date:20070330

[Samba] Folder and file dates change

2007-03-30 Thread Rajeev


Hi All

Every now and then--coinciding, I expect, with a share or volume restore of
the server--all the files and folders in MySpace change to the current date.
Thus, while the file may have been created in 1998, last modified on
November 20th, 2004, it will show up as today's date. This is true for ALL
the files and folders in MySpace.

Thanks
Rajeev
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] change password failed

2007-03-30 Thread Shaochun Wang

Hi Cary Dale:

I know what you meant. But that isn't the thing I want. I don't need any
sync from windows passwd to unix password.


On Thu, Mar 29, 2007 at 09:20:33AM -0400, Gary Dale wrote:
 There are 2 things you need to make this work:
 
 1)a passwd chat line with the correct values for your server. Something
 like:
 passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
 *Retype\snew\sUNIX\spassword:* %n\n
 *passwd:\spassword\supdated\ssuccessfully*
 
 2)unix password sync = Yes

-- 
Shaochun Wang(王绍春) [EMAIL PROTECTED]
Laboratory of Computer Science, Institute of Software
Chinese Academy of Science
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] PDC

2007-03-30 Thread Sascha Bieler

Hello,

got some trouble with nameresolution I think, but need some help because auf
starting blindness now.

Server is resolveable by DNS forward and reverse.
Also I set up a WinS server in samba.
nmblookup -A  and smbclient -L servername -N does work

nbtstat -ac does just work with ipaddress and not with name of server, so my
domain is not be found.

Any suggestions?

Best regards


Sascha

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] PDC

2007-03-30 Thread Sascha Bieler

Ok, solved the problem via the Windows Repair Button in network
neighborhood.

G.



 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On
 Behalf Of Sascha Bieler
 Sent: Friday, March 30, 2007 9:33 AM
 To: samba@lists.samba.org
 Subject: [Samba] PDC
 
 Hello,
 
 got some trouble with nameresolution I think, but need some help because
 auf
 starting blindness now.
 
 Server is resolveable by DNS forward and reverse.
 Also I set up a WinS server in samba.
 nmblookup -A  and smbclient -L servername -N does work
 
 nbtstat -ac does just work with ipaddress and not with name of server, so
 my
 domain is not be found.
 
 Any suggestions?
 
 Best regards
 
 
 Sascha
 
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Rebuild Samba Server: Do my XP clients need to rejoin domain?

2007-03-30 Thread Gareth Cummings

I recently did a similar upgrade, moving from Suse 9.3 to 10.2(the 10.2 
was installed on a new machine).  I copied over the relevant files 
(which for me on Suse where /var/lib/samba, /etc/samba, /etc/passwd, 
/etc/group), configured samba on the new box, shutdown the old samba and 
started the new samba and I did not have to rejoin any machine to the 
domain.


Aaron Souza wrote:

All,

I would like to upgrade our Fedora Core 3 Linux server (hosting samba,
among other services) to Cent OS 4.4. However, if I reformat the array
and install Cent OS 4.4 and copy back all the samba files (and other
files), do my Windows XP Clients have to re-join the domain? I ask
this because I have 150 machines and going to each one and leaving the
domian and rejoining essentially the same domain would be a major time
sink.

Has anyone recovered a samba server from a fatal crash (or other
reason) and had any luck with windows xp clients and not having to
go to each client?

Samba Version: 3.0.14

Thanks in advance,

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] How to get mount.cifs to behave like a Windows client?

2007-03-30 Thread Jens Heidbüchel


Hello folks,

we have a samba 3.0.22 running and it serves our windows and linux
clients with shares for home and group directories.

The group share is set up with a preexec script to check the groups of
the connecting user and create symlinks to the corresponding directories
on the file server. The script looks something like that:

#!/bin/bash
# some things here
# $1 is the connecting user
for i in $(groups $1)
do
   ln -s /data/groups/$i .
done

Idea stolen from Samba 3 für Unix/Linux-Administratoren by V. Lendecke
et al.

Now up to my problem: Unix extensions are turned on for our linux
clients and I use mount.cifs to get the home directories. That's all ok.
To mount the group shares I use mount.smbfs, because mount.cifs only
displays the (then dangling) links.

So I heard that smbfs is going to vanish from the kernel and my question
is, if there is any possibility to get mount.cifs behave like a windows
client, which dereferences the links?

Any help welcome. :)

Greets, Jens.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Inter-domain trust relationship AND logon script/ntconfig.pol

2007-03-30 Thread syrius . ml


Hi there,

I'm using an inter-domain trust relationship (DOM-B trusted, DOM-A
trusting, COMP-A=DOM-A computer member).
It works as expected (ish), DOM-B users can logon onto DOM-A
computers.
I'd like to know if it is possible to force login scripts and
ntconfig.pol to be read from the DOM-A pdc server, rather than from
the DOM-B one ?

My setup includes a samba trusted domain and several trusting domains
running (samba, w2ksrv, 2003srv). I don't think it really is a samba
specific question. (i haven't tried with a windows-managed trusted
domain)

We have a ldap server holding more than 2 accounts, I have
installed a samba as a trusted domain so that others can manage their
ressources on their domain, but it appears login scripts 
ntconfig.pol (or gpo for windows trusting domains) can't be delegated.
(they're read from the trusted domain server)

Am I missing something ?
Is it possible to delegate login script/ntconfig.pol for dom-b users
to trusting domain servers ?

Thanks in advance.

-- 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Linux Active Directory Integration Problem

2007-03-30 Thread Brijesh Shukla


Hi,
I am getting the problem to access shared folder when I am using Dual boot
operating System.
Let say I have two operating system on the same machine.
1) XP  and the name of the machine in xp environment is XYZ
2)Cent OS (Linux) and the name of the machine in Linux environment is ABC
both operating system share the same static IP address.

the problem appear when I have logged in my domain using XP OS and restart
the machine in Linux mode.
In Linux mode I can join the domain using net ads join -U user%password
command, it is working fine and
I am getting the message like Join in Domain but when I try to access any
share folder my domain controller
is giving the message  You do not have access right to see the content.
 But if I reboot my domain controller and Linux PC I am able to see my
shared content.

Any idea or guess where I am making mistake?

Thanks  Regards
Brijesh Shukla
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Linux Active Directory Integration Problem

2007-03-30 Thread Jens Heidbüchel


Brijesh Shukla schrieb:

Hi,
I am getting the problem to access shared folder when I am using Dual boot
operating System.
Let say I have two operating system on the same machine.
1) XP  and the name of the machine in xp environment is XYZ
2)Cent OS (Linux) and the name of the machine in Linux environment is ABC
both operating system share the same static IP address.

the problem appear when I have logged in my domain using XP OS and restart
the machine in Linux mode.
In Linux mode I can join the domain using net ads join -U user%password
command, it is working fine and
I am getting the message like Join in Domain but when I try to access any
share folder my domain controller
is giving the message  You do not have access right to see the content.
 But if I reboot my domain controller and Linux PC I am able to see my
shared content.

Any idea or guess where I am making mistake?

Thanks  Regards
Brijesh Shukla


Hi Brijesh,

the machine account, which is created by joining the domain is 
overwritten by another when joining the domain with samba and the 
Windows Client key does not fit to the machine account anymore. We 
have several notebooks which had the same problem.


We solve it by giving the dual boot system another netbios name, so that 
smb.conf looks like that:


netbios name = machinename_l
netbios aliases = machinename

By joining the domain the machine account is created for machinename_l 
and does not touch the original Windows machine account. The alias is 
therefore, that the machine can be accessed with it's original name when 
booted in Linux.



Greets, Jens

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Linux Active Directory Integration Problem

2007-03-30 Thread Jens Heidbüchel


Jens Heidbüchel schrieb:

Brijesh Shukla schrieb:

Hi,
I am getting the problem to access shared folder when I am using Dual 
boot

operating System.
Let say I have two operating system on the same machine.
1) XP  and the name of the machine in xp environment is XYZ
2)Cent OS (Linux) and the name of the machine in Linux environment is 
ABC

both operating system share the same static IP address.

the problem appear when I have logged in my domain using XP OS and 
restart

the machine in Linux mode.
In Linux mode I can join the domain using net ads join -U user%password
command, it is working fine and
I am getting the message like Join in Domain but when I try to 
access any

share folder my domain controller
is giving the message  You do not have access right to see the content.
 But if I reboot my domain controller and Linux PC I am able to see my
shared content.

Any idea or guess where I am making mistake?

Thanks  Regards
Brijesh Shukla


Hi Brijesh,

the machine account, which is created by joining the domain is 
overwritten by another when joining the domain with samba and the 
Windows Client key does not fit to the machine account anymore. We 
have several notebooks which had the same problem.


We solve it by giving the dual boot system another netbios name, so that 
smb.conf looks like that:


netbios name = machinename_l
netbios aliases = machinename

By joining the domain the machine account is created for machinename_l 
and does not touch the original Windows machine account. The alias is 
therefore, that the machine can be accessed with it's original name when 
booted in Linux.



Greets, Jens



Upps. I'm sorry. I overread that the two os'es have different names.

Ignore me. :)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dueling master browsers...

2007-03-30 Thread Chris Smith

On Thursday 29 March 2007, Chris Smith wrote:
 On the client:
 Set:
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters
   IsDomainMaster False

Adding to this. Set both of these under that same tree:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Browser\Parameters
IsDomainMaster FALSE
MaintainServerList Disabled


I had to do this on a laptop that was not joined to the domain but was in the 
same workgroup. It was running XP Media Center and it just wouldn't let Samba 
remain the master browser (despite an OS level of 255).

Probably most important is to make sure that the client(s) are really using 
your WINS server (DHCP should assign this) - ipconfig -all will provide 
this info.

Then use nbtstat -R and/or nbtstat -RR to reload/ReleaseRefresh the cache. 
May want to reboot the client as well.

Chris

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dueling master browsers...

2007-03-30 Thread Herb Lewis


most often I have seen the dueling master browsers because a
windows machine is running with both TCP/IP and NetBEUI
protocol enabled. Browser elections take place on all
protocols enabled. Since Samba does not respond to the NetBEUI
elections the windows machine will win that one no matter what
OS level is set for Samba. The windows machines have this nasty
habit of thinking if they won one election they should win them
all so they will force another election on TCP/IP. Lather, rinse
and repeat. :-)

Chris Smith wrote:

On Thursday 29 March 2007, Chris Smith wrote:


On the client:
Set:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters
 IsDomainMaster False



Adding to this. Set both of these under that same tree:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Browser\Parameters
IsDomainMaster FALSE
MaintainServerList Disabled


I had to do this on a laptop that was not joined to the domain but was in the 
same workgroup. It was running XP Media Center and it just wouldn't let Samba 
remain the master browser (despite an OS level of 255).


Probably most important is to make sure that the client(s) are really using 
your WINS server (DHCP should assign this) - ipconfig -all will provide 
this info.


Then use nbtstat -R and/or nbtstat -RR to reload/ReleaseRefresh the cache. 
May want to reboot the client as well.


Chris


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dueling master browsers...

2007-03-30 Thread Vickie L. Kidder

Changing these registry settings on Windows machines eliminated this 
problem for us.

HKEY_LOCAL_MACHINE  SYSTEM  CurrentControlSet  Services  Browser  
Parameters 
MaintainServerList = No
IsDomainMaster = FALSE





Eric Knudstrup [EMAIL PROTECTED] 
Sent by: [EMAIL PROTECTED]
03/29/2007 04:14 PM

To
samba@lists.samba.org
cc

Subject
Re: [Samba] Dueling master browsers...






[EMAIL PROTECTED] wrote:

 Subject:
 Re: [Samba] Dueling master browsers...
 From:
 Tim Boneko [EMAIL PROTECTED]
 Date:
 Wed, 28 Mar 2007 20:39:16 +0200
 To:
 samba@lists.samba.org

 To:
 samba@lists.samba.org


 Eric Knudstrup schrieb:

 
 Server NITIN at IP 192.168.1.126 is announcing itself as a local master
 browser for workgroup DVC and we think we are master. Forcing election.
 Mar 27 09:10:05 macallan nmbd[3481]: [2007/03/27 09:10:05, 0]
 nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
 Mar 27 09:10:05 macallan nmbd[3481]:   *
 Mar 27 09:10:05 macallan nmbd[3481]:  Mar 27 09:10:05 macallan
 nmbd[3481]:   Samba name server MACALLAN has stopped being a local
 master browser for workgroup DVC on subnet 192.168.1.2
 


 
 os level = 255 
 


 Tell the dork with the XP machine to stop that. YOU are the network's
 master, aren't you? (Pity if not...)
 AFAIK he must have tweaked his registry for that, but i'm not completely
 sure.

timbo
 
I don't think so.  There are a couple of machines that insist on it. 
Both of them are the guys who aren't logged into the domain.
This machine is also dual homed - wireless and wired ethernet.
I even have the DHCP server setting macallan as the WINS server.  Is 
there any way *I* can tweak the registry to disable them from announcing 
themselves as the master browser?
I think I've tried just about everything on the PDC to disable this...

Eric
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dueling master browsers...

2007-03-30 Thread Chris Smith

On Friday 30 March 2007, Herb Lewis wrote:
 most often I have seen the dueling master browsers because a
 windows machine is running with both TCP/IP and NetBEUI
 protocol enabled.

Interesting observation, and I'll keep that in mind for the future. Although 
this wasn't the case on the aforementioned XP Media Center laptop. It's odd 
these days to find a system running NetBEUI, not to say that it doesn't 
happen, but unlike yesteryear it's not part of a default install.

I am a little suspicious about the Media Center editions having a few extra 
tweaks in this area. Seems Samba should not lose these elections by default.

Chris
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] error was re: disappearing printer drivers

2007-03-30 Thread Dave


Hello,
   Adding to my previous msg, debug level 7 finally gave me some output. In 
my smbd.log i am seeing the following whenever i try to upload printer 
drivers:


getpeername failed. error was transport endpoint is not connected

I've looked in to other methods of doing this, imprints doesn't seem to be 
supported, cupsaddsmb won't work with vendor supplied drivers, and to date i 
haven't been brave enough to try out rpcclient, i'm not sure of the syntax 
and have concerns about the case of these drivers. So, i need to get this 
working. If anyone has seen this error i'd appreciate any suggestions.

Thanks.
Dave.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Vista Roaming Profiles and GPMC.MSC

2007-03-30 Thread Tom Robinson


Hi All

Our company got a Windows Vista installed laptop even though we ordered 
it with XP. Now I'm faced with the task of integrating the beast into 
our samba controlled domain. Something I was hoping to delay for some time.


Our PDC is samba 2.2.8a with openldap 2.1.4
We also have a Domain Member Server running samba 3.0.10.

There is a document on the Microsoft site that I downloaded 
(http://www.microsoft.com/downloads/details.aspx?FamilyID=311f4be8-9983-4ab0-9685-f1bfec1e7d62DisplayLang=en) 
explaining how to do folder redirection so that at least some of the 
XP/Vista profile will roam. To do this you have to logon to Vista as a 
Domain User and run GPMC.MSC. The problem is that, even though I logon 
as a domain user (DOMAIN\user) the GPMC.MSC issues the warning:


 To manage Group Policy, you must log on to the computer with a domain 
user account.


With samba 2.2.8a we have no Domain Users group. Could this be the 
problem? How would I add this group to the PDC?


Is there a workaround for this?

Any help is appreciated.

Thanks,

Tom

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Vista Roaming Profiles and GPMC.MSC

2007-03-30 Thread Tom Robinson

Hi All

Our company got a Windows Vista installed laptop even though we ordered
it with XP. Now I'm faced with the task of integrating the beast into
our samba controlled domain. Something I was hoping to delay for some time.

Our PDC is samba 2.2.8a with openldap 2.1.4
We also have a Domain Member Server running samba 3.0.10.

There is a document on the Microsoft site that I downloaded
(http://www.microsoft.com/downloads/details.aspx?FamilyID=311f4be8-9983-4ab0-9685-f1bfec1e7d62DisplayLang=en)
explaining how to do folder redirection so that at least some of the
XP/Vista profile will roam. To do this you have to logon to Vista as a
Domain User and run GPMC.MSC. The problem is that, even though I logon
as a domain user (DOMAIN\user) the GPMC.MSC issues the warning:

To manage Group Policy, you must log on to the computer with a domain
user account.

With samba 2.2.8a we have no Domain Users group. Could this be the
problem? How would I add this group to the PDC?

Is there a workaround for this?

Any help is appreciated.

Thanks,

Tom

--
Tom Robinson
Systems Administrator

Intelligent Space
Parchment House
13 Northburgh Street
London
EC1V 0JP
t: 020 7014 5980
f: 020 7014 5981
e: [EMAIL PROTECTED]
w: http://www.intelligentspace.com

The information in this e-mail and any attachment is confidential. It
isintended only for the named recipient(s). If you are not a named
recipient please notify the sender immediately and then delete it
without disclosing the contents to another person or taking copies.

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Roaming Profiles and GPMC.MSC

2007-03-30 Thread Robert Schetterer

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tom Robinson schrieb:
Hi All

Our PDC is samba 2.2.8a with openldap 2.1.4
We also have a Domain Member Server running samba 3.0.10.

To manage Group Policy, you must log on to the computer with a domain
user account.

With samba 2.2.8a we have no Domain Users group. Could this be the
problem? How would I add this group to the PDC?

Is there a workaround for this?

Any help is appreciated.

Thanks,

Tom

Hi Tom, i dont think you will get vista to join a samba 2.2.8a pdc
domain, at my tests upgrade to samba latest was needed to handle vista
in a minimum, the adm format ( policies ) changed in vista its now called
admx, after all a simply folder redirect reg patch should work in vista
include it as local admin,
i would recommend setup win xp, and wait for stabelizing vista, in mean
time upgrade your samba setup to latest.
But maybe someone else can give you more advice handle vista, my tests
where very basic, cause i will not implement vista anywhere in the next
year, and will not sombody advice to do so.

- --
Mit freundlichen Gruessen
Best Regards

Robert Schetterer

https://www.schetterer.org
Munich/Bavaria/Germany
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGDTXjfGH2AvR16oERAjmtAJ9HfVHp2+yZTqQugQmU8IbKcdVkuwCcD25Z
YVTCYFZmfiejB4iSVQhXHtA=
=rrYB
-END PGP SIGNATURE-

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Roaming Profiles and GPMC.MSC

2007-03-30 Thread Tom Robinson

Robert Schetterer wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tom Robinson schrieb:

Hi All

Our PDC is samba 2.2.8a with openldap 2.1.4
We also have a Domain Member Server running samba 3.0.10.

To manage Group Policy, you must log on to the computer with a domain
user account.

With samba 2.2.8a we have no Domain Users group. Could this be the
problem? How would I add this group to the PDC?

Is there a workaround for this?

Any help is appreciated.

Thanks,

Tom

- --
Mit freundlichen Gruessen
Best Regards

Robert Schetterer

https://www.schetterer.org
Munich/Bavaria/Germany
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGDTXjfGH2AvR16oERAjmtAJ9HfVHp2+yZTqQugQmU8IbKcdVkuwCcD25Z
YVTCYFZmfiejB4iSVQhXHtA=
=rrYB
-END PGP SIGNATURE-

Hi Robert,

Thanks for your reply.

Surprisingly I have the Vista box already joined to the domain. It
authenticates to the PDC and logs on sucessfully. So I suspect a problem
elsewhere in the 2.2.8a config or LDAP.

I can't upgrade so simply on the server as it is the main authentication
for the entire domain. It is scheduled for upgrade later this year. The
new Vista laptop is for one of our directors and he wants it working
now. :-/

I'm not sure what you mean with the reg patch and the admx files. This
sounds like a workaround that may work for me. How do I integrate the
admx and reg patches into vista?

Regards,

Tom

--
Tom Robinson
Systems Administrator

Intelligent Space
Parchment House
13 Northburgh Street
London
EC1V 0JP
t: 020 7014 5980
f: 020 7014 5981
e: [EMAIL PROTECTED]
w: http://www.intelligentspace.com

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

[Samba] getent group shows me twice user id in a group

2007-03-30 Thread Allen Chen


Hi Samba list,

I have a Linux Samba PDC file server with a separate ldap machine backend.
Every thing works perfect. but the problem is that when I do a command 
on the samba server:

   # getent group | grep 1033
It gives me:
   gname:x:1033:usr1,usr2,usr1,usr2,usr3
Some of the user ids show up twice. Why?
I checked ldap database and found that usr1,usr2 and usr3 show up only 
once in memberUid.

All of them do not exist in /etc/passwd and /etc/group files.

Software used:
RedHat ES v4  2.6.9-5.ELsmp
Samba 3.0.22

My nsswitch.conf on samba server looks like:
passwd: files ldap
shadow:files ldap
group:   files ldap
hosts:files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:   files
netmasks:  files
networks:  files
protocols:  files ldap
rpc:   files
services:files ldap
netgroup:   files ldap
publickey:  nisplus
automount: files ldap
aliases:   files nisplus

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: ham,[Samba] error was re: disappearing printer drivers

2007-03-30 Thread Dale Schroeder


Dave,

See if either of these two links are able to help you:

http://readlist.com/lists/lists.samba.org/samba/0/1622.html
http://blog.aplpi.com/

Good luck,

Dale

Dave wrote:

Hello,
   Adding to my previous msg, debug level 7 finally gave me some 
output. In my smbd.log i am seeing the following whenever i try to 
upload printer drivers:


getpeername failed. error was transport endpoint is not connected

I've looked in to other methods of doing this, imprints doesn't seem 
to be supported, cupsaddsmb won't work with vendor supplied drivers, 
and to date i haven't been brave enough to try out rpcclient, i'm not 
sure of the syntax and have concerns about the case of these drivers. 
So, i need to get this working. If anyone has seen this error i'd 
appreciate any suggestions.

Thanks.
Dave.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] error was re: disappearing printer drivers

2007-03-30 Thread Chris Smith

On Friday 30 March 2007, Dave wrote:
 I've looked in to other methods of doing this, imprints doesn't seem to be
 supported, cupsaddsmb won't work with vendor supplied drivers, and to date
 i haven't been brave enough to try out rpcclient, i'm not sure of the
 syntax and have concerns about the case of these drivers. So, i need to get
 this working. If anyone has seen this error i'd appreciate any suggestions.

To install vendor supplied Windows drivers from Windows clients using cups and 
samba create a raw queue in cups for the printer, reload samba so that it is 
aware of the printer. Make sure that use client driver is the default value 
of no (testparm -sv | grep 'use client'). Then carefully follow the 
instructions in the classical print section of the howto (yes, works just 
fine for cups):
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/classicalprinting.html#id358732

If you have the proper rights all should be fine.

Chris
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Beta IE7 Policy Template

2007-03-30 Thread Mike Petersen

Hi all,

Just finished all of the annoyance issues with IE7 and started putting
together an IE7 policy template for System Policy Editor.  This is just
a beta release I guess.  

Get it Here:

http://files.pcc-services.com/files/samba/ie7beta1.adm

Here is what I included so far:

- Always Show Menu bar
- Set Menubar to Top Position

These two basically make IE7 look more like IE6 - most users will
probably beg you to set these.

- Set Google as Default Search

Can't stand Live Search, this will make Google the default search for
the Search Bar

- Disable First Run Wizard

This one will disable the stupid wizard that EVERY user normally has to
go through

- Disable Phishing Filter

This one disables the Phishing junk altogether - I could add more
options to this one, but I think the Phishing filter for IE7 is such a
privacy concern that I decided just to disable it. (When enabled every
site you go to is transmitted back to Microsoft)

- Disable Language Bar

When you install IE7 the language bar automatically gets added to the
taskbar, this will allow you to turn it off completely (the language bar
is also automatically added if you install Office 2003 and above).

What needs to be done yet:

- I will comment these policies once completed

- Setting the default Home Page still does not work

The IE6 Policy will not work with IE7, it just goes to some Microsoft
Site, still trying to figure this out.

- Setting Security Issues

I will add policies to disable access to certain Internet Options
tabs, although I probably won't waste time in going into disabling
certain preferences (just disable the whole tab).


I am probably going to be gone this weekend, but if you want anything
else added to this policy please reply to the list or email me directly.

Mike Petersen
[EMAIL PROTECTED]


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] error was re: disappearing printer drivers

2007-03-30 Thread Dave


Hello,
   My thanks to everyone so far who have offered suggestions. I have made a 
second print queue in cups, this time a raw queue, ensured that the samba 
user who is adding the drivers from the windows box has the permissions to 
do so, and tried using the apw to again add drivers. This time i'm getting 
some errors although the files aren't going, it's like they're again 
disappearing. I'm getting some service connect errors and am not sure if 
they're even relevant to the issue. Any other suggestions please keep them 
coming. Errors below.

Thanks.
Dave.

[2007/03/30 17:49:12, 1] param/loadparm.c:lp_do_parameter(3426)
 WARNING: The printer admin option is deprecated
[2007/03/30 17:50:14, 1] smbd/ipc.c:api_fd_reply(290)
 api_fd_reply: INVALID PIPE HANDLE: 706c
[2007/03/30 17:50:22, 0] smbd/service.c:make_connection()
 satellite (192.168.0.2) couldn't find service 
::{2227a280-3aea-1069-a2de-08002b30309d}


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Linux Active Directory Integration Problem

2007-03-30 Thread Doug VanLeuven




Brijesh Shukla wrote:


Hi,
I am getting the problem to access shared folder when I am using Dual boot
operating System.
Let say I have two operating system on the same machine.
1) XP  and the name of the machine in xp environment is XYZ
2)Cent OS (Linux) and the name of the machine in Linux environment is ABC
both operating system share the same static IP address.


Try (if possible) using a different IP address for each machine
to eliminate caching issues.

Doug

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] AutoCAD / file lock problem / Samba 3.0.10

2007-03-30 Thread Jeremy Allison

On Thu, Mar 15, 2007 at 04:29:08PM +0100, Marc Rechté wrote:
 Hi,
 
 I am facing a similar problem to what I faced sometime ago with Excel 11 
 when saving a modified xls file on a smb share: the application was 
 saying the file is already used by another user (although this was not 
 the case). The Excel problem was solved by adding a registry string 
 somewhere in Excel registry key (documented in the Microsoft knowledge 
 base).
 
 Now we are facing the same problem with AutoCAD. After having loaded 
 one's file for editing, it complains that the file is already used when 
 trying to save it. If trying several times to save the file, it will 
 eventually get through and save it without complaining !
 
 Seems there are several file lock problems with AutoCAD when searching 
 the list archives.
 
 Is there a solution, either in the Windows registry or in the smb.conf a 
 solution to that problem ?
 
 This is a serious problem at my client's site especially they mostly use 
 AutoCAD as their primary business tool...
 
 Many thanks for any help.

We've fixed several bugs w.r.t. Excel integration since 3.0.10.
I'd suggest testing the latest stable release (3.0.24) and seeing
if you can reproduce the problem.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Volker Lendecke

On Fri, Mar 30, 2007 at 11:09:17AM +0200, Stefan (metze) Metzmacher wrote:
 So I think it would be much better to use the vuid as enc-ctx,
 but check for each call to a specific tid that the call was encrypted
 or not. And maybe also allow plain requests with the vuid, or force the
 client to create a new vuid for plain traffic.

Full ack from here. Key generation is a per-session setup
thing, so the encryption context should be the same.

The fact that we have contexts broken in Samba3 should not
influence the design ;-)

Volker


pgpKkNk0hWEkj.pgp
Description: PGP signature

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Stefan (metze) Metzmacher

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Andrew Bartlett schrieb:
 I agree that the trans2 stuff is ugly, but at least it is in an already
 reserved space in the protocol.  Whatever we do, we should continue to
 allow a re-key modal (despite the issues it then has with credentials
 expiring/passwords changing).

We could also create a new call at SMB level maybe SMBsesssetup2?

There're a lot of free message numbers. Are there also some ranges
defined? Or were the number randomly picked by the first implementor of
a call?

metze
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGDNuvm70gjA5TCD8RApINAJ0YrlrEoTWDMqPkAgnNmnzMJ5WCTQCgxfd2
47HOznxArhbxAT8GyVIdlUE=
=+3fP
-END PGP SIGNATURE-

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Volker Lendecke

On Fri, Mar 30, 2007 at 11:43:11AM +0200, Stefan (metze) Metzmacher wrote:
 We could also create a new call at SMB level maybe SMBsesssetup2?
 
 There're a lot of free message numbers. Are there also some ranges
 defined? Or were the number randomly picked by the first implementor of
 a call?

Naa, I would not go there. If we have to pass stuff through
trans2, that's what it costs.

Volker


pgpIiCp0rjSgM.pgp
Description: PGP signature

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Stefan (metze) Metzmacher

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Stefan (metze) Metzmacher schrieb:
 So I think it would be much better to use the vuid as enc-ctx,
 but check for each call to a specific tid that the call was encrypted
 or not. And maybe also allow plain requests with the vuid, or force the
 client to create a new vuid for plain traffic.

and for replies without vuid (oplock breaks) we should use the same
context as used by smb signing (first session setup wins).

does smb signing still work when the first vuid is closed?

metze
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGDOXRm70gjA5TCD8RAqzxAJ0R1OyS4LlKnwILHqBkTwEH7FCmbQCgg3Lx
7GV13/Z6M96MJzAi4U3pBu8=
=JFzT
-END PGP SIGNATURE-

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Stefan (metze) Metzmacher

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Volker Lendecke schrieb:
 On Fri, Mar 30, 2007 at 11:43:11AM +0200, Stefan (metze) Metzmacher wrote:
 We could also create a new call at SMB level maybe SMBsesssetup2?

 There're a lot of free message numbers. Are there also some ranges
 defined? Or were the number randomly picked by the first implementor of
 a call?
 
 Naa, I would not go there. If we have to pass stuff through
 trans2, that's what it costs.

Then I'd say it should be a trans2 call on the IPC$ share.

Is that trans2 call a replacement for the session setup?
or is it just an 'switch on encryption for the next request'
on the already created gssapi session?

metze
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGDOcwm70gjA5TCD8RAkE1AJ9GbYPcO9kp5bh0sWTl0dVllJuNKwCgroN7
P3YztByDabafdRyajWJCwi8=
=o1fg
-END PGP SIGNATURE-

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Jeremy Allison

On Fri, Mar 30, 2007 at 11:09:17AM +0200, Stefan (metze) Metzmacher wrote:
 
 So I think it would be much better to use the vuid as enc-ctx,
 but check for each call to a specific tid that the call was encrypted
 or not. And maybe also allow plain requests with the vuid, or force the
 client to create a new vuid for plain traffic.

Yep, after chatting with Andrew Bartlett I agree.

 And for the case vuid == enc-ctx we can better add a new session setup
 variant instead of using a trans2 call.

As soon as you clear that with Microsoft, then we're good to go
on that one Metze. :-).

Jeremy.

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Jeremy Allison

On Fri, Mar 30, 2007 at 11:43:11AM +0200, Stefan (metze) Metzmacher wrote:
 
 We could also create a new call at SMB level maybe SMBsesssetup2?
 
 There're a lot of free message numbers. Are there also some ranges
 defined? Or were the number randomly picked by the first implementor of
 a call?

A lesson in SMB politics. The top level numbers are defined by
Microsoft who reserve the right to allocate new ones at any
time and for any reason. The space *we* have reserved to allocate
from is the trans2 space defined in the UNIX extensions. We
can't create new calls at the SMB level.

Jeremy.

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Jeremy Allison

On Fri, Mar 30, 2007 at 12:32:16PM +0200, Stefan (metze) Metzmacher wrote:

 Then I'd say it should be a trans2 call on the IPC$ share.

Yep, that's what we decided on.

 Is that trans2 call a replacement for the session setup?
 or is it just an 'switch on encryption for the next request'
 on the already created gssapi session?

It's a replacement for the session setup in creating an
encryption context.

Jeremy.

Re: svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

2007-03-30 Thread Volker Lendecke

On Fri, Mar 30, 2007 at 09:36:11AM -0700, Jeremy Allison wrote:
 A lesson in SMB politics. The top level numbers are defined by
 Microsoft who reserve the right to allocate new ones at any
 time and for any reason. The space *we* have reserved to allocate
 from is the trans2 space defined in the UNIX extensions. We
 can't create new calls at the SMB level.

How much is that BTW? We might have to reserve a sub-trans
32 bit soon if the development continues at the current pace
:-)

Volker


pgpnzWxMm3pV9.pgp
Description: PGP signature

Rev 5313: merge from upstream in http://samba.sernet.de/ma/bzr/SAMBA_3_0-registry.bzr/

2007-03-30 Thread Michael Adam

At http://samba.sernet.de/ma/bzr/SAMBA_3_0-registry.bzr/


revno: 5313
revision-id: [EMAIL PROTECTED]
parent: [EMAIL PROTECTED]
parent: [EMAIL PROTECTED]
committer: Michael Adam [EMAIL PROTECTED]
branch nick: SAMBA_3_0-registry.bzr
timestamp: Fri 2007-03-30 22:34:06 +0200
message:
  merge from upstream
modified:
  REVISION   REVISION-20060530022625-68239662668b41c3
  source/Makefile.in Makefile.in-20060530022626-b16dac2328ebe703
  source/auth/auth.c auth.c-20060530022627-0865681abfd2872c
  source/auth/auth_ntlmssp.c auth_ntlmssp.c-20060530022627-f744dd7847855295
  source/auth/auth_util.cauth_util.c-20060530022627-f9a3e5940d409fe9
  source/client/client.c client.c-20060530022627-a5e98bdfdd1ca9d9
  source/client/clitar.c clitar.c-20060530022627-e189af4ba0a2289b
  source/groupdb/mapping_tdb.c   mapping_tdb.c-20060924130026-az0qb9gyg33leshz-1
  source/include/client.hclient.h-20060530022627-f51e99ba840436e5
  source/include/includes.h  includes.h-20060530022627-d1a059a99c05e8be
  source/include/trans2.htrans2.h-20060530022627-ff896a707ae81fc0
  source/include/util_tdb.h  util_tdb.h-20061021025433-i0dxsjereh6bu8u7-1
  source/intl/lang_tdb.c lang_tdb.c-20060530022627-b86eb16f840ce3e7
  source/lib/gencache.c  gencache.c-20060530022627-c858f466111a3ae0
  source/lib/ldb/ldb_tdb/ldb_pack.c 
ldb_pack.c-20060924130013-wfsw0zps5y9p71dq-56
  source/lib/ldb/ldb_tdb/ldb_tdb.c ldb_tdb.c-20060924130013-wfsw0zps5y9p71dq-62
  source/lib/messages.c  messages.c-20060530022627-fcc341b253a85c20
  source/lib/privileges.cprivileges.c-20060530022627-dcf14febf91e0143
  source/lib/sharesec.c  sharesec.c-20060530090213-46cb22d7f55a32fe
  source/lib/util.c  util.c-20060530022627-d569af0e687a4dd3
  source/lib/util_sock.c util_sock.c-20060530022627-30f22f2d8b038b4b
  source/lib/util_tdb.c  util_tdb.c-20061021025435-o3vr4t381qf9lv7e-1
  source/libads/ads_status.c ads_status.c-20060530022627-7d57be87f7b83055
  source/librpc/ndr/ndr_basic.c  ndr_basic.c-20060908151645-5zx7mkkabpiwuown-8
  source/libsmb/cliconnect.c cliconnect.c-20060530022627-fb16a3a9bd86c44d
  source/libsmb/clientgen.c  clientgen.c-20060530022627-3aad65ce54001b6b
  source/libsmb/clifsinfo.c  clifsinfo.c-20060530022627-9360212d14f20006
  source/libsmb/clikrb5.cclikrb5.c-20060530022627-20af6b3ec85369b2
  source/libsmb/clirap.c clirap.c-20060530022627-ec81fdd89a06c9ea
  source/libsmb/errormap.c   errormap.c-20060530022627-f469e8a07ae28ddc
  source/libsmb/ntlm_check.c ntlm_check.c-20060530022627-0315fd3d850287af
  source/libsmb/ntlmssp.cntlmssp.c-20060530022627-02a546ec2ea73b92
  source/libsmb/ntlmssp_sign.c   ntlmssp_sign.c-20060530022627-43be47dcc067106b
  source/libsmb/samlogon_cache.c 
samlogon_cache.c-20060530081558-752eb588cc2c12ab
  source/libsmb/smb_seal.c   smb_seal.c-20070317050048-jthijp4m79ic4h3q-1
  source/libsmb/smb_share_modes.c 
smb_share_modes.c-20060530073738-d37c371a41d3c54a
  source/libsmb/smb_signing.csmb_signing.c-20060530022627-1e3c4643957ae652
  source/libsmb/smbencrypt.c smbencrypt.c-20060530022627-705bc568ea0cfac8
  source/libsmb/unexpected.c unexpected.c-20060530022627-d0a5ae1af8291fe8
  source/locking/brlock.cbrlock.c-20060530022627-3b8aec140997e136
  source/locking/locking.c   locking.c-20060530022627-4f229d47402340bb
  source/locking/posix.c posix.c-20060530022627-997d33ad43f0bd3e
  source/nmbd/nmbd_processlogon.c 
nmbd_processlogon.c-20060530022627-ba032f504f8ff80c
  source/nmbd/nmbd_winsserver.c  
nmbd_winsserver.c-20060530022627-e309a34b4ec33413
  source/nsswitch/idmap_cache.c  idmap_cache.c-20061212152803-7ux8tgbe0zeiy4lo-1
  source/nsswitch/idmap_tdb.cidmap_tdb.c-20061212152807-vd9wgefsa63jj0is-1
  source/nsswitch/winbindd_cache.c 
winbindd_cache.c-20060530022627-45b83e217d38566d
  source/nsswitch/winbindd_creds.c 
winbindd_creds.c-20060530090222-aa656dc47583d789
  source/nsswitch/winbindd_pam.c winbindd_pam.c-20060530022627-6b827f2f7ba30f85
  source/passdb/login_cache.clogin_cache.c-20060530022627-7ffc4691617a4899
  source/passdb/passdb.c passdb.c-20060530022627-6eeb9667474b279d
  source/passdb/pdb_smbpasswd.c  pdb_smbpasswd.c-20060530022627-4a7de86c04ba05b6
  source/passdb/pdb_tdb.cpdb_tdb.c-20060530022627-b60f9dcd220e2886
  source/passdb/secrets.csecrets.c-20060530022627-871f686af94b25c8
  source/printing/notify.c   notify.c-20060530022627-261dbd9f8eaf7cbe
  source/printing/nt_printing.c  nt_printing.c-20060530022627-6f18c47e6548d98a
  source/printing/printing.c printing.c-20060530022627-9c11c090f2b843d1
  source/registry/reg_db.c   reg_db.c-20060530022627-e9a827257fb89131
  source/registry/reg_eventlog.c reg_eventlog.c-20060530055250-1bf0026d662d371e
  source/registry/reg_perfcount.c

svn commit: samba r22013 - in branches/SAMBA_3_0/source: libsmb smbd

2007-03-30 Thread jra

Author: jra
Date: 2007-03-30 22:19:51 + (Fri, 30 Mar 2007)
New Revision: 22013

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22013

Log:
Move to SSPI framing (sig first in NTLM).
Jeremy

Modified:
   branches/SAMBA_3_0/source/libsmb/smb_seal.c
   branches/SAMBA_3_0/source/smbd/seal.c


Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/smb_seal.c
===
--- branches/SAMBA_3_0/source/libsmb/smb_seal.c 2007-03-29 22:12:28 UTC (rev 
22012)
+++ branches/SAMBA_3_0/source/libsmb/smb_seal.c 2007-03-30 22:19:51 UTC (rev 
22013)
@@ -30,13 +30,15 @@
return NT_STATUS_INVALID_BUFFER_SIZE;
}
 
-   if (buf[4] == (char)0xFF  buf[5] == 'S') {
-   if (buf [6] == 'M'  buf[7] == 'B') {
+   if (buf[4] == (char)0xFF) {
+   if (buf[5] == 'S'  buf [6] == 'M'  buf[7] == 'B') {
/* Not an encrypted buffer. */
return NT_STATUS_NOT_FOUND;
}
-   *p_enc_ctx_num = SVAL(buf,6);
-   return NT_STATUS_OK;
+   if (buf[5] == 'E') {
+   *p_enc_ctx_num = SVAL(buf,6);
+   return NT_STATUS_OK;
+   }
}
return NT_STATUS_INVALID_NETWORK_RESPONSE;
 }
@@ -54,44 +56,55 @@
 /**
  Generic code for client and server.
  NTLM decrypt an incoming buffer.
+ Abartlett tells me that SSPI puts the signature first before the encrypted
+ output, so cope with the same for compatibility.
 **/
 
 NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf)
 {
NTSTATUS status;
size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. 
*/
+   size_t data_len;
+   char *inbuf;
DATA_BLOB sig;
 
if (buf_len  8 + NTLMSSP_SIG_SIZE) {
return NT_STATUS_BUFFER_TOO_SMALL;
}
 
+   inbuf = smb_xmemdup(buf, buf_len);
+
/* Adjust for the signature. */
-   buf_len -= NTLMSSP_SIG_SIZE;
+   data_len = buf_len - 8 - NTLMSSP_SIG_SIZE;
 
-   /* Save off the signature. */
-   sig = data_blob(buf+buf_len, NTLMSSP_SIG_SIZE);
+   /* Point at the signature. */
+   sig = data_blob_const(inbuf+8, NTLMSSP_SIG_SIZE);
 
status = ntlmssp_unseal_packet(ntlmssp_state,
-   (unsigned char *)buf + 8, /* 4 byte len + 0xFF 'S' enc ctx 
*/
-   buf_len - 8,
-   (unsigned char *)buf + 8,
-   buf_len - 8,
+   (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 
0xFF 'E' enc ctx */
+   data_len,
+   (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE,
+   data_len,
sig);
 
if (!NT_STATUS_IS_OK(status)) {
-   data_blob_free(sig);
+   SAFE_FREE(inbuf);
return status;
}
 
+   memcpy(buf + 8, inbuf + 8 + NTLMSSP_SIG_SIZE, data_len);
+   SAFE_FREE(inbuf);
+
/* Reset the length. */
-   smb_setlen(buf, smb_len(buf) - NTLMSSP_SIG_SIZE);
+   smb_setlen(buf, data_len + 4);
return NT_STATUS_OK;
 }
 
 /**
  Generic code for client and server.
  NTLM encrypt an outgoing buffer. Return the encrypted pointer in ppbuf_out.
+ Abartlett tells me that SSPI puts the signature first before the encrypted
+ output, so do the same for compatibility.
 **/
 
 NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state,
@@ -101,12 +114,12 @@
 {
NTSTATUS status;
char *buf_out;
-   size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. 
*/
+   size_t data_len = smb_len(buf) - 4; /* Ignore the 0xFF SMB bytes. */
DATA_BLOB sig;
 
*ppbuf_out = NULL;
 
-   if (buf_len  8) {
+   if (data_len == 0) {
return NT_STATUS_BUFFER_TOO_SMALL;
}
 
@@ -115,21 +128,21 @@
 * check needed.
 */
 
-   /* Copy the original buffer. */
+   buf_out = SMB_XMALLOC_ARRAY(char, 8 + NTLMSSP_SIG_SIZE + data_len);
 
-   buf_out = SMB_XMALLOC_ARRAY(char, buf_len + NTLMSSP_SIG_SIZE);
-   memcpy(buf_out, buf, buf_len);
-   /* Last 16 bytes undefined here... */
+   /* Copy the data from the original buffer. */
 
+   memcpy(buf_out + 8 + NTLMSSP_SIG_SIZE, buf + 8, data_len);
+
smb_set_enclen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num);
 
sig = data_blob(NULL, NTLMSSP_SIG_SIZE);
 
status = ntlmssp_seal_packet(ntlmssp_state,
-   (unsigned char *)buf_out + 8, /* 4 byte len + 0xFF 'S' enc 
ctx */
-   buf_len - 8,
-

svn commit: samba r22014 - in branches: SAMBA_3_0/source/lib SAMBA_3_0/source/libsmb SAMBA_3_0/source/nmbd SAMBA_3_0/source/smbd SAMBA_3_0_25/source/lib SAMBA_3_0_25/source/libsmb SAMBA_3_0_25/source/

2007-03-30 Thread jra

Author: jra
Date: 2007-03-30 22:25:08 + (Fri, 30 Mar 2007)
New Revision: 22014

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22014

Log:
Make us pass RANDOMIPC test again :-(. This is an ugly check-in,
but I've no option.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/lib/util.c
   branches/SAMBA_3_0/source/lib/util_str.c
   branches/SAMBA_3_0/source/libsmb/clidgram.c
   branches/SAMBA_3_0/source/libsmb/cliprint.c
   branches/SAMBA_3_0/source/libsmb/clirap.c
   branches/SAMBA_3_0/source/libsmb/clirap2.c
   branches/SAMBA_3_0/source/nmbd/nmbd_browsesync.c
   branches/SAMBA_3_0/source/nmbd/nmbd_elections.c
   branches/SAMBA_3_0/source/nmbd/nmbd_incomingdgrams.c
   branches/SAMBA_3_0/source/nmbd/nmbd_packets.c
   branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c
   branches/SAMBA_3_0/source/nmbd/nmbd_sendannounce.c
   branches/SAMBA_3_0/source/smbd/lanman.c
   branches/SAMBA_3_0_25/source/lib/util.c
   branches/SAMBA_3_0_25/source/lib/util_str.c
   branches/SAMBA_3_0_25/source/libsmb/clidgram.c
   branches/SAMBA_3_0_25/source/libsmb/cliprint.c
   branches/SAMBA_3_0_25/source/libsmb/clirap.c
   branches/SAMBA_3_0_25/source/libsmb/clirap2.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_browsesync.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_elections.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_incomingdgrams.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_packets.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_processlogon.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_sendannounce.c
   branches/SAMBA_3_0_25/source/smbd/lanman.c


Changeset:
Sorry, the patch is too large (4149 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22014

svn commit: samba r22015 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_25/source/nsswitch

2007-03-30 Thread jra

Author: jra
Date: 2007-03-30 22:35:35 + (Fri, 30 Mar 2007)
New Revision: 22015

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22015

Log:
Fix for memory leak from Steven Danneman [EMAIL PROTECTED]
Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
   branches/SAMBA_3_0_25/source/nsswitch/winbindd_ads.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c   2007-03-30 22:25:08 UTC 
(rev 22014)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c   2007-03-30 22:35:35 UTC 
(rev 22015)
@@ -931,6 +931,8 @@
if (num_retries  5) {
num_retries++;
num_members = 0;
+   ads_msgfree(ads, res);
+   res = NULL;
continue;
} else {
DEBUG(5, (ads: lookup_groupmem USN on this 
record changed
@@ -947,6 +949,9 @@
 num_members,
 more_values);
 
+   ads_msgfree(ads, res);
+   res = NULL;
+
if ((members == NULL) || (num_members == 0))
break;
 

Modified: branches/SAMBA_3_0_25/source/nsswitch/winbindd_ads.c
===
--- branches/SAMBA_3_0_25/source/nsswitch/winbindd_ads.c2007-03-30 
22:25:08 UTC (rev 22014)
+++ branches/SAMBA_3_0_25/source/nsswitch/winbindd_ads.c2007-03-30 
22:35:35 UTC (rev 22015)
@@ -931,6 +931,8 @@
if (num_retries  5) {
num_retries++;
num_members = 0;
+   ads_msgfree(ads, res);
+   res = NULL;
continue;
} else {
DEBUG(5, (ads: lookup_groupmem USN on this 
record changed
@@ -947,6 +949,9 @@
 num_members,
 more_values);
 
+   ads_msgfree(ads, res);
+   res = NULL;
+
if ((members == NULL) || (num_members == 0))
break;

svn commit: samba r22016 - in branches/SAMBA_3_0/source/libsmb: .

2007-03-30 Thread jra

Author: jra
Date: 2007-03-30 23:23:45 + (Fri, 30 Mar 2007)
New Revision: 22016

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22016

Log:
Try and fix the build - move things out of proto.h
Jeremy.

Modified:
   branches/SAMBA_3_0/source/libsmb/smb_seal.c


Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/smb_seal.c
===
--- branches/SAMBA_3_0/source/libsmb/smb_seal.c 2007-03-30 22:35:35 UTC (rev 
22015)
+++ branches/SAMBA_3_0/source/libsmb/smb_seal.c 2007-03-30 23:23:45 UTC (rev 
22016)
@@ -164,7 +164,7 @@
 **/
 
 #if defined(HAVE_GSSAPI)  defined(HAVE_KRB5)
-NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss *gss_state, 
char *buf)
+static NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss 
*gss_state, char *buf)
 {
gss_ctx_id_t gss_ctx = gss_state-gss_ctx;
OM_uint32 ret = 0;
@@ -215,7 +215,7 @@
  gss-api encrypt an outgoing buffer. Return the alloced encrypted pointer in 
buf_out.
 **/
 
-NTSTATUS common_gss_encrypt_buffer(struct smb_tran_enc_state_gss *gss_state,
+static NTSTATUS common_gss_encrypt_buffer(struct smb_tran_enc_state_gss 
*gss_state,
uint16 enc_ctx_num,
char *buf,
char **ppbuf_out)

Build status as of Sat Mar 31 00:00:02 2007

2007-03-30 Thread build

URL: http://build.samba.org/

--- /home/build/master/cache/broken_results.txt.old 2007-03-30 
00:00:29.0 +
+++ /home/build/master/cache/broken_results.txt 2007-03-31 00:00:25.0 
+
@@ -1,10 +1,10 @@
-Build status as of Fri Mar 30 00:00:02 2007
+Build status as of Sat Mar 31 00:00:02 2007
 
 Build counts:
 Tree Total  Broken Panic 
 SOC  0  0  0 
 build_farm   0  0  0 
-ccache   30 6  0 
+ccache   31 6  0 
 ctdb 0  0  0 
 distcc   2  0  0 
 ldb  30 5  0 
@@ -17,7 +17,7 @@
 samba-docs   0  0  0 
 samba-gtk3  3  0 
 samba4   34 11 0 
-samba_3_037 17 1 
+samba_3_037 26 1 
 smb-build28 27 0 
 talloc   31 1  0 
 tdb  30 3  0

svn commit: samba r22017 - in branches: SAMBA_3_0/source/smbd SAMBA_3_0_25/source/smbd

2007-03-30 Thread jra

Author: jra
Date: 2007-03-31 01:14:00 + (Sat, 31 Mar 2007)
New Revision: 22017

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22017

Log:
After changing 2000 lines of this I think this is needed :-).
Jeremy.

Modified:
   branches/SAMBA_3_0/source/smbd/lanman.c
   branches/SAMBA_3_0_25/source/smbd/lanman.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/lanman.c
===
--- branches/SAMBA_3_0/source/smbd/lanman.c 2007-03-30 23:23:45 UTC (rev 
22016)
+++ branches/SAMBA_3_0/source/smbd/lanman.c 2007-03-31 01:14:00 UTC (rev 
22017)
@@ -2,6 +2,7 @@
Unix SMB/CIFS implementation.
Inter-process communication and named pipe handling
Copyright (C) Andrew Tridgell 1992-1998
+   Copyright (C) Jeremy Allison 2007.
 
SMB Version handling
Copyright (C) John H Terpstra 1995-1998

Modified: branches/SAMBA_3_0_25/source/smbd/lanman.c
===
--- branches/SAMBA_3_0_25/source/smbd/lanman.c  2007-03-30 23:23:45 UTC (rev 
22016)
+++ branches/SAMBA_3_0_25/source/smbd/lanman.c  2007-03-31 01:14:00 UTC (rev 
22017)
@@ -2,6 +2,7 @@
Unix SMB/CIFS implementation.
Inter-process communication and named pipe handling
Copyright (C) Andrew Tridgell 1992-1998
+   Copyright (C) Jeremy Allison 2007.
 
SMB Version handling
Copyright (C) John H Terpstra 1995-1998

svn commit: samba r22018 - in branches: SAMBA_3_0/source/nmbd SAMBA_3_0_25/source/nmbd

2007-03-30 Thread herb

Author: herb
Date: 2007-03-31 03:11:02 + (Sat, 31 Mar 2007)
New Revision: 22018

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22018

Log:
fix compile error

Modified:
   branches/SAMBA_3_0/source/nmbd/nmbd_incomingdgrams.c
   branches/SAMBA_3_0_25/source/nmbd/nmbd_incomingdgrams.c


Changeset:
Modified: branches/SAMBA_3_0/source/nmbd/nmbd_incomingdgrams.c
===
--- branches/SAMBA_3_0/source/nmbd/nmbd_incomingdgrams.c2007-03-31 
01:14:00 UTC (rev 22017)
+++ branches/SAMBA_3_0/source/nmbd/nmbd_incomingdgrams.c2007-03-31 
03:11:02 UTC (rev 22018)
@@ -431,13 +431,13 @@
fstring comment;
char *s = get_safe_offset(buf,len,buf,9);
 
+   START_PROFILE(lm_host_announce);
if (!s) {
-   return;
+   goto done;
}
-   START_PROFILE(lm_host_announce);
s = skip_string(buf,len,s,1);
if (!s) {
-   return;
+   goto done;
}
pull_ascii(comment, s, sizeof(fstring), 43, STR_TERMINATE);
 

Modified: branches/SAMBA_3_0_25/source/nmbd/nmbd_incomingdgrams.c
===
--- branches/SAMBA_3_0_25/source/nmbd/nmbd_incomingdgrams.c 2007-03-31 
01:14:00 UTC (rev 22017)
+++ branches/SAMBA_3_0_25/source/nmbd/nmbd_incomingdgrams.c 2007-03-31 
03:11:02 UTC (rev 22018)
@@ -431,13 +431,13 @@
fstring comment;
char *s = get_safe_offset(buf,len,buf,9);
 
+   START_PROFILE(lm_host_announce);
if (!s) {
-   return;
+   goto done;
}
-   START_PROFILE(lm_host_announce);
s = skip_string(buf,len,s,1);
if (!s) {
-   return;
+   goto done;
}
pull_ascii(comment, s, sizeof(fstring), 43, STR_TERMINATE);

43 matches

Mail list logo