, which is described as disable user. It sets the D flag on the Samba account info, but it doesn't have any effect on the RFC 2307 userPassword. I noticed smbldap_tools.pm has a disable_user() sub in it, which is even exported from the module, but nothing calls it, and when I tried calling it myself from a little Perl code, it didn't seem to work. Oh, and I can't really use the straightforward passwd -l command, because I'm using Slackware, which doesn't grok LDAP. I ended up writing a little bash script which uses ldapmodify, which does the job, but I'm wondering if there's a better way that I'm missing. It seems odd that smbldap-useradd supports adding both Unix and Samba accounts, and smbldap-userdel supports deleting both, but smbldap-usermod only supports disabling the Samba half of things... - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind mapping
Help. The environment I work in has Unix LDAP servers AND an Active Directory domain both using different authentication databases (of course) . I would like the Samba service to map winbind users/groups to the already existing UID/GID's in the LDAP server. If this is this possible, can I then be able to use the ACL's through active directory to set permissions (particulary printing permissions since this Samba server will be a print server) on these users/groups? Will I still need kerberos installed and running on the Samba server (I would think so) -- Anni Marie Evanoff Windows System Administrator CST/OIT-Portland State University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] adding samba3 to Active Directory Domain
To Whom It May Concern: I really admire the dedication and effort your group has. I am glad more and more people aren't buying into the Microsoft licensing schemes. Keep up the good work! I would like to add the server I have installed to our Active Directory Domain. We have one Win2003 PDC no subnets very basic stuff. I have read many chapters in the official how to guide and would like to zero in on the appropriate section/s that will allow me to configure this appropriately. All my supervisor would like me to do is create a fileserver where no one has to type in their user name and password again when they click on any of the shares. I have tried (on the test bed) configurations from different chapters and I still get user name and password when I click on the server or share. The Server I have installed is Suse 10.0 enterprise. I would appreciate any help that you can provide. Thank you for your time and I look forward to hearing from you soon! Best regards, Kevin G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Message (Your message dated Tue, 15 Aug 2006 19:36:48...)
Your message dated Tue, 15 Aug 2006 19:36:48 +1100 with subject Test has been submitted to the moderator of the MHTML-L list: Jacob Palme [EMAIL PROTECTED]. PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r17549 - in branches/SOC/sree/ui: .
Author: sree Date: 2006-08-15 06:03:13 + (Tue, 15 Aug 2006) New Revision: 17549 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17549 Log: Add instructions for installing Qooxdoo 0.5.3 for use with SWAT. Completed the New User and User Properties Dialogs. Added: branches/SOC/sree/ui/header_columns_patch branches/SOC/sree/ui/propuser.html Modified: branches/SOC/sree/ui/README branches/SOC/sree/ui/newuser.html Changeset: Sorry, the patch is too large (558 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17549
svn commit: samba r17550 - in branches/SAMBA_3_0/source: groupdb lib
Author: vlendec Date: 2006-08-15 08:05:52 + (Tue, 15 Aug 2006) New Revision: 17550 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17550 Log: Fix a few bugs in the tdb_multikey code. Thanks to tridge for pointing them out. Volker Modified: branches/SAMBA_3_0/source/groupdb/mapping.c branches/SAMBA_3_0/source/lib/tdb_multikey.c Changeset: Modified: branches/SAMBA_3_0/source/groupdb/mapping.c === --- branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-15 06:03:13 UTC (rev 17549) +++ branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-15 08:05:52 UTC (rev 17550) @@ -95,10 +95,10 @@ return NULL; } - result[KEYNUM_SID] = talloc_strdup(mem_ctx, + result[KEYNUM_SID] = talloc_strdup(result, sid_string_static(mapp-sid)); - result[KEYNUM_NAME] = talloc_strdup(mem_ctx, mapp-nt_name); - result[KEYNUM_GID] = talloc_asprintf(mem_ctx, %d, (int)mapp-gid); + result[KEYNUM_NAME] = talloc_strdup(result, mapp-nt_name); + result[KEYNUM_GID] = talloc_asprintf(result, %d, (int)mapp-gid); result[3] = NULL; if ((result[0] == NULL) || (result[1] == NULL) || @@ -109,7 +109,7 @@ } /* name lookups are case insensitive, store the key in upper case */ - strupper_m(result[1]); + strupper_m(result[KEYNUM_NAME]); return result; } Modified: branches/SAMBA_3_0/source/lib/tdb_multikey.c === --- branches/SAMBA_3_0/source/lib/tdb_multikey.c2006-08-15 06:03:13 UTC (rev 17549) +++ branches/SAMBA_3_0/source/lib/tdb_multikey.c2006-08-15 08:05:52 UTC (rev 17550) @@ -159,7 +159,7 @@ if (data.dptr == NULL) { DEBUG(1, (Did not find record %s for key %s\n, prim.dptr, key.dptr)); - status = NT_STATUS_INTERNAL_DB_CORRUPTION; + status = NT_STATUS_NOT_FOUND; goto fail; }
svn commit: samba r17551 - in branches/SAMBA_3_0/source: libads utils
Author: vlendec Date: 2006-08-15 09:53:16 + (Tue, 15 Aug 2006) New Revision: 17551 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17551 Log: Move some DEBUG to d_printf in interactive functions and return NO_LOGON_SERVERS if no domain controller was found. Thanks to Michael Adam [EMAIL PROTECTED]. Volker Modified: branches/SAMBA_3_0/source/libads/ldap.c branches/SAMBA_3_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ldap.c === --- branches/SAMBA_3_0/source/libads/ldap.c 2006-08-15 08:05:52 UTC (rev 17550) +++ branches/SAMBA_3_0/source/libads/ldap.c 2006-08-15 09:53:16 UTC (rev 17551) @@ -287,7 +287,7 @@ goto got_connection; } - return ADS_ERROR_SYSTEM(errno?errno:ENOENT); + return ADS_ERROR_NT(NT_STATUS_NO_LOGON_SERVERS); got_connection: DEBUG(3,(Connected to LDAP server %s\n, inet_ntoa(ads-ldap_ip))); Modified: branches/SAMBA_3_0/source/utils/net_ads.c === --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-08-15 08:05:52 UTC (rev 17550) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-08-15 09:53:16 UTC (rev 17551) @@ -278,7 +278,7 @@ second_time = True; goto retry; } else { - DEBUG(0,(ads_connect: %s\n, ads_errstr(status))); + d_printf(%s.\n, ads_errstr(status)); ads_destroy(ads); return NULL; } @@ -542,7 +542,7 @@ rc = ads_find_user_acct(ads, res, argv[0]); if (!ADS_ERR_OK(rc)) { - DEBUG(0, (User %s does not exist\n, argv[0])); + d_printf(User %s does not exist.\n, argv[0]); ads_destroy(ads); return -1; } @@ -668,7 +668,7 @@ rc = ads_find_user_acct(ads, res, argv[0]); if (!ADS_ERR_OK(rc)) { - DEBUG(0, (Group %s does not exist\n, argv[0])); + d_printf(Group %s does not exist.\n, argv[0]); ads_destroy(ads); return -1; } @@ -769,7 +769,7 @@ } if (!(ctx = talloc_init(net_ads_leave))) { - DEBUG(0, (Could not initialise talloc context\n)); + d_fprintf(stderr, Could not initialise talloc context.\n); return -1; } @@ -1100,7 +1100,7 @@ /* go ahead and setup the default salt */ if ( (std_salt = kerberos_standard_des_salt()) == NULL ) { - DEBUG(0,(net_derive_salting_principal: failed to obtain stanard DES salt\n)); + d_fprintf(stderr, net_derive_salting_principal: failed to obtain stanard DES salt\n); return False; } @@ -1199,7 +1199,7 @@ } if (!(ctx = talloc_init(net_ads_join))) { - DEBUG(0, (Could not initialise talloc context\n)); + d_fprintf(stderr, Could not initialise talloc context.\n); goto fail; } @@ -1240,7 +1240,8 @@ password = talloc_strdup(ctx, tmp_password); if ( net_join_domain( ctx, ads-config.ldap_server_name, ads-ldap_ip, domain_sid, password ) != 0 ) { - d_fprintf(stderr, Failed to join domain!\n); + /* There should be more detailed output here... */ + d_fprintf(stderr, call of net_join_domain failed\n); goto fail; } @@ -1341,6 +1342,8 @@ return 0; fail: + /* issue an overall failure message at the end. */ + d_printf(Failed to join domain!\n); ads_destroy(ads); return -1; }
svn commit: samba r17552 - in branches/SAMBA_3_0/source: .
Author: vlendec Date: 2006-08-15 12:28:23 + (Tue, 15 Aug 2006) New Revision: 17552 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17552 Log: Attempt to fix tdb transactions on IRIX Modified: branches/SAMBA_3_0/source/configure.in Changeset: Modified: branches/SAMBA_3_0/source/configure.in === --- branches/SAMBA_3_0/source/configure.in 2006-08-15 09:53:16 UTC (rev 17551) +++ branches/SAMBA_3_0/source/configure.in 2006-08-15 12:28:23 UTC (rev 17552) @@ -2750,6 +2750,7 @@ SMB_CHECK_SYSCONF(_SC_NPROC_ONLN) SMB_CHECK_SYSCONF(_SC_NPROCESSORS_ONLN) SMB_CHECK_SYSCONF(_SC_PAGESIZE) +AC_CHECK_FUNCS(getpagesize) AC_CACHE_CHECK([for root],samba_cv_HAVE_ROOT,[ AC_TRY_RUN([main() { exit(getuid() != 0); }],
svn commit: samba r17553 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2006-08-15 12:59:46 + (Tue, 15 Aug 2006) New Revision: 17553 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17553 Log: Actually enable the samba3sam module. Should help 'make test'. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk 2006-08-15 12:28:23 UTC (rev 17552) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk 2006-08-15 12:59:46 UTC (rev 17553) @@ -26,7 +26,6 @@ [MODULE::ldb_samba3sam] SUBSYSTEM = ldb INIT_FUNCTION = ldb_samba3sam_module_init -ENABLE = NO OBJ_FILES = \ samba3sam.o #
svn commit: samba r17554 - in branches/SAMBA_3_0/source: . groupdb include lib passdb rpc_server script/tests tdb torture utils
Author: vlendec Date: 2006-08-15 14:07:15 + (Tue, 15 Aug 2006) New Revision: 17554 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17554 Log: Cleanup Removed: branches/SAMBA_3_0/source/lib/tdb_multikey.c branches/SAMBA_3_0/source/torture/local-multikey.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/groupdb/mapping.c branches/SAMBA_3_0/source/include/passdb.h branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/lib/talloc.c branches/SAMBA_3_0/source/passdb/lookup_sid.c branches/SAMBA_3_0/source/passdb/passdb.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/passdb/pdb_ldap.c branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/script/tests/test_smbtorture_s3.sh branches/SAMBA_3_0/source/tdb/tdbutil.c branches/SAMBA_3_0/source/tdb/tdbutil.h branches/SAMBA_3_0/source/torture/local-groupmap.c branches/SAMBA_3_0/source/torture/torture.c branches/SAMBA_3_0/source/utils/net_groupmap.c branches/SAMBA_3_0/source/utils/net_rpc_samsync.c branches/SAMBA_3_0/source/utils/net_sam.c Changeset: Sorry, the patch is too large (3158 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17554
svn commit: samba r17555 - in branches/SAMBA_3_0/source/torture: .
Author: vlendec Date: 2006-08-15 14:09:12 + (Tue, 15 Aug 2006) New Revision: 17555 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17555 Log: Cleanup Removed: branches/SAMBA_3_0/source/torture/local-groupmap.c Changeset: Deleted: branches/SAMBA_3_0/source/torture/local-groupmap.c === --- branches/SAMBA_3_0/source/torture/local-groupmap.c 2006-08-15 14:07:15 UTC (rev 17554) +++ branches/SAMBA_3_0/source/torture/local-groupmap.c 2006-08-15 14:09:12 UTC (rev 17555) @@ -1,340 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Run some local tests for group mapping - Copyright (C) Volker Lendecke 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include includes.h - -#define CHECK_STATUS(_status, _expected) do { \ - if (!NT_STATUS_EQUAL(_status, _expected)) { \ - printf((%d) Incorrect status %s - should be %s\n, \ - __LINE__, nt_errstr(status), nt_errstr(_expected)); \ - goto fail; \ - }} while (0) - -static NTSTATUS create_v2_mapping(struct tdb_context *tdb, - const char *sid, gid_t gid, - enum SID_NAME_USE type, - const char *nt_name, - const char *comment) -{ - TDB_DATA key, data; - NTSTATUS status; - - ZERO_STRUCT(data); - - if (asprintf(key.dptr, UNIXGROUP/%s, sid) 0) { - d_fprintf(stderr, (%s) asprintf failed\n, - __location__); - return NT_STATUS_NO_MEMORY; - } - key.dsize = strlen(key.dptr)+1; - - if (!tdb_pack_append(NULL, data.dptr, data.dsize, ddff, -(uint32)gid, (uint32)type, nt_name, comment)) { - d_fprintf(stderr, (%s) tdb_pack_append failed\n, - __location__); - SAFE_FREE(key.dptr); - return NT_STATUS_NO_MEMORY; - } - - if (tdb_store(tdb, key, data, TDB_INSERT) 0) { - status = map_ntstatus_from_tdb(tdb); - d_fprintf(stderr, (%s) tdb_store failed: %s\n, __location__, - nt_errstr(status)); - SAFE_FREE(key.dptr); - TALLOC_FREE(data.dptr); - return status; - } - - SAFE_FREE(key.dptr); - TALLOC_FREE(data.dptr); - return NT_STATUS_OK; -} - -#define NUM_ENTRIES (50) - -static NTSTATUS create_v2_db(BOOL invalid) -{ - struct tdb_context *tdb; - NTSTATUS status; - int i; - - tdb = tdb_open_log(lock_path(group_mapping.tdb), 0, TDB_DEFAULT, - O_RDWR|O_CREAT, 0600); - if (tdb == NULL) { - d_fprintf(stderr, (%s) tdb_open_log failed: %s\n, - __location__, strerror(errno)); - status = map_nt_error_from_unix(errno); - goto fail; - } - - /* Empty the database */ - tdb_traverse(tdb, tdb_traverse_delete_fn, NULL); - - if (tdb_store_int32(tdb, INFO/version, 2) 0) { - status = map_ntstatus_from_tdb(tdb); - d_fprintf(stderr, (%s) tdb_store_uint32 failed: %s\n, - __location__, nt_errstr(status)); - goto fail; - } - - for (i=1000; i1000+NUM_ENTRIES; i++) { - char *sid, *name; - if (asprintf(sid, S-1-5-21-744032650-3806004166-77016029-%d, -i) 0) { - d_fprintf(stderr, (%s) asprintf failed\n, - __location__); - goto fail; - } - if (asprintf(name, Unix group %d, i) 0) { - d_fprintf(stderr, (%s) asprintf failed\n, - __location__); - SAFE_FREE(sid); - goto fail; - } - status = create_v2_mapping(tdb, sid, (gid_t)i, - SID_NAME_DOM_GRP, name, name); - SAFE_FREE(sid); - SAFE_FREE(name); - CHECK_STATUS(status, NT_STATUS_OK); - } - status =
svn commit: samba r17556 - in branches/SAMBA_3_0/source/libsmb: .
Author: vlendec Date: 2006-08-15 14:18:15 + (Tue, 15 Aug 2006) New Revision: 17556 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17556 Log: Remove duplicate entries. Thanks to Michael Adam [EMAIL PROTECTED] Volker Modified: branches/SAMBA_3_0/source/libsmb/nterr.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/nterr.c === --- branches/SAMBA_3_0/source/libsmb/nterr.c2006-08-15 14:09:12 UTC (rev 17555) +++ branches/SAMBA_3_0/source/libsmb/nterr.c2006-08-15 14:18:15 UTC (rev 17556) @@ -572,7 +572,6 @@ { Unexpected information received,NT_STATUS_INVALID_PARAMETER }, { Memory allocation error,NT_STATUS_NO_MEMORY }, { No domain controllers located, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND }, - { Account locked out, NT_STATUS_ACCOUNT_LOCKED_OUT }, { Named pipe not available, NT_STATUS_PIPE_NOT_AVAILABLE }, { Not implemented,NT_STATUS_NOT_IMPLEMENTED }, { Invalid information class, NT_STATUS_INVALID_INFO_CLASS }, @@ -583,7 +582,6 @@ { No memory, NT_STATUS_NO_MEMORY }, { Buffer too small, NT_STATUS_BUFFER_TOO_SMALL }, { Revision mismatch, NT_STATUS_REVISION_MISMATCH }, - { No logon servers, NT_STATUS_NO_LOGON_SERVERS }, { No such logon session, NT_STATUS_NO_SUCH_LOGON_SESSION }, { No such privilege, NT_STATUS_NO_SUCH_PRIVILEGE }, { Procedure not found,NT_STATUS_PROCEDURE_NOT_FOUND },
svn commit: samba r17557 - in branches/SAMBA_3_0/source/utils: .
Author: vlendec Date: 2006-08-15 14:27:20 + (Tue, 15 Aug 2006) New Revision: 17557 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17557 Log: Change net_join_domain to return NTSTATUS instead of int. Thanks to Michael Adam [EMAIL PROTECTED]. Volker Modified: branches/SAMBA_3_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_ads.c === --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-08-15 14:18:15 UTC (rev 17556) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-08-15 14:27:20 UTC (rev 17557) @@ -887,28 +887,27 @@ Do the domain join / -static int net_join_domain( TALLOC_CTX *ctx, const char *servername, -struct in_addr *ip, DOM_SID **dom_sid, const char *password ) +static NTSTATUS net_join_domain(TALLOC_CTX *ctx, const char *servername, + struct in_addr *ip, DOM_SID **dom_sid, + const char *password) { - int ret = -1; + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; struct cli_state *cli = NULL; - if ( !NT_STATUS_IS_OK(connect_to_ipc_krb5(cli, ip, servername)) ) + ret = connect_to_ipc_krb5(cli, ip, servername); + if ( !NT_STATUS_IS_OK(ret) ) { goto done; + } saf_store( cli-server_domain, cli-desthost ); - if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, dom_sid )) ) + ret = netdom_get_domain_sid( ctx, cli, dom_sid ); + if ( !NT_STATUS_IS_OK(ret) ) { goto done; - - if ( !NT_STATUS_IS_OK(netdom_join_domain( ctx, cli, *dom_sid, - password, ND_TYPE_AD )) ) - { - goto done; } - - ret = 0; + ret = netdom_join_domain( ctx, cli, *dom_sid, password, ND_TYPE_AD ); + done: if ( cli ) cli_shutdown(cli); @@ -1171,6 +1170,7 @@ { ADS_STRUCT *ads = NULL; ADS_STATUS status; + NTSTATUS nt_status; char *machine_account = NULL; const char *short_domain_name = NULL; char *tmp_password, *password; @@ -1239,9 +1239,10 @@ tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); password = talloc_strdup(ctx, tmp_password); - if ( net_join_domain( ctx, ads-config.ldap_server_name, ads-ldap_ip, domain_sid, password ) != 0 ) { - /* There should be more detailed output here... */ - d_fprintf(stderr, call of net_join_domain failed\n); + nt_status = net_join_domain(ctx, ads-config.ldap_server_name, + ads-ldap_ip, domain_sid, password); + if ( !NT_STATUS_IS_OK(nt_status) ) { + d_fprintf(stderr, call of net_join_domain failed: %s\n, nt_errstr(nt_status)); goto fail; }
svn commit: samba r17558 - in branches/SOC/bnh/perl: .
Author: brad Date: 2006-08-15 21:27:22 + (Tue, 15 Aug 2006) New Revision: 17558 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17558 Log: Moved the VM object out of vm_setup.pl and into its own module, VMHost.pm. The behaviour of vm_setup.pl has changed in that it takes a snapshot following a successful initial setup. This way, we can revert to that snapshot if something goes wrong during 'make wintest'. As well, the revert_snapshot() function has been rewritten. It now requires that the VM configuration setting 'When Powering Off' is set to 'Revert to snapshot' (snapshot.action=autoRevert in the guest's .vmx file). This should not be a permanent change, but I'm not sure why the old revert_snapshot() code no longer works for me. Added: branches/SOC/bnh/perl/VMHost.pm Modified: branches/SOC/bnh/perl/initial_setup.conf branches/SOC/bnh/perl/vm_setup.pl Changeset: Sorry, the patch is too large (778 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17558
svn commit: samba r17559 - in branches/SOC/bnh/vbscript: .
Author: brad Date: 2006-08-15 21:32:14 + (Tue, 15 Aug 2006) New Revision: 17559 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17559 Log: Modified win_setup.wsf so that the windows telnet server service starts automatically, rather than manually. This way, if the guest is shutdown and restarted, it does not require user intervention. Modified: branches/SOC/bnh/vbscript/win_setup.wsf Changeset: Modified: branches/SOC/bnh/vbscript/win_setup.wsf === --- branches/SOC/bnh/vbscript/win_setup.wsf 2006-08-15 21:27:22 UTC (rev 17558) +++ branches/SOC/bnh/vbscript/win_setup.wsf 2006-08-15 21:32:14 UTC (rev 17559) @@ -103,10 +103,10 @@ exit function end if - ' Set the telnet service start mode to Manual. + ' Set the telnet service start mode to Automatic. set method = telnet_service.methods_(ChangeStartMode) set inParam = method.inParameters.spawnInstance_() - inParam.startMode = Manual + inParam.startMode = Automatic set error_obj = telnet_service.execMethod_(ChangeStartMode, inParam) if error_obj.returnValue 0 then @@ -115,7 +115,7 @@ start_telnet_service = error_obj.returnValue exit function end if - stdout.writeline Telnet service enabled - Manual start mode. + stdout.writeline Telnet service enabled - Automatic start mode. ' net start telnet set shell = wscript.createObject(wscript.shell)
svn commit: samba r17560 - in branches/SOC/bnh: . build_farm
Author: brad Date: 2006-08-15 21:50:41 + (Tue, 15 Aug 2006) New Revision: 17560 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17560 Log: bnhtest.fns is an example of a hostname.fns file which would be used to run 'make wintest' in the build farm as root. It is basically a stripped down version of generic.fns which only tests the samba4 tree. When it is run with 'make test', the status of the wintest is not shown on the host information status summary at the top of the page. The results are displayed in the Build log output under 'test_windows', and its status is reflected in the summary when make test is not run. If you are interested what it looks like in the build farm, please look at the host bnhtest (Slackware 10.2). Once I commit a corrected make_wintest.patch, this will be more useful. Added: branches/SOC/bnh/build_farm/ branches/SOC/bnh/build_farm/bnhtest.fns Changeset: Added: branches/SOC/bnh/build_farm/bnhtest.fns === --- branches/SOC/bnh/build_farm/bnhtest.fns 2006-08-15 21:32:14 UTC (rev 17559) +++ branches/SOC/bnh/build_farm/bnhtest.fns 2006-08-15 21:50:41 UTC (rev 17560) @@ -0,0 +1,38 @@ + +action_test_windows() { + # rebuild + do_make wintest + w_status=$? + echo WINTEST STATUS: $w_status + return $w_status; +} + +per_run_hook + +system=`uname` + +for compiler in gcc cc icc; do + + # arrgh, which gives no err code on solaris + path=`which $compiler` + if [ -x $path ]; then + +if $compiler -v 21 | grep gcc.version /dev/null; then + isgcc=1 + CFLAGS=-Wall + export CFLAGS +else + CFLAGS= + export CFLAGS + isgcc=0 +fi +if [ $compiler = gcc -o $isgcc = 0 ]; then + + # only attempt samba4 if we have perl + if which perl /dev/null; then +test_tree samba4 source $compiler configure build install test test_windows + fi + +fi + fi +done
svn commit: samba r17561 - in branches/SOC/bnh/perl: .
Author: brad Date: 2006-08-15 21:54:43 + (Tue, 15 Aug 2006) New Revision: 17561 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17561 Log: Two small perl scripts which are used in `make wintest', provided here as straightforward examples of using the VMHost.pm module. Added: branches/SOC/bnh/perl/vm_get_ip.pl branches/SOC/bnh/perl/vm_load_snapshot.pl Changeset: Added: branches/SOC/bnh/perl/vm_get_ip.pl === --- branches/SOC/bnh/perl/vm_get_ip.pl 2006-08-15 21:50:41 UTC (rev 17560) +++ branches/SOC/bnh/perl/vm_get_ip.pl 2006-08-15 21:54:43 UTC (rev 17561) @@ -0,0 +1,48 @@ +#!/usr/bin/perl -w + +# A perl script to connect to a VMware server and get the IP address of a VM. +# Copyright Brad Henry [EMAIL PROTECTED] 2006 +# Released under the GNU GPL v2 or later. + +use VMHost; + +sub check_error { + my $vm = VMHost; + my $custom_err_str = ; + ($vm, $custom_err_str) = @_; + + my ($err_code, $err_str) = $vm-error; + if ($err_code != 0) { + undef $vm; + die $custom_err_str . Returned $err_code: $err_str.\n; + } +} + +# Read in parameters from environment. +my $vm_cfg_path = $ENV{'VM_CFG_PATH'}; +my $host_server_name = $ENV{'HOST_SERVER_NAME'}; +my $host_server_port = $ENV{'HOST_SERVER_PORT'}; +if (!defined($host_server_port)) { + $host_server_port = 902; +} + +my $host_username = $ENV{'HOST_USERNAME'}; +my $host_password = $ENV{'HOST_PASSWORD'}; +my $guest_admin_username = $ENV{'GUEST_ADMIN_USERNAME'}; +my $guest_admin_password = $ENV{'GUEST_ADMIN_PASSWORD'}; + +my $vm = VMHost; + +$vm-host_connect($host_server_name, $host_server_port, $host_username, + $host_password, $vm_cfg_path, $guest_admin_username, + $guest_admin_password); +check_error($vm, Error in \$vm-host_connect().\n); + +my $guest_ip = $vm-get_guest_ip(); +check_error($vm, Error in \$vm-get_guest_ip().\n); + +print $guest_ip; + +undef $vm; + +exit 0; Added: branches/SOC/bnh/perl/vm_load_snapshot.pl === --- branches/SOC/bnh/perl/vm_load_snapshot.pl 2006-08-15 21:50:41 UTC (rev 17560) +++ branches/SOC/bnh/perl/vm_load_snapshot.pl 2006-08-15 21:54:43 UTC (rev 17561) @@ -0,0 +1,46 @@ +#!/usr/bin/perl -w + +# A perl script to connect to a VMware server and revert a VM snapshot. +# Copyright Brad Henry [EMAIL PROTECTED] 2006 +# Released under the GNU GPL v2 or later. + +use VMHost; + +sub check_error { +my $vm = VMHost; + my $custom_err_str = ; + ($vm, $custom_err_str) = @_; + + my ($err_code, $err_str) = $vm-error; + if ($err_code != 0) { + undef $vm; + die $custom_err_str . Returned $err_code: $err_str.\n; + } +} + +# Read in parameters from environment. +my $vm_cfg_path = $ENV{'VM_CFG_PATH'}; +my $host_server_name = $ENV{'HOST_SERVER_NAME'}; +my $host_server_port = $ENV{'HOST_SERVER_PORT'}; +if (!defined($host_server_port)) { + $host_server_port = 902; +} + +my $host_username = $ENV{'HOST_USERNAME'}; +my $host_password = $ENV{'HOST_PASSWORD'}; +my $guest_admin_username = $ENV{'GUEST_ADMIN_USERNAME'}; +my $guest_admin_password = $ENV{'GUEST_ADMIN_PASSWORD'}; + +my $vm = VMHost; + +$vm-host_connect($host_server_name, $host_server_port, $host_username, + $host_password, $vm_cfg_path, $guest_admin_username, + $guest_admin_password); +check_error($vm, Error in \$vm-host_connect().\n); + +$vm-revert_snapshot(); +check_error($vm, Error in \$vm-revert_snapshot().\n); + +undef $vm; + +exit 0;
svn commit: samba r17562 - in branches/SOC/bnh: .
Author: brad Date: 2006-08-15 22:58:39 + (Tue, 15 Aug 2006) New Revision: 17562 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17562 Log: This Samba 4 patch (generated against r17553), is a cleaned up version of the last patch I created to provide a 'make wintest' framework within the Samba 4 build system. Two perl scripts have been added to get the VM guest's IP address (rather than specified in the config file), and revert a VM snapshot on error, using the VMware scripting api's (abstracted by the VMHost.pm module). The vmware server can reside on the build farm host or another system. These scripts are also included in the perl/ subdirectory of my SOC branch. This test does not run by default, and is implied by the bnhtest.fns file at the root of my SOC branch. Modified: branches/SOC/bnh/make_wintest.patch Changeset: Sorry, the patch is too large (944 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17562
svn commit: samba r17563 - in branches/SOC/mkhl: . ejs-map
Author: mkhl Date: 2006-08-15 23:18:20 + (Tue, 15 Aug 2006) New Revision: 17563 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17563 Log: Add a subtree for adding support for ldb_map mappings in ejs. Currently contains incoherent sketches how it might maybe work, someday. Martin Added: branches/SOC/mkhl/ejs-map/ branches/SOC/mkhl/ejs-map/ejs.patch branches/SOC/mkhl/ejs-map/ejs_map.c branches/SOC/mkhl/ejs-map/entryUUID.js branches/SOC/mkhl/ejs-map/entryUUID_support.c branches/SOC/mkhl/ejs-map/ldbMap.js branches/SOC/mkhl/ejs-map/ldb_map.c-privdat.patch branches/SOC/mkhl/ejs-map/ldb_map.h-privdat.patch branches/SOC/mkhl/ejs-map/samba3sam.c-privdat.patch Changeset: Sorry, the patch is too large (892 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17563
Build status as of Wed Aug 16 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-08-15 00:00:20.0 + +++ /home/build/master/cache/broken_results.txt 2006-08-16 00:00:05.0 + @@ -1,18 +1,18 @@ -Build status as of Tue Aug 15 00:00:02 2006 +Build status as of Wed Aug 16 00:00:02 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 ccache 22 4 0 -distcc 22 2 0 +distcc 23 2 0 lorikeet-heimdal 0 0 0 ppp 12 0 0 rsync27 2 0 samba0 0 0 samba-docs 0 0 0 -samba4 35 18 4 -samba_3_031 7 0 -smb-build20 20 0 -talloc 16 4 0 +samba4 35 20 4 +samba_3_031 6 0 +smb-build19 19 0 +talloc 15 4 0 tdb 23 8 0