Re: [Samba] wbinfo -g gives no output , ndr_pull_error

[Dietrich Streifert]

Hello,

sorry for the noise, I accidently hit the send button.

Here is what I wanted to ask:

I'm hitting the same problem on solaris 9 x86 and sparc with samba 3.5.6 
(active directory on windows 2003 R2 SP2 with rfc2307 schema extension, 
openssl 0.9.8o, libiconv 1.13.1, heimdal 1.4, openldap 2.4.23) for both 
"wbinfo -g" and "wbinfo -u".


wbinfo -t and net ads testjoin give positive results.

The same testbed except of using samba 3.4.9 does not show the problem. 
"wbinfo -g" and "wbinfo -u" work as expected. Names services using 
nss_winbind.so are working.


The ndr_pull_error line seems to be a subsequent "unable to display the 
error message" error.


The relevant lines in log.winbindd are

[2010/10/28 17:51:31.512980,  6] winbindd/winbindd.c:768(new_connection)
  accepted socket 23
[2010/10/28 17:51:31.513254,  3] 
winbindd/winbindd_lookupsid.c:51(winbindd_lookupsid_send)

  lookupsid S-1-5-21-XX-YY-ZZ-513
[2010/10/28 17:51:31.513468,  1] ../librpc/ndr/ndr.c:395(ndr_pull_error)
  ndr_pull_error(1): String terminator not present or outside string 
boundaries
[2010/10/28 17:51:31.513536,  5] 
winbindd/winbindd_lookupsid.c:94(winbindd_lookupsid_recv)
  Could not lookup sid S-1-5-21-XX-YY-ZZ-513: 
NT_STATUS_ARRAY_BOUNDS_EXCEEDED
[2010/10/28 17:51:31.513729,  6] 
winbindd/winbindd.c:816(winbind_client_request_read)

  closing socket 22, client exited


Did you get any feedback or further understandment on this issue?

Regards...

Am 26.10.2010 13:26, schrieb Dietrich Streifert:

Hello,

Am 06.07.2010 14:54, schrieb Alexander Muth:

Hello,

after upgrade Samba from 3.4.3 to 3.5.4 "wbinfo -g" gives no output.

Log Entry:

[2010/07/06 14:48:49.086377,  3] 
winbindd/winbindd_list_groups.c:58(winbindd_list_groups_send)

  list_groups
[2010/07/06 14:48:49.086504,  1] ../librpc/ndr/ndr.c:395(ndr_pull_error)
  ndr_pull_error(1): String terminator not present or outside string 
boundaries


"wbinfo -u" is working as expected.

 # net ads testjoin
Join is OK

# wbinfo -t
checking the trust secret for domain GLA-RLP via RPC calls succeeded


any Ideas how to get wbinfo -g working again?

thanks

Alexander



--
Mit freundlichen Grüßen
Dietrich Streifert
--
Visionet GmbH
Firmensitz: Am Weichselgarten 7, 91058 Erlangen
Registergericht: Handelsregister Fürth, HRB 6573
Geschäftsführer: Stefan Lindner




--
Mit freundlichen Grüßen
Dietrich Streifert
--
Visionet GmbH
Firmensitz: Am Weichselgarten 7, 91058 Erlangen
Registergericht: Handelsregister Fürth, HRB 6573
Geschäftsführer: Stefan Lindner



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Workgroup compared to Domain

[Robert Moskowitz]

Are there any good articles comparing features/functions of a Workgroup 
compared to a Domain?


I am trying to put something together for the Amahi project and so far 
my searches have been rather slim pickins.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Kerberos5 ticket renewal & 'net ads join' w/o authentication

[Philipoff, Andrew]

> Hello,
> 
> I have two issues with Kerberos administration using Samba and this results
> from my lack of familiarity with it. I am hoping someone can point me in the
> right direction.
> 
> The first issue is with automatically renewing the Kerberos tickets. The
> second issue deals with my having to authenticate each time I attempt to join
> an AD domain. The Samba documentation indicates that I should *not* have
> to authenticate when holding a valid Kerberos ticket. When I join an AD
> domain using administrator credentials, I can basically administer a Samba
> server well. 'getent passwd' and 'getent group' works as expected.
> 
> I'm running FreeBSD 8.1 using Samba 3.4.9 and using the base Heimdal.
> The AD domain is a W2K3 domain in mixed mode.
> 
> I basically used the information from this link listed below to build the
> configuration files listed below:
> 
> http://wiki.samba.org/index.php/Samba_%26_Active_Directory
> 
> I also looked at several other sources such as :
> 
> http://www.freebsd.org/doc/handbook/kerberos5.html
> 
> The bottom line is that I'd like to receive a Kerberos ticket using proper
> authentication and use it to execute the 'net ads join' command without
> authenication and then continue to renew the ticket automatically.
> 
> Now, what changes do I need to do in order to 1) automatically renew
> Kerberos tickets and 2) be able to execute the 'net ads join' command
> without supplying a password?
> 
> Any pointers/assistance would be greatly appreciated! If I've left out
> relevant information, please don't hesitate to let me know.
> 
> ~Doug

Doug,

To address the Kerberos ticket issue, on my RHEL 5.5 servers, I enabled "use 
Kerberos keytab" in my smb.conf:

1. Edit your smb.conf, add "use kerberos keytab = YES"
Run testparm
Restart Samba

2. Create a kerberos keytab in the location is defined in your krb5.conf file. 
Mine has "default_keytab_name = FILE:/etc/krb5.keytab" in the [libdefaults] 
section :
net ads keytab create

3. Verify the contents of the Kerberos keytab file:
klist -ke

Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
 --
3 host/server1.domain.forest.org @ DOMAIN.FOREST.ORG (DES cbc mode with CRC-32) 
3 host/server1.domain.forest.org@ DOMAIN.FOREST.ORG (DES cbc mode with RSA-MD5) 
3 host/server1.domain.forest.org@ DOMAIN.FOREST.ORG (ArcFour with HMAC/md5) 
3 host/serv...@domain.forest.org (DES cbc mode with CRC-32) 
3 host/serv...@domain.forest.org (DES cbc mode with RSA-MD5) 
3 host/serv...@domain.forest.org (ArcFour with HMAC/md5) 
3 serve...@domain.forest.org (DES cbc mode with CRC-32) 
3 serve...@domain.forest.org (DES cbc mode with RSA-MD5) 
3 serve...@domain.forest.org (ArcFour with HMAC/md5) 
4 host/server1.domain.forest@domain.forest.org (DES cbc mode with CRC-32) 
4 host/server1.domain.forest@domain.forest.org (DES cbc mode with RSA-MD5) 
4 host/server1.domain.forest@domain.forest.org (ArcFour with HMAC/md5) 
4 host/serv...@domain.forest.org (DES cbc mode with CRC-32) 
4 host/serv...@domain.forest.org (DES cbc mode with RSA-MD5) 
4 host/serv...@domain.forest.org (ArcFour with HMAC/md5) 
4 serve...@domain.forest.org (DES cbc mode with CRC-32) 
4 serve...@domain.forest.org (DES cbc mode with RSA-MD5) 
4 serve...@domain.forest.org (ArcFour with HMAC/md5)

However I do not know how to enable the execution the 'net ads join' command 
without supplying a password.

Regards,

Andrew Philipoff
Infrastructure Coordinator
UCSF Department of Medicine - IT Services


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Kerberos5 ticket renewal & 'net ads join' w/o authentication

[Doug Sampson]

Hello,

I have two issues with Kerberos administration using Samba and this
results from my lack of familiarity with it. I am hoping someone can
point me in the right direction.

The first issue is with automatically renewing the Kerberos tickets. The
second issue deals with my having to authenticate each time I attempt to
join an AD domain. The Samba documentation indicates that I should *not*
have to authenticate when holding a valid Kerberos ticket. When I join
an AD domain using administrator credentials, I can basically administer
a Samba server well. 'getent passwd' and 'getent group' works as
expected.

I'm running FreeBSD 8.1 using Samba 3.4.9 and using the base Heimdal.
The AD domain is a W2K3 domain in mixed mode.

I basically used the information from this link listed below to build
the configuration files listed below:

http://wiki.samba.org/index.php/Samba_%26_Active_Directory

I also looked at several other sources such as :

http://www.freebsd.org/doc/handbook/kerberos5.html

The bottom line is that I'd like to receive a Kerberos ticket using
proper authentication and use it to execute the 'net ads join' command
without authenication and then continue to renew the ticket
automatically.

Now, what changes do I need to do in order to 1) automatically renew
Kerberos tickets and 2) be able to execute the 'net ads join' command
without supplying a password?

Any pointers/assistance would be greatly appreciated! If I've left out
relevant information, please don't hesitate to let me know.

~Doug



Here are the configuration files for the various components:

=== /etc/krb5.conf ===

[libdefaults]
default_realm= DOMAIN.LOCAL
forwardable  = true

[appdefaults]
default_realm = DOMAIN.LOCAL
pam = {
forwardable  = true
krb4_convert = false
debug= false
ticket_lifetime  = 36000
  renew_lifetime   = 36000
}

[realms]
DOMAIN.LOCAL = {
kdc  = aquila.domain.local:88
kdc  = amd90001.domain.local:88
admin_server = aquila.domain.local:749
kpasswd_server   = aquila.domain.local:464
kpasswd_protocol = SET_CHANGE
default_domain   = domain.local
}

[domain_realm]
domain.local = DOMAIN.LOCAL
   .domain.local = DOMAIN.LOCAL
   .DOMAIN.LOCAL = DOMAIN.LOCAL

[logging]
 default = FILE:/var/log/krb5lib.log
 kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log


=== /usr/local/etc/smb.conf === 

#=== Global Settings
=
[global]
security = ads
realm = DOMAIN.LOCAL
;workgroup = DOMAIN
workgroup = DOMAIN
;password server = aquila.domain.local 
password server = *
server string = TEST 
netbios name = test 
encrypt passwords = yes 
ldap ssl = no 
client use spnego = yes
unix extensions = no
name resolve order = hosts dns wins lmhosts bcast
wins server = 192.168.xxx.xxx
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
load printers = no
disable spoolss = yes

# Log settings
log level = 1
log file = /var/log/samba/log.%m
max log size = 50
syslog = 1

# Browser settings
local master = no
domain master = no
preferred master = no

# ACL settings
inherit acls = yes
acl compatibility = auto
acl check permissions = true
acl map full control = true
dos filemode = yes

# Config domain security
;idmap backend = ad
;idmap alloc config: range = 50001 - 6
idmap uid = 50001 - 6
idmap gid = 50001 - 6

;idmap config MYDOMAIN:default  = yes
;idmap config MYDOMAIN:backend  = ad
;idmap config MYDOMAIN:range= 1 - 5
;idmap config MYDOMAIN:schema-mode  = sfu
hosts allow = 192.168.101., 192.168.102., 127., 10.8.

# Winbind settings
# Enable offline logon support
winbind offline logon = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind separator = -
winbind use default domain = no
allow trusted domains = no
;client schannel = no
winbind refresh tickets = yes

# client settings
;template homedir = /usr/home/%D/%U

admin users = @"DOMAIN-domain admins"

# Share Definitions
==

[install-public]
   comment = /home/install
   browseable = yes
   path = /home/install
   writable = yes
   create mask = 0774
   directory mask = 0774
   valid users = @"DOMAIN-domain admins"


Samba was installed using the following options:

OPTIONS=LDAP"With LDAP support" off \
ADS "With Active Directory support" on \
CUPS"With CUPS printing support" on \
WINBIND "With WinBIND support" on \
SWAT"With SWAT WebGUI" off \
ACL_SUPPORT "With ACL support" on \
AIO_SUPPORT "With Asyncronous IO support" on \
FAM_SUPPORT "With Fi

Re: [Samba] ACtive directoryin Ubuntu

[Andrew Bartlett]

On Thu, 2010-10-28 at 12:43 -0400, Tomas Alberto Ramirez Andujar wrote:
> Hi,
> 
> My name is Tommie, I am new to tthe list...greetings to you all.
> I have a couple of quetions.
> 
> Our college network is running on Debian and Ubuntu, we are trying to
> migrate the rest of the services to Ubuntu... the Active Directory is
> the one that is still using windows.  My questions are:
> 
> How can i substitute the windows Active Directory by Samba?

http://wiki.samba.org/index.php/Samba4/HOWTO

> How can i migrate Active Directory users to Debian/Ubuntu?

http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Can't change password where Samba users are Linux users

[Robert Moskowitz]

My PDC is set up where the users are all Linux users.

I added the following lines to my smb.conf:

  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* 
%n\n *passwd:*all*authentication*tokens*updat

ed*successfully*

I go to C-A-D and use the change password button.  I get back a message 
that I do not have permission to change me password.


I do not see any messages in any of the smb or nmb logs after the 
failure.  What am I missing?  Below is my [global section:


workgroup = Home
server string = home.home
netbios name = hda
printing = cups
printcap name = cups
load printers = yes
cups options = raw
log file = /var/log/samba/%m.log
log level = 0
max log size = 150
socket options = TCP_NODELAY
preferred master = yes
os level = 65
domain master = yes
local master = yes
admin users = u1, u2, u3
domain logons = yes
logon path = \\%L\profiles\%U
logon drive = h:
logon home = \\%N\%U
time server = yes
unix extensions = no
wide links = yes
veto files = /*.nws/riched20.dll/*.{*}/
security = user
username map script = /usr/share/hda-platform/hda-usermap
large readwrite = yes
encrypt passwords = yes
dos charset = CP850
unix charset = UTF8
display charset =  LOCALE
guest account = nobody
map to guest = Bad User
wins support = yes
printer admin = root, @ntadmin, administrator
logon script = %U.bat
# FIXME - is 99 (nobody) the right group?
add machine script = /usr/sbin/useradd -d /dev/null -g 99 -s 
/bin/false -M %u


  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* 
%n\n *passwd:*all*authentication*tokens*updat

ed*successfully*


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] LDAP Account Manager 3.2.0 released

[Roland Gruber]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


LDAP Account Manager (LAM) 3.2.0 - October 28th, 2010
=

LAM is a web frontend for managing accounts stored in an LDAP directory.


Announcement:
- -

This release contains lots of usability enhancements to make LAM even
more user friendly. LAM Pro now includes support for Zarafa (users,
groups, servers).


Full changelog:

http://www.ldap-account-manager.org/lamcms/changelog


Availability:
- -

This software is available under the GNU General Public License V2.0.

You can get the newest version at http://www.ldap-account-manager.org.

File formats: DEB, RPM, tar.gz
There is also a FreeBSD port.


Features:
- -

* management of various account types
 * Unix
 * Samba 3
 * Kolab 2
 * Asterisk
 * phpGroupwWare
 * Zarafa
 * DHCP
 * SSH keys
* profiles for account creation
* account creation via file upload
* automatic creation/deletion of home directories
* setting quotas
* PDF output for all accounts
* editor for organizational units
* schema browser
* tree view
* multiple configuration files
* multi-language support: Catalan, Chinese (Traditional + Simplified),
  Czech, Dutch, English, French, German, Hungarian, Italian, Japanese,
  Polish, Portuguese, Russian and Spanish
* support for LDAP+SSL/TLS


Demo installation:
- --

You can try our demo installation online.

http://www.ldap-account-manager.org/lamcms/liveDemo


Support:
- 

If you find a bug please file a bug report. For questions or
implementing new features please use the mailinglist and feature request
tracker at our homepage http://www.ldap-account-manager.org.



Authors & Copyright:
- 

Copyright (C) 2003 - 2010:
Michael Duergner 
Roland Gruber 
Tilo Lutz 


LAM is published under the GNU General Public License.
The complete list of licenses can be found in the copyright file.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkzJ28cACgkQq/ywNCsrGZ52AACfX1sAS9BO6el657Ibe6w42nkg
nPoAniF96tRKEihjRBI9u2mh1Zrm9JKf
=Czn0
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Active directory in Ubuntu

[Dale Schroeder]

Tommie,

To emulate an Active Directory DC, you will have to use Samba 4.
Note that Samba 4 is still in alpha, but some have reported using it 
successfully in production environments.


http://wiki.samba.org/index.php/Samba4

Dale


On 10/28/2010 11:43 AM, Tomas Alberto Ramirez Andujar wrote:

Hi,

My name is Tommie, I am new to tthe list...greetings to you all.
I have a couple of quetions.

Our college network is running on Debian and Ubuntu, we are trying to
migrate the rest of the services to Ubuntu... the Active Directory is
the one that is still using windows.  My questions are:

How can i substitute the windows Active Directory by Samba?
How can i migrate Active Directory users to Debian/Ubuntu?

Tommie

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file locking on linux samba with mac osx and windows have no function?

[Jeremy Allison]

On Thu, Oct 21, 2010 at 09:10:20PM +0200, Joris Heinrich wrote:
> hallo list,
> 
> I have the following problem:
> 
> smb.conf
> 
> [global]
> server string = file1.int.stayfriends.de
> unix extensions = No
> socket options = SO_KEEPALIVE TCP_NODELAY IPTOS_LOWDELAY
> dns proxy = No
> ldap ssl = no
> read only = No
> create mask = 0660
> directory mask = 0770
> #map hidden = Yes
> #map system = Yes
> 
> # 3. Logging Options:
> 
> log file = /var/log/samba/%m.log
> max log size = 50
> log level = 3
> 
> [cd-depart]
> comment = Allgemeine Daten Test Daten
> path = /test/cd-dpart/
> valid users = @smb-cd
> 
> mac osx and windows can access a file at the same time.
> 
> smbstatus:
> 
> Samba version 3.2.3
> PID Username  Group Machine
> ---
> 10019 cd1   cd2   palandt  (:::192.168.56.101)
> 9167  cd2   cd2   macbookpro-a0cc (:::192.168.56.1)
> 
> Service  pid machine   Connected at
> ---
> IPC$ 10019   palandt   Thu Oct 21 15:02:09 2010
> cd-depart10019   palandt   Thu Oct 21 15:02:09 2010
> IPC$ 10019   palandt   Thu Oct 21 15:02:09 2010
> cd-depart9167   macbookpro-a0cc  Thu Oct 21 14:21:48 2010
> 
> Locked files:
> Pid  UidDenyMode   Access  R/WOplock
> SharePath   Name   Time
> --
> 100191002   DENY_NONE  0x11RDONLY NONE
> /test/cd-dpart   .   Thu Oct 21 15:02:09 2010
> 9167 1004   DENY_NONE  0x11RDONLY NONE
> /test/cd-dpart   .   Thu Oct 21 14:21:48 2010
> 
> 
> how do I reach, that further access only read granted bei samba?

You need to make sure that access is done using the required
deny mode, or use an application that understands file locking.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 3.5.6 jumbo patch

[Jeremy Allison]

On Wed, Oct 27, 2010 at 10:14:48PM -0700, Derek Lewis wrote:
> I have cloned the samba git file and selected the version with the tag:
> release-3-5-6.  I tested the patch with git apply -check, and I get the
> following error:
> 
> Error: patch failed: source3/smbd/posix_acls.c:3856
> 
> Error: source3/smbd/posix_acls.c: patch does not apply.

Hmmm. Try "v3-5-test", not the release branch. The v3-5-test
branch is what becomes the next release.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] SAMBA. LINUX CLIENT SIDE

[jcdole]

Hello.



Does winbindd must run on linux box client on network with samba ldap server 
configured as PDC.



Thank you for your help.



JC DOLE







-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] ACtive directoryin Ubuntu

[Tomas Alberto Ramirez Andujar]

Hi,

My name is Tommie, I am new to tthe list...greetings to you all.
I have a couple of quetions.

Our college network is running on Debian and Ubuntu, we are trying to
migrate the rest of the services to Ubuntu... the Active Directory is
the one that is still using windows.  My questions are:

How can i substitute the windows Active Directory by Samba?
How can i migrate Active Directory users to Debian/Ubuntu?

Tommie

-- 
--
Tomas Alberto Ramirez Andujar, msc.
Sistemas de informaci'on y Redes
Camaguey, Cuba




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] SAMBA smb.conf LINUX CLIENT SIDE

[jcdole]

  
  SAMBA LDAP PDC OS : Opensuse 11.3 X86-64 with full optionnal server 
software installed

CLIENT OS : Opensuse 11.3 X86-64 with minimal desktop workstation configuration



Samba : 3.5.4-5.1.2

Ldap : 2.4.21-9.1



I have a small network with less than 10 LINUX CLIENTS and one SAMBA LDAP PDC 
LINUX.



This is my smb.conf server side file.

Any comment for the server side are welcome.



What should I keep client side.

Is there any body who can help me to make smb.conf linux client side.

Clients are only laptop linux machine with nothing to share.



[global]

#

# Domain

security = user

#

workgroup = HATHOR.NWK

netbios name = LINUX-SRV

domain logons = Yes

domain master = Yes

preferred master = yes

local master = yes

os level = 128

time server = Yes

wins support = Yes

#   name resolve order = wins bcast hosts

name resolve order = bcast hosts lmhosts wins

include = /etc/samba/dhcp.conf

unix charset = utf8

username map = /etc/samba/smbusers

map to guest = Bad User

guest account = nobody

#

#

# Security

hosts allow = 127.0.0.1 127.0.0.2 192.168.130.0/24

hosts deny = 0.0.0.0/0

#

#

#

# Usershare

#

usershare allow guests = No

usershare max shares = 100

usershare owner only = False

#

# Printer

#

### not in use ### printer admin = root

printing = cups

printcap name = cups

printcap cache time = 750

cups options = raw

load printers = yes

use client driver = yes



#

# Roaming profiles Home and share

#

logon path = \\%N\Smb_profile\%u

#

logon home = \\%N\Smb_home\%u

#

logon script = logon.sh

#

logon drive = X:

#

#

# Ldap config

#

#   passdb backend = tdbsam

#   passdb backend  = ldapsam:"ldap://LINUX-SRV.HATHOR.NWK";

#

passdb backend  = ldapsam:"ldap://localhost";

ldapsam:trusted = yes

# ldap ssl = on off start tls

ldap ssl= off

ldap passwd sync= yes

ldap suffix = dc=hathor,dc=nwk

ldap machine suffix = ou=Computers,ou=Users

ldap user suffix= ou=Peoples,ou=Users

ldap group suffix   = ou=Groups

ldap idmap suffix   = ou=Idmap

ldap admin dn   = cn=Samba_Manager,dc=hathor,dc=nwk

idmap backend   = ldap:ldap://127.0.0.1

idmap uid   = 1-2

idmap gid   = 1-2

#

#

# samba tools

#

add user script = /usr/sbin/smbldap-useradd -m '%u'

delete user script = /usr/sbin/smbldap-userdel '%u'

add group script = /usr/sbin/smbldap-groupadd -p '%g'

delete group script = /usr/sbin/smbldap-groupdel '%g'

add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'

delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'

set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'

passwd program = /usr/sbin/smbldap-passwd '%u'

# Only linux box

add machine script = /usr/sbin/smbldap-useradd -w '%u'

#

#

# syslog

#

log level = 2

syslog = 1

log file = /var/log/samba/%m

max log size = 0

#

#

# Winbindd

#

winbind offline logon = yes

winbind enum users = yes

winbind enum groups = yes

template homedir = /home/%D/%U

template shell = /bin/bash

winbind separator = \

#

#



#Share Definitions=

#

#

[Smb_home]

comment = Votre Repertoire : \\%N\Samba_homes\%u

path = /data_1/100_samba/sysvol/homes

valid users = "@Domain Users"

writable = yes

create mask = 0700

directory mask = 0700

#

#

[Smb_profile]

comment = Profile itinerant \\%N\Samba_profiles\%u

path = /data_1/100_samba/sysvol/profiles

valid users = "@Domain Users"

writeable = yes

browseable = no

create mode = 0700

directory mode = 0700

#

#

[netlogon]

comment = Network Logon Service (Netlogon)

path = /data_1/100_samba/sysvol/linux-srv/netlogon

valid users = "@Domain Users"

writeable = yes

browseable = yes

#

# Printer

#

[printers]

comment = All Printers

path = /var/tmp

printable = Yes

create mask = 0700

browseable = No

#

#

[print$]

comment = Printer Drivers

path = /var/lib/samba/drivers

write list = @Domain Admins

force group = Domain Admins

create mask = 0664

directory mask = 0775

#

#

[sysvol]

path = /data_1/100_samba/sysvol

valid users = "@Domain Users"

read only = no

#

Re: [Samba] The filename of list of smbclient contains spaces

[Wang, Brandon]

Thank you for your great suggestion.
I have attached it to the bugzilla entries. 
Could you get it from the following URL, please?
https://bugzilla.samba.org/attachment.cgi?id=6038&action=edit
or https://bugzilla.samba.org/show_bug.cgi?id=7701

Thank you very much!

Brandon

> -Original Message-
> From: Volker Lendecke [mailto:volker.lende...@sernet.de]
> Sent: 2010年10月28日 15:23
> To: Wang, Brandon
> Cc: samba@lists.samba.org
> Subject: Re: [Samba] The filename of list of smbclient contains spaces
> 
> On Thu, Oct 28, 2010 at 02:56:26PM +0800, Wang, Brandon wrote:
> > Please forgive me to disturb you all. We have attempted
> > to make a patch to resolve the following problems.
> > https://bugzilla.samba.org/show_bug.cgi?idw00
> > https://bugzilla.samba.org/show_bug.cgi?idw01
> >
> > Please let me introduce one in detail. For the 1st problem
> > that we found when we do the following command,
> > $ smbclient //13.187.241.5/test -U test%123456 -c "mkdir xxx"
> > the return value is always "0" regardless of the command
> > is correct or incorrect. The commands, "rd" and "rm" have
> > the same problem.
> > We can obtain the returned value by calling this shell,
> > $ echo $?
> > after calling of smbclient.
> >
> > For the 2nd one, please to refer to the descriptions within the
> > URL https://bugzilla.samba.org/show_bug.cgi?idw01
> >
> > Finally, we cloned the source from git://git.samba.org/samba.git,
> > made a patch and attached it, for both bugs. We built the
> > executable file under "source3" successfully, and confirmed
> > some features briefly, in our local PC.
> >
> > Would you like to review and commit, if it can be done, the
> > patch for us please?
> 
> Sure! The problem is that the samba-mailing list drops
> attachments. You could either upload the patches to some
> public git hoster like repo.or.cz or so, or attach them to
> the bugzilla entries. The latter would probably be simplest
> for you.
> 
> Thanks,
> 
> Volker
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] The filename of list of smbclient contains spaces

[Volker Lendecke]

On Thu, Oct 28, 2010 at 02:56:26PM +0800, Wang, Brandon wrote:
> Please forgive me to disturb you all. We have attempted
> to make a patch to resolve the following problems.
> https://bugzilla.samba.org/show_bug.cgi?id=7700
> https://bugzilla.samba.org/show_bug.cgi?id=7701
> 
> Please let me introduce one in detail. For the 1st problem
> that we found when we do the following command,
> $ smbclient //13.187.241.5/test -U test%123456 -c "mkdir xxx"
> the return value is always "0" regardless of the command
> is correct or incorrect. The commands, "rd" and "rm" have
> the same problem.
> We can obtain the returned value by calling this shell,
> $ echo $?
> after calling of smbclient.
> 
> For the 2nd one, please to refer to the descriptions within the
> URL https://bugzilla.samba.org/show_bug.cgi?id=7701
> 
> Finally, we cloned the source from git://git.samba.org/samba.git,
> made a patch and attached it, for both bugs. We built the
> executable file under "source3" successfully, and confirmed
> some features briefly, in our local PC.
> 
> Would you like to review and commit, if it can be done, the
> patch for us please?

Sure! The problem is that the samba-mailing list drops
attachments. You could either upload the patches to some
public git hoster like repo.or.cz or so, or attach them to
the bugzilla entries. The latter would probably be simplest
for you.

Thanks,

Volker
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] The filename of list of smbclient contains spaces

[Wang, Brandon]

Hi,

Please forgive me to disturb you all. We have attempted
to make a patch to resolve the following problems.
https://bugzilla.samba.org/show_bug.cgi?id=7700
https://bugzilla.samba.org/show_bug.cgi?id=7701

Please let me introduce one in detail. For the 1st problem
that we found when we do the following command,
$ smbclient //13.187.241.5/test -U test%123456 -c "mkdir xxx"
the return value is always "0" regardless of the command
is correct or incorrect. The commands, "rd" and "rm" have
the same problem.
We can obtain the returned value by calling this shell,
$ echo $?
after calling of smbclient.

For the 2nd one, please to refer to the descriptions within the
URL https://bugzilla.samba.org/show_bug.cgi?id=7701

Finally, we cloned the source from git://git.samba.org/samba.git,
made a patch and attached it, for both bugs. We built the
executable file under "source3" successfully, and confirmed
some features briefly, in our local PC.

Would you like to review and commit, if it can be done, the
patch for us please?

Any help and suggestion will be appreciated.
Thanks.

Best
Brandon. Wang
2010/10/28




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba