Re: [Samba] Idmap back compatible issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gerald (Jerry) Carter wrote: Li, Ying (ESG) wrote: I believe that many users take the default setting without specific idmap backend option, if there is no particular idmap requirement. I'd like to recommend considering the first situation as back compatible issue. At lease let it takes the default tdb backend when no idmap domains presented, no idmap backend in smb.conf. Here is a patch for this. Could somebody look at it? Looks right to me. I'll add this for 3.0.25rc2. Gahh! This is wrong and breaks the rc2 release! The problem is that now it always sets a compat backend of tdb even if specifying idmap domains . I've patch the SAMBA_3_0* trees and this will be fixed in the 3.0.25-final. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGLE0yIR7qMdg1EfYRAq+rAJ9AJXQNtiJzeyqygRehX60AM9UcEACeMXEk nCeaLBdRowKVpg3omqqjek0= =qEut -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE : [Samba] smbclient tar function : no password asked ?
Just for the record, and for anyone having the same kind of problems I described recently : --- Frédérique Da Luene [EMAIL PROTECTED] a écrit : We're using samba 3.0.24 on a Linux box, to access and backup some XP boxes. smbclient access is okay, but there is something quite weird with the tar subfunction - $ smbclient //xpbox/Documents -U someuser -d 2 -Tc /tmp/tarfile . added interface ip=192.168.1.xxx bcast=192.168.1.255 nmask=255.255.255.0 session setup failed: NT_STATUS_LOGON_FAILURE - Smbclient does NOT ask us for a password when used that way. We have no problem if giving the password on the command line (someuser%password). [...] By the way, we are using Samba to backup those shares, through the amanda backup tools. And we are running into the Call timed out: server did not respond after 2 milliseconds error. Anyone has hints about what could cause this error ? Samba 3.0.25 RC1 solves both problems. For the time being, no other disturbance. Cheers, it works ! -- FdL ___ Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses http://fr.answers.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Change password from XP
Hello. I've migrated samba to ldap, and everithing works fine except that when a user changes the password from an xp client receives an error indicating that the old password was wrong, but the password is changed in the server, so the user gets confused. Here http://lists.samba.org/archive/samba/2004-August/090254.html are a thread about this same problem; it's says that this was corrected in version 3.0.4. I'm runnig debian testing's 3.0.24 samba server with smbldap-tools 0.92. Xp clientes are pro SP2. smbldap-passwd returns 0. There is a workaround for this? Thanks in advance. Regards, -- Fernando M. Maresca Monitoring Station S.A. Calle 48 nº 812 La Plata (B1900AHN) - BA - ARG Tel/Fax: (+54) 221 425 3355 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Enter or quit a samba's domain in pdc
From : Edmundo Valle Neto The point is, %anything is not recognised inside a script. But, yes, adduser is a little different in Debian, it doesnt have -M option, for example. If you look at Samba by Example you will find something like that: add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%u' add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%m' Work. But one thing : you must put this line in the first line of [global], or the script will be done after the domain's enter try. Thank you. This is the only work that must be done by the add machine script here, the samba account will be created when the client is joined (with the root account or any other account that have privileges to do that). This is used to configure accounts other that root to join clients, for example. I will try this line today. I dont understood what do you mean by your share, but... Share = domain.. sorry i twas a mistake. If you dont want to enter with a local administrator account to manage network settings and domain join/unjoin, you can put the users inside the group Domain Administrators that this group will be added to the local administrators group of the machine when joined, well, it depends of how did you created your default groups and SIDs. Or create a group in samba put some users inside it an make this group belong to the local administrator group in every machine, then the domain accounts will have local administrative right in those workstations. Simple. If i understand what you say, I have to create a group who I put the users. But how can i attribute the local administrator for this group? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: username map script never runs
Gerald (Jerry) Carter jerry at samba.org writes: The username map parameters are only used by smbd and are not related to winbindd or pam_winbind at all. That would explain the not-running problem. :) That keeps me from chasing my tail. Thank you! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Link AD to pre-existing UNIX accounts
I'm trying to use winbindd to enumerate and link AD users to their pre- existing UNIX accounts. Right now, winbindd creates new users for UNIX based on windows username and groups. What I can't figure out is how to explicitly map the AD users to their pre- existing UNIX accounts. I'd like the users to be able to access their UNIX accounts with their UNIX authentication information /and/ their AD authentication information. I had hung my hat on the username map smb.conf directive, but I find now that it doesn't apply to winbindd. Has anyone worked out a strategy for this scenario? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.25rc2 Available for Download
Hi, I have a problem : ./configure --with-ldap --with-acl-support --prefix=/usr/local --exec-prefix=/usr/local --bindir=/usr/local/bin --sbindir=/usr/local/sbin --libexecdir=/usr/local/libexec --datadir=/usr/local/share --sharedstatedir=/usr/local/com --localstatedir=/usr/local/var --libdir=/usr/local/lib --includedir=/usr/local/include --infodir=/usr/share/info --with-configdir=/etc/samba --sysconfdir=/etc/samba --mandir=/usr/man --enable-cups if [ $? == 0 ]; then make if [ $? == 0 ]; then make install fi fi exit 0; RedHat Enterprise Linux 4 Kernel 2.6.16.5 package dmapi 2.2.1-1 dmapi-devel-2.2.1-1 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 22/04/2007 21:20:18 : Gerald (Jerry) Carter wrote: This is the second release candidate of the Samba 3.0.25 code base and is provided for testing only. These messages are new while compiling: deveis # make [...] Compiling auth/auth_script.c Building plugin bin/script.so make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by `all'. Stop. deveis # make install [...] make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by `all'. Stop. Configure options: export CFLAGS='-O2 -march=i486 -fomit-frame-pointer' ./configure \ --target=i486-pc-linux-gnu \ --with-sendfile-support \ --prefix=/usr \ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --with-privatedir=/etc \ --with-lockdir=/var/lock/samba \ --with-libdir=/usr/lib/samba \ --with-piddir=/var/run \ --with-swatdir=/usr/lib/samba/swat \ --with-configdir=/etc \ --with-logfilebase=/var/log \ --localstatedir=/var/log \ --without-ads \ --without-ldap \ --with-codepagedir=/usr/lib/samba/codepages \ --with-smbmount=yes \ --with-sambabook=/usr/lib/samba/swat/using_samba \ --without-winbind \ --without-python \ --without-manpages \ --without-mysql \ --without-xml \ --with-included-popt \ --enable-cups=no \ --with-vfs \ --with-utmp \ --with-quotas \ --with-pam \ --with-pam_smbpass \ --with-acl-support der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.25rc2 Available for Download
file not attached (due to mail rules), see output of make here : In file included from smbd/dmapi.c:36: /usr/include/xfs/dmapi.h:83: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:85: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:86: error: syntax error before dm_fsid_t /usr/include/xfs/dmapi.h:87: error: syntax error before dm_ino_t /usr/include/xfs/dmapi.h:89: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:92: error: syntax error before dm_size_t /usr/include/xfs/dmapi.h:93: error: syntax error before dm_ssize_t /usr/include/xfs/dmapi.h:104: error: syntax error before dm_dev_t /usr/include/xfs/dmapi.h:246: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:302: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:345: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:359: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:379: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:383: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:410: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:416: error: syntax error before dt_dev /usr/include/xfs/dmapi.h:417: error: syntax error before dt_ino /usr/include/xfs/dmapi.h:422: error: syntax error before dt_rdev /usr/include/xfs/dmapi.h:424: error: syntax error before dt_size /usr/include/xfs/dmapi.h:429: error: syntax error before dt_blocks /usr/include/xfs/dmapi.h:435: error: syntax error before dt_pad3 /usr/include/xfs/dmapi.h:447: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:477: error: champ dx_statinfo est de type incomplet /usr/include/xfs/dmapi.h:486: error: syntax error before __u16 /usr/include/xfs/dmapi.h:488: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:491: error: syntax error before __u16 /usr/include/xfs/dmapi.h:494: error: syntax error before dm_fid_ino /usr/include/xfs/dmapi.h:501: error: syntax error before __s64 /usr/include/xfs/dmapi.h:505: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:584: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:597: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:609: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:619: error: syntax error before dm_size_t /usr/include/xfs/dmapi.h:626: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:636: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:659: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:773: error: syntax error before dm_fsid_t /usr/include/xfs/dmapi.h:785: error: syntax error before dm_ino_t /usr/include/xfs/dmapi.h:803: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:811: error: syntax error before un élément lexical * /usr/include/xfs/dmapi.h:819: error: syntax error before un élément lexical * /usr/include/xfs/dmapi.h:885: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:896: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:915: error: syntax error before dm_read_invis /usr/include/xfs/dmapi.h:920: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:971: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:991: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:1057: error: syntax error before dm_write_invis /usr/include/xfs/dmapi.h:1063: error: syntax error before dm_off_t smbd/dmapi.c: In function `dmapi_file_flags': smbd/dmapi.c:221: error: syntax error before events smbd/dmapi.c: At top level: smbd/dmapi.c:238: error: syntax error before if smbd/dmapi.c:252: error: path non déclaré ici (hors de toute fonction) smbd/dmapi.c:253: error: un élément de l'initialisation n'est pas une constante smbd/dmapi.c:253: warning : the data definition have no type and no stockage class smbd/dmapi.c:254: error: syntax error before if smbd/dmapi.c:269: attention : noms de paramêtres (sans type) dans la déclaration de fonction smbd/dmapi.c:269: error: types conflictuels pour set_effective_capability include/proto.h:924: error: déclaration précédente de set_effective_capability était ici smbd/dmapi.c:269: error: types conflictuels pour set_effective_capability include/proto.h:924: error: déclaration précédente de set_effective_capability était ici smbd/dmapi.c:269: attention : la définition de données n'a pas de type ni de classe de stockage smbd/dmapi.c:271: error: redéfinition de err smbd/dmapi.c:252: error: définition précédente de err était ici smbd/dmapi.c:272: error: un élément de l'initialisation n'est pas une constante smbd/dmapi.c:272: attention : la définition de données n'a pas de type ni de classe de stockage smbd/dmapi.c:273: error: syntax error before if smbd/dmapi.c:281: error: redéfinition de err smbd/dmapi.c:271:
Re: [Samba] Link AD to pre-existing UNIX accounts
CG schrieb: I'm trying to use winbindd to enumerate and link AD users to their pre- existing UNIX accounts. Right now, winbindd creates new users for UNIX based on windows username and groups. What I can't figure out is how to explicitly map the AD users to their pre- existing UNIX accounts. I'd like the users to be able to access their UNIX accounts with their UNIX authentication information /and/ their AD authentication information. I had hung my hat on the username map smb.conf directive, but I find now that it doesn't apply to winbindd. Has anyone worked out a strategy for this scenario? I asked this a while ago and got the answer that this it not possible. I think you've to remove the old users and change all existing files that they own to the new winbind uids (find with the uid option). Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Link AD to pre-existing UNIX accounts
Ralf Gross Ralf-Lists at ralfgross.de writes: I asked this a while ago and got the answer that this it not possible. I think you've to remove the old users and change all existing files that they own to the new winbind uids (find with the uid option). And there we go! I appreciate the pointer. I'm sure we were both hoping to avoid that scenario, but it seems inevitable. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Enter or quit a samba's domain in pdc
BACQUEZ escreveu: From : Edmundo Valle Neto The point is, %anything is not recognised inside a script. But, yes, adduser is a little different in Debian, it doesnt have -M option, for example. If you look at Samba by Example you will find something like that: add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%u' add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%m' Work. But one thing : you must put this line in the first line of [global], or the script will be done after the domain's enter try. Thank you. The order of the lines inside a section doesnt make difference. And read that about %m: http://lists.samba.org/archive/samba/2005-November/114366.html Again, the history of the list is very usefull, and you should expect correct information when you see something posted by any developer :) This is the only work that must be done by the add machine script here, the samba account will be created when the client is joined (with the root account or any other account that have privileges to do that). This is used to configure accounts other that root to join clients, for example. I will try this line today. I dont understood what do you mean by your share, but... Share = domain.. sorry i twas a mistake. If you dont want to enter with a local administrator account to manage network settings and domain join/unjoin, you can put the users inside the group Domain Administrators that this group will be added to the local administrators group of the machine when joined, well, it depends of how did you created your default groups and SIDs. Or create a group in samba put some users inside it an make this group belong to the local administrator group in every machine, then the domain accounts will have local administrative right in those workstations. Simple. If i understand what you say, I have to create a group who I put the users. But how can i attribute the local administrator for this group? When you join a workstation in a domain you will must have a local administrator account on that machine as the machine doesnt know of domain accounts. About the group, you will not attribute anything, a group (normally called Domain Administrators) with the right SID (that is one of the well known domain groups) is inserted automatically in the Administrators group locally on the machine when joined into the domain, or you can make it by hand with any group you want (putting that group inside the Administrators group of the machine). Edmundo Valle Neto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Link AD to pre-existing UNIX accounts
Are there AD users who need Samba access and do not have Unix accounts? If so, is there a problem giving them Unix accounts? I have a server set up to do this, but all of the users have local Unix accounts as well as AD accounts. Basically, set up Samba as an AD member server and just do not use windbindd. All permission information for the shares in smb.conf can then use the Unix user and group names instead of those in AD, and Samba will still use the AD credentials for Windows client access. You will have to map DOMAIN\administrator to root (if you want adminstrator to have Samba access) and any other domain user with a different domain login than their Unix login in the Samba usermap file. Hope this helps. ---Hillel On Mon, 23 Apr 2007 14:17:42 + (UTC), CG wrote I'm trying to use winbindd to enumerate and link AD users to their pre- existing UNIX accounts. Right now, winbindd creates new users for UNIX based on windows username and groups. What I can't figure out is how to explicitly map the AD users to their pre- existing UNIX accounts. I'd like the users to be able to access their UNIX accounts with their UNIX authentication information /and/ their AD authentication information. I had hung my hat on the username map smb.conf directive, but I find now that it doesn't apply to winbindd. Has anyone worked out a strategy for this scenario? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Link AD to pre-existing UNIX accounts
CG schrieb: Ralf Gross Ralf-Lists at ralfgross.de writes: I asked this a while ago and got the answer that this it not possible. I think you've to remove the old users and change all existing files that they own to the new winbind uids (find with the uid option). And there we go! I appreciate the pointer. I'm sure we were both hoping to avoid that scenario, but it seems inevitable. To be honest, I dropped winbind because the performance was too bad with our huge number of AD entries. But this doesn't make life easier at the moment... Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] The network is invisible!
I've installed Samba on a SuSE 10.2 machine, and the machine is visible to the other machines in the network (a Windows 98 desktop, a SuSE 10.0 desktop and a SuSE 10.1 laptop). So far so good. So can anybody explain why my network is not visible from this machine? The obvious suspect is the firewall, but shutting that down doesn't improve the situation one bit. Any ideas? -- All the best, John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind offline logon
Gerry, Thanks for the feedback. However, when I run 'smbcontrol winbindd offline' it returns nothing, yet when I run 'smbcontrol winbindd onlinestatus' it returns: PID 4349: globla:Online BUILTIN:Online WLL-7179:Online AD_DOMAIN:Online If I run 'wbinfo -u|-g' I get back user/group listings as I'd expect even when I pull the network cable. Yet, when I attempt to login or su to an AD user account with the network cable pulled, it fails. In log.winbindd it shows: cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0x3 to machine AD_PDC. Error was Call timed out: server did not respond after 1 milliseconds I'm still missing something. Is there better documentation talking about how to implement offline logins with Samba somewhere? Thanks, On Sun, 2007-04-22 at 05:55 -0500, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian Atkins wrote: I am running Xubuntu 7.04 and recently upgraded to samba 3.0.24 to take advantage of the offline logon feature. I have added winbind offline logon = yes and added the cached_login option to pam_winbind.so in my pam.d/common-auth and pam.d/common-account files, but am still unable to verify that it is working. I can't locate any specific documentation covering the proper set-up other than man pages. Am I missing something? I must be... That's it. You can add a script in /etc/network/ip-{up,down}.d/ to call smbcontrol winbindd {offline,online} to send if off and online at will. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGKz86IR7qMdg1EfYRAi1GAKCTi12/omVUGDECX6Jx2BbdXhhnYQCfbGmz t9cwtlcx7BZkAUV58VhDUdM= =MIuB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc vampire umlauts (äöüß) problem
On 2007-04-11 at 22:54 +0200 Stefan Drees sent off: I changed the charset to UTF8, but nothing changes. Smbldap-usershow shows me the malformed umlauts, with ldapsearch i get displayname:: Qs19dnttIFRidKxlej==. be aware that ldap always contains utf-8 encoded names and if they are not ASCII or contain some other special characters, then they are base64 encoded. As your LDAP scripts don't convert the names, you have to do that by yourself. Bjoern -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC LDAP Idmap problem
Hello, I have a PDC running on SLES 10 which is using an ldap password backend and is suppose to be using ldap Idmap as well. My problem seems to be that my PDC is not writing any entries to the ldap idmap. Everything works just fine on the PDC, shares and what not, but I can not get a Samba domain member server to share anything properly. I get permissions errors and other problems like that. For example on the members server, it uses ldap for authentication so that ldap users can login to that machine (mostly just me) and this also helps because it is aware of all the usernames and group names, which simplifies permissions I think. The problem is shares on this server do not function correctly. When looking from windows the shares do not seem to belong to the correct group (for example one set to it on the server ends up as administration on the windows security page) and even if I am a member of all the groups I get a permission denied when I try to create new folders. The reason I think it is an idmap problem is because no entries are created in the idmap section in ldap by the pdc and because of the miss used groups I described above. One other thing is, the Domain Member server seems to write two entries to the idmap in ldap if it does not exist already. I am really at a loss as to how to proceed with this setup to correct my problem. If someone on here has any suggestions and can explain how I should go about it then please I would greatly appreciate it. Also I have not copied any config files here to avoid flooding, but if anyone would like to see any config file please just ask me and I will provide them. Thank you again, Brent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Link AD to pre-existing UNIX accounts
On Mon, 2007-04-23 at 14:17 +, CG wrote: I'm trying to use winbindd to enumerate and link AD users to their pre- existing UNIX accounts. Right now, winbindd creates new users for UNIX based on windows username and groups. You seem to have 2 separate criteria: What I can't figure out is how to explicitly map the AD users to their pre- existing UNIX accounts. I'd like the users to be able to access their UNIX That's one criterium: mapping AD users to the existing Unix accounts. From this, I assume you mean that after the mapping, you want the 'getent passwd' info to be the same: i.e. the same uid, gid, homedir, shell, gecos. Call this criterium 1. accounts with their UNIX authentication information /and/ their AD authentication information. I had hung my hat on the username map smb.conf That's another criterium: ability to authenticate as a given user via either the existing unix password (e.g. the /etc/shadow password), or the MsAD password. Call this criterium 2. directive, but I find now that it doesn't apply to winbindd. Has anyone worked out a strategy for this scenario? I think so: Criterium 1: - extend the MsAD schema to include posix attributes. I think Ms calls this 'Ms Services For Unix'. Doing so will add uid, gid, homedir, and login-shell attributes. They have their own ms-hopped-up names, but that's what they're for. Populate the MsAD schema w. the values you already have in your unix system. You could do this manually, but you could also write scripts to do it. The script(s) would use LDAP to update MsAD. I did this 2 years ago. It's some work, but you only do it once, and then you're set ever after. Criterium 2: - Use pam to allow authentication via either the existing unix password, or via winbind. I am not a pam expert, but here's the general kind of approach I've used for situations like this: auth sufficient pam_winbind.so auth required pam_unix.so In summary, I believe that what you want is achievable. Good luck, Jon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP redudancy problem
No idea about this point ? Hi, Redhat 4, Samba server 3.0.22. We are testing LDAP redudancy. We have 2 LDAP servers. If we stop LDAP services on the first LDAP server, everything works fine : the samba server detects the failed ldap server and switch to the available LDAP server. Clients can be authenticated, everything works fine. But, if the first LDAP server is unavailable (does not respond to ping), the samba server does not swith to the second LDAP server : [2007/04/20 09:36:46, 0] lib/smbldap.c:smbldap_search_suffix(1346) smbldap_search_suffix: Problem during the LDAP search: (Time limit exceeded) [2007/04/20 09:36:46, 2] auth/auth.c:check_ntlm_password(317) check_ntlm_password: Authentication for user [adminocs] - [adminocs] FAILED with error NT_STATUS_NO_SUCH_USER [2007/04/20 09:36:46, 2] smbd/server.c:exit_server(614) Closing connections We have tried using smaller and greater values of ldap timeout in smb.conf but it does not help. ( from 5 to 600) We have tried using smaller and greater values in the /etc/ldap.conf for bind_timelimit and timelimit (30 by default, from 5 to 300), but it does not help. Here is our smb.conf related to ldap : passdb backend = ldapsam:ldap://itdsd1l1.altissemiconductor.com ldap://itdsd2l2.altissemiconductor.com; ldap passwd sync = Yes ldap admin dn = cn=samba,ou=DSA,ou=manuf,o=altissemiconductor.com,cn=mfg ldap suffix = ou=manuf,o=altissemiconductor.com,cn=mfg ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap timeout = 15 ldap ssl = start_tls Is there a way to change the bind timeout for samba server to switch to the available node before the search time limit exceeded ? Do I miss something ? Regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Idmap back compatible issue
Sorry, I missed a checking condition for dom_list. Attached is a new version of the patch. Thanks. -Ying -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] changes to /etc/group without restarting samba
I'm running samba 3.0.23 on red hat fedora core 6 with kernel 2.6.18-1.2849.fc6 (64-bit). I'm implementing a framework where new directories are added in an existing samba share with corresponding entries in /etc/group and am trying to restrict access to those directories to only users in that group. The clients connecting have user accounts on the samba server (there are no corresponding windows groups). If I add users to these new groups and have been previously connected as one of those users, I am not able to access the newly allowed directory (with the user being a member of the group, but not the owner and permissions of 770 on the directory) unless I restart the samba processes or disconnect/reconnect. Is there a way around this problem without having to restart samba or having clients disconnect/reconnect? Thanks for any assistance. Jeff Nathanson -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC over PPTP VPN
2007/4/23, Dale Schroeder [EMAIL PROTECTED]: The only thing I can think of is, do you have invalid users = root set in smb.conf? No, I don't have invalid users = root in smb.conf. Remember that in LAN the PDC works without any problem at all... Thank you! Bye. :-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can't list directories
We have a private windows network which is running active directory, and we use a FC4 box as a gateway/firewall to connect the windows network to outside world. So the gateway has two NICs. We're running samba server on the fc4 box and the samba server joins windows AD as a member server. We shared NFS-mounted home directories on the fc4 box using samba. After the command 'smbclient //wingate/abc', we successfully connected to abc's home directory and could list the home directory(the home directory has permission 755 ). Then we changed into another directory in the home directory without any problems, but we couldn't list that directory (that directory has permission 700). I googled for several hours but did not find anything that works for me. ( I aslo disabled SELinux ) Any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pdc login issues with Vista
Hi there, I just setup a Centos 5 server running samba 3.0.23c (as provided by upstream via YUM). And it is Vista Business edition. Now I am looking for a little clarification on this setup. I have been reading on google and the list archives, about NTLMv2 auth and the fact you need to make an edit with the secpol.msc. I did complete that. I also read that I would need to add (which I have made note can be removed as of samba 3.0.25) host msdfs = no to my smb.conf - which i also did in the global section. Now I have added the machine to the domain, without issue (according to Vista), but when I try to log in (with a domain user), I get the error (from Vista): There are currently no logon servers available to service the logon request. I again searched google for this error with regards to Samba and found nothing. Upon looking in the samba log files, I found nothing in my /var/log/samba/*.logs of error like. It all seemed like pretty standard start up diolog. So as a test I logged into the vista box with a local user, and mapped a drive. That seemed to work without issue. I threw on a few folders and text files. Again no issues. Here is my smb.conf for reference: [global] ### GENERAL ## domain logons = yes domain master = Yes netbios name = JKA os level = 255 preferred master = yes security = user wins support = no workgroup = JKA ## SECURITY ## # disable LM authentication lanman auth = no lm announce = no # increase the minimum protocol # This disables win9x to win me min protocol = NT1 # Allow these IP Addresses to connect hosts allow = 10.0.0.0/24 127.0.0.1 # Anything else not allowed is, by default, rejected hosts deny = ALL ## LOGGING ## debug timestamp = yes log file = /var/log/samba/%U-%m.log log level = 2 max log size = 9216 ## LOGON ## ## DK ## # a user logon script logon script = %U.bat # Logon path used to enable roaming profiles # Comment out the blank one and uncomment the other to enable #logon path = \\%L\profiles\%U logon path = logon drive = H: logon home = \\%L\home\%U ## FILE LOCKING ## ## DK ## # See: # http://www.oreilly.com/catalog/samba/chapter/book/ch05_05.html veto oplock files = /*.doc/*.xls/*.mdb/ ## VISTA HACKS ## ### DK ## # Can be removed as of samba 3.0.25 host msdfs = no [netlogon] comment = Network Logon Service path = /home/samba/netlogon locking = No ;[profiles] ;comment = Profile Share ;path = /home/samba/profiles ;read only = No ;profile acls = Yes ;create mode = 0600 ;directory mode = 0700 ;browseable = No [homes] comment = Home Directories valid users = %S read only = no browseable = no create mode = 0600 directory mode = 0700 [Public] path = /home/shares/public read only = No comment = Public Folders public = yes writeable = yes # END SMB.CONF Can anyone see anything funny about my conf? Note that I add the machine to the domain via the command line due to an error I get with the useradd and usermod tools (unrelated to this, so will not go into details). But in case my command has any relivance, it is: useradd -d /dev/null -g workstation -s /sbin/nologin theworkstationname$ passwd -l theworkstationname$ smbpasswd -a -m theworkstationname$ Any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Authenticate against AD/NT4, but use local account?
Hi, all. I'd like to authenticate a login against AD and/or NT4, but use a generic local account (so I don't need to maintain local user accounts). Since this is an FTP server, doing it right isn't really in my interest -- I just want to do a simple authentication, then use something akin to (say) force user and force group to a local account. Is this possible/feasible? Or do I need to have local accounts? Thanks! -Ken -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Fwd: Re: [Samba] Drag and Drop and Crash]
One more significant finding: I'd been assuming that samba versions 2.2.x were not susceptible to this problem, and Samba versions 3.0.x were susceptible. But then I learned that elsewhere on our campus a Suse server with Samba 3.0.22 was unaffected, so I set up my own version 3.0.22 (default installation from source code), and it was also unaffected. I upgraded it to version 3.0.23, and the problem appeared. Finally, I tried the new release candidate 2 for 2.0.25, and the problem went away. Recall that we already experienced the problem with 3.0.23d and 3.0.24, so I think it's a fair guess that only 3.0.23x and 3.0.24 are affected by this. While I still think the blame lies most directly with Symantec, I will be reporting this as a bug to the Samba developers also, since the susceptibility seems to have been introduced and then fixed entirely by accident. (I can't find any indication in the release notes, mailing list, or bugzilla that the developers are aware of it.) Hope that helps, Tom McNeely Western Washington University Libraries -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Summers Sent: Monday, April 16, 2007 8:01 PM To: samba@lists.samba.org Subject: [Fwd: Re: [Samba] Drag and Drop and Crash] Hello List, Please read Tom's email below. Has some interesting findings. The affected machine I dealt with also had symantec on it. Since the repair though there hasn't been a problem. The user even re-applied the patches. This is to weird. HTH Original Message Subject:Re: [Samba] Drag and Drop and Crash Date: Mon, 16 Apr 2007 18:12:47 -0700 From: Thomas McNeely [EMAIL PROTECTED] To: [EMAIL PROTECTED] Jim, sorry to keep doing this to you but the Samba list rejected me again. Please share this with the list. Thanks! Tom - Here's what we've discovered about this problem, including much new information: (Most of the tedious version details are deferred to the end of this message for readability.) (Dates are expressed American-style as MM/DD/YY.) On Thursday April 5th our users started experiencing abrupt reboots (without proper shutdown) when they copied, saved, or renamed files on our Samba 3.0 shares. This Samba server has run flawlessly for years in essentially the same configuration as now, and exactly the same configuration since Christmas. The problem does not occur when writing to Microsoft or Novell shares. After trying various experiments on the affected workstations, we determined that the problem always and only occurs on workstations which are running both the Novell Client and Symantec AntiVirus. We can only induce the problem by installing both, and removing either one always cures the problem. Regarding Symantec, we have determined that it was a virus definition file from soon after 3/27/07 (probably one from the week of 4/2/07) that triggers the problem. The current program version and scan engine version with virus definition files earlier than 3/27/07 do not trigger the problem. Regarding the Novell Client, we have found that only a default installation is needed to replicate the problem -- no need for Zenworks client, or even to log in. Also, moving the Novell Client to the bottom of the provider order list does not fix the problem. Although the timing of the problem's first appearance corresponds suspiciously with the release of Microsoft's patch KB925902, we have eliminated this patch as a factor. We have another Samba server, version 2.2 running on Solaris, whose users do not experience the problem. So we tried setting up another Samba 2.2 machine to test with -- in every way similar to our Samba 3.0 machine except for the Samba version. We cannot replicate the problem when writing to a Samba 2.2 share, regardless of workstation configuration. Although there are a few contributing factors coming together to create this problem, we believe that the most likely and appropriate solution would come from Symantec (e.g. in the form of a fix to their virus definition files). However, fixes might also be possible in the Novell Client or Samba. Hope that helps someone and/or someone can help me! Tom McNeely Western Washington University Libraries Appendix: The software versions tested are: * Windows XP with Service Pack 2 (no other versions tested) * Novell Client version 4.91.3.20061109, default installation, no Zenworks client * Symantec AntiVirus: program version 10.1.5.5000, scan engine version 71.2.0.12, and several virus definitions between 4/9/07 (and surely going back into the week of 4/2/07) through at least 4/16/07 rev 17. Virus definitions earlier than 3/27/07 (and probably earlier than the week of 4/2/07) do not trigger the problem. * Samba version 2.2.5 (installation method and options unknown, running on Solaris) -- NO problem * Samba version 2.2.12 (default installation from samba.org source code,
Re: [Samba] Change password from XP
Fernando M. Maresca escreveu: Hello. I've migrated samba to ldap, and everithing works fine except that when a user changes the password from an xp client receives an error indicating that the old password was wrong, but the password is changed in the server, so the user gets confused. Here http://lists.samba.org/archive/samba/2004-August/090254.html are a thread about this same problem; it's says that this was corrected in version 3.0.4. I'm runnig debian testing's 3.0.24 samba server with smbldap-tools 0.92. Xp clientes are pro SP2. smbldap-passwd returns 0. There is a workaround for this? Thanks in advance. Regards, Would help if you post your smb.conf file. Edmundo Valle Neto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Fwd: machine authentication at Active Directory
Any ideas? Otto Fuchshuber Filho [EMAIL PROTECTED] -- Forwarded message -- From: Otto Fuchshuber Filho [EMAIL PROTECTED] Date: 12/04/2007 22:38 Subject: Re: [Samba] Fwd: machine authentication at Active Directory To: Andrew Bartlett [EMAIL PROTECTED] OK, Andrew, thanks. But without 802.1X, is it possible to do machine authentication at AD with a Linux + Samba desktop? If so, Where can I get tips about this? Thanks, Otto Fuchshuber Filho [EMAIL PROTECTED] Andrew Bartlett escreveu, Em 12-04-2007 22:29: We store the information that could do this, but I don't think anybody has done the link between that and 802.1x. Andrew Bartlett On Wed, 2007-04-11 at 18:20 -0300, Otto Fuchshuber Filho wrote: Can anybody help me with this issue or tell me where I can get help? Thanks -- Otto Fuchshuber Filho [EMAIL PROTECTED] -- Forwarded message -- From: Otto Fuchshuber Filho [EMAIL PROTECTED] Date: 10/04/2007 22:08 Subject: machine authentication at Active Directory To: samba@lists.samba.org On a 802.1X environment, it's possible to permit a windows desktop gain access to the network by using only machine authentication at the Active Directory (no need for login + password). Is it possible to do the same with a Linux desktop with samba? I mean a Linux desktop pass machine credentials to Active Directory as windows do (SID), without any login and password. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Kerberos stopped working
Hi everyone, I am in a real panic here and would appreciate any help. I have students not being able to save any files! I have a samba server that was joined to a win2k active directory and running for months. I dont know why, but now it isn't working correctly. This error is filling my logs: --- libads/kerberos_verify.c:ads_keytab_verify_ticket(113) krb5_rd_req(HOST/[EMAIL PROTECTED]) failed: Wrong principal in request --- There are variations with HOST/[EMAIL PROTECTED], HOST/[EMAIL PROTECTED], HOST/[EMAIL PROTECTED] I really have no idea what to do. I can use kinit on any user on the domain successfully. Thanks Amiel Heyde Information Technology Services Lilydale Adventist Academy [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Kerberos stopped working
I'd look at DNS first, perhaps a problem with DNS running on the W2K network? Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amiel Heyde Sent: Tuesday, 24 April 2007 1:46 PM To: samba@lists.samba.org Subject: [Samba] Kerberos stopped working Hi everyone, I am in a real panic here and would appreciate any help. I have students not being able to save any files! I have a samba server that was joined to a win2k active directory and running for months. I dont know why, but now it isn't working correctly. This error is filling my logs: --- libads/kerberos_verify.c:ads_keytab_verify_ticket(113) krb5_rd_req(HOST/[EMAIL PROTECTED]) failed: Wrong principal in request --- There are variations with HOST/[EMAIL PROTECTED], HOST/[EMAIL PROTECTED], HOST/[EMAIL PROTECTED] I really have no idea what to do. I can use kinit on any user on the domain successfully. Thanks Amiel Heyde Information Technology Services Lilydale Adventist Academy [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r22473 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_25/source/nsswitch SAMBA_3_0_25/source/passdb SAMBA_3_0_RELEASE/source/nsswitch
Author: jerry Date: 2007-04-23 06:10:22 + (Mon, 23 Apr 2007) New Revision: 22473 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22473 Log: Correct fix for setting a default compat tdb idmap backend. Previous code would always fill in idmap backend = tdb even if you defined idmap domains. My fault. I should have tested the original patch more before committing. Modified: branches/SAMBA_3_0/source/nsswitch/idmap.c branches/SAMBA_3_0_25/source/nsswitch/idmap.c branches/SAMBA_3_0_25/source/passdb/pdb_ldap.c branches/SAMBA_3_0_RELEASE/source/nsswitch/idmap.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/idmap.c === --- branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-04-23 00:43:47 UTC (rev 22472) +++ branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-04-23 06:10:22 UTC (rev 22473) @@ -289,40 +289,42 @@ dom_list = lp_idmap_domains(); - if ( dom_list lp_idmap_backend() ) { - DEBUG(0, (WARNING: idmap backend and idmap domains are - mutually excusive!\n)); - DEBUGADD(0,(idmap backend option will be IGNORED!\n)); - } else if ( lp_idmap_backend() ) { - const char **compat_list = lp_idmap_backend(); + if ( lp_idmap_backend() ) { + const char **compat_list = lp_idmap_backend(); char *p = NULL; const char *q = NULL; - compat = 1; + if ( dom_list ) { + DEBUG(0, (WARNING: idmap backend and idmap domains are + mutually excusive!\n)); + DEBUGADD(0,(idmap backend option will be IGNORED!\n)); + } else { + compat = 1; - if ( (compat_backend = talloc_strdup( idmap_ctx, *compat_list )) == NULL ) { - ret = NT_STATUS_NO_MEMORY; - goto done; - } + if ( (compat_backend = talloc_strdup( idmap_ctx, *compat_list )) == NULL ) { + ret = NT_STATUS_NO_MEMORY; + goto done; + } - /* strip any leading idmap_ prefix of */ - if (strncmp(*compat_list, idmap_, 6) == 0 ) { - q = *compat_list += 6; - DEBUG(0, (WARNING: idmap backend uses obsolete and - deprecated 'idmap_' prefix.\n - Please replace 'idmap_%s' by '%s' in %s\n, - q, q, dyn_CONFIGFILE)); - compat_backend = talloc_strdup( idmap_ctx, q); - } else { - compat_backend = talloc_strdup( idmap_ctx, *compat_list); - } + /* strip any leading idmap_ prefix of */ + if (strncmp(*compat_list, idmap_, 6) == 0 ) { + q = *compat_list += 6; + DEBUG(0, (WARNING: idmap backend uses obsolete and + deprecated 'idmap_' prefix.\n + Please replace 'idmap_%s' by '%s' in %s\n, + q, q, dyn_CONFIGFILE)); + compat_backend = talloc_strdup( idmap_ctx, q); + } else { + compat_backend = talloc_strdup( idmap_ctx, *compat_list); + } - /* separate the backend and module arguements */ - if ((p = strchr(compat_backend, ':')) != NULL) { - *p = '\0'; - compat_params = p + 1; - } - } else { + /* separate the backend and module arguements */ + if ((p = strchr(compat_backend, ':')) != NULL) { + *p = '\0'; + compat_params = p + 1; + } + } + } else if ( !dom_list ) { /* Back compatible: without idmap domains and explicit idmap backend. Taking default idmap backend: tdb */ @@ -331,7 +333,6 @@ compat_params = compat_backend; } - if ( ! dom_list) { dom_list = idmap_default_domain; } Modified: branches/SAMBA_3_0_25/source/nsswitch/idmap.c === --- branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-04-23 00:43:47 UTC (rev 22472) +++ branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-04-23 06:10:22
svn commit: samba r22474 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: abartlet Date: 2007-04-23 07:22:16 + (Mon, 23 Apr 2007) New Revision: 22474 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22474 Log: If ldb does not return sucess, then the res variable may not be valid. It *should* just be NULL from the initialisation above, but I've had this not be the case... Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2007-04-23 06:10:22 UTC (rev 22473) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2007-04-23 07:22:16 UTC (rev 22474) @@ -970,8 +970,6 @@ if (ret == LDB_SUCCESS) { talloc_steal(mem_ctx, res); *result = res; - } else { - talloc_free(res); } talloc_free(expression);
svn commit: samba r22475 - in branches/SAMBA_4_0/source/lib/ldb/tools: .
Author: abartlet Date: 2007-04-23 07:23:45 + (Mon, 23 Apr 2007) New Revision: 22475 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22475 Log: Rather than segfault, show the name of the malformed entry. Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c === --- branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c 2007-04-23 07:22:16 UTC (rev 22474) +++ branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c 2007-04-23 07:23:45 UTC (rev 22475) @@ -325,6 +325,12 @@ char *schema_entry = NULL; int j; + if (!name) { + printf(Failed to find lDAPDisplayName for schema DN: %s\n, ldb_dn_get_linearized(msg-dn)); + ret.failures = 1; + continue; + } + /* We have been asked to skip some attributes/objectClasses */ if (attrs_skip str_list_check_ci(attrs_skip, name)) { ret.skipped++;
svn commit: samba r22476 - in branches/SAMBA_4_0/source: dsdb/samdb/ldb_modules lib/ldb/tools
Author: abartlet Date: 2007-04-23 07:25:09 + (Mon, 23 Apr 2007) New Revision: 22476 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22476 Log: The OID match is used very oddly in AD, as it is often used for fields that contain attribute names and objectClasses. Make it a case insensitive string for now. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c branches/SAMBA_4_0/source/lib/ldb/tools/convert.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2007-04-23 07:23:45 UTC (rev 22475) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2007-04-23 07:25:09 UTC (rev 22476) @@ -360,6 +360,7 @@ } } }, +#if 0 { .local_name = allowedChildClassesEffective, .type = MAP_CONVERT, @@ -371,6 +372,7 @@ }, }, }, +#endif { .local_name = objectCategory, .type = MAP_CONVERT, @@ -508,6 +510,7 @@ } } }, +#if 0 { .local_name = allowedChildClassesEffective, .type = MAP_CONVERT, @@ -519,6 +522,7 @@ }, }, }, +#endif { .local_name = objectCategory, .type = MAP_CONVERT, Modified: branches/SAMBA_4_0/source/lib/ldb/tools/convert.c === --- branches/SAMBA_4_0/source/lib/ldb/tools/convert.c 2007-04-23 07:23:45 UTC (rev 22475) +++ branches/SAMBA_4_0/source/lib/ldb/tools/convert.c 2007-04-23 07:25:09 UTC (rev 22476) @@ -34,14 +34,23 @@ .equality = distinguishedNameMatch, .comment = Object(DS-DN) == a DN }, +#if 0 { .Standard_OID = 1.3.6.1.4.1.1466.115.121.1.38, .AD_OID = 2.5.5.2, .equality = objectIdentifierMatch, .comment = OID String }, +#else { .Standard_OID = 1.2.840.113556.1.4.905, + .AD_OID = 2.5.5.2, + .equality = caseIgnoreMatch, + .comment = OID as a Case Insensitive String + }, +#endif + { + .Standard_OID = 1.2.840.113556.1.4.905, .AD_OID = 2.5.5.4, .equality = caseIgnoreMatch, .substring = caseIgnoreSubstringsMatch,
svn commit: samba r22477 - in branches/SAMBA_4_0/source/rpc_server/drsuapi: .
Author: abartlet Date: 2007-04-23 07:26:08 + (Mon, 23 Apr 2007) New Revision: 22477 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22477 Log: When an invaild base is specified to ldb_search, it should return LDB_ERR_NO_SUCH_OBJECT. Handle this (found against LDAP, ldb_tdb is being updated). Andrew Bartlett Modified: branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c === --- branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2007-04-23 07:25:09 UTC (rev 22476) +++ branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2007-04-23 07:26:08 UTC (rev 22477) @@ -541,6 +541,8 @@ objectClass=server); if (ret) { + DEBUG(1, (searching for servers in sites DN %s failed: %s\n, + ldb_dn_get_linearized(sites_dn), ldb_errstring(b_state-sam_ctx))); return WERR_GENERAL_FAILURE; } @@ -568,10 +570,7 @@ ret = ldb_search_exp_fmt(b_state-sam_ctx, mem_ctx, res_account, ref_dn, LDB_SCOPE_BASE, attrs_account_1, objectClass=computer); - if (ret) { - return WERR_GENERAL_FAILURE; - } - if (res_account-count == 1) { + if (ret == LDB_SUCCESS res_account-count == 1) { ctr1-array[i].dns_name = ldb_msg_find_attr_as_string(res_account-msgs[0], dNSHostName, NULL); ctr1-array[i].netbios_name @@ -595,6 +594,10 @@ } } } + if ((ret != LDB_SUCCESS) (ret != LDB_ERR_NO_SUCH_OBJECT)) { + DEBUG(5, (warning: searching for computer DN %s failed: %s\n, + ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state-sam_ctx))); + } /* Look at server DN and extract site component */ ctr1-array[i].site_name = result_site_name(res-msgs[i]-dn); @@ -635,34 +638,33 @@ ret = ldb_search_exp_fmt(b_state-sam_ctx, mem_ctx, res_ntds, ntds_dn, LDB_SCOPE_BASE, attrs_ntds, objectClass=nTDSDSA); - if (ret) { - return WERR_GENERAL_FAILURE; - } - if (res_ntds-count == 1) { + if (ret == LDB_SUCCESS res_ntds-count == 1) { ctr2-array[i].is_gc = (ldb_msg_find_attr_as_int(res_ntds-msgs[0], options, 0) == 1); ctr2-array[i].ntds_guid = samdb_result_guid(res_ntds-msgs[0], objectGUID); ctr2-array[i].ntds_dn = ldb_dn_get_linearized(res_ntds-msgs[0]-dn); } + if ((ret != LDB_SUCCESS) (ret != LDB_ERR_NO_SUCH_OBJECT)) { + DEBUG(5, (warning: searching for NTDS DN %s failed: %s\n, + ldb_dn_get_linearized(ntds_dn), ldb_errstring(b_state-sam_ctx))); + } ret = ldb_search_exp_fmt(b_state-sam_ctx, mem_ctx, res_site, site_dn, LDB_SCOPE_BASE, attrs_site, objectClass=site); - if (ret) { - return WERR_GENERAL_FAILURE; - } - if (res_site-count == 1) { + if (ret == LDB_SUCCESS res_site-count == 1) { ctr2-array[i].site_guid = samdb_result_guid(res_site-msgs[0], objectGUID); ctr2-array[i].site_dn = ldb_dn_get_linearized(res_site-msgs[0]-dn); } + if ((ret != LDB_SUCCESS) (ret != LDB_ERR_NO_SUCH_OBJECT)) { + DEBUG(5, (warning: searching for site DN %s failed: %s\n, + ldb_dn_get_linearized(site_dn), ldb_errstring(b_state-sam_ctx))); + } ret = ldb_search_exp_fmt(b_state-sam_ctx, mem_ctx, res_account, ref_dn, LDB_SCOPE_BASE, attrs_account_2, objectClass=computer); - if (ret) { - return WERR_GENERAL_FAILURE; - } -
svn commit: samba r22478 - in branches/SAMBA_4_0: source/script/tests source/scripting/libjs source/setup testprogs/ejs
Author: abartlet Date: 2007-04-23 07:33:15 + (Mon, 23 Apr 2007) New Revision: 22478 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22478 Log: Update the LDAP backend code to handle initialisation of multiple partitions onto the target LDAP server. Make the LDAP provision run before smbd starts, then stop the LDAP server. This ensures this occurs synchronously, We then restart it for the 'real run' (with slapd's stdin being the FIFO). This required fixing a few things in the provision scripts, with more containers being created via a add/modify pair. Andrew Bartlett Added: branches/SAMBA_4_0/source/setup/provision_configuration_basedn.ldif branches/SAMBA_4_0/source/setup/provision_configuration_basedn_modify.ldif branches/SAMBA_4_0/source/setup/provision_schema_basedn.ldif branches/SAMBA_4_0/source/setup/provision_schema_basedn_modify.ldif Modified: branches/SAMBA_4_0/source/script/tests/Samba4.pm branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/display_specifiers.ldif branches/SAMBA_4_0/source/setup/provision branches/SAMBA_4_0/source/setup/provision_configuration.ldif branches/SAMBA_4_0/source/setup/schema-map-fedora-ds-1.0 branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 branches/SAMBA_4_0/source/setup/schema.ldif branches/SAMBA_4_0/source/setup/schema_samba4.ldif branches/SAMBA_4_0/testprogs/ejs/minschema_classes.txt Changeset: Sorry, the patch is too large (15627 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22478
svn commit: samba r22479 - in branches/SAMBA_3_0/source: . include libads libsmb utils
Author: gd Date: 2007-04-23 08:40:54 + (Mon, 23 Apr 2007) New Revision: 22479 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22479 Log: Add net ads keytab list. Guenther Modified: branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/include/includes.h branches/SAMBA_3_0/source/libads/kerberos_keytab.c branches/SAMBA_3_0/source/libsmb/clikrb5.c branches/SAMBA_3_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/configure.in === --- branches/SAMBA_3_0/source/configure.in 2007-04-23 07:33:15 UTC (rev 22478) +++ branches/SAMBA_3_0/source/configure.in 2007-04-23 08:40:54 UTC (rev 22479) @@ -3640,6 +3640,7 @@ AC_CHECK_FUNC_EXT(initialize_krb5_error_table, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_alloc, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_free, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_enctype_to_string, $KRB5_LIBS) LIBS=$KRB5_LIBS $LIBS @@ -4016,7 +4017,44 @@ [whether krb5_mk_error takes 3 arguments MIT or 9 Heimdal]) fi + if test x$ac_cv_func_ext_krb5_enctype_to_string = xyes; then +AC_CACHE_CHECK([for krb5_error_code krb5_enctype_to_string(krb5_context context, krb5_enctype enctype, char **str)], +smb_krb5_enctype_to_string_takes_krb5_context_arg,[ + AC_TRY_RUN_STRICT([ + #include krb5.h + int main(void) { + krb5_context context; + char *str = NULL; + krb5_enctype_to_string(context, 1, str); + if (str) free (str); + } + ],[$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS], + smb_krb5_enctype_to_string_takes_krb5_context_arg=yes, + smb_krb5_enctype_to_string_takes_krb5_context_arg=no)]) +if test x$smb_krb5_enctype_to_string_takes_krb5_context_arg = xyes; then + AC_DEFINE(HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG,1, +[whether krb5_enctype_to_string takes krb5_context argument]) +fi + +AC_CACHE_CHECK([for krb5_error_code krb5_enctype_to_string(krb5_enctype enctype, char *str, size_t len)], +smb_krb5_enctype_to_string_takes_size_t_arg,[ + AC_TRY_RUN_STRICT([ + #include krb5.h + int main(void) { + char buf[256]; + krb5_enctype_to_string(1, buf, 256); + } + ],[$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS], + smb_krb5_enctype_to_string_takes_size_t_arg=yes, + smb_krb5_enctype_to_string_takes_size_t_arg=no)]) + +if test x$smb_krb5_enctype_to_string_takes_size_t_arg = xyes; then + AC_DEFINE(HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG,1, +[whether krb5_enctype_to_string takes size_t argument]) +fi + fi + # # # Now the decisions whether we can support krb5 @@ -5954,7 +5992,15 @@ AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials]) fi +AC_CHECK_FUNCS(getpeereid sendmsg) +AC_CHECK_HEADERS(sys/ucred.h) +AC_CHECK_MEMBERS([struct msghdr.msg_accrightslen],,, + [#include sys/socket.h]) +AC_CHECK_MEMBERS([struct msghdr.msg_control],,, + [#include sys/socket.h]) + + # # Check to see if we should use the included popt Modified: branches/SAMBA_3_0/source/include/includes.h === --- branches/SAMBA_3_0/source/include/includes.h2007-04-23 07:33:15 UTC (rev 22478) +++ branches/SAMBA_3_0/source/include/includes.h2007-04-23 08:40:54 UTC (rev 22479) @@ -1194,6 +1194,10 @@ krb5_error_code error_code, const krb5_principal server, krb5_data *reply); +krb5_enctype smb_get_enctype_from_kt_entry(const krb5_keytab_entry *kt_entry); +krb5_error_code smb_krb5_enctype_to_string(krb5_context context, + krb5_enctype enctype, + char **etype_s); #endif /* HAVE_KRB5 */ Modified: branches/SAMBA_3_0/source/libads/kerberos_keytab.c === --- branches/SAMBA_3_0/source/libads/kerberos_keytab.c 2007-04-23 07:33:15 UTC (rev 22478) +++ branches/SAMBA_3_0/source/libads/kerberos_keytab.c 2007-04-23 08:40:54 UTC (rev 22479) @@ -691,4 +691,116 @@ } return ret; } + +/** + List system keytab. +***/ + +int ads_keytab_list(void) +{ + krb5_error_code ret = 0; + krb5_context context = NULL; + krb5_keytab keytab = NULL; + krb5_kt_cursor cursor; +
svn commit: samba r22480 - in branches/SAMBA_3_0/source: .
Author: gd Date: 2007-04-23 08:46:10 + (Mon, 23 Apr 2007) New Revision: 22480 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22480 Log: Remove accidentially comitted getpeereid hunks again. Guenther Modified: branches/SAMBA_3_0/source/configure.in Changeset: Modified: branches/SAMBA_3_0/source/configure.in === --- branches/SAMBA_3_0/source/configure.in 2007-04-23 08:40:54 UTC (rev 22479) +++ branches/SAMBA_3_0/source/configure.in 2007-04-23 08:46:10 UTC (rev 22480) @@ -5992,15 +5992,6 @@ AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials]) fi -AC_CHECK_FUNCS(getpeereid sendmsg) -AC_CHECK_HEADERS(sys/ucred.h) - -AC_CHECK_MEMBERS([struct msghdr.msg_accrightslen],,, - [#include sys/socket.h]) -AC_CHECK_MEMBERS([struct msghdr.msg_control],,, - [#include sys/socket.h]) - - # # Check to see if we should use the included popt
svn commit: samba r22481 - in branches: SAMBA_3_0/source/lib SAMBA_3_0/source/smbd SAMBA_3_0_25/source/lib SAMBA_3_0_25/source/smbd
Author: jra Date: 2007-04-23 09:19:35 + (Mon, 23 Apr 2007) New Revision: 22481 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22481 Log: Move check for non-mappable SIDs to after sid_to_uid, sid_to_gid mapping, add LocalSystem to non-mappable list. Jeremy. Modified: branches/SAMBA_3_0/source/lib/util_sid.c branches/SAMBA_3_0/source/smbd/posix_acls.c branches/SAMBA_3_0_25/source/lib/util_sid.c branches/SAMBA_3_0_25/source/smbd/posix_acls.c Changeset: Modified: branches/SAMBA_3_0/source/lib/util_sid.c === --- branches/SAMBA_3_0/source/lib/util_sid.c2007-04-23 08:46:10 UTC (rev 22480) +++ branches/SAMBA_3_0/source/lib/util_sid.c2007-04-23 09:19:35 UTC (rev 22481) @@ -510,6 +510,9 @@ DOM_SID dom; uint32 rid; + if (sid_equal(sid, global_sid_System)) + return True; + sid_copy(dom, sid); sid_split_rid(dom, rid); Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c === --- branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-04-23 08:46:10 UTC (rev 22480) +++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-04-23 09:19:35 UTC (rev 22481) @@ -1347,17 +1347,6 @@ SEC_ACE *psa = dacl-aces[i]; /* -* Ignore non-mappable SIDs (NT Authority, BUILTIN etc). -*/ - - if (non_mappable_sid(psa-trustee)) { - fstring str; - DEBUG(10,(create_canon_ace_lists: ignoring non-mappable SID %s\n, - sid_to_string(str, psa-trustee) )); - continue; - } - - /* * Create a cannon_ace entry representing this NT DACL ACE. */ @@ -1417,6 +1406,16 @@ } else { fstring str; + /* +* Silently ignore map failures in non-mappable SIDs (NT Authority, BUILTIN etc). +*/ + + if (non_mappable_sid(psa-trustee)) { + DEBUG(10,(create_canon_ace_lists: ignoring non-mappable SID %s\n, + sid_to_string(str, psa-trustee) )); + continue; + } + free_canon_ace_list(file_ace); free_canon_ace_list(dir_ace); DEBUG(0,(create_canon_ace_lists: unable to map SID %s to uid or gid.\n, Modified: branches/SAMBA_3_0_25/source/lib/util_sid.c === --- branches/SAMBA_3_0_25/source/lib/util_sid.c 2007-04-23 08:46:10 UTC (rev 22480) +++ branches/SAMBA_3_0_25/source/lib/util_sid.c 2007-04-23 09:19:35 UTC (rev 22481) @@ -510,6 +510,9 @@ DOM_SID dom; uint32 rid; + if (sid_equal(sid, global_sid_System)) + return True; + sid_copy(dom, sid); sid_split_rid(dom, rid); Modified: branches/SAMBA_3_0_25/source/smbd/posix_acls.c === --- branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-04-23 08:46:10 UTC (rev 22480) +++ branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-04-23 09:19:35 UTC (rev 22481) @@ -1347,17 +1347,6 @@ SEC_ACE *psa = dacl-aces[i]; /* -* Ignore non-mappable SIDs (NT Authority, BUILTIN etc). -*/ - - if (non_mappable_sid(psa-trustee)) { - fstring str; - DEBUG(10,(create_canon_ace_lists: ignoring non-mappable SID %s\n, - sid_to_string(str, psa-trustee) )); - continue; - } - - /* * Create a cannon_ace entry representing this NT DACL ACE. */ @@ -1417,6 +1406,16 @@ } else { fstring str; + /* +* Silently ignore map failures in non-mappable SIDs (NT Authority, BUILTIN etc). +*/ + + if (non_mappable_sid(psa-trustee)) { + DEBUG(10,(create_canon_ace_lists: ignoring non-mappable SID %s\n, + sid_to_string(str, psa-trustee) )); + continue; + } + free_canon_ace_list(file_ace); free_canon_ace_list(dir_ace); DEBUG(0,(create_canon_ace_lists: unable to map SID %s to uid or gid.\n,
svn commit: samba r22482 - in branches/SAMBA_3_0_25/source: .
Author: idra Date: 2007-04-23 09:46:06 + (Mon, 23 Apr 2007) New Revision: 22482 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22482 Log: Fix our brokeness in building shared libraries. Mixing -shared and -pie is not sane. Jerry this should be in 3.0.25 final, it fixed building on IA64 and works ok on F7 (test using libsmbclient) Modified: branches/SAMBA_3_0_25/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0_25/source/Makefile.in === --- branches/SAMBA_3_0_25/source/Makefile.in2007-04-23 09:19:35 UTC (rev 22481) +++ branches/SAMBA_3_0_25/source/Makefile.in2007-04-23 09:46:06 UTC (rev 22482) @@ -23,10 +23,10 @@ [EMAIL PROTECTED]@ CPPFLAGS=-DHAVE_CONFIG_H @CPPFLAGS@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ @LDFLAGS@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ @LDFLAGS@ [EMAIL PROTECTED]@ @LDFLAGS@ [EMAIL PROTECTED]@ @LDFLAGS@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ [EMAIL PROTECTED]@ @@ -1144,7 +1144,7 @@ bin/[EMAIL PROTECTED]@: proto_exists $(LIBADDNS_OBJ) @echo Linking libaddns shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBADDNS_OBJ) $(LDFLAGS) $(LIBS) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBADDNS_OBJ) $(LIBS) \ $(KRB5LIBS) $(UUID_LIBS)\ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBADDNS_MAJOR) @@ -1154,7 +1154,7 @@ bin/[EMAIL PROTECTED]@: proto_exists $(LIBSMBCLIENT_OBJ) @echo Linking libsmbclient shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_OBJ) $(LDFLAGS) $(LIBS) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_OBJ) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBSMBCLIENT_MAJOR) @@ -1164,7 +1164,7 @@ bin/[EMAIL PROTECTED]@: proto_exists $(LIBSMBSHAREMODES_OBJ) @echo Linking libsmbsharemodes shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBSHAREMODES_OBJ) $(LDFLAGS) $(LIBS) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBSHAREMODES_OBJ) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBSMBSHAREMODES_MAJOR) @@ -1174,7 +1174,7 @@ bin/[EMAIL PROTECTED]@: proto_exists $(CAC_OBJ) @echo Linking libmsrpc shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(CAC_OBJ) $(LDFLAGS) $(LIBS) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(CAC_OBJ) $(LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBMSRPC_MAJOR) bin/libmsrpc.a: proto_exists $(CAC_OBJ)
svn commit: samba r22483 - in branches/SAMBA_3_0/source: .
Author: gd Date: 2007-04-23 09:56:54 + (Mon, 23 Apr 2007) New Revision: 22483 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22483 Log: Attempt to fix the build. Guenther Modified: branches/SAMBA_3_0/source/configure.in Changeset: Modified: branches/SAMBA_3_0/source/configure.in === --- branches/SAMBA_3_0/source/configure.in 2007-04-23 09:46:06 UTC (rev 22482) +++ branches/SAMBA_3_0/source/configure.in 2007-04-23 09:56:54 UTC (rev 22483) @@ -4023,10 +4023,11 @@ AC_TRY_RUN_STRICT([ #include krb5.h int main(void) { - krb5_context context; - char *str = NULL; - krb5_enctype_to_string(context, 1, str); - if (str) free (str); + krb5_context context; + char *str = NULL; + krb5_enctype_to_string(context, 1, str); + if (str) free (str); + return 0; } ],[$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS], smb_krb5_enctype_to_string_takes_krb5_context_arg=yes, @@ -4042,8 +4043,9 @@ AC_TRY_RUN_STRICT([ #include krb5.h int main(void) { - char buf[256]; - krb5_enctype_to_string(1, buf, 256); + char buf[256]; + krb5_enctype_to_string(1, buf, 256); + return 0; } ],[$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS], smb_krb5_enctype_to_string_takes_size_t_arg=yes,
svn commit: samba r22484 - in branches: SAMBA_3_0/source/libgpo SAMBA_3_0_25/source/libgpo
Author: gd Date: 2007-04-23 10:04:15 + (Mon, 23 Apr 2007) New Revision: 22484 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22484 Log: Check for the talloc_strdup to succeed. Guenther Modified: branches/SAMBA_3_0/source/libgpo/gpo_fetch.c branches/SAMBA_3_0_25/source/libgpo/gpo_fetch.c Changeset: Modified: branches/SAMBA_3_0/source/libgpo/gpo_fetch.c === --- branches/SAMBA_3_0/source/libgpo/gpo_fetch.c2007-04-23 09:56:54 UTC (rev 22483) +++ branches/SAMBA_3_0/source/libgpo/gpo_fetch.c2007-04-23 10:04:15 UTC (rev 22484) @@ -188,6 +188,7 @@ if (name *display_name) { *display_name = talloc_strdup(mem_ctx, name); + NT_STATUS_HAVE_NO_MEMORY(*display_name); } return NT_STATUS_OK; Modified: branches/SAMBA_3_0_25/source/libgpo/gpo_fetch.c === --- branches/SAMBA_3_0_25/source/libgpo/gpo_fetch.c 2007-04-23 09:56:54 UTC (rev 22483) +++ branches/SAMBA_3_0_25/source/libgpo/gpo_fetch.c 2007-04-23 10:04:15 UTC (rev 22484) @@ -188,6 +188,7 @@ if (name *display_name) { *display_name = talloc_strdup(mem_ctx, name); + NT_STATUS_HAVE_NO_MEMORY(*display_name); } return NT_STATUS_OK;
svn commit: samba r22485 - in branches/SAMBA_4_0/source/librpc/rpc: .
Author: metze Date: 2007-04-23 10:39:20 + (Mon, 23 Apr 2007) New Revision: 22485 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22485 Log: don't crash when the main dcerpc code haven't setup transport.recv_data yet also return always a usefull error metze Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb2.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_sock.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c 2007-04-23 10:04:15 UTC (rev 22484) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c 2007-04-23 10:39:20 UTC (rev 22485) @@ -39,7 +39,17 @@ */ static void pipe_dead(struct dcerpc_connection *c, NTSTATUS status) { - c-transport.recv_data(c, NULL, status); + if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + if (NT_STATUS_EQUAL(NT_STATUS_OK, status)) { + status = NT_STATUS_END_OF_FILE; + } + + if (c-transport.recv_data) { + c-transport.recv_data(c, NULL, status); + } } Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb2.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb2.c 2007-04-23 10:04:15 UTC (rev 22484) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb2.c 2007-04-23 10:39:20 UTC (rev 22485) @@ -41,7 +41,17 @@ */ static void pipe_dead(struct dcerpc_connection *c, NTSTATUS status) { - c-transport.recv_data(c, NULL, status); + if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + if (NT_STATUS_EQUAL(NT_STATUS_OK, status)) { + status = NT_STATUS_END_OF_FILE; + } + + if (c-transport.recv_data) { + c-transport.recv_data(c, NULL, status); + } } Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_sock.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_sock.c 2007-04-23 10:04:15 UTC (rev 22484) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_sock.c 2007-04-23 10:39:20 UTC (rev 22485) @@ -76,7 +76,7 @@ status = NT_STATUS_END_OF_FILE; } - if (!NT_STATUS_IS_OK(status)) { + if (p-transport.recv_data) { p-transport.recv_data(p, NULL, status); } }
Rev 80: fixed ctdb/ib bug at reject event in http://samba.org/~tridge/psomogyi/
revno: 80 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Peter Somogyi [EMAIL PROTECTED] branch nick: ctdb timestamp: Mon 2007-04-23 12:45:14 +0200 message: fixed ctdb/ib bug at reject event reverted my suggestion in debug.c (based on my false error detection) modified: ib/ibwrapper.c ibwrapper.c-20061204130028-0125b4f5a72f4b11 lib/util/debug.c debug.c-20070417155854-2i3crb0irl716qft-1 === modified file 'ib/ibwrapper.c' --- a/ib/ibwrapper.c2007-04-20 12:26:19 + +++ b/ib/ibwrapper.c2007-04-23 10:45:14 + @@ -428,6 +428,7 @@ rc = rdma_get_cm_event(pctx-cm_channel, event); if (rc) { ctx-state = IBWS_ERROR; + event = NULL; sprintf(ibw_lasterr, rdma_get_cm_event error %d\n, rc); goto error; } @@ -520,9 +521,10 @@ if (conn) { if ((rc=rdma_ack_cm_event(event))) DEBUG(0, (reject/rdma_ack_cm_event failed with %d\n, rc)); - event = NULL; - pconn = talloc_get_type(conn-internal, struct ibw_conn_priv); - ibw_conn_priv_destruct(pconn); + event = NULL; /* not to touch cma_id or conn */ + conn-state = IBWC_ERROR; + /* it should free the conn */ + pctx-connstate_func(NULL, conn); } goto error; @@ -556,22 +558,26 @@ return; error: - if (event!=NULL (rc=rdma_ack_cm_event(event))) { - DEBUG(0, (rdma_ack_cm_event failed with %d\n, rc)); - } - DEBUG(0, (cm event handler: %s, ibw_lasterr)); - if (cma_id!=pctx-cm_id) { - conn = talloc_get_type(cma_id-context, struct ibw_conn); - if (conn) { - conn-state = IBWC_ERROR; - pctx-connstate_func(NULL, conn); - } - } else { - ctx-state = IBWS_ERROR; - pctx-connstate_func(ctx, NULL); + if (event!=NULL) { + if (cma_id!=NULL cma_id!=pctx-cm_id) { + conn = talloc_get_type(cma_id-context, struct ibw_conn); + if (conn) { + conn-state = IBWC_ERROR; + pctx-connstate_func(NULL, conn); + } + } else { + ctx-state = IBWS_ERROR; + pctx-connstate_func(ctx, NULL); + } + + if ((rc=rdma_ack_cm_event(event))!=0) { + DEBUG(0, (rdma_ack_cm_event failed with %d\n, rc)); + } } + + return; } static void ibw_event_handler_verbs(struct event_context *ev, === modified file 'lib/util/debug.c' --- a/lib/util/debug.c 2007-04-20 15:04:00 + +++ b/lib/util/debug.c 2007-04-23 10:45:14 + @@ -30,12 +30,12 @@ char *s = NULL; va_start(ap, format); - s = talloc_vasprintf(NULL, format, ap); + vasprintf(s, format, ap); va_end(ap); gettimeofday(tm, NULL); printf(%-8.8d.%-6.6d [%d]: %s, (int)tm.tv_sec, (int)tm.tv_usec, (int)getpid(), s); fflush(stdout); - talloc_free(s); + free(s); } --- -- Peter Somogyi Gamax Kft Bartok Bela ut 15/D H-1114, Budapest, Hungary e-mail: [EMAIL PROTECTED] revno: 80 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Peter Somogyi [EMAIL PROTECTED] branch nick: ctdb timestamp: Mon 2007-04-23 12:45:14 +0200 message: fixed ctdb/ib bug at reject event reverted my suggestion in debug.c (based on my false error detection) modified: ib/ibwrapper.c ibwrapper.c-20061204130028-0125b4f5a72f4b11 lib/util/debug.c debug.c-20070417155854-2i3crb0irl716qft-1 === modified file 'ib/ibwrapper.c' --- a/ib/ibwrapper.c2007-04-20 12:26:19 + +++ b/ib/ibwrapper.c2007-04-23 10:45:14 + @@ -428,6 +428,7 @@ rc = rdma_get_cm_event(pctx-cm_channel, event); if (rc) { ctx-state = IBWS_ERROR; + event = NULL; sprintf(ibw_lasterr, rdma_get_cm_event error %d\n, rc); goto error; } @@ -520,9 +521,10 @@ if (conn) { if ((rc=rdma_ack_cm_event(event))) DEBUG(0, (reject/rdma_ack_cm_event failed with %d\n, rc)); - event = NULL; - pconn = talloc_get_type(conn-internal, struct ibw_conn_priv); - ibw_conn_priv_destruct(pconn); + event = NULL; /* not to touch cma_id or conn */ +
svn commit: samba r22486 - in branches/SAMBA_4_0/source: librpc/rpc torture/rpc
Author: metze Date: 2007-04-23 12:31:12 + (Mon, 23 Apr 2007) New Revision: 22486 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22486 Log: add a flag to ignore timeouts of a request and don't close the connection on timeout metze Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h branches/SAMBA_4_0/source/torture/rpc/echo.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2007-04-23 10:39:20 UTC (rev 22485) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2007-04-23 12:31:12 UTC (rev 22486) @@ -673,6 +673,17 @@ struct timeval t, void *private) { struct rpc_request *req = talloc_get_type(private, struct rpc_request); + + if (req-ignore_timeout) { + dcerpc_req_dequeue(req); + req-state = RPC_REQUEST_DONE; + req-status = NT_STATUS_IO_TIMEOUT; + if (req-async.callback) { + req-async.callback(req); + } + return; + } + dcerpc_connection_dead(req-p-conn, NT_STATUS_IO_TIMEOUT); } @@ -945,6 +956,7 @@ req-flags = 0; req-fault_code = 0; req-async_call = async; + req-ignore_timeout = False; req-async.callback = NULL; req-async.private = NULL; req-recv_handler = NULL; Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h 2007-04-23 10:39:20 UTC (rev 22485) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h 2007-04-23 12:31:12 UTC (rev 22486) @@ -246,6 +246,7 @@ uint16_t opnum; DATA_BLOB request_data; BOOL async_call; + BOOL ignore_timeout; /* use by the ndr level async recv call */ struct { Modified: branches/SAMBA_4_0/source/torture/rpc/echo.c === --- branches/SAMBA_4_0/source/torture/rpc/echo.c2007-04-23 10:39:20 UTC (rev 22485) +++ branches/SAMBA_4_0/source/torture/rpc/echo.c2007-04-23 12:31:12 UTC (rev 22486) @@ -388,8 +388,12 @@ r.in.seconds = 2; p-request_timeout = 1; - torture_assert(tctx, req = dcerpc_echo_TestSleep_send(p, tctx, r), - Failed to send async sleep request); + req = dcerpc_echo_TestSleep_send(p, tctx, r); + if (!req) { + torture_comment(tctx, Failed to send async sleep request\n); + goto failed; + } + req-ignore_timeout = True; status = dcerpc_ndr_request_recv(req); torture_assert_ntstatus_equal(tctx, status, NT_STATUS_IO_TIMEOUT, @@ -408,6 +412,7 @@ torture_comment(tctx, Failed to send async sleep request\n); goto failed; } + req-ignore_timeout = True; status = dcerpc_ndr_request_recv(req); torture_assert_ntstatus_equal(tctx, status, NT_STATUS_IO_TIMEOUT, request should have timed out);
svn commit: samba r22487 - in branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr: .
Author: mimir Date: 2007-04-23 13:37:33 + (Mon, 23 Apr 2007) New Revision: 22487 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22487 Log: Add a separate widget class for listing users and reposition things on NetManager's screen. Qooxdoo layout positioning can be tricky sometimes... rafal Added: branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/UsersView.js Modified: branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/Gui.js Changeset: Modified: branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/Gui.js === --- branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/Gui.js 2007-04-23 12:31:12 UTC (rev 22486) +++ branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/Gui.js 2007-04-23 13:37:33 UTC (rev 22487) @@ -2,6 +2,7 @@ * Copyright (C) Rafal Szczesniak 2007 */ + /** * Swat Net Manager class graphical user interface */ @@ -14,7 +15,6 @@ //qx.OO.addProperty({ name : _tree, type : object }); //qx.OO.addProperty({ name : _panel, type : object }); -//qx.OO.addProperty({ name : _view, type : object }); //qx.OO.addProperty({ name : _txtDomain, type : object }); //qx.OO.addProperty({ name : _txtUsername, type : object }); @@ -30,9 +30,9 @@ // Main layout composing the whole form var vlayout = new qx.ui.layout.VerticalBoxLayout(); vlayout.set({ -top: 20, -left: 20, -width: 100%, +top: 10, +left: 10, +right: 10, bottom: 20 }); @@ -70,37 +70,17 @@ // Panel for list view this._panel = new qx.ui.layout.VerticalBoxLayout(); var panel = this._panel; - + + // TODO: Find out what's causing this bug - specifying 'width' works fine, + // but setting 'right' instead does not which makes impossible to position + // the panel against right boundary of a box panel.set({ top: 0, left: 10, - width: 80%, + width:80%, height: 100% }); - // Setup some initial columns and (empty) item list - to be replaced soon - // with default view loading - var columns = { name : { label: Name, width: 120, type: text }}; - var items = []; - - // Setup the list view - this._view = new qx.ui.listview.ListView(items, columns); - var view = this._view; - view.setBorder(qx.renderer.border.BorderPresets.getInstance().shadow); - view.setBackgroundColor(white); - view.set({ - top: 0, - left: 0, - width: 80%, - height: 100% - }); - - // Give a list view name to handle - fsm.addObject(view, view); - - // and the list view to the panel - panel.add(view); - // Add the tree view and panel for list view to the layout hlayout.add(tree); hlayout.add(panel); @@ -110,8 +90,8 @@ statusLayout.set({ top: 10, left: 0, - right: 0, - height: 100% + width: 100%, + height: 20% }); // First column of status fields @@ -119,13 +99,13 @@ colALayout.set({ top: 0, left: 0, - width: 150, + width: 25%, height: 100% }); // Domain name (credentials) - label and text box var statusDomain = new qx.ui.layout.HorizontalBoxLayout(); - statusDomain.set({ top: 0, left: 0, width: 100%, height: 20, + statusDomain.set({ top: 0, left: 0, width: 100%, height: auto, verticalChildrenAlign: middle }); var lblDomain = new qx.ui.basic.Atom(); @@ -141,7 +121,7 @@ // Username (credentials) - label and text box var statusUsername = new qx.ui.layout.HorizontalBoxLayout(); - statusUsername.set({ top: 0, left: 0, width: 100%, height: 20, + statusUsername.set({ top: 0, left: 0, width: 100%, height: auto, verticalChildrenAlign: middle }); var lblUsername = new qx.ui.basic.Atom(); @@ -281,7 +261,13 @@ qx.Proto._initUserManager = function(module, rpcRequest) { // Get obtained UsrCtx handle - var result = rpcRequest.getUserData(result).data; + var usrCtx = rpcRequest.getUserData(result).data; + + // Create user view and pass the context + var view = new swat.module.netmgr.UsersView(module.fsm); + view.setUsrCtx(usrCtx); + + this._panel.add(view); }; Added: branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/UsersView.js === --- branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/UsersView.js 2007-04-23 12:31:12 UTC (rev 22486) +++ branches/SAMBA_4_0/webapps/swat/source/class/swat/module/netmgr/UsersView.js 2007-04-23 13:37:33 UTC
svn commit: samba r22488 - in branches/SAMBA_4_0: . source/lib/socket
Author: jelmer Date: 2007-04-23 15:32:47 + (Mon, 23 Apr 2007) New Revision: 22488 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22488 Log: Hopefully fix ipv6. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/socket/socket_ipv6.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:merge ...skipped... Modified: branches/SAMBA_4_0/source/lib/socket/socket_ipv6.c === --- branches/SAMBA_4_0/source/lib/socket/socket_ipv6.c 2007-04-23 13:37:33 UTC (rev 22487) +++ branches/SAMBA_4_0/source/lib/socket/socket_ipv6.c 2007-04-23 15:32:47 UTC (rev 22488) @@ -166,9 +166,11 @@ return map_nt_error_from_unix(errno); } - ret = listen(sock-fd, queue_size); - if (ret == -1) { - return map_nt_error_from_unix(errno); + if (sock-type == SOCKET_TYPE_STREAM) { + ret = listen(sock-fd, queue_size); + if (ret == -1) { + return map_nt_error_from_unix(errno); + } } if (!(flags SOCKET_FLAG_BLOCK)) { @@ -390,6 +392,16 @@ return sock-fd; } +static NTSTATUS ipv6_pending(struct socket_context *sock, size_t *npending) +{ + int value = 0; + if (ioctl(sock-fd, FIONREAD, value) == 0) { + *npending = value; + return NT_STATUS_OK; + } + return map_nt_error_from_unix(errno); +} + static const struct socket_ops ipv6_tcp_ops = { .name = ipv6, .fn_init= ipv6_tcp_init, @@ -400,6 +412,7 @@ .fn_recv= ipv6_tcp_recv, .fn_send= ipv6_tcp_send, .fn_close = ipv6_tcp_close, + .fn_pending = ipv6_pending, .fn_set_option = ipv6_tcp_set_option,
svn commit: samba r22489 - in branches/SAMBA_3_0/source/rpcclient: .
Author: obnox Date: 2007-04-23 16:31:31 + (Mon, 23 Apr 2007) New Revision: 22489 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22489 Log: Add a deletedomgroup command to rpcclient (samr). Corresponding to deletedomuser. Michael Modified: branches/SAMBA_3_0/source/rpcclient/cmd_samr.c Changeset: Modified: branches/SAMBA_3_0/source/rpcclient/cmd_samr.c === --- branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2007-04-23 15:32:47 UTC (rev 22488) +++ branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2007-04-23 16:31:31 UTC (rev 22489) @@ -1895,6 +1895,78 @@ return result; } +/* Delete domain group */ + +static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + POLICY_HND connect_pol, domain_pol, group_pol; + uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + + if ((argc 2) || (argc 3)) { + printf(Usage: %s groupname\n, argv[0]); + return NT_STATUS_OK; + } + + if (argc 2) +sscanf(argv[2], %x, access_mask); + + /* Get sam policy and domain handles */ + + result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + connect_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = rpccli_samr_open_domain(cli, mem_ctx, connect_pol, + MAXIMUM_ALLOWED_ACCESS, + domain_sid, domain_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Get handle on group */ + + { + uint32 *group_rids, num_rids, *name_types; + uint32 flags = 0x03e8; /* Unknown */ + + result = rpccli_samr_lookup_names(cli, mem_ctx, domain_pol, + flags, 1, (const char **)argv[1], + num_rids, group_rids, + name_types); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = rpccli_samr_open_group(cli, mem_ctx, domain_pol, + access_mask, + group_rids[0], group_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + } + + /* Delete user */ + + result = rpccli_samr_delete_dom_group(cli, mem_ctx, group_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Display results */ + + rpccli_samr_close(cli, mem_ctx, group_pol); + rpccli_samr_close(cli, mem_ctx, domain_pol); + rpccli_samr_close(cli, mem_ctx, connect_pol); + + done: + return result; +} + /* Delete domain user */ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, @@ -2340,6 +2412,7 @@ { createdomalias, RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias, NULL, PI_SAMR, NULL,Create domain alias, }, { samlookupnames, RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names, NULL, PI_SAMR, NULL,Look up names,}, { samlookuprids, RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids, NULL, PI_SAMR, NULL,Look up names,}, + { deletedomgroup, RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_group, NULL, PI_SAMR, NULL,Delete domain group, }, { deletedomuser, RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user, NULL, PI_SAMR, NULL,Delete domain user, }, { samquerysecobj, RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj, NULL, PI_SAMR, NULL, Query SAMR security object,}, { getdompwinfo, RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo, NULL, PI_SAMR, NULL, Retrieve domain password info, },
svn commit: samba r22490 - in branches: SAMBA_3_0/source/smbd SAMBA_3_0_25/source/smbd
Author: jra Date: 2007-04-23 16:32:24 + (Mon, 23 Apr 2007) New Revision: 22490 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22490 Log: Fix a couple of bugs found whist investigating CSC Vista issues. Ensure we correctly NULL out allocation size fields. Allow QFILEINFO on pipes (Vista bug ?). Jerry - don't automatically merge for 3.0.25. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c branches/SAMBA_3_0_25/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 16:31:31 UTC (rev 22489) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 16:32:24 UTC (rev 22490) @@ -2235,6 +2235,12 @@ return(-1); } +unsigned char *create_volume_objectid(connection_struct *conn, unsigned char objid[16]) +{ + E_md4hash(lp_servicename(SNUM(conn)),objid); + return objid; +} + / Reply to a TRANS2_QFSINFO (query filesystem info). / @@ -2342,6 +2348,8 @@ SIVAL(pdata,0,FILE_CASE_PRESERVED_NAMES|FILE_CASE_SENSITIVE_SEARCH| (lp_nt_acl_support(SNUM(conn)) ? FILE_PERSISTENT_ACLS : 0)| + FILE_SUPPORTS_OBJECT_IDS| + FILE_UNICODE_ON_DISK| quota_flag); /* FS ATTRIBUTES */ SIVAL(pdata,4,255); /* Max filename component length */ @@ -2523,8 +2531,12 @@ } #endif /* HAVE_SYS_QUOTAS */ case SMB_FS_OBJECTID_INFORMATION: + { + unsigned char objid[16]; + memcpy(pdata,create_volume_objectid(conn, objid),16); data_len = 64; break; + } /* * Query the version and capabilities of the CIFS UNIX extensions @@ -3194,6 +3206,68 @@ } / + Reply to a TRANSACT2_QFILEINFO on a PIPE ! +/ + +static int call_trans2qpipeinfo(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize, + unsigned int tran_call, + char **pparams, int total_params, char **ppdata, int total_data, + unsigned int max_data_bytes) +{ + char *params = *pparams; + char *pdata = *ppdata; + unsigned int data_size = 0; + unsigned int param_size = 2; + uint16 info_level; + smb_np_struct *p_pipe = NULL; + + if (!params) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + + if (total_params 4) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + + p_pipe = get_rpc_pipe_p(params,0); + if (p_pipe == NULL) { + return ERROR_NT(NT_STATUS_INVALID_HANDLE); + } + + info_level = SVAL(params,2); + + *pparams = (char *)SMB_REALLOC(*pparams,2); + if (*pparams == NULL) { + return ERROR_NT(NT_STATUS_NO_MEMORY); + } + params = *pparams; + SSVAL(params,0,0); + data_size = max_data_bytes + DIR_ENTRY_SAFETY_MARGIN; + *ppdata = (char *)SMB_REALLOC(*ppdata, data_size); + if (*ppdata == NULL ) { + return ERROR_NT(NT_STATUS_NO_MEMORY); + } + pdata = *ppdata; + + switch (info_level) { + case SMB_FILE_STANDARD_INFORMATION: + memset(pdata,24,0); + SOFF_T(pdata,0,4096LL); + SIVAL(pdata,16,1); + SIVAL(pdata,20,1); + data_size = 24; + break; + + default: + return ERROR_NT(NT_STATUS_INVALID_LEVEL); + } + + send_trans2_replies(outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes); + + return(-1); +} + +/ Reply to a TRANS2_QFILEPATHINFO or TRANSACT2_QFILEINFO (query file info by file name or file id). / @@ -3238,6 +3312,20 @@ return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } + if (IS_IPC(conn)) { + return call_trans2qpipeinfo(conn, + inbuf, + outbuf, + length, +
svn commit: samba r22491 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2007-04-23 16:45:56 + (Mon, 23 Apr 2007) New Revision: 22491 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22491 Log: Fix the build (3.0.25 and 3.0 are different here). Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 16:32:24 UTC (rev 22490) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 16:45:56 UTC (rev 22491) @@ -3262,7 +3262,7 @@ return ERROR_NT(NT_STATUS_INVALID_LEVEL); } - send_trans2_replies(outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes); return(-1); }
svn commit: samba r22492 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/smbd SAMBA_3_0_25/source/include SAMBA_3_0_25/source/smbd
Author: jra Date: 2007-04-23 21:07:05 + (Mon, 23 Apr 2007) New Revision: 22492 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22492 Log: Add objectid code. Jeremy. Modified: branches/SAMBA_3_0/source/include/ntioctl.h branches/SAMBA_3_0/source/smbd/nttrans.c branches/SAMBA_3_0_25/source/include/ntioctl.h branches/SAMBA_3_0_25/source/smbd/nttrans.c Changeset: Modified: branches/SAMBA_3_0/source/include/ntioctl.h === --- branches/SAMBA_3_0/source/include/ntioctl.h 2007-04-23 16:45:56 UTC (rev 22491) +++ branches/SAMBA_3_0/source/include/ntioctl.h 2007-04-23 21:07:05 UTC (rev 22492) @@ -47,7 +47,7 @@ #define FSCTL_SET_REPARSE_POINT 0x000900A4 #define FSCTL_GET_REPARSE_POINT 0x000900A8 #define FSCTL_DELETE_REPARSE_POINT 0x000900AC -#define FSCTL_0x000900C00x000900C0 +#define FSCTL_CREATE_OR_GET_OBJECT_ID 0x000900C0 #define FSCTL_SET_SPARSE 0x000900C4 #define FSCTL_SET_ZERO_DATA 0x000900C8 #define FSCTL_SET_ENCRYPTION 0x000900D7 Modified: branches/SAMBA_3_0/source/smbd/nttrans.c === --- branches/SAMBA_3_0/source/smbd/nttrans.c2007-04-23 16:45:56 UTC (rev 22491) +++ branches/SAMBA_3_0/source/smbd/nttrans.c2007-04-23 21:07:05 UTC (rev 22492) @@ -2285,24 +2285,38 @@ 0); return -1; - case FSCTL_0x000900C0: - /* pretend this succeeded - don't know what this really is - but works ok like this --metze + case FSCTL_CREATE_OR_GET_OBJECT_ID: + { + unsigned char objid[16]; + + /* This should return the object-id on this file. +* I think I'll make this be the inode+dev. JRA. */ - DEBUG(10,(FSCTL_0x000900C0: called on FID[0x%04X](but not implemented)\n,fidnum)); - send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, - 0); + DEBUG(10,(FSCTL_CREATE_OR_GET_OBJECT_ID: called on FID[0x%04X]\n,fidnum)); + + data_count = 64; + pdata = nttrans_realloc(ppdata, data_count); + if (pdata == NULL) { + return ERROR_NT(NT_STATUS_NO_MEMORY); + } + SINO_T_VAL(pdata,0,fsp-inode); + SDEV_T_VAL(pdata,8,fsp-dev); + memcpy(pdata+16,create_volume_objectid(conn,objid),16); + SINO_T_VAL(pdata,32,fsp-inode); + SDEV_T_VAL(pdata,40,fsp-dev); + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, pdata, data_count); return -1; + } + case FSCTL_GET_REPARSE_POINT: /* pretend this fail - my winXP does it like this * --metze */ DEBUG(10,(FSCTL_GET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n,fidnum)); - send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, - NULL, 0, NULL, 0); + return ERROR_NT(NT_STATUS_NOT_A_REPARSE_POINT); return -1; case FSCTL_SET_REPARSE_POINT: @@ -2311,8 +2325,7 @@ */ DEBUG(10,(FSCTL_SET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n,fidnum)); - send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, - NULL, 0, NULL, 0); + return ERROR_NT(NT_STATUS_NOT_A_REPARSE_POINT); return -1; case FSCTL_GET_SHADOW_COPY_DATA: /* don't know if this name is right...*/ Modified: branches/SAMBA_3_0_25/source/include/ntioctl.h === --- branches/SAMBA_3_0_25/source/include/ntioctl.h 2007-04-23 16:45:56 UTC (rev 22491) +++ branches/SAMBA_3_0_25/source/include/ntioctl.h 2007-04-23 21:07:05 UTC (rev 22492) @@ -47,7 +47,7 @@ #define FSCTL_SET_REPARSE_POINT 0x000900A4 #define FSCTL_GET_REPARSE_POINT 0x000900A8 #define FSCTL_DELETE_REPARSE_POINT 0x000900AC -#define FSCTL_0x000900C00x000900C0 +#define FSCTL_CREATE_OR_GET_OBJECT_ID 0x000900C0 #define FSCTL_SET_SPARSE 0x000900C4 #define FSCTL_SET_ZERO_DATA 0x000900C8 #define FSCTL_SET_ENCRYPTION 0x000900D7 Modified: branches/SAMBA_3_0_25/source/smbd/nttrans.c === --- branches/SAMBA_3_0_25/source/smbd/nttrans.c 2007-04-23 16:45:56 UTC (rev 22491) +++ branches/SAMBA_3_0_25/source/smbd/nttrans.c 2007-04-23 21:07:05 UTC (rev 22492) @@ -2279,15 +2279,29 @@ 0); return -1; - case FSCTL_0x000900C0: -
Rev 183: popt not needed in lockwait code in http://samba.org/~tridge/ctdb
revno: 183 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Mon 2007-04-23 23:33:37 +0200 message: popt not needed in lockwait code modified: common/ctdb_lockwait.c ctdb_lockwait.c-20070416214118-n1aeonljj3vpdd9q-1 === modified file 'common/ctdb_lockwait.c' --- a/common/ctdb_lockwait.c2007-04-21 03:08:22 + +++ b/common/ctdb_lockwait.c2007-04-23 21:33:37 + @@ -22,7 +22,6 @@ #include lib/events/events.h #include system/filesys.h #include system/wait.h -#include popt.h #include db_wrap.h #include lib/tdb/include/tdb.h #include ../include/ctdb_private.h
svn commit: samba r22493 - in branches: SAMBA_3_0/source/smbd SAMBA_3_0_25/source/smbd
Author: jra Date: 2007-04-23 21:40:54 + (Mon, 23 Apr 2007) New Revision: 22493 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22493 Log: Fix horrible memory corruption bug with CIFS POSIX open/mkidr. Found by SteveF + valgrind :-). Jerry - essential for rc3. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c branches/SAMBA_3_0_25/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 21:07:05 UTC (rev 22492) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2007-04-23 21:40:54 UTC (rev 22493) @@ -5434,6 +5434,7 @@ *pdata_return_size = 0; return NT_STATUS_NO_MEMORY; } + pdata = *ppdata; SSVAL(pdata,0,NO_OPLOCK_RETURN); SSVAL(pdata,2,0); /* No fnum. */ @@ -5610,6 +5611,7 @@ *pdata_return_size = 0; return NT_STATUS_NO_MEMORY; } + pdata = *ppdata; if (extended_oplock_granted) { if (flags REQUEST_BATCH_OPLOCK) { Modified: branches/SAMBA_3_0_25/source/smbd/trans2.c === --- branches/SAMBA_3_0_25/source/smbd/trans2.c 2007-04-23 21:07:05 UTC (rev 22492) +++ branches/SAMBA_3_0_25/source/smbd/trans2.c 2007-04-23 21:40:54 UTC (rev 22493) @@ -5382,6 +5382,7 @@ *pdata_return_size = 0; return NT_STATUS_NO_MEMORY; } + pdata = *ppdata; SSVAL(pdata,0,NO_OPLOCK_RETURN); SSVAL(pdata,2,0); /* No fnum. */ @@ -5558,6 +5559,7 @@ *pdata_return_size = 0; return NT_STATUS_NO_MEMORY; } + pdata = *ppdata; if (extended_oplock_granted) { if (flags REQUEST_BATCH_OPLOCK) {
svn commit: samba r22494 - in branches/SAMBA_4_0/source: script/tests setup
Author: abartlet Date: 2007-04-23 21:56:23 + (Mon, 23 Apr 2007) New Revision: 22494 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22494 Log: Skip subSchema again, but we will need to remap this objectClass. Make the Fedora DS backend test again. Andrew Bartlett Modified: branches/SAMBA_4_0/source/script/tests/Samba4.pm branches/SAMBA_4_0/source/setup/schema-map-fedora-ds-1.0 branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 Changeset: Modified: branches/SAMBA_4_0/source/script/tests/Samba4.pm === --- branches/SAMBA_4_0/source/script/tests/Samba4.pm2007-04-23 21:40:54 UTC (rev 22493) +++ branches/SAMBA_4_0/source/script/tests/Samba4.pm2007-04-23 21:56:23 UTC (rev 22494) @@ -26,7 +26,7 @@ my ($slapd_conf, $uri, $logs) = @_; my $oldpath = $ENV{PATH}; $ENV{PATH} = /usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}; -system(slapd -d0 -f $slapd_conf -h $uri $logs 21 ); +system(slapd -d -f $slapd_conf -h $uri $logs 21 ); $ENV{PATH} = $oldpath; } @@ -66,6 +66,7 @@ kill 9, IN; close(IN); } + return 1; } sub check_or_start($$$) @@ -645,8 +646,6 @@ SOCKET_WRAPPER_DEFAULT_IFACE = $swiface }; - $ret-{PROVISION_OPTIONS} = join(' ', @provision_options); - if (defined($self-{ldap})) { if ($self-{ldap} eq openldap) { @@ -659,12 +658,16 @@ $self-slapd_start($ret) or die(couldn't start slapd); + $ret-{PROVISION_OPTIONS} = join(' ', @provision_options); + print LDAP PROVISIONING...; $self-provision_ldap($ret); $self-slapd_stop($ret) or die(couldn't stop slapd); - } + } else { + $ret-{PROVISION_OPTIONS} = join(' ', @provision_options); +} return $ret; } Modified: branches/SAMBA_4_0/source/setup/schema-map-fedora-ds-1.0 === --- branches/SAMBA_4_0/source/setup/schema-map-fedora-ds-1.02007-04-23 21:40:54 UTC (rev 22493) +++ branches/SAMBA_4_0/source/setup/schema-map-fedora-ds-1.02007-04-23 21:56:23 UTC (rev 22494) @@ -15,7 +15,6 @@ #This shouldn't make it to the ldap server sambaPassword #Skip ObjectClasses -# #MiddleName has a conflicting OID 2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 #defaultGroup has a conflicting OID Modified: branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 === --- branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 2007-04-23 21:40:54 UTC (rev 22493) +++ branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 2007-04-23 21:56:23 UTC (rev 22494) @@ -19,7 +19,7 @@ #This shouldn't make it to the ldap server sambaPassword #Skip ObjectClasses -#subSchema +subSchema #MiddleName has a conflicting OID 2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 #defaultGroup has a conflicting OID
svn commit: samba r22495 - in branches/SAMBA_3_0/source: . smbd
Author: jpeach Date: 2007-04-23 22:17:06 + (Mon, 23 Apr 2007) New Revision: 22495 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22495 Log: Create wrapper to hide the details of obtaining a set of sockets to listen on. Added: branches/SAMBA_3_0/source/smbd/sockinit.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/smbd/server.c Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2007-04-23 21:56:23 UTC (rev 22494) +++ branches/SAMBA_3_0/source/Makefile.in 2007-04-23 22:17:06 UTC (rev 22495) @@ -498,7 +498,8 @@ smbd/change_trust_pw.o smbd/fake_file.o \ smbd/quotas.o smbd/ntquotas.o $(AFS_OBJ) smbd/msdfs.o \ $(AFS_SETTOKEN_OBJ) smbd/aio.o smbd/statvfs.o \ - smbd/dmapi.o lib/launchd.o $(MANGLE_OBJ) @VFS_STATIC@ + smbd/dmapi.o lib/launchd.o smbd/sockinit.o \ + $(MANGLE_OBJ) @VFS_STATIC@ SMBD_OBJ_BASE = $(PARAM_OBJ) $(SMBD_OBJ_SRV) $(LIBSMB_OBJ) \ $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ) $(SECRETS_OBJ) \ Modified: branches/SAMBA_3_0/source/smbd/server.c === --- branches/SAMBA_3_0/source/smbd/server.c 2007-04-23 21:56:23 UTC (rev 22494) +++ branches/SAMBA_3_0/source/smbd/server.c 2007-04-23 22:17:06 UTC (rev 22495) @@ -22,7 +22,6 @@ */ #include includes.h -#include smb_launchd.h static_decl_rpc; @@ -298,153 +297,6 @@ return num_children max_processes; } -static int init_sockets_smbd(const char *smb_ports, - int fd_listenset[FD_SETSIZE]) -{ - int num_interfaces = iface_count(); - char * ports; - int num_sockets = 0; - int i, s; - - /* use a reasonable default set of ports - listing on 445 and 139 */ - if (!smb_ports) { - ports = lp_smb_ports(); - if (!ports || !*ports) { - ports = smb_xstrdup(SMB_PORTS); - } else { - ports = smb_xstrdup(ports); - } - } else { - ports = smb_xstrdup(smb_ports); - } - - if (lp_interfaces() lp_bind_interfaces_only()) { - /* We have been given an interfaces line, and been - told to only bind to those interfaces. Create a - socket per interface and bind to only these. - */ - - /* Now open a listen socket for each of the - interfaces. */ - for(i = 0; i num_interfaces; i++) { - struct in_addr *ifip = iface_n_ip(i); - fstring tok; - const char *ptr; - - if(ifip == NULL) { - DEBUG(0,(init_sockets_smbd: interface %d has NULL IP address !\n, i)); - continue; - } - - for (ptr=ports; next_token(ptr, tok, \t,, sizeof(tok)); ) { - unsigned port = atoi(tok); - if (port == 0) { - continue; - } - s = fd_listenset[num_sockets] = open_socket_in(SOCK_STREAM, port, 0, ifip-s_addr, True); - if(s == -1) - return 0; - - /* ready to listen */ - set_socket_options(s,SO_KEEPALIVE); - set_socket_options(s,user_socket_options); - - /* Set server socket to non-blocking for the accept. */ - set_blocking(s,False); - - if (listen(s, SMBD_LISTEN_BACKLOG) == -1) { - DEBUG(0,(listen: %s\n,strerror(errno))); - close(s); - return 0; - } - - num_sockets++; - if (num_sockets = FD_SETSIZE) { - DEBUG(0,(init_sockets_smbd: Too many sockets to bind to\n)); - return 0; - } - } - } - } else { - /* Just bind to 0.0.0.0 - accept connections - from anywhere. */ - - fstring tok; - const char *ptr; - - num_interfaces = 1; - - for (ptr=ports; next_token(ptr, tok, \t,, sizeof(tok)); ) { - unsigned port = atoi(tok); - if (port == 0)
Build status as of Tue Apr 24 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-04-23 00:01:02.0 + +++ /home/build/master/cache/broken_results.txt 2007-04-24 00:00:29.0 + @@ -1,4 +1,4 @@ -Build status as of Mon Apr 23 00:00:02 2007 +Build status as of Tue Apr 24 00:00:02 2007 Build counts: Tree Total Broken Panic @@ -7,19 +7,19 @@ ccache 36 6 0 ctdb 0 0 0 distcc 4 0 0 -ldb 34 7 0 -libreplace 31 8 0 +ldb 34 27 0 +libreplace 32 9 0 lorikeet-heimdal 30 14 0 -pidl 20 7 0 -ppp 15 0 0 +pidl 20 6 0 +ppp 14 0 0 python 0 0 0 -rsync36 12 0 +rsync37 12 0 samba0 0 0 samba-docs 0 0 0 samba-gtk3 3 0 -samba4 38 26 5 +samba4 38 25 5 samba_3_041 23 1 smb-build31 30 0 talloc 36 2 0 -tdb 34 4 0 +tdb 34 5 0
svn commit: samba r22496 - in branches/SAMBA_3_0/source/registry: .
Author: obnox Date: 2007-04-24 00:12:28 + (Tue, 24 Apr 2007) New Revision: 22496 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22496 Log: reg_enumvalue should return WERR_NO_MORE_ITEMS instead of WERR_BAD_FILE when all items have been successfully enumerated. Besides seeming the reasonable code to return, this is what I have seen from w2k3, w2k, wxp. Modified: branches/SAMBA_3_0/source/registry/reg_api.c Changeset: Modified: branches/SAMBA_3_0/source/registry/reg_api.c === --- branches/SAMBA_3_0/source/registry/reg_api.c2007-04-23 22:17:06 UTC (rev 22495) +++ branches/SAMBA_3_0/source/registry/reg_api.c2007-04-24 00:12:28 UTC (rev 22496) @@ -168,7 +168,7 @@ } if (idx = key-values-num_values) { - return WERR_BADFILE; + return WERR_NO_MORE_ITEMS; } err = registry_pull_value(mem_ctx, val,
svn commit: samba r22497 - in branches/SAMBA_4_0/source: dsdb/samdb/ldb_modules lib/ldb/tools setup
Author: abartlet Date: 2007-04-24 05:57:56 + (Tue, 24 Apr 2007) New Revision: 22497 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22497 Log: Support renaming objectclasses and attributes for the LDAP backend. OpenLDAP is fussy about operational attributes in user-supplied schema. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c branches/SAMBA_4_0/source/setup/schema-map-openldap-2.3 branches/SAMBA_4_0/source/setup/schema_samba4.ldif Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2007-04-24 00:12:28 UTC (rev 22496) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/entryUUID.c 2007-04-24 05:57:56 UTC (rev 22497) @@ -352,6 +352,15 @@ } }, { + .local_name = objectClasses, + .type = MAP_RENAME, + .u = { + .rename = { +.remote_name = sambaObjectClasses +} + } + }, + { .local_name = sambaPassword, .type = MAP_RENAME, .u = { @@ -446,9 +455,21 @@ } }; +/* This objectClass conflicts with builtin classes on OpenLDAP */ +const struct ldb_map_objectclass entryUUID_objectclasses[] = +{ + { + .local_name = subSchema, + .remote_name = samba4SubSchema + }, + { + .local_name = NULL + } +}; + /* These things do not show up in wildcard searches in OpenLDAP, but * we need them to show up in the AD-like view */ -const char * const wildcard_attributes[] = { +const char * const entryUUID_wildcard_attributes[] = { objectGUID, whenCreated, whenChanged, @@ -471,7 +492,7 @@ }, }, }, - /* objectSid */ + /* objectSid */ { .local_name = objectSid, .type = MAP_CONVERT, @@ -751,7 +772,7 @@ struct entryUUID_private *entryUUID_private; struct ldb_dn *schema_dn; - ret = ldb_map_init(module, entryUUID_attributes, NULL, wildcard_attributes, NULL); + ret = ldb_map_init(module, entryUUID_attributes, entryUUID_objectclasses, entryUUID_wildcard_attributes, NULL); if (ret != LDB_SUCCESS) return ret; Modified: branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c === --- branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c 2007-04-24 00:12:28 UTC (rev 22496) +++ branches/SAMBA_4_0/source/lib/ldb/tools/ad2oLschema.c 2007-04-24 05:57:56 UTC (rev 22497) @@ -246,7 +246,12 @@ char *old_oid; char *new_oid; } *oid_map = NULL; - int num_maps = 0; + int num_oid_maps = 0; + struct attr_map { + char *old_attr; + char *new_attr; + } *attr_map = NULL; + int num_attr_maps = 0; struct ldb_result *attrs_res, *objectclasses_res; struct ldb_dn *schemadn; struct schema_conv ret; @@ -269,25 +274,36 @@ if (isdigit(line[0])) { char *p = strchr(line, ':'); IF_NULL_FAIL_RET(p); - if (!p) { - ret.failures = 1; - return ret; - } p[0] = '\0'; p++; - oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_maps + 2); + oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_oid_maps + 2); trim_string(line, , ); - oid_map[num_maps].old_oid = talloc_move(oid_map, line); + oid_map[num_oid_maps].old_oid = talloc_move(oid_map, line); trim_string(p, , ); - oid_map[num_maps].new_oid = p; - num_maps++; - oid_map[num_maps].old_oid = NULL; + oid_map[num_oid_maps].new_oid = p; + num_oid_maps++; + oid_map[num_oid_maps].old_oid = NULL; } else { - attrs_skip = talloc_realloc(mem_ctx, attrs_skip, const char *, num_skip + 2); - trim_string(line, , ); - attrs_skip[num_skip] = talloc_move(attrs_skip, line); - num_skip++; - attrs_skip[num_skip] = NULL; + char *p = strchr(line, ':'); + if (p) { +