Re: [Samba] dfs problems addressed in 3.0.25b?
Jeremy Allison wrote: On Wed, Jul 04, 2007 at 05:31:20AM +, [EMAIL PROTECTED] wrote: Is the issue below addressed in 3.0.25b? (no freebsd port available yet so I'm still at 3.0.25a) I can't see anything specifically about this in the release notes. I just want to add that I've also seen this behaviour on a windows xp x64 client. It's a pretty serious problem.. so I'm also thinking I may have to revert to an earlier version if it doesn't look like a fix is in the works.. This has not been reproducible as far as I know. Can you create a reproducible test case ? Jeremy. Reproducing it is likely to be tricky - because it's intermittent. It happens maybe every few days for me. This configuration exhibits the behaviour: smb.conf [global] workgroup = SOMEDOMAIN netbios name = dfsserver host msdfs = yes server string = FreeBSD - Samba %v - DFS guest account = nobody guest ok = yes inherit permissions = yes create mask = 0777 directory mask = 0777 unix extensions = no follow symlinks = yes wide symlinks = yes [net] read only = no path = /dfs/net msdfs root = yes inherit permissions = yes browseable = yes [ops] read only = no path = /dfs/ops msdfs root = yes inherit permissions = yes browseable = yes in the folder: /dfs/net/machinename ln -s msdfs:machinename.somedomain.com\sharename sharename now: \\dfsserver\net\machinename\sharename\problemfolder may after some unknown period.. display the same listing as: \\dfsserver\net\machinename\sharename\ \\dfsserver.somedomain.com\net\machinename\sharename\problemfolder might however show the correct listing. The duplication is not infinitely recursive.. ie \\dfsserver\net\machinename\sharename\problemfolder\problemfolder shows the normal listing that should be at \\dfsserver\net\machinename\sharename\problemfolder I just did more opening and closing of explorers and browsing back and forth... and for the first time I've seen two folders (under the same parent) simultaneously showing the wrong listing. To further complicate.. It may be related to the fact that under a separate share on the dfsserver there is also a link (this time to a point beyond the destination share): /dfs/ops ln -s msdfs:machinename.somedomain.com\sharename\siblingofproblemfolder siblingofproblemfolder ie an alternative way to get to a sibling of the problem subfolder(s) so the following are equivalent: \\dfsserver.somedomain.com\ops\siblingofproblemfolder \\dfsserver.somedomain.com\net\machinename\sharename\siblingofproblemfolder JN -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net ads join without kerberos
Hello, I'm trying to join a samba server to a w2k domain. Now I have removed all samba and kerberos software from the machine to reset configuration. Then I have executed net ads testjoin to see what happened (I have already joined the machine to the domain). It returned the following messages: [2007/07/04 09:14:44, 0] libads/kerberos.c:ads_kinit_password(208) kerberos_kinit_password [EMAIL PROTECTED] failed: Client not found in Kerberos database [2007/07/04 09:14:44, 0] libads/kerberos.c:ads_kinit_password(208) kerberos_kinit_password [EMAIL PROTECTED] failed: Client not found in Kerberos database [2007/07/04 09:14:44, 0] utils/net_ads.c:ads_startup(289) ads_connect: Client not found in Kerberos database Join to domain is not valid Well, if kerberos is not installed, where does it get those informations (machine DEBIANSERVER and domain W2KPS.INTRA.CCIAA.NET names)?? -- View this message in context: http://www.nabble.com/net-ads-join-without-kerberos-tf4022865.html#a11426182 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ms office file locking problem
Hi, I'm running samba 3.0.22 on ubuntu. And I've following problem. Someone opens a document with MS Office (under WinXP) and has it open for e.g. 30 min and clicks than on the save button. He get sometimes an error message that the file can not be written. If he clicks on save as and selects the same filename he can overwrite it and save the file. I've no special settings concerning locking - all is left to default in the smb.conf. what to I need to set on the server/client that I get rid of this problem? ps: I looked at http://samba.org/samba/docs/man/Samba-HOWTO-Collection/locking.html but it does not say: if you have problem a, to b. ;-( -- Regards, Robert Robert Penz robert DOT penz AT outertech DOT com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Re: [Samba] Open Extend doesn't work anymore... !
Jeremy Allison wrote: On Tue, Jul 03, 2007 at 06:48:18PM +0200, Mariotto Francesco wrote: On Windows XP and 2003 !!! Linux Server CentOS has CUPS and Samba 3.0.25 with all printers privileges. I've problems with a program. Printing system does: type test.txt\\lnxsrv\printer and it return: the parameter is incorrect but if i try: type test.txt\\lnxsrv\printer it works but with early samba, before 3.0.21 release open extend it works ! with last samba release 3.0.25 doesn't works and it returns me error ! Only simple works now ! I can't reproduce this with 3.0.25b. Jeremy. ACL of samba v: 3.0.25b on Centos5 lnxsrv1 that NOT WORK ! \\lnxsrv1\hp1200,3, DACL(not_protected):Everyone, print+GENERIC_EXECUTE, allow, container_inherit:BUILTIN\Administrators, manage_printer+GENERIC_ALL, allow, object_inherit+inherit_only:BUILTIN\Administrators, manage_printer+GENERIC_ALL, allow, container_inherit ACL of samba v: 3.0.21 on Centos5 lnxsrv1 that WORK ! \\lnxsrv1\hp1200,3,DACL(not_protected):Creator Owner, READ_CONTROL, allow, container_inherit+inherit_only:Creator Owner, GENERIC_ALL, allow, object_inherit+inherit_only:Everyone, print, allow, no_inheritance:Everyone, GENERIC_EXECUTE, allow, container_inherit+inherit_only:BUILTIN\Administrators, manage_printer, allow, no_inheritance:BUILTIN\Administrators, GENERIC_ALL, allow, container_inherit+object_inherit+inherit_only:BUILTIN\Power Users, manage_printer, allow, no_inheritance:BUILTIN\Power Users, GENERIC_ALL, allow, container_inherit+object_inherit+inherit_only ACL of w2003ts with shared printer, it WORKS (returns equal ACL of lnxsrv1): \\w2003ts\hp1200,3,DACL(not_protected):CREATOR OWNER, READ_CONTROL,allow,container_inherit+inherit_only:CREATOR OWNER, GENERIC_ALL,allow,object_inherit+inherit_only:Everyone, print,allow,no_inheritance:Everyone, GENERIC_EXECUTE,allow,container_inherit+inherit_only:BUILTIN\Administrators, manage_printer,allow,no_inheritance:BUILTIN\Administrators, GENERIC_ALL,allow,container_inherit+object_inherit+inherit_only:BUILTIN\Power Users, manage_printer,allow,no_inheritance:BUILTIN\Power Users, GENERIC_ALL,allow,container_inherit+object_inherit+inherit_only How can i change ACL for printers in samba 3.0.25b ? Please help me -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: Re: Re: [Samba] Open Extend doesn't work anymore... !
Jeremy Allison wrote: On Tue, Jul 03, 2007 at 06:48:18PM +0200, Mariotto Francesco wrote: On Windows XP and 2003 !!! Linux Server CentOS has CUPS and Samba 3.0.25 with all printers privileges. I've problems with a program. Printing system does: type test.txt\\lnxsrv\printer and it return: the parameter is incorrect but if i try: type test.txt\\lnxsrv\printer it works but with early samba, before 3.0.21 release open extend it works ! with last samba release 3.0.25 doesn't works and it returns me error ! Only simple works now ! I can't reproduce this with 3.0.25b. Jeremy. ACL of samba v: 3.0.25b on Centos5 lnxsrv1 that NOT WORK ! \\lnxsrv1\hp1200,3, DACL(not_protected):Everyone, print+GENERIC_EXECUTE, allow, container_inherit:BUILTIN\Administrators, manage_printer+GENERIC_ALL, allow, object_inherit+inherit_only:BUILTIN\Administrators, manage_printer+GENERIC_ALL, allow, container_inherit ACL of samba v: 3.0.21 on Centos5 lnxsrv1 that WORK ! \\lnxsrv1\hp1200,3,DACL(not_protected):Creator Owner, READ_CONTROL, allow, container_inherit+inherit_only:Creator Owner, GENERIC_ALL, allow, object_inherit+inherit_only:Everyone, print, allow, no_inheritance:Everyone, GENERIC_EXECUTE, allow, container_inherit+inherit_only:BUILTIN\Administrators, manage_printer, allow, no_inheritance:BUILTIN\Administrators, GENERIC_ALL, allow, container_inherit+object_inherit+inherit_only:BUILTIN\Power Users, manage_printer, allow, no_inheritance:BUILTIN\Power Users, GENERIC_ALL, allow, container_inherit+object_inherit+inherit_only ACL of w2003ts with shared printer, it WORKS (returns equal ACL of lnxsrv1): \\w2003ts\hp1200,3,DACL(not_protected):CREATOR OWNER, READ_CONTROL,allow,container_inherit+inherit_only:CREATOR OWNER, GENERIC_ALL,allow,object_inherit+inherit_only:Everyone, print,allow,no_inheritance:Everyone, GENERIC_EXECUTE,allow,container_inherit+inherit_only:BUILTIN\Administrators, manage_printer,allow,no_inheritance:BUILTIN\Administrators, GENERIC_ALL,allow,container_inherit+object_inherit+inherit_only:BUILTIN\Power Users, manage_printer,allow,no_inheritance:BUILTIN\Power Users, GENERIC_ALL,allow,container_inherit+object_inherit+inherit_only How can i change ACLs on printers ? -- Francesco Mariotto System Administrator [EMAIL PROTECTED] VULCANIA SYSTEM S.R.L. Linux System Integrator Strada Dell'Alpo, 27 37136 Verona (VR) Italy Tel. +39 045506015 Fax +39 045584937 [EMAIL PROTECTED] www.vulcaniasystem.it -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Problem With Big File Transfer on Windows Client
I use fedora 7 and the last stable version of samba 3.0.25a-3 on an embedded linux system as a server and a windows xp. I 'am using truecrypt and sharing de mount directory with the XP machine via samba. Selniux is disabled. Everything works well such as connection or small files transfers but we have a huge problem when we try to transfer a big file (~100 MB) from the client (Windows) to the server (embedded linux). No problem in the other side. Indeed, windows displays an error saying that the specified network name is no longer available. Moreover, we have performed different kinds of tests such as using a Linux client or using a Linux PC as a server (with a Windows client) and everything goes right. We assume that our problem comes from our Linux Embedded system but we cannot find out the critical point. Moreover logs messages do not give us more information execpting the oplocks problems, which are not the problem origin. Thanks NP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Open Extend doesn't work anymore... !
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mariotto Francesco wrote: How can i change ACL for printers in samba 3.0.25b ? Using the security tab in the print properties dialog. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGi4nDIR7qMdg1EfYRAitNAJ0Q2KtPQp+zvIyIym/QTK2Rmk4owwCg8Wgm sefd5ad5DS3OQXpwSG3gHRc= =Meau -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ms office file locking problem
Robert Penz wrote: Someone opens a document with MS Office (under WinXP) and has it open for e.g. 30 min and clicks than on the save button. He get sometimes an error message that the file can not be written. If he clicks on save as and selects the same filename he can overwrite it and save the file. I remember a similar problem, I'm sorry I can't give you a link, but in my case was an MS Office fault. Have you searched the MS knowledge base? DaC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Open Extend doesn't work anymore... !
Gerald (Jerry) Carter ha scritto: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mariotto Francesco wrote: How can i change ACL for printers in samba 3.0.25b ? Using the security tab in the print properties dialog. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGi4nDIR7qMdg1EfYRAitNAJ0Q2KtPQp+zvIyIym/QTK2Rmk4owwCg8Wgm sefd5ad5DS3OQXpwSG3gHRc= =Meau -END PGP SIGNATURE- No man ! if i send manual type test.txt \\lnxsrv\printer it WORKS with append () doesn't work ! For me isn't a ACL's problem. Example from prompt command: C:\Documents and Settings\mariotfrtype test.txt \\lnxsrv1\hp1200ban --- NOT WORK The parameter is incorrect. C:\Documents and Settings\mariotfr C:\Documents and Settings\mariotfrtype test.txt \\lnxsrv1\hp1200ban --- WORK C:\Documents and Settings\mariotfr Problems with samba 3.0.22 or new ! with samba 3.0.21 is all ok ! Help me please. Francesco Mariotto System Administrator [EMAIL PROTECTED] VULCANIA SYSTEM S.R.L. Linux System Integrator Strada Dell'Alpo, 27 37136 Verona (VR) Italy Tel. +39 045506015 Fax +39 045584937 [EMAIL PROTECTED] www.vulcaniasystem.it -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: ham,[Samba] No access to share
All the group mappings are in place: net groupmap list Domain Admins (S-1-5-21-1953726507-754737620-746616776-2) - admins Domain Guests (S-1-5-21-1953726507-754737620-746616776-20002) - guests Domain Users (S-1-5-21-1953726507-754737620-746616776-20001) - users getent passwd admin:*:0:2:admin :/home/users/admins/in: gal_script$:*:3:515:Computer:/dev/null:/bin/false ie-aqd-w089$:*:30001:515:Computer:/dev/null:/bin/false aqd-christian$:*:30002:515:Computer:/dev/null:/bin/false chris.boyd:*:1000:2:Chris Boyd:/home/chris.boyd:/bin/bash emmett.sutton:*:1001:2:Emmett Sutton:/home/emmett.sutton:/bin/bash bob.bobson:*:1002:20001:Bob Bobson:/home/bob.bobson:/bin/bash getent group admins:*:2: guests:*:20002: users:*:20001: I changed the valid users = USIT\%S and valid users = @USIT\admin, @USIT\users Commented out the second path statement under profiles. Still whenever I log onto as say chris.boyd I can access the home drive and is mapped but still get the command prompt from the logon script saying invalid password for usit-file file://usit-file/ and refuses to allow access to the share even with the admin logon. Strangely the profile folders show up in the home folder and there are no desktop icons showing? The machine log shows for that logon: [2007/07/04 10:52:35, 0] printing/pcap.c:pcap_cache_reload(159) Unable to open printcap file /etc/printcap for read! [2007/07/04 10:59:23, 1] smbd/service.c:close_cnum(1150) aqd-christian (10.133.2.46) closed connection to service profiles [2007/07/04 10:59:23, 1] smbd/service.c:close_cnum(1150) aqd-christian (10.133.2.46) closed connection to service profiles [2007/07/04 10:59:57, 1] smbd/service.c:close_cnum(1150) aqd-christian (10.133.2.46) closed connection to service netlogon [2007/07/04 11:01:19, 1] smbd/service.c:close_cnum(1150) aqd-christian (10.133.2.46) closed connection to service chris.boyd -Original Message- From: Dale Schroeder [mailto:[EMAIL PROTECTED] Sent: 03 July 2007 18:04 To: Chris Boyd Subject: Re: ham,[Samba] No access to share Chris, If your problem turns out to be ldap, I am not of much use. However, have you done all the group mapping? Did you take into account the ldap schema changes since 3.0.23? Are your groups domain groups? If yes, then it should be valid users = DOMAIN\%S and valid users = @DOMAIN\admin, @DOMAIN\users. See http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html. You also have two paths listed under [profiles]. Can't think of anything more to suggest. If all this fails, provide an error log to the list. Good luck, Dale Chris Boyd wrote: Running Debian Etch with Samba-3.0.24 and ldap... I've set up a few users as part of the admin group and one in the users group. When I log onto the XP machine they can see their home drives but I get a command prompt asking for username and password for the server (usit-file). Not even admin can login though. Even if I log onto the XP machine as the domain admin I can't access the share. The relevant bits: smb.conf: workgroup = usit server string = %h server wins support = yes wins server = 10.133.1.21 dns proxy = yes name resolve order = lmhosts host wins bcast interfaces = 127.0.0.0/8 10.133.0.0/16 eth0 log file = /var/log/samba/log.%m max log size = 1000 syslog = 10 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = ldapsam:ldap://10.133.1.21 ldap suffix = dc=usit,dc=ie ldap machine suffix = ou=machines ldap user suffix = ou=users ldap group suffix = ou=groups ldap admin dn = cn=admin,dc=usit,dc=ie ldap delete dn = no obey pam restrictions = yes ldap password sync = yes invalid users = root ldap passwd sync = Yes passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* domain logons = yes enable privileges = yes logon path = file://\\%N\profiles\%U file://\\%N\profiles\%U \\%N\profiles\%U logon path = \\%N\%U\profile logon drive = H: logon home = file://\\%N\%U file://\\%N\%U \\%N\%U logon script = logon.bat add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u ldap delete dn = Yes delete user script = /usr/sbin/smbldap-userdel %u add machine script = /usr/sbin/smbldap-useradd -w %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = yes preferred master = yes [homes] comment = Home Directories browseable = no writable = yes create
[Samba] folder permissions
Running Samba 3.0.25a on AIX 5.3, Configured in W2003 AD as Member Server Have set up share called Test. From Windows :- Can add, remove folders and files. Can change permissions on Files from Windows security tab. Problem : Cannot change permissions on Folders from Windows security tab my security settings are thus :- security mask = 0777 force security mode = 0 directory security mask = 0777 force directory security mode = 0 Any solutions ? selwyn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] folder permissions
Running Samba 3.0.25a on AIX 5.3, Configured in W2003 AD as Member Server Have set up share called Test. From Windows :- Can add, remove folders and files. Can change permissions on Files from Windows security tab. Problem : Cannot change permissions on Folders from Windows security tab my security settings are thus :- security mask = 0777 force security mode = 0 directory security mask = 0777 force directory security mode = 0 1.) Remove the force directives. 2.) Make sure your filesystem supports ACLs and Samba has ACL support. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.25 OpenLDAP 2.3 issues
Hi, I'm setting up Samba 3.0.25 on a FreeBSD box, nss_ldap, pam_ldap openldap are installed and work fine (local login with an ldap defined account succeeds) I'm following the directions of the Samba Guide : http://us3.samba.org/samba/docs/man/Samba-Guide/happy.html#id338636 Ldap password is stored in secrets.tdb and smbd accesses the runnig slapd. What's wrong is that the sambaDomainName object is created under the suffix defined in smb.conf but not under the Domains ou (this ou exists in the directory) smbd then complains about accounts it can't create. I've already opened the acl in slapd.conf with no result : access to dn.subtree=ou=Domains,dc=interne,dc=example,dc=org by self write by dn=cn=Manager,dc=interne,dc=example,dc=org write by * auth Any idea ? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] dfs problems addressed in 3.0.25b?
On Wed, Jul 04, 2007 at 07:11:27AM +, [EMAIL PROTECTED] wrote: Reproducing it is likely to be tricky - because it's intermittent. It happens maybe every few days for me. This configuration exhibits the behaviour: smb.conf [global] workgroup = SOMEDOMAIN netbios name = dfsserver host msdfs = yes server string = FreeBSD - Samba %v - DFS guest account = nobody guest ok = yes inherit permissions = yes create mask = 0777 directory mask = 0777 unix extensions = no follow symlinks = yes wide symlinks = yes [net] read only = no path = /dfs/net msdfs root = yes inherit permissions = yes browseable = yes [ops] read only = no path = /dfs/ops msdfs root = yes inherit permissions = yes browseable = yes in the folder: /dfs/net/machinename ln -s msdfs:machinename.somedomain.com\sharename sharename now: \\dfsserver\net\machinename\sharename\problemfolder may after some unknown period.. display the same listing as: \\dfsserver\net\machinename\sharename\ \\dfsserver.somedomain.com\net\machinename\sharename\problemfolder might however show the correct listing. The duplication is not infinitely recursive.. ie \\dfsserver\net\machinename\sharename\problemfolder\problemfolder shows the normal listing that should be at \\dfsserver\net\machinename\sharename\problemfolder I just did more opening and closing of explorers and browsing back and forth... and for the first time I've seen two folders (under the same parent) simultaneously showing the wrong listing. To further complicate.. It may be related to the fact that under a separate share on the dfsserver there is also a link (this time to a point beyond the destination share): /dfs/ops ln -s msdfs:machinename.somedomain.com\sharename\siblingofproblemfolder siblingofproblemfolder ie an alternative way to get to a sibling of the problem subfolder(s) so the following are equivalent: \\dfsserver.somedomain.com\ops\siblingofproblemfolder \\dfsserver.somedomain.com\net\machinename\sharename\siblingofproblemfolder Doesn't sound like a Samba bug to be honest. Have you looked into MS DFS bugs ? What filesystem are you running this on ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] join samba to a 2003 rc2 domain
We have identified a problem joining samba to a windows 2003 rc2 domain. Using mit kerberos 1.5, and the latest version of samba (3.0.25b), net join ads would throw up the error: cli_rpc_pipe_open: cli_nt_create failed on pipe \NETLOGON to machine domaincontroller.mynet.mydomain.com. Error was NT_STATUS_ACCESS_DENIED net_rpc_join_ok: failed to get schannel session key from server domaincontroller.mynet.mydomain.com for domain mynet. Error was NT_STATUS_ACCESS_DENIED Failed to verify membership in domain! Failed to join domain: Success return code = -1 A temporary workaround for this is to add netlogon to the group policy under named pipes that can be accessed anonymously. this would seem to suggest that samba cannot join a domain unless it is granted anonymous access to the netlogon pipe. Our windows admins dont want to permanently open this, so is there a way to get samba net join to work correctly without having anonymous access to the netlogon pipe? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot seem to get printer driver delivery working from Vista 64 bit systems - Samba 3.0.25b
Version: Samba 3.0.25b OS: CentOS 5 x86_64 I've had printer driver delivery working OK to 32 bit clients for a while. I used cupsaddsmb to set that up originally. We recently added some 64 bit Vista client machines (yay). I created an x64 directory on the print$ share and followed the Samba HowTo instructions for finding and uploading a printer driver. The files are from a Vista 64 bit client that is able to print directly to the printer over the network. rpcclient -U root -c 'adddriver Windows x64 \ Dell_Colour_Stationary_Room:PSCRIPT5.DLL:DLUXCN02.PPD:PS5UI.DLL:PSCRIPT.HLP:NULL:RAW:PSCRIPT.NTF,PS_SCHM.GDL' \ localhost rpcclient -U root -c \ 'setdriver Dell_Colour_Stationary_Room Dell_Colour_Stationary_Room' localhost Both commands complete successfully. The files are all now in print$/x64/3/ and the driver appears in rpcclient enumprinters: [Windows x64] Printer Driver Info 1: Driver Name: [Dell_Colour_Stationary_Room] However, when I try to Connect to the printer from the Vista 64 bit machine, all I get is Windows cannot connect to the printer. Operation could not be completed (error 0x06f7). Any help would be appreciated. -- Thank God we don't get all the government we pay for. -- Will Rogers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Problem With Big File Transfer on Windows Client
problem when we try to transfer a big file (~100 MB) from the client (Windows) to the server (embedded linux). I had encountered a similar while copying the larger file from client to server. I had figured out that this causes due to failure in extending the file using ftruncate call. While copying a file from client to the server, server first extends the file up to the file size by executing the ftruncate() and writes 0 to the extended area. If the file is huge say in your case 100MB the client times out by the time ftruncate returns after extending the file. The code this happens in samba is in below module: /smbd/vfs-wrap.c int vfswrap_ftruncate(vfs_handle_struct *handle, files_struct *fsp, int fd, SMB_OFF_T len) { ... result = sys_ftruncate(fd, len); } To confirm whether this is the problem you can write a small program to see whether ftruncate is taking a lot of time. Also you can capture packets and see where exactly the problem is? HTH Aravind -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Miserable read performance (factor ~60 too slow)
Hi, I am trying to migrate my files from a Windows XP Pro box to a new server running OpenSuSE 10.2/Linux 2.6.18 (x86_64) and Samba 3.0.25b. The Server is a new Athlon 64 X2 4000+/1GB with two 400GB SATA disks in a software RAID1 configuration. The share file system is reiserfs on a 350GB RAID1 partition. I have a small LAN with three PCs on 100MBit Ethernet and a Laptop on WLAN on a 4 Port Switch/WLAN/DSL router. I am experiencing extremely (an I really mean EXTREMELY) bad performance. It is so bad that it can not have anything to do with performance tuning, it must be a configuration error somewhere. Doing some comparisons, I find that - copying a 700MB file from the CIFS share of the Windows XP box to a different Windows PC starts immediately and takes about two minutes. - copying the same file via HTTP from the new Samba server takes a little more than one minute (10.5 MB/sec). - copying the file from the Samba share varies hugely. It can take between 90 seconds and literally hours (!). - sometimes it goes faster, but almost always the startup time is between 20 and 90 seconds, that is the time before the copying even begins. - I have found repeatedly that when I am copying a file from the Samba share, and it goes extremely slow (estimated time 90 minutes), and I start copying a second file (from the same or a different PC), suddenly the copying speeds up to normal speed. ifconfig does not show any collisions or errors, and as I said, copying via HTTP is extremely fast. The Linux installation is as barebones as I could make it, no X11, no firewall (for now), no ZENWorks or AppArmor or anything. I already once reinstalled everything from scratch, to no avail. Any ideas would be immensely appreciated, as I am seriously considering going back to Windows XP ;-) Best Regards, Arno Here is my smb.conf: [global] workgroup = MSHEIMNETZ printing = cups printcap name = cups printcap cache time = 750 cups options = raw map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: usershare allow guests = Yes add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = No domain master = No security = share netbios name = FILESERVER2 [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [share] comment = share path = /share read only = No guest ok = Yes browsable = Yes -- Arno Schäfer IT-Beratung Softwareentwicklung PHP - Java - Web-Anwendungen Linux/Unix - MySQL - Hochverfügbarkeit - Security Hainer Trift 38 - 63303 Dreieich mailto: [EMAIL PROTECTED] Tel. +49-6103-699967 | Mobil +49-171-7939236 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Docs] Alternative LDAP Database Initialization Script Error
On 03/07/07, John H Terpstra [EMAIL PROTECTED] wrote: On Tuesday 03 July 2007 04:48, Gavin Henry wrote: Dear all, Should be cat EOL not cat EOL at: http://us1.samba.org/samba/docs/man/Samba-Guide/appendix.html#sbehap-ldapre confc Thanks, Gavin. Yes indeed. Thanks. Fixed. Hi John, I've got a few OpenLDAP things for you too. e.g. attrs, not attr for the ACLs etc. I'll get a list/patch together soon. Thanks, Gavin ([EMAIL PROTECTED]) - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba backtrace on network copy
Hi all, I have an issue when copying large amounts of small files (say 10,000 or so) from a Samba share across the network. On a Windows machine it errors with: Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied.. Linux just says it can't find the file. The log file says something like this: --begin log-- [2007/07/05 09:11:34, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 14 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x1a) [0x5e439a] #1 /usr/sbin/smbd(smb_panic+0x34) [0x5e4474] #2 /usr/sbin/smbd [0x5e8ff8] #3 /usr/sbin/smbd [0x4a5e7a] #4 /usr/sbin/smbd(set_sec_ctx+0xf2) [0x4a61c2] #5 /usr/sbin/smbd(change_to_user+0x355) [0x49d665] #6 /usr/sbin/smbd [0x4b71f0] #7 /usr/sbin/smbd(make_connection+0x154) [0x4b8144] #8 /usr/sbin/smbd(reply_tcon_and_X+0x1e1) [0x485581] #9 /usr/sbin/smbd [0x4b40d3] #10 /usr/sbin/smbd(smbd_process+0x6c0) [0x4b52a0] #11 /usr/sbin/smbd(main+0xf3e) [0x671a6e] #12 /lib/libc.so.6(__libc_start_main+0xf4) [0x2ab0faa638e4] #13 /usr/sbin/smbd [0x4508a9] [2007/07/05 09:11:34, 0] lib/util.c:smb_panic(1607) smb_panic(): calling panic action [/usr/share/samba/panic-action 10417] [2007/07/05 09:11:34, 0] lib/util.c:smb_panic(1615) smb_panic(): action returned status 0 [2007/07/05 09:11:34, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd [2007/07/05 09:11:34, 0] lib/util_sec.c:assert_uid(101) Failed to set uid privileges to (-1,1000) now set to (0,0) [2007/07/05 09:11:34, 0] lib/util.c:smb_panic(1599) PANIC (pid 10420): failed to set uid [2007/07/05 10:35:18, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 14 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x1a) [0x5e439a] #1 /usr/sbin/smbd(smb_panic+0x34) [0x5e4474] #2 /usr/sbin/smbd [0x5e8ff8] #3 /usr/sbin/smbd [0x4a5e7a] #4 /usr/sbin/smbd(set_sec_ctx+0xf2) [0x4a61c2] #5 /usr/sbin/smbd(change_to_user+0x355) [0x49d665] #6 /usr/sbin/smbd [0x4b71f0] #7 /usr/sbin/smbd(make_connection+0x154) [0x4b8144] #8 /usr/sbin/smbd(reply_tcon_and_X+0x1e1) [0x485581] #9 /usr/sbin/smbd [0x4b40d3] #10 /usr/sbin/smbd(smbd_process+0x6c0) [0x4b52a0] #11 /usr/sbin/smbd(main+0xf3e) [0x671a6e] #12 /lib/libc.so.6(__libc_start_main+0xf4) [0x2abfbe8458e4] #13 /usr/sbin/smbd [0x4508a9] [2007/07/05 10:35:18, 0] lib/util.c:smb_panic(1607) smb_panic(): calling panic action [/usr/share/samba/panic-action 11739] [2007/07/05 10:35:18, 0] lib/util.c:smb_panic(1615) smb_panic(): action returned status 0 [2007/07/05 10:35:18, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd [2007/07/05 10:35:18, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 192.168.10.129. Error Connection reset by peer [2007/07/05 10:35:18, 0] lib/util_sock.c:send_smb(769) Error writing 4 bytes to client. -1. (Connection reset by peer) [2007/07/05 10:35:18, 0] lib/util_sec.c:assert_uid(101) Failed to set uid privileges to (-1,1003) now set to (0,0) [2007/07/05 10:35:18, 0] lib/util.c:smb_panic(1599) PANIC (pid 11744): failed to set uid --end log-- Is this an issue that I'm running over the maximum number of processes allowed for this particular user? I'm not sure why it's getting a uid of -1. Last night I started a copy of the entire tree from Linux client (Ubuntu), which completed successfully - 350,000 files totally 13GB. Yesterday during the day however and again this morning, it failed again. The only difference I can think of is lack of multiple users on the system. Server is Ubuntu 7.04 running Samba 3.0.24-2ubuntu1.2 with users stored in local db, not running as PDC yet. Any ideas? Thanks! Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] dfs problems addressed in 3.0.25b?
Doesn't sound like a Samba bug to be honest. Have you looked into MS DFS bugs ? What filesystem are you running this on ? Jeremy. . This is running on FreeBSD 6.2 - UFS. I never had the problem before upgrading to 3.0.25a and aside from the obligatory 'msdfs root = yes' change, my samba config is the same as before. I know it could just be coincidence - but the fact that someone else (Volker Kindermann) also appears to relate this issue to the 3.0.25a version does suggest to me that a Samba bug is at least likely. I'm trawling the MS kb now regarding DFS anyway.. nothing looks relevant so far.. but I'll keep looking for some clues. Cheers, Julian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Add printer in cups but is not being shared by samba
I added a printer to cups and samba is not sharing the printer. I have twenty some printers shared with no problems until this one. How long can a printer name be in samba? How long a printer name can be cups. I think in windows it is 31 characters in windows. The printer name is 18 characters long. Any ideas? Thanks -Glenn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Rev 555: more careful checking of lengths in http://samba.org/~tridge/ctdb
revno: 555 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Wed 2007-07-04 16:22:09 +1000 message: more careful checking of lengths modified: takeover/system.c system.c-20070525071636-a5n1ihghjtppy08r-3 === modified file 'takeover/system.c' --- a/takeover/system.c 2007-07-04 03:53:22 + +++ b/takeover/system.c 2007-07-04 06:22:09 + @@ -484,7 +484,7 @@ event_loop_once(ev); ret = recv(s, pkt, RCVPKTSIZE, MSG_TRUNC); - if (ret40) { + if (ret sizeof(*eth)+sizeof(*ip)) { continue; } @@ -496,7 +496,7 @@ } /* IP */ - ip = (struct iphdr *)pkt[14]; + ip = (struct iphdr *)(eth+1); /* We only want IPv4 packets */ if (ip-version != 4) { continue; @@ -519,8 +519,15 @@ continue; } + /* make sure its not a short packet */ + if (offsetof(struct tcphdr, ack_seq) + 4 + + (ip-ihl*4) + sizeof(*eth) ret) { + continue; + } + /* TCP */ - tcp = (struct tcphdr *)pkt[14+ip-ihl*4]; + tcp = (struct tcphdr *)((ip-ihl*4) + (char *)ip); + /* We only want replies from the port we tickled */ if (tcp-source != dst-sin_port) { continue;
Rev 556: - neaten up the command line for killtcp in http://samba.org/~tridge/ctdb
revno: 556 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Wed 2007-07-04 16:51:13 +1000 message: - neaten up the command line for killtcp - split out the event script code into a separate module - get rid of the separate takeover directory removed: takeover/ takeover-20070525071636-a5n1ihghjtppy08r-1 renamed: takeover/ctdb_takeover.c = server/ctdb_takeover.c ctdb_takeover.c-20070525071636-a5n1ihghjtppy08r-2 takeover/system.c = common/system.c system.c-20070525071636-a5n1ihghjtppy08r-3 modified: Makefile.inmakefile.in-20061117234101-o3qt14umlg9en8z0-1 common/ctdb_util.c ctdb_util.c-20061128065342-to93h6eejj5kon81-3 include/ctdb_private.h ctdb_private.h-20061117234101-o3qt14umlg9en8z0-13 tools/ctdb.c ctdb_control.c-20070426122705-9ehj1l5lu2gn9kuj-1 common/system.csystem.c-20070525071636-a5n1ihghjtppy08r-3 Diff too large for email (324, the limit is 200).
Rev 557: removed unused makefile var in http://samba.org/~tridge/ctdb
revno: 557 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Wed 2007-07-04 16:52:38 +1000 message: removed unused makefile var modified: Makefile.inmakefile.in-20061117234101-o3qt14umlg9en8z0-1 === modified file 'Makefile.in' --- a/Makefile.in 2007-07-04 06:51:13 + +++ b/Makefile.in 2007-07-04 06:52:38 + @@ -43,14 +43,12 @@ $(CTDB_COMMON_OBJ) $(POPT_OBJ) $(UTIL_OBJ) @TALLOC_OBJ@ @TDB_OBJ@ \ @LIBREPLACEOBJ@ $(EXTRA_OBJ) @EVENTS_OBJ@ -CTDB_TAKEOVER_OBJ = - CTDB_SERVER_OBJ = server/ctdbd.o server/ctdb_daemon.o server/ctdb_lockwait.o \ server/ctdb_recoverd.o server/ctdb_recover.o server/ctdb_freeze.o \ server/ctdb_tunables.o server/ctdb_monitor.o server/ctdb_server.o \ server/ctdb_control.o server/ctdb_call.o server/ctdb_ltdb_server.o \ server/ctdb_traverse.o server/eventscript.o server/ctdb_takeover.o \ - $(CTDB_CLIENT_OBJ) $(CTDB_TAKEOVER_OBJ) $(CTDB_TCP_OBJ) @INFINIBAND_WRAPPER_OBJ@ + $(CTDB_CLIENT_OBJ) $(CTDB_TCP_OBJ) @INFINIBAND_WRAPPER_OBJ@ TEST_BINS=bin/ctdb_bench bin/ctdb_fetch bin/ctdb_store @INFINIBAND_BINS@ BINS = bin/ctdb bin/scsi_io
svn commit: samba r23701 - in branches/SAMBA_4_0/source/lib/socket: .
Author: tridge Date: 2007-07-04 07:43:26 + (Wed, 04 Jul 2007) New Revision: 23701 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23701 Log: when we create a new socket with socket_accept(), clear any flags that were set in the old one. Otherwise SOCKET_FLAG_NOCLOSE causes a major fd leak Modified: branches/SAMBA_4_0/source/lib/socket/socket.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket/socket.c === --- branches/SAMBA_4_0/source/lib/socket/socket.c 2007-07-04 05:16:19 UTC (rev 23700) +++ branches/SAMBA_4_0/source/lib/socket/socket.c 2007-07-04 07:43:26 UTC (rev 23701) @@ -166,6 +166,7 @@ if (NT_STATUS_IS_OK(status)) { talloc_set_destructor(*new_sock, socket_destructor); + (*new_sock)-flags = 0; } return status;
Rev 558: forgot to add this in http://samba.org/~tridge/ctdb
revno: 558 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Wed 2007-07-04 17:45:46 +1000 message: forgot to add this added: server/eventscript.c eventscript.c-20070704074533-95f10rsay8um8wrr-1 === added file 'server/eventscript.c' --- a/server/eventscript.c 1970-01-01 00:00:00 + +++ b/server/eventscript.c 2007-07-04 07:45:46 + @@ -0,0 +1,192 @@ +/* + event script handling + + Copyright (C) Andrew Tridgell 2007 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include includes.h +#include system/filesys.h +#include system/wait.h +#include ../include/ctdb_private.h +#include lib/events/events.h + +/* + run the event script - varargs version + */ +static int ctdb_event_script_v(struct ctdb_context *ctdb, const char *fmt, va_list ap) +{ + char *options, *cmdstr; + int ret; + va_list ap2; + struct stat st; + + if (stat(ctdb-takeover.event_script, st) != 0 + errno == ENOENT) { + DEBUG(0,(No event script found at '%s'\n, ctdb-takeover.event_script)); + return 0; + } + + va_copy(ap2, ap); + options = talloc_vasprintf(ctdb, fmt, ap2); + va_end(ap2); + CTDB_NO_MEMORY(ctdb, options); + + cmdstr = talloc_asprintf(ctdb, %s %s, ctdb-takeover.event_script, options); + CTDB_NO_MEMORY(ctdb, cmdstr); + + ret = system(cmdstr); + if (ret != -1) { + ret = WEXITSTATUS(ret); + } + + talloc_free(cmdstr); + talloc_free(options); + + return ret; +} + +/* + run the event script + */ +int ctdb_event_script(struct ctdb_context *ctdb, const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = ctdb_event_script_v(ctdb, fmt, ap); + va_end(ap); + + return ret; +} + + +struct ctdb_event_script_state { + struct ctdb_context *ctdb; + pid_t child; + void (*callback)(struct ctdb_context *, int, void *); + int fd[2]; + void *private_data; +}; + +/* called when child is finished */ +static void ctdb_event_script_handler(struct event_context *ev, struct fd_event *fde, + uint16_t flags, void *p) +{ + struct ctdb_event_script_state *state = + talloc_get_type(p, struct ctdb_event_script_state); + int status = -1; + void (*callback)(struct ctdb_context *, int, void *) = state-callback; + void *private_data = state-private_data; + struct ctdb_context *ctdb = state-ctdb; + + waitpid(state-child, status, 0); + if (status != -1) { + status = WEXITSTATUS(status); + } + talloc_set_destructor(state, NULL); + talloc_free(state); + callback(ctdb, status, private_data); +} + + +/* called when child times out */ +static void ctdb_event_script_timeout(struct event_context *ev, struct timed_event *te, + struct timeval t, void *p) +{ + struct ctdb_event_script_state *state = talloc_get_type(p, struct ctdb_event_script_state); + void (*callback)(struct ctdb_context *, int, void *) = state-callback; + void *private_data = state-private_data; + struct ctdb_context *ctdb = state-ctdb; + + DEBUG(0,(event script timed out\n)); + talloc_free(state); + callback(ctdb, -1, private_data); +} + +/* + destroy a running event script + */ +static int event_script_destructor(struct ctdb_event_script_state *state) +{ + kill(state-child, SIGKILL); + waitpid(state-child, NULL, 0); + return 0; +} + +/* + run the event script in the background, calling the callback when + finished + */ +int ctdb_event_script_callback(struct ctdb_context *ctdb, + struct timeval timeout, + TALLOC_CTX *mem_ctx, + void (*callback)(struct ctdb_context *, int, void *), + void *private_data, + const char *fmt, ...) +{ + struct ctdb_event_script_state *state; + va_list ap; + int ret; + + state = talloc(mem_ctx, struct
svn commit: samba r23702 - in branches/SAMBA_4_0/source/smbd: .
Author: tridge Date: 2007-07-04 07:45:41 + (Wed, 04 Jul 2007) New Revision: 23702 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23702 Log: fixed a falling back to select error in the standard process model. It's much cleaner to get the event system to close the fd, especially with the complexity of forks Modified: branches/SAMBA_4_0/source/smbd/service_stream.c Changeset: Modified: branches/SAMBA_4_0/source/smbd/service_stream.c === --- branches/SAMBA_4_0/source/smbd/service_stream.c 2007-07-04 07:43:26 UTC (rev 23701) +++ branches/SAMBA_4_0/source/smbd/service_stream.c 2007-07-04 07:45:41 UTC (rev 23702) @@ -289,9 +289,13 @@ return status; } + /* we will close the socket using the events system */ + socket_set_flags(stream_socket-sock, SOCKET_FLAG_NOCLOSE); + event_add_fd(event_context, stream_socket-sock, socket_get_fd(stream_socket-sock), -EVENT_FD_READ, stream_accept_handler, stream_socket); +EVENT_FD_READ|EVENT_FD_AUTOCLOSE, +stream_accept_handler, stream_socket); stream_socket-private = talloc_reference(stream_socket, private); stream_socket-ops = stream_ops;
svn commit: samba r23703 - in branches/SAMBA_4_0/source: lib/ldb/modules scripting/libjs setup
Author: abartlet Date: 2007-07-04 11:06:32 + (Wed, 04 Jul 2007) New Revision: 23703 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23703 Log: Start to get Samba4 to again work with LDAP backends, after I turned on metze's schema work. Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/ldb/modules/paged_searches.c branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/provision branches/SAMBA_4_0/source/setup/provision-backend Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/modules/paged_searches.c === --- branches/SAMBA_4_0/source/lib/ldb/modules/paged_searches.c 2007-07-04 07:45:41 UTC (rev 23702) +++ branches/SAMBA_4_0/source/lib/ldb/modules/paged_searches.c 2007-07-04 11:06:32 UTC (rev 23703) @@ -412,6 +412,7 @@ data = talloc(module, struct private_data); if (data == NULL) { + ldb_set_errstring(module-ldb, Out of Memory); return LDB_ERR_OTHER; } module-private_data = data; @@ -424,7 +425,7 @@ } req-operation = LDB_SEARCH; - req-op.search.base = ldb_dn_new(req, module-ldb, NULL); + req-op.search.base = ldb_dn_new(req, module-ldb, ); req-op.search.scope = LDB_SCOPE_BASE; req-op.search.tree = ldb_parse_tree(req, objectClass=*); Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-04 07:45:41 UTC (rev 23702) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-04 11:06:32 UTC (rev 23703) @@ -450,12 +450,9 @@ subobj.DNSDOMAIN); rdn_list = split(., subobj.DNSDOMAIN); subobj.DOMAINDN = DC= + join(,DC=, rdn_list); - subobj.DOMAINDN_LDB = users.ldb; subobj.ROOTDN = subobj.DOMAINDN; subobj.CONFIGDN = CN=Configuration, + subobj.ROOTDN; - subobj.CONFIGDN_LDB = configuration.ldb; subobj.SCHEMADN = CN=Schema, + subobj.CONFIGDN; - subobj.SCHEMADN_LDB = schema.ldb; var rdns = split(,, subobj.DOMAINDN); subobj.RDN_DC = substr(rdns[0], strlen(DC=)); @@ -888,6 +885,9 @@ show_deleted, partition); subobj.MODULES_LIST = join(,, modules_list); + subobj.DOMAINDN_LDB = users.ldb; + subobj.CONFIGDN_LDB = configuration.ldb; + subobj.SCHEMADN_LDB = schema.ldb; subobj.DOMAINDN_MOD = pdc_fsmo,password_hash; subobj.CONFIGDN_MOD = naming_fsmo; subobj.SCHEMADN_MOD = schema_fsmo; Modified: branches/SAMBA_4_0/source/setup/provision === --- branches/SAMBA_4_0/source/setup/provision 2007-07-04 07:45:41 UTC (rev 23702) +++ branches/SAMBA_4_0/source/setup/provision 2007-07-04 11:06:32 UTC (rev 23703) @@ -129,14 +129,15 @@ if (ldapbackend) { if (!ldapmodule) { - subobj[LDAPMODULE] = entryUUID; + subobj.LDAPMODULE = entryUUID; } - subobj[DOMAINDN_LDB] = subobj[LDAPBACKEND]; - subobj[DOMAINDN_MOD2] = subobj[LDAPMODULE] + ,paged_searches; - subobj[CONFIGDN_LDB] = subobj[LDAPBACKEND]; - subobj[CONFIGDN_MOD2] = subobj[LDAPMODULE] + ,paged_searches; - subobj[SCHEMADN_LDB] = subobj[LDAPBACKEND]; - subobj[SCHEMADN_MOD2] = subobj[LDAPMODULE] + ,paged_searches; + subobj.DOMAINDN_LDB = subobj.LDAPBACKEND; + subobj.DOMAINDN_MOD2 = , + subobj.LDAPMODULE + ,paged_searches; + subobj.CONFIGDN_LDB = subobj.LDAPBACKEND; + subobj.CONFIGDN_MOD2 = , + subobj.LDAPMODULE + ,paged_searches; + subobj.SCHEMADN_LDB = subobj.LDAPBACKEND; + subobj.SCHEMADN_MOD2 = , + subobj.LDAPMODULE + ,paged_searches; + message(LDAP module: %s backend: %s\n, subobj.LDAPMODULE, subobj.LDAPBACKEND); } if (!provision_validate(subobj, message)) { Modified: branches/SAMBA_4_0/source/setup/provision-backend === --- branches/SAMBA_4_0/source/setup/provision-backend 2007-07-04 07:45:41 UTC (rev 23702) +++ branches/SAMBA_4_0/source/setup/provision-backend 2007-07-04 11:06:32 UTC (rev 23703) @@ -88,7 +88,7 @@ var paths = provision_default_paths(subobj); -provision_fix_subobj(subobj, message, paths); +provision_fix_subobj(subobj, paths); message(Provisioning LDAP backend for %s in realm %s into %s\n, subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR); message(Using LDAP Manager password: %s\n, subobj.LDAPMANAGERPASS); var tmp_schema_ldb = subobj.LDAPDIR + /schema-tmp.ldb;
svn commit: samba r23704 - in branches: SAMBA_3_0/examples/pam_winbind SAMBA_3_0/source/nsswitch SAMBA_3_0_26/examples/pam_winbind SAMBA_3_0_26/source/nsswitch
Author: lmuelle Date: 2007-07-04 14:03:10 + (Wed, 04 Jul 2007) New Revision: 23704 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23704 Log: Add pam_pwd_expire feature as discussed on samba-technical. This is a slightly modified version to set warn_pwd_expire to the default value if 0, no, or a broken value is set. This version also has one if statement less in get_config_item_int(). Thanks a lot to Andreas 'GlaDiaC' Schneider for this feature! Modified: branches/SAMBA_3_0/examples/pam_winbind/pam_winbind.conf branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0/source/nsswitch/pam_winbind.h branches/SAMBA_3_0_26/examples/pam_winbind/pam_winbind.conf branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.h Changeset: Modified: branches/SAMBA_3_0/examples/pam_winbind/pam_winbind.conf === --- branches/SAMBA_3_0/examples/pam_winbind/pam_winbind.conf2007-07-04 11:06:32 UTC (rev 23703) +++ branches/SAMBA_3_0/examples/pam_winbind/pam_winbind.conf2007-07-04 14:03:10 UTC (rev 23704) @@ -28,5 +28,8 @@ # (can also take a name) ;require_membership_of = +# password expiry warning period in days +;warn_pwd_expire = 14 + # omit pam conversations ;silent = no Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 11:06:32 UTC (rev 23703) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 14:03:10 UTC (rev 23704) @@ -561,7 +561,12 @@ * @return boolean Returns True if message has been sent, False if not. */ -static BOOL _pam_send_password_expiry_message(pam_handle_t *pamh, int ctrl, time_t next_change, time_t now, BOOL *already_expired) +static BOOL _pam_send_password_expiry_message(pam_handle_t *pamh, + int ctrl, + time_t next_change, + time_t now, + int warn_pwd_expire, + BOOL *already_expired) { int days = 0; struct tm tm_now, tm_next_change; @@ -579,7 +584,7 @@ } if ((next_change 0) || - (next_change now + DAYS_TO_WARN_BEFORE_PWD_EXPIRES * SECONDS_PER_DAY)) { + (next_change now + warn_pwd_expire * SECONDS_PER_DAY)) { return False; } @@ -595,7 +600,7 @@ return True; } - if (days 0 days DAYS_TO_WARN_BEFORE_PWD_EXPIRES) { + if (days 0 days warn_pwd_expire) { _make_remark_format(pamh, ctrl, PAM_TEXT_INFO, Your password will expire in %d %s, days, (days 1) ? days:day); return True; @@ -618,6 +623,7 @@ static void _pam_warn_password_expiry(pam_handle_t *pamh, int flags, const struct winbindd_response *response, + int warn_pwd_expire, BOOL *already_expired) { time_t now = time(NULL); @@ -640,7 +646,8 @@ /* check if the info3 must change timestamp has been set */ next_change = response-data.auth.info3.pass_must_change_time; - if (_pam_send_password_expiry_message(pamh, flags, next_change, now, + if (_pam_send_password_expiry_message(pamh, flags, next_change, now, + warn_pwd_expire, already_expired)) { return; } @@ -655,7 +662,8 @@ next_change = response-data.auth.info3.pass_last_set_time + response-data.auth.policy.expire; - if (_pam_send_password_expiry_message(pamh, flags, next_change, now, + if (_pam_send_password_expiry_message(pamh, flags, next_change, now, + warn_pwd_expire, already_expired)) { return; } @@ -1029,6 +1037,7 @@ const char *pass, const char *member, const char *cctype, + const int warn_pwd_expire, struct winbindd_response *p_response, time_t *pwd_last_set, char **user_ret) @@ -1134,7 +1143,9 @@ if (ret == PAM_SUCCESS) { /* warn a user if the password is about to expire soon */ - _pam_warn_password_expiry(pamh, ctrl, response, already_expired); + _pam_warn_password_expiry(pamh, ctrl, response, +
svn commit: samba r23705 - in branches: SAMBA_3_0 SAMBA_3_0_26
Author: lmuelle Date: 2007-07-04 14:15:26 + (Wed, 04 Jul 2007) New Revision: 23705 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23705 Log: Add suggestion for vim from Andreas 'GlaDiaC' Schneider to show tabs, trailing whitespace, and continued lines visually. Modified: branches/SAMBA_3_0/README.Coding branches/SAMBA_3_0_26/README.Coding Changeset: Modified: branches/SAMBA_3_0/README.Coding === --- branches/SAMBA_3_0/README.Coding2007-07-04 14:03:10 UTC (rev 23704) +++ branches/SAMBA_3_0/README.Coding2007-07-04 14:15:26 UTC (rev 23705) @@ -76,8 +76,9 @@ endf autocmd BufNewFile,BufRead * call ActivateInvisibleCharIndicator() endif + Show tabs, trailing whitespace, and continued lines visually + set list listchars=tab:»·,trail:·,extends:… - = FAQ Statement Reference = Modified: branches/SAMBA_3_0_26/README.Coding === --- branches/SAMBA_3_0_26/README.Coding 2007-07-04 14:03:10 UTC (rev 23704) +++ branches/SAMBA_3_0_26/README.Coding 2007-07-04 14:15:26 UTC (rev 23705) @@ -76,8 +76,9 @@ endf autocmd BufNewFile,BufRead * call ActivateInvisibleCharIndicator() endif + Show tabs, trailing whitespace, and continued lines visually + set list listchars=tab:»·,trail:·,extends:… - = FAQ Statement Reference =
svn commit: samba r23706 - in branches/SAMBA_3_0/examples/scripts: . users_and_groups
Author: obnox Date: 2007-07-04 16:17:48 + (Wed, 04 Jul 2007) New Revision: 23706 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23706 Log: Add a script to create domainusers,-groups and -aliases. This is done via rpc client. The main purpose is to be able to fill a domain controller with a large number of users / groups easily. A the object names are built as prefixnum where number ranges from a given start number counting up until a given number of objects has been created. In a next step, I will submit scripts to add (many) users to a group and to add a user to (many) groups. Michael Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/ branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl Changeset: Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl === --- branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl 2007-07-04 14:15:26 UTC (rev 23705) +++ branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl 2007-07-04 16:17:48 UTC (rev 23706) @@ -0,0 +1,155 @@ +#!/usr/bin/perl + +# +# createdomobj.pl +# +#create single or continuously numbered domain +#users/groups/aliases via rpc +# +# Copyright (C) Michael Adam [EMAIL PROTECTED] 2007 +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, write to the Free Software Foundation, Inc., 675 +# Mass Ave, Cambridge, MA 02139, USA. +# + +# +# WARNING: This script is still rather crude. +# + +use strict; +use Getopt::Std; + + +my $target_type= group; # what type of object to create +my $rpc_cmd= createdom.$target_type; +my $rpccli_cmd = rpcclient; + +# defaults: + +my $server; +my $num_targets= 1; +my $startnum; # if empty, don't add numbers to prefix +my $prefix = $target_type; # name-prefix +my $path; # path to rpcclient command +my $rpccli_path= $rpccli_cmd; +my $creds; + +sub usage { + print USAGE: $0 [-h] -S server -U user\%pass [-p prefix] \\\n + . \t[-t {alias|group|user}] [-s startnum] [-n numobjs] [-P path] \n; +} + +# parse commandline: + +my %options = (); +getopts(U:t:S:s:n:p:P:h, \%options); + +if (exists($options{h})) { + usage(); + exit 0; +} + +if (exists($options{t})) { + $target_type = $options{t}; + if ($target_type !~ /^(alias|user|group)$/) { + print ERROR: invalid target type given\n; + usage(); + exit 1; + } + $rpc_cmd = createdom.$target_type; +} + +if (exists($options{U})) { + $creds = -U $options{U}; + if ($creds !~ '%') { + print ERROR: you need to specify credentials in the form -U user\%pass\n; + usage(); + exit 1; + } +} +else { + print ERROR: mandatory argument '-U' missing\n; + usage(); + exit 1; +} + +if (exists($options{S})) { + $server = $options{S}; +} +else { + print ERROR: madatory argument '-S' missing\n; + usage(); + exit 1; +} + +if (exists($options{s})) { + $startnum = $options{s}; +} + +if (exists($options{n})) { + $num_targets = $options{n}; +} + +if (exists($options{p})) { + $prefix = $options{p}; +} + +if (exists($options{P})) { + $path = $options{p}; + $rpccli_path = $path/$rpccli_cmd; +} + +if (@ARGV) { + print ERROR: junk on the command line (' . join( , @ARGV) . ')...\n; + usage(); + exit 1; +} + +# rpc open/close functions: + +sub open_rpc_pipe { + print opening rpc pipe\n; + open(IPC, | $rpccli_cmd $server $creds -d0) or + die error opening rpc pipe.; +} + +sub close_rpc_pipe { + print closing rpc pipe\n; + close(IPC); +} + +# main: + +open_rpc_pipe(); + +if (x$startnum eq x) { + my $target_name = $prefix; + print creating $target_type $target_name\n; + print IPC $rpc_cmd $target_name\n; +} +else { + for (my $num = 1; $num = $num_targets; ++$num) { + my $target_name = sprintf %s%.05d, $prefix, $startnum + $num - 1; + print creating $target_type $target_name\n; + print IPC $rpc_cmd $target_name\n; + if (($num) % 500 == 0) { + printf(500 .$target_type.s created\n); +
svn commit: samba r23707 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_26/source/nsswitch
Author: lmuelle Date: 2007-07-04 19:52:51 + (Wed, 04 Jul 2007) New Revision: 23707 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23707 Log: - Move the asprintf() call to create the key even in get_conf_item_string() to the later if statement. - Also move the key definition to the later if statement in get_conf_item_string() and get_conf_item_int(). Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 16:17:48 UTC (rev 23706) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 19:52:51 UTC (rev 23707) @@ -1491,24 +1491,12 @@ { int i = 0; const char *parm_opt = NULL; - char *key = NULL; if (!(ctrl config_flag)) { goto out; } /* let the pam opt take precedence over the pam_winbind.conf option */ - - if (d != NULL) { - - if (!asprintf(key, global:%s, item)) { - goto out; - } - - parm_opt = iniparser_getstr(d, key); - SAFE_FREE(key); - } - for ( i=0; iargc; i++ ) { if ((strncmp(argv[i], item, strlen(item)) == 0)) { @@ -1524,6 +1512,15 @@ } if (d != NULL) { + char *key = NULL; + + if (!asprintf(key, global:%s, item)) { + goto out; + } + + parm_opt = iniparser_getstr(d, key); + SAFE_FREE(key); + _pam_log_debug(pamh, ctrl, LOG_INFO, CONFIG file: %s '%s'\n, item, parm_opt); } out: @@ -1537,8 +1534,7 @@ dictionary *d, const char *item) { - int parm_opt = -1, i = 0; - char *key = NULL; + int i, parm_opt = -1; /* let the pam opt take precedence over the pam_winbind.conf option */ for (i = 0; i argc; i++) { @@ -1561,6 +1557,8 @@ } if (d != NULL) { + char *key = NULL; + if (!asprintf(key, global:%s, item)) { goto out; } Modified: branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c 2007-07-04 16:17:48 UTC (rev 23706) +++ branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c 2007-07-04 19:52:51 UTC (rev 23707) @@ -1491,24 +1491,12 @@ { int i = 0; const char *parm_opt = NULL; - char *key = NULL; if (!(ctrl config_flag)) { goto out; } /* let the pam opt take precedence over the pam_winbind.conf option */ - - if (d != NULL) { - - if (!asprintf(key, global:%s, item)) { - goto out; - } - - parm_opt = iniparser_getstr(d, key); - SAFE_FREE(key); - } - for ( i=0; iargc; i++ ) { if ((strncmp(argv[i], item, strlen(item)) == 0)) { @@ -1524,6 +1512,15 @@ } if (d != NULL) { + char *key = NULL; + + if (!asprintf(key, global:%s, item)) { + goto out; + } + + parm_opt = iniparser_getstr(d, key); + SAFE_FREE(key); + _pam_log_debug(pamh, ctrl, LOG_INFO, CONFIG file: %s '%s'\n, item, parm_opt); } out: @@ -1537,8 +1534,7 @@ dictionary *d, const char *item) { - int parm_opt = -1, i = 0; - char *key = NULL; + int i, parm_opt = -1; /* let the pam opt take precedence over the pam_winbind.conf option */ for (i = 0; i argc; i++) { @@ -1561,6 +1557,8 @@ } if (d != NULL) { + char *key = NULL; + if (!asprintf(key, global:%s, item)) { goto out; }
svn commit: samba r23708 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_26/source/nsswitch
Author: lmuelle Date: 2007-07-04 20:25:29 + (Wed, 04 Jul 2007) New Revision: 23708 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23708 Log: - Add define for WINBIND_WARN_PWD_EXPIRE. - Add parameter config_flag to get_config_item_int() and do the same check as in get_conf_item_string. Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0/source/nsswitch/pam_winbind.h branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.h Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 19:52:51 UTC (rev 23707) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-07-04 20:25:29 UTC (rev 23708) @@ -264,6 +264,10 @@ ctrl |= WINBIND_TRY_FIRST_PASS_ARG; } + if (iniparser_getint(d, global:warn_pwd_expire, 0)) { + ctrl |= WINBIND_WARN_PWD_EXPIRE; + } + config_from_pam: /* step through arguments */ for (i=argc,v=argv; i-- 0; ++v) { @@ -1532,10 +1536,15 @@ const char **argv, int ctrl, dictionary *d, - const char *item) + const char *item, + int config_flag) { int i, parm_opt = -1; + if (!(ctrl config_flag)) { + goto out; + } + /* let the pam opt take precedence over the pam_winbind.conf option */ for (i = 0; i argc; i++) { @@ -1597,7 +1606,7 @@ { int ret; ret = get_config_item_int(pamh, argc, argv, ctrl, d, - warn_pwd_expire); + warn_pwd_expire, WINBIND_WARN_PWD_EXPIRE); /* no or broken setting */ if (ret = 0) { return DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES; Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.h === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.h2007-07-04 19:52:51 UTC (rev 23707) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.h2007-07-04 20:25:29 UTC (rev 23708) @@ -95,6 +95,7 @@ #define WINBIND_CONFIG_FILE (110) #define WINBIND_SILENT (111) #define WINBIND_DEBUG_STATE (112) +#define WINBIND_WARN_PWD_EXPIRE (113) /* * here is the string to inform the user that the new passwords they Modified: branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c 2007-07-04 19:52:51 UTC (rev 23707) +++ branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.c 2007-07-04 20:25:29 UTC (rev 23708) @@ -264,6 +264,10 @@ ctrl |= WINBIND_TRY_FIRST_PASS_ARG; } + if (iniparser_getint(d, global:warn_pwd_expire, 0)) { + ctrl |= WINBIND_WARN_PWD_EXPIRE; + } + config_from_pam: /* step through arguments */ for (i=argc,v=argv; i-- 0; ++v) { @@ -1532,10 +1536,15 @@ const char **argv, int ctrl, dictionary *d, - const char *item) + const char *item, + int config_flag) { int i, parm_opt = -1; + if (!(ctrl config_flag)) { + goto out; + } + /* let the pam opt take precedence over the pam_winbind.conf option */ for (i = 0; i argc; i++) { @@ -1597,7 +1606,7 @@ { int ret; ret = get_config_item_int(pamh, argc, argv, ctrl, d, - warn_pwd_expire); + warn_pwd_expire, WINBIND_WARN_PWD_EXPIRE); /* no or broken setting */ if (ret = 0) { return DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES; Modified: branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.h === --- branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.h 2007-07-04 19:52:51 UTC (rev 23707) +++ branches/SAMBA_3_0_26/source/nsswitch/pam_winbind.h 2007-07-04 20:25:29 UTC (rev 23708) @@ -95,6 +95,7 @@ #define WINBIND_CONFIG_FILE (110) #define WINBIND_SILENT (111) #define WINBIND_DEBUG_STATE (112) +#define WINBIND_WARN_PWD_EXPIRE (113) /* * here is the string to inform the user that the new passwords they
svn commit: samba r23709 - in branches: SAMBA_3_0/source/rpc_server SAMBA_3_0_26/source/rpc_server
Author: vlendec Date: 2007-07-04 22:28:04 + (Wed, 04 Jul 2007) New Revision: 23709 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23709 Log: C++ warnings Modified: branches/SAMBA_3_0/source/rpc_server/srv_echo_nt.c branches/SAMBA_3_0_26/source/rpc_server/srv_echo_nt.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_echo_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_echo_nt.c 2007-07-04 20:25:29 UTC (rev 23708) +++ branches/SAMBA_3_0/source/rpc_server/srv_echo_nt.c 2007-07-04 22:28:04 UTC (rev 23709) @@ -50,7 +50,7 @@ return; } - r-out.out_data = TALLOC(p-mem_ctx, r-in.len); + r-out.out_data = TALLOC_ARRAY(p-mem_ctx, uint8, r-in.len); memcpy( r-out.out_data, r-in.in_data, r-in.len ); return; } @@ -78,7 +78,7 @@ return; } - r-out.data = TALLOC(p-mem_ctx, r-in.len ); + r-out.data = TALLOC_ARRAY(p-mem_ctx, uint8, r-in.len ); for (i = 0; i r-in.len; i++ ) { r-out.data[i] = i 0xff; Modified: branches/SAMBA_3_0_26/source/rpc_server/srv_echo_nt.c === --- branches/SAMBA_3_0_26/source/rpc_server/srv_echo_nt.c 2007-07-04 20:25:29 UTC (rev 23708) +++ branches/SAMBA_3_0_26/source/rpc_server/srv_echo_nt.c 2007-07-04 22:28:04 UTC (rev 23709) @@ -50,7 +50,7 @@ return; } - r-out.out_data = TALLOC(p-mem_ctx, r-in.len); + r-out.out_data = TALLOC_ARRAY(p-mem_ctx, uint8, r-in.len); memcpy( r-out.out_data, r-in.in_data, r-in.len ); return; } @@ -78,7 +78,7 @@ return; } - r-out.data = TALLOC(p-mem_ctx, r-in.len ); + r-out.data = TALLOC_ARRAY(p-mem_ctx, uint8, r-in.len ); for (i = 0; i r-in.len; i++ ) { r-out.data[i] = i 0xff;
svn commit: samba r23710 - in branches: SAMBA_3_0/source/libsmb SAMBA_3_0_26/source/libsmb
Author: vlendec Date: 2007-07-04 22:30:25 + (Wed, 04 Jul 2007) New Revision: 23710 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23710 Log: Remove some code duplication, we do have a random number generator Modified: branches/SAMBA_3_0/source/libsmb/namequery.c branches/SAMBA_3_0_26/source/libsmb/namequery.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/namequery.c === --- branches/SAMBA_3_0/source/libsmb/namequery.c2007-07-04 22:28:04 UTC (rev 23709) +++ branches/SAMBA_3_0/source/libsmb/namequery.c2007-07-04 22:30:25 UTC (rev 23710) @@ -145,15 +145,11 @@ static int generate_trn_id(void) { - static int trn_id; + uint16 id; - if (trn_id == 0) { - sys_srandom(sys_getpid()); - } + generate_random_buffer((uint8 *)id, sizeof(id)); - trn_id = sys_random(); - - return trn_id % (unsigned)0x7FFF; + return id % (unsigned)0x7FFF; } / Modified: branches/SAMBA_3_0_26/source/libsmb/namequery.c === --- branches/SAMBA_3_0_26/source/libsmb/namequery.c 2007-07-04 22:28:04 UTC (rev 23709) +++ branches/SAMBA_3_0_26/source/libsmb/namequery.c 2007-07-04 22:30:25 UTC (rev 23710) @@ -145,15 +145,11 @@ static int generate_trn_id(void) { - static int trn_id; + uint16 id; - if (trn_id == 0) { - sys_srandom(sys_getpid()); - } + generate_random_buffer((uint8 *)id, sizeof(id)); - trn_id = sys_random(); - - return trn_id % (unsigned)0x7FFF; + return id % (unsigned)0x7FFF; } /
svn commit: samba r23711 - in branches/SAMBA_3_0/examples/scripts/users_and_groups: .
Author: obnox Date: 2007-07-04 23:21:51 + (Wed, 04 Jul 2007) New Revision: 23711 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23711 Log: Refactor the actual creation of object into its own small function. Michael Modified: branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl Changeset: Modified: branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl === --- branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl 2007-07-04 22:30:25 UTC (rev 23710) +++ branches/SAMBA_3_0/examples/scripts/users_and_groups/createdomobj.pl 2007-07-04 23:21:51 UTC (rev 23711) @@ -116,7 +116,7 @@ exit 1; } -# rpc open/close functions: +# utility functions: sub open_rpc_pipe { print opening rpc pipe\n; @@ -129,20 +129,22 @@ close(IPC); } +sub do_create { + my $target_name = shift; + print creating $target_type $target_name\n; + print IPC $rpc_cmd $target_name\n; +} + # main: open_rpc_pipe(); if (x$startnum eq x) { - my $target_name = $prefix; - print creating $target_type $target_name\n; - print IPC $rpc_cmd $target_name\n; + do_create($prefix); } else { for (my $num = 1; $num = $num_targets; ++$num) { - my $target_name = sprintf %s%.05d, $prefix, $startnum + $num - 1; - print creating $target_type $target_name\n; - print IPC $rpc_cmd $target_name\n; + do_create(sprintf %s%.05d, $prefix, $startnum + $num - 1); if (($num) % 500 == 0) { printf(500 .$target_type.s created\n); close_rpc_pipe(); @@ -151,5 +153,6 @@ } } } + close_rpc_pipe();
Rev 561: fixed help layout in http://samba.org/~tridge/ctdb
revno: 561 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Thu 2007-07-05 10:00:51 +1000 message: fixed help layout modified: tools/ctdb.c ctdb_control.c-20070426122705-9ehj1l5lu2gn9kuj-1 === modified file 'tools/ctdb.c' --- a/tools/ctdb.c 2007-07-04 23:59:45 + +++ b/tools/ctdb.c 2007-07-05 00:00:51 + @@ -907,7 +907,7 @@ -t timelimit set timelimit for control in seconds (default %u)\n, options.timelimit); printf(Controls:\n); for (i=0;iARRAY_SIZE(ctdb_commands);i++) { - printf( %-15s %-20s %s\n, + printf( %-15s %-27s %s\n, ctdb_commands[i].name, ctdb_commands[i].args?ctdb_commands[i].args:, ctdb_commands[i].msg);
Rev 559: merge from ronnie in http://samba.org/~tridge/ctdb
revno: 559 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Thu 2007-07-05 09:59:11 +1000 message: merge from ronnie modified: tools/ctdb.c ctdb_control.c-20070426122705-9ehj1l5lu2gn9kuj-1 revno: 432.1.104 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Thu 2007-07-05 08:56:02 +1000 message: add a command to ctdb to send tickle-ack's revno: 432.1.103 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Wed 2007-07-04 17:53:16 +1000 message: merge from tridge revno: 432.1.102 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Wed 2007-07-04 17:37:26 +1000 message: merge from tridge revno: 432.1.101 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Wed 2007-07-04 17:35:16 +1000 message: merge from tridge === modified file 'tools/ctdb.c' --- a/tools/ctdb.c 2007-07-04 06:51:13 + +++ b/tools/ctdb.c 2007-07-04 22:56:02 + @@ -338,6 +338,37 @@ } /* + send a tcp tickle ack + */ +static int tickle_tcp(struct ctdb_context *ctdb, int argc, const char **argv) +{ + int ret; + struct sockaddr_in src, dst; + + if (argc 2) { + usage(); + } + + if (!parse_ip_port(argv[0], src)) { + printf(Bad IP:port '%s'\n, argv[1]); + return -1; + } + + if (!parse_ip_port(argv[1], dst)) { + printf(Bad IP:port '%s'\n, argv[1]); + return -1; + } + + ret = ctdb_sys_send_tcp(src, dst, 0, 0, 0); + if (ret==0) { + return 0; + } + printf(Error while sending tickle ack\n); + + return -1; +} + +/* display public ip status */ static int control_ip(struct ctdb_context *ctdb, int argc, const char **argv) @@ -859,6 +890,7 @@ { freeze, control_freeze,true, freeze all databases }, { thaw,control_thaw, true, thaw all databases }, { killtcp, kill_tcp, false, kill a tcp connection, srcip:port dstip:port }, + { tickle, tickle_tcp,false, send a tcp tickle ack, srcip:port dstip:port }, }; /*
Rev 560: fixed error message on bad IP/port in http://samba.org/~tridge/ctdb
revno: 560 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Thu 2007-07-05 09:59:45 +1000 message: fixed error message on bad IP/port modified: tools/ctdb.c ctdb_control.c-20070426122705-9ehj1l5lu2gn9kuj-1 === modified file 'tools/ctdb.c' --- a/tools/ctdb.c 2007-07-04 22:56:02 + +++ b/tools/ctdb.c 2007-07-04 23:59:45 + @@ -316,7 +316,7 @@ } if (!parse_ip_port(argv[0], src)) { - printf(Bad IP:port '%s'\n, argv[1]); + printf(Bad IP:port '%s'\n, argv[0]); return -1; } @@ -350,7 +350,7 @@ } if (!parse_ip_port(argv[0], src)) { - printf(Bad IP:port '%s'\n, argv[1]); + printf(Bad IP:port '%s'\n, argv[0]); return -1; }
Build status as of Thu Jul 5 00:00:01 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-07-04 00:01:45.0 + +++ /home/build/master/cache/broken_results.txt 2007-07-05 00:00:30.0 + @@ -1,25 +1,25 @@ -Build status as of Wed Jul 4 00:00:02 2007 +Build status as of Thu Jul 5 00:00:01 2007 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 36 9 0 +ccache 35 8 0 ctdb 0 0 0 distcc 2 0 0 -ldb 35 3 0 +ldb 34 3 0 libreplace 33 10 0 -lorikeet-heimdal 31 13 0 -pidl 19 4 0 +lorikeet-heimdal 30 13 0 +pidl 18 4 0 ppp 15 10 0 python 0 0 0 -rsync36 12 0 +rsync34 12 0 samba0 0 0 samba-docs 0 0 0 samba-gtk4 4 0 -samba4 33 17 6 -samba_3_036 18 0 -smb-build33 33 0 -talloc 36 8 0 -tdb 35 1 0 +samba4 32 21 8 +samba_3_035 18 0 +smb-build32 32 0 +talloc 35 8 0 +tdb 34 1 0
svn commit: samba r23712 - in branches/SAMBA_3_0/examples/scripts/users_and_groups: .
Author: obnox Date: 2007-07-05 00:07:40 + (Thu, 05 Jul 2007) New Revision: 23712 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23712 Log: This script allows for adding lists of users (or other objects) to lists of groups (or aliases). Useful for creating large test scenarios. Michael Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl Changeset: Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl === --- branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl 2007-07-04 23:21:51 UTC (rev 23711) +++ branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl 2007-07-05 00:07:40 UTC (rev 23712) @@ -0,0 +1,17 @@ +#!/usr/bin/perl + +use strict; + +my $dc = 192.168.45.44; +my $adminuser = administrator; +my $adminpw= geheim; +my $maxgroups = 5000; +my $startgroup = 0; +my $rpccli_cmd = /usr/bin/rpcclient; +my $testuser = testgroups; + +for (my $num = $startgroup; $num = $maxgroups; ++$num) { + my $group = sprintf %s%.05d, group, $num; + print adding user $testuser to group $group\n; + system(net rpc -I $dc -U$adminuser\%$adminpw group addmem $group $testuser); +} Property changes on: branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl ___ Name: svn:executable + *
svn commit: samba r23713 - in branches/SAMBA_3_0/examples/scripts/users_and_groups: .
Author: obnox Date: 2007-07-05 00:11:07 + (Thu, 05 Jul 2007) New Revision: 23713 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23713 Log: Oops accidentially checked in the wrong file - sorry! Michael Removed: branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl Changeset: Deleted: branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl === --- branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl 2007-07-05 00:07:40 UTC (rev 23712) +++ branches/SAMBA_3_0/examples/scripts/users_and_groups/addusertogroups.pl 2007-07-05 00:11:07 UTC (rev 23713) @@ -1,17 +0,0 @@ -#!/usr/bin/perl - -use strict; - -my $dc = 192.168.45.44; -my $adminuser = administrator; -my $adminpw= geheim; -my $maxgroups = 5000; -my $startgroup = 0; -my $rpccli_cmd = /usr/bin/rpcclient; -my $testuser = testgroups; - -for (my $num = $startgroup; $num = $maxgroups; ++$num) { - my $group = sprintf %s%.05d, group, $num; - print adding user $testuser to group $group\n; - system(net rpc -I $dc -U$adminuser\%$adminpw group addmem $group $testuser); -}
svn commit: samba r23714 - in branches/SAMBA_3_0/examples/scripts/users_and_groups: .
Author: obnox Date: 2007-07-05 00:12:24 + (Thu, 05 Jul 2007) New Revision: 23714 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23714 Log: but now: This script allows for adding lists of users (or other objects) to lists of groups (or aliases). Useful for creating large test scenarios. Michael Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/adduserstogroups.pl Changeset: Added: branches/SAMBA_3_0/examples/scripts/users_and_groups/adduserstogroups.pl === --- branches/SAMBA_3_0/examples/scripts/users_and_groups/adduserstogroups.pl 2007-07-05 00:11:07 UTC (rev 23713) +++ branches/SAMBA_3_0/examples/scripts/users_and_groups/adduserstogroups.pl 2007-07-05 00:12:24 UTC (rev 23714) @@ -0,0 +1,167 @@ +#!/usr/bin/perl + +# +# adduserstogroups.pl +# +#add single or continuously numbered domain users +#to a given single group or list of groups +# +# Copyright (C) Michael Adam [EMAIL PROTECTED] 2007 +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, write to the Free Software Foundation, Inc., 675 +# Mass Ave, Cambridge, MA 02139, USA. +# + +# +# WARNING: This script is still rather crude. +# + +use strict; +use Getopt::Std; + +my $net_cmd= net; + +# defaults: + +my $server; +my $num_members= 1; +my $startmem; # if empty, don't add numbers to member prefix +my $member_prefix; # name prefix for member +my $num_groups = 1; +my $startgroup;# if empty, don't add numbers to group prefix +my $group_prefix; # name prefix for group +my $path; # path to rpcclient command +my $net_path = $net_cmd; +my $creds; + +sub usage { + print USAGE: $0 [-h] -S server -U user\%pass \\\n + . \t-m member [-s startmem] [-n nummem] \\\n + . \t-g group [-G stargroup] [-N numgroups] \\\n + . \t[-P path]\n; +} + +# parse commandline: + +my %options = (); +getopts(U:S:m:s:n:g:G:N:P:h, \%options); + +if (exists($options{h})) { + usage(); + exit 0; +} + +if (exists($options{g})) { + $group_prefix = $options{g}; +} +else { + print ERROR: mandatory argument '-g' missing\n; + usage(); + exit 1; +} + +if (exists($options{U})) { + $creds = -U $options{U}; + if ($creds !~ '%') { + print ERROR: you need to specify credentials in the form -U user\%pass\n; + usage(); + exit 1; + } +} +else { + print ERROR: mandatory argument '-U' missing\n; + usage(); + exit 1; +} + +if (exists($options{S})) { + $server = $options{S}; +} +else { + print ERROR: madatory argument '-S' missing\n; + usage(); + exit 1; +} + +if (exists($options{s})) { + $startmem = $options{s}; +} + +if (exists($options{n})) { + $num_members = $options{n}; +} + +if (exists($options{m})) { + $member_prefix = $options{m}; +} +else { + print ERROR: mandatory argument '-m' missing\n; + usage(); + exit 1; +} + +if (exists($options{G})) { + $startgroup = $options{G}; +} + +if (exists($options{N})) { + $num_groups = $options{N}; +} + +if (exists($options{P})) { + $path = $options{p}; + $net_path = $path/$net_cmd; +} + +if (@ARGV) { + print ERROR: junk on the command line (' . join( , @ARGV) . ')...\n; + usage(); + exit 1; +} + +# utility functions: + +sub do_add { + my $member_name = shift; + my $group_name = shift; + print adding member $member_name to group $group_name\n; + system($net_path rpc -I $server .$creds. group addmem $group_name $member_name); +} + +sub add_group_loop { + my $member_name = shift; + + if (x$startgroup eq x) { + do_add($member_name, $group_prefix); + } + else { + for (my $groupnum = 1; $groupnum = $num_groups; ++$groupnum) { + do_add($member_name, + sprintf(%s%.05d, $group_prefix, $startgroup + $groupnum - 1)); + } + } +} + + +# main: + +if (x$startmem eq x) { + add_group_loop($member_prefix); +} +else { + for (my $memnum = 1; $memnum = $num_members; ++$memnum) { + add_group_loop(sprintf(%s%.05d, $member_prefix, $startmem + $memnum - 1)); + } +} +
svn commit: samba r23715 - in branches/SAMBA_4_0/source: scripting/libjs setup
Author: abartlet Date: 2007-07-05 00:34:11 + (Thu, 05 Jul 2007) New Revision: 23715 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23715 Log: Make the provision-backend script print out the exact commands to run, to set up the LDAP backend. Andrew Bartlett Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/provision branches/SAMBA_4_0/source/setup/provision-backend Changeset: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 00:12:24 UTC (rev 23714) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 00:34:11 UTC (rev 23715) @@ -448,7 +448,7 @@ subobj.DNSNAME = sprintf(%s.%s, strlower(subobj.HOSTNAME), subobj.DNSDOMAIN); - rdn_list = split(., subobj.DNSDOMAIN); + var rdn_list = split(., subobj.DNSDOMAIN); subobj.DOMAINDN = DC= + join(,DC=, rdn_list); subobj.ROOTDN = subobj.DOMAINDN; subobj.CONFIGDN = CN=Configuration, + subobj.ROOTDN; @@ -461,6 +461,8 @@ subobj.SECRETS_KEYTAB = paths.keytab; subobj.LDAPDIR = paths.ldapdir; + var ldap_path_list = split(/, paths.ldapdir); + subobj.LDAPI_URI = ldapi:// + join(%2F, ldap_path_list) + %2Fldapi; return true; } @@ -583,7 +585,7 @@ var modify_ok = setup_ldb_modify(provision_basedn_modify.ldif, info, samdb); if (!modify_ok) { if (!add_ok) { - message(Failed to both add and modify + subobj.DOMAINDN + in target + subobj.DOMAINDN_LDB + : + samdb.errstring() + \n); + message(%s, Failed to both add and modify + subobj.DOMAINDN + in target + subobj.DOMAINDN_LDB + : + samdb.errstring() + \n); message(Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n); }; assert(modify_ok); @@ -595,7 +597,7 @@ var modify_ok = setup_ldb_modify(provision_configuration_basedn_modify.ldif, info, samdb); if (!modify_ok) { if (!add_ok) { - message(Failed to both add and modify configuration dn: + samdb.errstring() + \n); + message(%s, Failed to both add and modify + subobj.CONFIGDN + in target + subobj.CONFIGDN_LDB + : + samdb.errstring() + \n); message(Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n); assert(modify_ok); } @@ -608,7 +610,7 @@ var modify_ok = setup_ldb_modify(provision_schema_basedn_modify.ldif, info, samdb); if (!modify_ok) { if (!add_ok) { - message(Failed to both add and modify schema dn: + samdb.errstring() + \n); + message(%s, Failed to both add and modify + subobj.SCHEMADN + in target + subobj.SCHEMADN_LDB + : + samdb.errstring() + \n); message(Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n); assert(modify_ok); } Modified: branches/SAMBA_4_0/source/setup/provision === --- branches/SAMBA_4_0/source/setup/provision 2007-07-05 00:12:24 UTC (rev 23714) +++ branches/SAMBA_4_0/source/setup/provision 2007-07-05 00:34:11 UTC (rev 23715) @@ -121,13 +121,19 @@ var ldapbackend = (options[ldap-backend] != undefined); var ldapmodule = (options[ldap-module] != undefined); var partitions_only = (options[partitions-only] != undefined); +var paths = provision_default_paths(subobj); if (options[aci] != undefined) { message(set ACI: %s\n, subobj[ACI]); } message(set DOMAIN SID: %s\n, subobj[DOMAINSID]); +provision_fix_subobj(subobj, paths); + if (ldapbackend) { + if (options[ldap-backend] == ldapi) { + subobj.LDAPBACKEND = subobj.LDAPI_URI; + } if (!ldapmodule) { subobj.LDAPMODULE = entryUUID; } @@ -137,7 +143,7 @@ subobj.CONFIGDN_MOD2 = , + subobj.LDAPMODULE + ,paged_searches; subobj.SCHEMADN_LDB = subobj.LDAPBACKEND; subobj.SCHEMADN_MOD2 = , + subobj.LDAPMODULE + ,paged_searches; - message(LDAP module: %s backend: %s\n, subobj.LDAPMODULE, subobj.LDAPBACKEND); + message(LDAP module: %s on backend: %s\n, subobj.LDAPMODULE, subobj.LDAPBACKEND); } if (!provision_validate(subobj, message)) { @@ -146,7 +152,6 @@ var system_session = system_session(); var creds = options.get_credentials();
svn commit: samba r23716 - in branches/SAMBA_4_0/source: scripting/libjs setup
Author: abartlet Date: 2007-07-05 01:45:37 + (Thu, 05 Jul 2007) New Revision: 23716 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23716 Log: Clarify LDAP Manager DN and fix slapd startup syntax. Andrew Bartlett Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/fedorads.inf branches/SAMBA_4_0/source/setup/provision-backend branches/SAMBA_4_0/source/setup/slapd.conf Changeset: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 00:34:11 UTC (rev 23715) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 01:45:37 UTC (rev 23716) @@ -464,6 +464,8 @@ var ldap_path_list = split(/, paths.ldapdir); subobj.LDAPI_URI = ldapi:// + join(%2F, ldap_path_list) + %2Fldapi; + subobj.LDAP_MANAGERDN = cn=Manager, + subobj.DOMAINDN; + return true; } @@ -852,7 +854,7 @@ subobj.KRBTGTPASS = randpass(12); subobj.MACHINEPASS = randpass(12); subobj.ADMINPASS= randpass(12); - subobj.LDAPMANAGERPASS = randpass(12); + subobj.LDAP_MANAGERPASS = randpass(12); subobj.DEFAULTSITE = Default-First-Site-Name; subobj.NEWGUID = randguid; subobj.NTTIME = nttime; Modified: branches/SAMBA_4_0/source/setup/fedorads.inf === --- branches/SAMBA_4_0/source/setup/fedorads.inf2007-07-05 00:34:11 UTC (rev 23715) +++ branches/SAMBA_4_0/source/setup/fedorads.inf2007-07-05 01:45:37 UTC (rev 23716) @@ -6,8 +6,8 @@ [slapd] ldapifilepath=${LDAPDIR}/ldapi Suffix= ${DOMAINDN} -RootDN= cn=Manager,${DOMAINDN} -RootDNPwd= ${LDAPMANAGERPASS} +RootDN= ${LDAP_MANAGERDN} +RootDNPwd= ${LDAP_MANAGERPASS} ServerIdentifier= samba4 ${SERVERPORT} Modified: branches/SAMBA_4_0/source/setup/provision-backend === --- branches/SAMBA_4_0/source/setup/provision-backend 2007-07-05 00:34:11 UTC (rev 23715) +++ branches/SAMBA_4_0/source/setup/provision-backend 2007-07-05 01:45:37 UTC (rev 23716) @@ -90,7 +90,7 @@ var paths = provision_default_paths(subobj); provision_fix_subobj(subobj, paths); message(Provisioning LDAP backend for %s in realm %s into %s\n, subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR); -message(Using LDAP Manager password: %s\n, subobj.LDAPMANAGERPASS); +message(Using %s password: %s\n, subobj.LDAP_MANAGERDN, subobj.LDAP_MANAGERPASS); var tmp_schema_ldb = subobj.LDAPDIR + /schema-tmp.ldb; sys.mkdir(subobj.LDAPDIR, 0700); @@ -137,7 +137,7 @@ setup_file(DB_CONFIG, message, subobj.LDAPDBDIR + /DB_CONFIG, subobj); if (options[ldap-backend-port] != undefined) { message(\nStart slapd with: \n); - slapd_command = slapd -f + subobj.LDAPDIR + /slapd.conf -h ldap://0.0.0.0:; + options[ldap-backend-port] + -h + subobj.LDAPI_URI; + slapd_command = slapd -f + subobj.LDAPDIR + /slapd.conf -h \ldap://0.0.0.0:; + options[ldap-backend-port] + + subobj.LDAPI_URI \; } else { slapd_command = slapd -f + subobj.LDAPDIR + /slapd.conf -h + subobj.LDAPI_URI; } Modified: branches/SAMBA_4_0/source/setup/slapd.conf === --- branches/SAMBA_4_0/source/setup/slapd.conf 2007-07-05 00:34:11 UTC (rev 23715) +++ branches/SAMBA_4_0/source/setup/slapd.conf 2007-07-05 01:45:37 UTC (rev 23716) @@ -47,8 +47,8 @@ databasebdb suffix ${DOMAINDN} -rootdn cn=Manager,${DOMAINDN} -rootpw ${LDAPMANAGERPASS} +rootdn ${LDAP_MANAGERDN} +rootpw ${LDAP_MANAGERPASS} directory ${LDAPDIR}/db/user index objectClass eq index samAccountName eq
svn commit: samba r23717 - in branches/SAMBA_4_0/source: scripting/libjs setup
Author: abartlet Date: 2007-07-05 02:52:58 + (Thu, 05 Jul 2007) New Revision: 23717 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23717 Log: We need to remove the _ in LDAP_MANAGERPASS for the --ldap-manager-pass= option to work. Andrew Bartlett Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/fedorads.inf branches/SAMBA_4_0/source/setup/provision-backend branches/SAMBA_4_0/source/setup/slapd.conf Changeset: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 01:45:37 UTC (rev 23716) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-05 02:52:58 UTC (rev 23717) @@ -464,7 +464,7 @@ var ldap_path_list = split(/, paths.ldapdir); subobj.LDAPI_URI = ldapi:// + join(%2F, ldap_path_list) + %2Fldapi; - subobj.LDAP_MANAGERDN = cn=Manager, + subobj.DOMAINDN; + subobj.LDAPMANAGERDN = cn=Manager, + subobj.DOMAINDN; return true; } @@ -854,7 +854,7 @@ subobj.KRBTGTPASS = randpass(12); subobj.MACHINEPASS = randpass(12); subobj.ADMINPASS= randpass(12); - subobj.LDAP_MANAGERPASS = randpass(12); + subobj.LDAPMANAGERPASS = randpass(12); subobj.DEFAULTSITE = Default-First-Site-Name; subobj.NEWGUID = randguid; subobj.NTTIME = nttime; Modified: branches/SAMBA_4_0/source/setup/fedorads.inf === --- branches/SAMBA_4_0/source/setup/fedorads.inf2007-07-05 01:45:37 UTC (rev 23716) +++ branches/SAMBA_4_0/source/setup/fedorads.inf2007-07-05 02:52:58 UTC (rev 23717) @@ -6,8 +6,8 @@ [slapd] ldapifilepath=${LDAPDIR}/ldapi Suffix= ${DOMAINDN} -RootDN= ${LDAP_MANAGERDN} -RootDNPwd= ${LDAP_MANAGERPASS} +RootDN= ${LDAPMANAGERDN} +RootDNPwd= ${LDAPMANAGERPASS} ServerIdentifier= samba4 ${SERVERPORT} Modified: branches/SAMBA_4_0/source/setup/provision-backend === --- branches/SAMBA_4_0/source/setup/provision-backend 2007-07-05 01:45:37 UTC (rev 23716) +++ branches/SAMBA_4_0/source/setup/provision-backend 2007-07-05 02:52:58 UTC (rev 23717) @@ -90,7 +90,7 @@ var paths = provision_default_paths(subobj); provision_fix_subobj(subobj, paths); message(Provisioning LDAP backend for %s in realm %s into %s\n, subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR); -message(Using %s password: %s\n, subobj.LDAP_MANAGERDN, subobj.LDAP_MANAGERPASS); +message(Using %s password: %s\n, subobj.LDAPMANAGERDN, subobj.LDAPMANAGERPASS); var tmp_schema_ldb = subobj.LDAPDIR + /schema-tmp.ldb; sys.mkdir(subobj.LDAPDIR, 0700); Modified: branches/SAMBA_4_0/source/setup/slapd.conf === --- branches/SAMBA_4_0/source/setup/slapd.conf 2007-07-05 01:45:37 UTC (rev 23716) +++ branches/SAMBA_4_0/source/setup/slapd.conf 2007-07-05 02:52:58 UTC (rev 23717) @@ -47,8 +47,8 @@ databasebdb suffix ${DOMAINDN} -rootdn ${LDAP_MANAGERDN} -rootpw ${LDAP_MANAGERPASS} +rootdn ${LDAPMANAGERDN} +rootpw ${LDAPMANAGERPASS} directory ${LDAPDIR}/db/user index objectClass eq index samAccountName eq
svn commit: samba r23718 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2007-07-05 03:06:59 + (Thu, 05 Jul 2007) New Revision: 23718 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23718 Log: Make Samba4 work against the LDAP backend again. When we set up the schema, we don't have a partitions container yet. The LDAP error differs from that given by LDB, so I think we still have some conformance work to do. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/naming_fsmo.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/naming_fsmo.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/naming_fsmo.c 2007-07-05 02:52:58 UTC (rev 23717) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/naming_fsmo.c 2007-07-05 03:06:59 UTC (rev 23718) @@ -69,10 +69,16 @@ LDB_SCOPE_BASE, NULL, naming_attrs, naming_res); + if (ret == LDB_ERR_NO_SUCH_OBJECT) { + ldb_debug(module-ldb, LDB_DEBUG_WARNING, + naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details)\n); + talloc_free(mem_ctx); + return ldb_next_init(module); + } if (ret != LDB_SUCCESS) { ldb_debug_set(module-ldb, LDB_DEBUG_FATAL, - naming_fsmo_init: failed to search the cross-ref container: %d:%s\n, - ret, ldb_strerror(ret)); + naming_fsmo_init: failed to search the cross-ref container: %s: %s\n, + ldb_strerror(ret), ldb_errstring(module-ldb)); talloc_free(mem_ctx); return ret; }
svn commit: samba r23719 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: abartlet Date: 2007-07-05 03:30:46 + (Thu, 05 Jul 2007) New Revision: 23719 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23719 Log: ejs being case sensitive, while LDAP is not is a real pain when dereferencing attributes. Fix the case to match between the attributes searched for and the ejs element. (Fixes LDAP-backend selftest) Andrew Bartlett Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js Changeset: Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js === --- branches/SAMBA_4_0/testprogs/ejs/ldap.js2007-07-05 03:06:59 UTC (rev 23718) +++ branches/SAMBA_4_0/testprogs/ejs/ldap.js2007-07-05 03:30:46 UTC (rev 23719) @@ -491,7 +491,7 @@ assert(res.msgs.length != 0); println(Testing objectClass attribute order on + base_dn); - var attrs = new Array(objectclass); + var attrs = new Array(objectClass); var res = ldb.search(objectClass=domain, base_dn, ldb.SCOPE_BASE, attrs); assert(res.error == 0); assert(res.msgs.length == 1);
Rev 562: merge from ronnie (with spelling fixes) in http://samba.org/~tridge/ctdb
revno: 562 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Thu 2007-07-05 15:06:42 +1000 message: merge from ronnie (with spelling fixes) modified: doc/ctdb.1 ctdb.1-20070609004027-2618fsab2br6vqha-1 doc/ctdb.1.htmlctdb.1.html-20070609004024-w2r7qblwi5s3iw4a-1 doc/ctdb.1.xml ctdb.1.xml-20070608070258-bjuf7701h1qc1b05-2 revno: 432.1.107 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Thu 2007-07-05 10:17:46 +1000 message: break the tickle description into two paragraphs revno: 432.1.106 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Thu 2007-07-05 10:16:11 +1000 message: update the manpage for ctdb to describe killtcp and tickle revno: 432.1.105 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Thu 2007-07-05 10:01:35 +1000 message: merge from tridge Diff too large for email (290, the limit is 200).