Re: [Samba] Did not find a test named RAW-*
hi, Thanks for reply Andrew. Now when i run command :: /usr/bin/smbtorture //nishant/base -Ubase%base_ubuntu raw.* smbtorture: error while loading shared libraries: libwinbind-client.so: cannot open shared object file: No such file or directory This output is shown. I have installed the samba4 using Synaptic Package Manager in Ubuntu. So, i think i will install new version of ubuntu. Please help me ASAP. Nishant Mungse On Wed, Oct 26, 2011 at 3:45 AM, Andrew Bartlett abart...@samba.org wrote: On Tue, 2011-10-25 at 11:15 +0530, nishant mungse wrote: Hi, I am facing problem while running RAW tests. When i run following command, i get the error stating Did not find a test named RAW-*. Command :: root@nishant-ThinkCentre-A85:/home/nishan# smbtorture //nishant/base -Uuser1%base_ubuntu RAW-* using seed 1319521290 host=nishant share=base user=user1 myname=nishant-ThinkCentre-A85 Did not find a test named RAW-* To run the 'raw' smbtorture tests first build Samba4, and then run: bin/smbtorture //nishant/base -Uuser1%base_ubuntu raw.* We renamed the tests from RAW-* to raw.* a while ago. My guess is that the smbtorture binary you are currently running would be a very old one from our Samba 3.x releases, which is not where most of our testsuite development occurs. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Windows8
Hi all, Is there anybody have tried to join windows8 to samba-3.5.4? I have try, but failed RPC Server is Unavailable. Help me please!!! Regards, Shiddiq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Did not find a test named RAW-*
On Tue, 2011-11-01 at 11:48 +0530, nishant mungse wrote: hi, Thanks for reply Andrew. Now when i run command :: /usr/bin/smbtorture //nishant/base -Ubase% base_ubuntu raw.* smbtorture: error while loading shared libraries: libwinbind-client.so: cannot open shared object file: No such file or directory This output is shown. I have installed the samba4 using Synaptic Package Manager in Ubuntu. So, i think i will install new version of ubuntu. Please help me ASAP. The best way I can help you is if you help me. Which version of Samba was this? Have you tried compiling Samba4 from source? Upgrading to the latest ubuntu may help, but the best option is simply to compile the latest Samba4 from source. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Enhancing NTLM Authentication to Remote Site Active Directory server
Hi, We use NLTM Authentication with Squid is some setups.On those setup, local machine joins active directory and squid ntlm_auth helper authenticate through local samba service. Users transparently authenticate through NTLM authentication handshake on HTTP without entering any password in their browser. However, in some cases, branch offices has no local active directory server. Branch office is connected to the headquarters through a IPSEC vpn. I can make branch office samba to join to the headquarter active directory domain and set NTLM authentication on Squid up correctly. This setup has a weakness inherited from high latency, packet loss ofsome other things that I dont know about samba. 3-4 times in a dayusers get prompted with user name password authentication popup ontheir browser. Sometimes this recovered naturally in a few minutes.However, it requires rejoining to the domain in come cases. (wbinfo -tgives error and wbinfo -l can not list users). I have made some tunings in samba: getwd cache = yes winbind cache time = 3000 ldap connection timeout = 10 ldap timeout = 120 Which other tunings can I do on samba and squid? I need your experiences. Best Regards, squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 20 auth_param ntlm keep_alive off auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 20 auth_param basic realm Squid AD Auth auth_param basic credentialsttl 2 hours auth_param basic casesensitive off /etc/samba/smb.conf: [global] netbios name = SQUID realm = MY.DOM workgroup = my.dom security = ads encrypt passwords = yes password server = 172.16.5.10 log level = 3 log file = /var/log/samba.log ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 winbind separator = / winbind enum users = yes winbind enum groups = yes winbind use default domain = yes domain master = no local master = no preferred master = no template shell = /sbin/nologin getwd cache = yes winbind cache time = 3000 ldap connection timeout = 10 ldap timeout = 120 /etc/krb5.conf: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = MY.DOM default_tkt_enctypes = rc4-hmac des-cbc-crc default_tgs_enctypes = rc4-hmac des-cbc-crc # dns_lookup_realm = false # dns_lookup_kdc = false dns_lookup_realm = false dns_lookup_kdc = false [realms] MY.DOM = { kdc = 172.16.5.10 admin_server = 172.16.5.10 default_domain = MY.DOM } [domain_realm] .ronesans.hol = MY.DOM ronesans.hol = MY.DOM -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] got stuck with replacing win2k DC with samba4 DC
Hello all, I have tried several times to replace an old Windows 2000 domain controller with a samba4 dc but failed to do so. here is what I did/tried: - copied the old DC and DNS (bind9) to a vmware machine - fixed some replication issues I had with the old 2k DC ( once had two DCs and one died and had to seize it) - downloaded 2008 R2 evaluation - performed adprep32 /forestprep, adprep32 /domainprep and adprep32 /domainprep /gpprep - no errors so far - installed a new 2008 R2 machine and promoted it as new DC - waited for SYSVOL to be synced - transfered all FSMOs to the new 2008R2 DC - demoted old 2k DC and re-added it as member server - raised domain level to 2008 R2 - checked if everything is working with new DC - OK, i guess. - installed a new VMware guest with current Ubuntu (oneiric 32bit) - downloaded samba from git, downloaded required dependencies, ./configure.developer, make, sudo make install - changed nsupdate command to /usr/bin/nsupdate - joined new samba DC to domain with samba-tool - OK, no errors - created start script and start samba4 - checked DNS for new entries for samba4 DC - OK - waited some time for replication - used MS AD utils, connected to new samba4 DC and checked if all entries are there - OK, looks good. - new samba4 currently has only GC role - used howto form here: https://lists.samba.org/archive/samba-technical/2011-October/080026.html to replicate SYSVOL from Windows machine to samba4 server - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC - demoted Windows DC (had to force it with dcpromo /forceremoval) - domain non functional anymore :-( - if I open MS AD tools the DC will not be selected automatically but I can select it manually and all entries seem do be there. Has someone successful moved his domain to a samba4 environment ? Any idea what could have happened ? I would be happy if someone can give me a hint in the right direction. thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] got stuck with replacing win2k DC with samba4 DC
Hello all, here is some more information from the samba log: ../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level) ../source4/dsdb/common/util.c:3118: Warning: forestFunctionality not setup Thanks Andreas Am 01.11.2011 11:06, schrieb Andreas Oster: Hello all, I have tried several times to replace an old Windows 2000 domain controller with a samba4 dc but failed to do so. here is what I did/tried: - copied the old DC and DNS (bind9) to a vmware machine - fixed some replication issues I had with the old 2k DC ( once had two DCs and one died and had to seize it) - downloaded 2008 R2 evaluation - performed adprep32 /forestprep, adprep32 /domainprep and adprep32 /domainprep /gpprep - no errors so far - installed a new 2008 R2 machine and promoted it as new DC - waited for SYSVOL to be synced - transfered all FSMOs to the new 2008R2 DC - demoted old 2k DC and re-added it as member server - raised domain level to 2008 R2 - checked if everything is working with new DC - OK, i guess. - installed a new VMware guest with current Ubuntu (oneiric 32bit) - downloaded samba from git, downloaded required dependencies, ./configure.developer, make, sudo make install - changed nsupdate command to /usr/bin/nsupdate - joined new samba DC to domain with samba-tool - OK, no errors - created start script and start samba4 - checked DNS for new entries for samba4 DC - OK - waited some time for replication - used MS AD utils, connected to new samba4 DC and checked if all entries are there - OK, looks good. - new samba4 currently has only GC role - used howto form here: https://lists.samba.org/archive/samba-technical/2011-October/080026.html to replicate SYSVOL from Windows machine to samba4 server - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC - demoted Windows DC (had to force it with dcpromo /forceremoval) - domain non functional anymore :-( - if I open MS AD tools the DC will not be selected automatically but I can select it manually and all entries seem do be there. Has someone successful moved his domain to a samba4 environment ? Any idea what could have happened ? I would be happy if someone can give me a hint in the right direction. thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows8
I have not looked into Windows 8 at all but my guess is it would be the same thing as Windows 7. Did you do the registry mod to Windows? Is there a firewall running on the samba machine? - Did you open up the required ports? - Try disabling the firewall just to be completely sure that is not the problem. What domain are you trying to join i.e. example.net or example? Have you checked the logs on the samba machine to see if an error pops up? Have you read http://samba.org/samba/docs/man/Samba-HOWTO-Collection/ ? With the information you have given I, along with anyone else, am making a lot of assumptions. On top of that I have yet to have any experience with Windows 8. On 10/31/2011 11:28 PM, yudi shiddiq wrote: Hi all, Is there anybody have tried to join windows8 to samba-3.5.4? I have try, but failed RPC Server is Unavailable. Help me please!!! Regards, Shiddiq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] got stuck with replacing win2k DC with samba4 DC
Hello all, active directory is working now, seems there was an issue with DNS entries. Now i have another question. I had to force demote of the win 2008 R2 server and was not able to do metadata cleanup with the ntdsutil to remove the remains of the windows server afterwards, the new samba4 DC simply did not allow me to do that. Is there a way to do something similar with the samba provided tools (samba-tool for example) ? thank you regards Andreas Am 01.11.2011 11:06, schrieb Andreas Oster: Hello all, I have tried several times to replace an old Windows 2000 domain controller with a samba4 dc but failed to do so. here is what I did/tried: - copied the old DC and DNS (bind9) to a vmware machine - fixed some replication issues I had with the old 2k DC ( once had two DCs and one died and had to seize it) - downloaded 2008 R2 evaluation - performed adprep32 /forestprep, adprep32 /domainprep and adprep32 /domainprep /gpprep - no errors so far - installed a new 2008 R2 machine and promoted it as new DC - waited for SYSVOL to be synced - transfered all FSMOs to the new 2008R2 DC - demoted old 2k DC and re-added it as member server - raised domain level to 2008 R2 - checked if everything is working with new DC - OK, i guess. - installed a new VMware guest with current Ubuntu (oneiric 32bit) - downloaded samba from git, downloaded required dependencies, ./configure.developer, make, sudo make install - changed nsupdate command to /usr/bin/nsupdate - joined new samba DC to domain with samba-tool - OK, no errors - created start script and start samba4 - checked DNS for new entries for samba4 DC - OK - waited some time for replication - used MS AD utils, connected to new samba4 DC and checked if all entries are there - OK, looks good. - new samba4 currently has only GC role - used howto form here: https://lists.samba.org/archive/samba-technical/2011-October/080026.html to replicate SYSVOL from Windows machine to samba4 server - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC - demoted Windows DC (had to force it with dcpromo /forceremoval) - domain non functional anymore :-( - if I open MS AD tools the DC will not be selected automatically but I can select it manually and all entries seem do be there. Has someone successful moved his domain to a samba4 environment ? Any idea what could have happened ? I would be happy if someone can give me a hint in the right direction. thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] parent folder rX - child file in it rwx = child file from windows read only????
dear everybody samba is 3.5.11-79.fc14 is this weird or my logic fails, I was hoping that if a file has unix 770 then Win clients should be able to write to it even if parent folder is 750 also if a folder is 770 and a Win client creates a new folder in it, its unix permissions get set to 755, and yet! another(different) Win user can just delete this newly created folder. with what settings one can achieve above goals? many thanks for all help Pawel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] got stuck with replacing win2k DC with samba4 DC
Hi As per the Samba4 HOWTO, try asking on the samba-technical list. (I've copied my reply there.) On 1 November 2011 15:03, Andreas Oster aos...@novanetwork.de wrote: Hello all, active directory is working now, seems there was an issue with DNS entries. Now i have another question. I had to force demote of the win 2008 R2 server and was not able to do metadata cleanup with the ntdsutil to remove the remains of the windows server afterwards, the new samba4 DC simply did not allow me to do that. Is there a way to do something similar with the samba provided tools (samba-tool for example) ? thank you regards Andreas Am 01.11.2011 11:06, schrieb Andreas Oster: Hello all, I have tried several times to replace an old Windows 2000 domain controller with a samba4 dc but failed to do so. here is what I did/tried: - copied the old DC and DNS (bind9) to a vmware machine - fixed some replication issues I had with the old 2k DC ( once had two DCs and one died and had to seize it) - downloaded 2008 R2 evaluation - performed adprep32 /forestprep, adprep32 /domainprep and adprep32 /domainprep /gpprep - no errors so far - installed a new 2008 R2 machine and promoted it as new DC - waited for SYSVOL to be synced - transfered all FSMOs to the new 2008R2 DC - demoted old 2k DC and re-added it as member server - raised domain level to 2008 R2 - checked if everything is working with new DC - OK, i guess. - installed a new VMware guest with current Ubuntu (oneiric 32bit) - downloaded samba from git, downloaded required dependencies, ./configure.developer, make, sudo make install - changed nsupdate command to /usr/bin/nsupdate - joined new samba DC to domain with samba-tool - OK, no errors - created start script and start samba4 - checked DNS for new entries for samba4 DC - OK - waited some time for replication - used MS AD utils, connected to new samba4 DC and checked if all entries are there - OK, looks good. - new samba4 currently has only GC role - used howto form here: https://lists.samba.org/archive/samba-technical/2011-October/080026.html to replicate SYSVOL from Windows machine to samba4 server - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC - demoted Windows DC (had to force it with dcpromo /forceremoval) - domain non functional anymore :-( - if I open MS AD tools the DC will not be selected automatically but I can select it manually and all entries seem do be there. Has someone successful moved his domain to a samba4 environment ? Any idea what could have happened ? I would be happy if someone can give me a hint in the right direction. thanks Andreas -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Bulk] parent folder rX - child file in it rwx = child file from windows read only????
apologies for being vague, to me it seems that everything depends on what's parent looks like, and goals are: have a file within a 750 folder that would be 770, meaning a client can write to the file have samba/win clients acknowledge folder of 750 within a folder of 770, meaning that if a winuser creates a folder(750) within a folder(770) samba respects it and other user should have no write permission to this newly created user's folder at this moment my samba lets users delete a folder with group (to which both users belong) permissions equals to rX, I'd have to make a folder 700 in order to protect it from deletion by non-owners and the smb.conf is pretty basic what am I missing??? On 11/01/2011 01:25 PM, lejeczek wrote: dear everybody samba is 3.5.11-79.fc14 is this weird or my logic fails, I was hoping that if a file has unix 770 then Win clients should be able to write to it even if parent folder is 750 also if a folder is 770 and a Win client creates a new folder in it, its unix permissions get set to 755, and yet! another(different) Win user can just delete this newly created folder. with what settings one can achieve above goals? many thanks for all help Pawel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] got stuck with replacing win2k DC with samba4 DC
Hello Michael, please excuse me for posting to the wrong list. Maybe someone on this list can help me with removing the Windows 2008 R2 server entries from the now samba4 only AD. Thanks kind regards Andreas Am 01.11.2011 15:28, schrieb Michael Wood: Hi As per the Samba4 HOWTO, try asking on the samba-technical list. (I've copied my reply there.) On 1 November 2011 15:03, Andreas Osteraos...@novanetwork.de wrote: Hello all, active directory is working now, seems there was an issue with DNS entries. Now i have another question. I had to force demote of the win 2008 R2 server and was not able to do metadata cleanup with the ntdsutil to remove the remains of the windows server afterwards, the new samba4 DC simply did not allow me to do that. Is there a way to do something similar with the samba provided tools (samba-tool for example) ? thank you regards Andreas Am 01.11.2011 11:06, schrieb Andreas Oster: Hello all, I have tried several times to replace an old Windows 2000 domain controller with a samba4 dc but failed to do so. here is what I did/tried: - copied the old DC and DNS (bind9) to a vmware machine - fixed some replication issues I had with the old 2k DC ( once had two DCs and one died and had to seize it) - downloaded 2008 R2 evaluation - performed adprep32 /forestprep, adprep32 /domainprep and adprep32 /domainprep /gpprep - no errors so far - installed a new 2008 R2 machine and promoted it as new DC - waited for SYSVOL to be synced - transfered all FSMOs to the new 2008R2 DC - demoted old 2k DC and re-added it as member server - raised domain level to 2008 R2 - checked if everything is working with new DC - OK, i guess. - installed a new VMware guest with current Ubuntu (oneiric 32bit) - downloaded samba from git, downloaded required dependencies, ./configure.developer, make, sudo make install - changed nsupdate command to /usr/bin/nsupdate - joined new samba DC to domain with samba-tool - OK, no errors - created start script and start samba4 - checked DNS for new entries for samba4 DC - OK - waited some time for replication - used MS AD utils, connected to new samba4 DC and checked if all entries are there - OK, looks good. - new samba4 currently has only GC role - used howto form here: https://lists.samba.org/archive/samba-technical/2011-October/080026.html to replicate SYSVOL from Windows machine to samba4 server - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC - demoted Windows DC (had to force it with dcpromo /forceremoval) - domain non functional anymore :-( - if I open MS AD tools the DC will not be selected automatically but I can select it manually and all entries seem do be there. Has someone successful moved his domain to a samba4 environment ? Any idea what could have happened ? I would be happy if someone can give me a hint in the right direction. thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows8
From: Jorell jore...@fastmail.net Date: Tue, 01 Nov 2011 04:15:06 -0700 On 10/31/2011 11:28 PM, yudi shiddiq wrote: Hi all, Is there anybody have tried to join windows8 to samba-3.5.4? I have try, but failed RPC Server is Unavailable. Watch at this thread: http://lists.samba.org/archive/samba-technical/2011-September/079410.html I think that currently we're waiting for the MS's answer. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Bulk] parent folder rX - child file in it rwx = child file from windows read only????
There are two ways to influence newly created directory and file permissions. The default is to use the mask/mode options. You can see your current settings with testparm -sv | grep mask ( also grep for mode and force). Or you can use the different inherit options instead. testparm -sv | grep inherit Whichever way you choose, learn what these options do, and you should be able to set a combination that works for you. Dale On 11/01/2011 9:42 AM, lejeczek wrote: apologies for being vague, to me it seems that everything depends on what's parent looks like, and goals are: have a file within a 750 folder that would be 770, meaning a client can write to the file have samba/win clients acknowledge folder of 750 within a folder of 770, meaning that if a winuser creates a folder(750) within a folder(770) samba respects it and other user should have no write permission to this newly created user's folder at this moment my samba lets users delete a folder with group (to which both users belong) permissions equals to rX, I'd have to make a folder 700 in order to protect it from deletion by non-owners and the smb.conf is pretty basic what am I missing??? On 11/01/2011 01:25 PM, lejeczek wrote: dear everybody samba is 3.5.11-79.fc14 is this weird or my logic fails, I was hoping that if a file has unix 770 then Win clients should be able to write to it even if parent folder is 750 also if a folder is 770 and a Win client creates a new folder in it, its unix permissions get set to 755, and yet! another(different) Win user can just delete this newly created folder. with what settings one can achieve above goals? many thanks for all help Pawel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] getent passwd not returning users/groups
I'm trying to get my CentOS 5.6 machine setup as a Active Directory Domain Member with Windows 2008 level domain and samba 3.5. I haven't tried this before. I can successfully join the domain and return users using 'wbinfo -u' and groups with 'wbinfo -g' but when I try 'getent passwd' I only get the local users. I'm not sure what element that indicates is failing in the process. I'm not confident in my pam.d/ setup since different guides show different methods of setting this up. The /etc/nsswitch.conf file has been edited to include winbind as a source for passwd/shadow/group. The only insightful error message I see in the samba logs is this (repeated over and over in all the logs) but I haven't found the solution. Is this the cause of my problems? How do I disable spinlocks? I'm using a prebuilt package from sernet [2011/11/01 16:46:19.979981, 1] lib/util_tdb.c:385(tdb_log) tdb(unnamed): tdb_open_ex: spinlocks no longer supported Here is my samba configuration dumped from smbtest: [root@sambatest ~]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = SHAMOFFICE realm = SHAMBHALA-OFFICE.LOCAL interfaces = 127.0.0.1, eth0 bind interfaces only = Yes security = ADS printcap name = cups idmap backend = ad idmap uid = 1-2 idmap gid = 3-4 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes idmap config SHAMOFFICE : schema_mode = rfc2307 idmap config SHAMOFFICE : range = 4000-5000 idmap config SHAMOFFICE : backend = ad idmap config * : range = 2000-3000 idmap config * : backend = tdb [test] comment = Directory for storing pictures by jims users path = /local/test read only = No guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] getent passwd not returning users/groups
Shot in the dark.. is nscd running? I have been bitten by that a few times. On 11/1/2011 5:04 PM, James Chase wrote: I'm trying to get my CentOS 5.6 machine setup as a Active Directory Domain Member with Windows 2008 level domain and samba 3.5. I haven't tried this before. I can successfully join the domain and return users using 'wbinfo -u' and groups with 'wbinfo -g' but when I try 'getent passwd' I only get the local users. I'm not sure what element that indicates is failing in the process. I'm not confident in my pam.d/ setup since different guides show different methods of setting this up. The /etc/nsswitch.conf file has been edited to include winbind as a source for passwd/shadow/group. The only insightful error message I see in the samba logs is this (repeated over and over in all the logs) but I haven't found the solution. Is this the cause of my problems? How do I disable spinlocks? I'm using a prebuilt package from sernet [2011/11/01 16:46:19.979981, 1] lib/util_tdb.c:385(tdb_log) tdb(unnamed): tdb_open_ex: spinlocks no longer supported Here is my samba configuration dumped from smbtest: [root@sambatest ~]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = SHAMOFFICE realm = SHAMBHALA-OFFICE.LOCAL interfaces = 127.0.0.1, eth0 bind interfaces only = Yes security = ADS printcap name = cups idmap backend = ad idmap uid = 1-2 idmap gid = 3-4 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes idmap config SHAMOFFICE : schema_mode = rfc2307 idmap config SHAMOFFICE : range = 4000-5000 idmap config SHAMOFFICE : backend = ad idmap config * : range = 2000-3000 idmap config * : backend = tdb [test] comment = Directory for storing pictures by jims users path = /local/test read only = No guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Did not find a test named RAW-*
hii Andrew, Thanks 4 help. I am using samba-4.0.0alpha15. Now at-least my raw.* tests are running fine, actually fine means not giving the previous errors. But there is still another problem. when i run the following command:: bin/smbtorture //nishant/base -Ubase%base_ubuntu raw.* Using seed 1320150365 time: 2011-11-01 17:56:05.910156 progress: 6 test: base time: 2011-11-01 17:56:05.910478 Failed to open connection - NT_STATUS_OBJECT_NAME_NOT_FOUND time: 2011-11-01 17:56:08.926315 error: base [ Unknown error/failure ] It is giving this error. Why it failing to open connection --- Before this i ran following commands. 1) useradd -c base_ubuntu -m -p base_ubuntu base 2) smbpasswd base 3)nmbd 4)smdb 5)chown base.users /exports 6)chmod 777 /exports 7)bin/smbtorture //nishant/base -Ubase%base_ubuntu raw.* These are the commands. Now why is the case it is failing??? Please help ASAP. Regards, Nishant Mungse On Tue, Nov 1, 2011 at 12:47 PM, Andrew Bartlett abart...@samba.org wrote: On Tue, 2011-11-01 at 11:48 +0530, nishant mungse wrote: hi, Thanks for reply Andrew. Now when i run command :: /usr/bin/smbtorture //nishant/base -Ubase% base_ubuntu raw.* smbtorture: error while loading shared libraries: libwinbind-client.so: cannot open shared object file: No such file or directory This output is shown. I have installed the samba4 using Synaptic Package Manager in Ubuntu. So, i think i will install new version of ubuntu. Please help me ASAP. The best way I can help you is if you help me. Which version of Samba was this? Have you tried compiling Samba4 from source? Upgrading to the latest ubuntu may help, but the best option is simply to compile the latest Samba4 from source. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b67a10 Simplify handling of user add command. via b26a4f6 s4: samba-tool subcommand rename - change samba-tool user add to samba-tool user create from aabda85 s4-dsdb Remove LDAP backend credentials support http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b67a10ed04d0d8e2aec9f6d8a07f4c883c58d75 Author: Jelmer Vernooij jel...@samba.org Date: Tue Nov 1 12:29:16 2011 +0100 Simplify handling of user add command. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Tue Nov 1 14:25:39 CET 2011 on sn-devel-104 commit b26a4f6232219746fd8ed1b107476f3c23c6908e Author: Theresa Halloran thall...@linux.vnet.ibm.com Date: Sun Oct 23 15:23:28 2011 -0700 s4: samba-tool subcommand rename - change samba-tool user add to samba-tool user create Signed-off-by: Theresa Halloran thall...@linux.vnet.ibm.com Signed-off-by: Jelmer Vernooij jel...@samba.org --- Summary of changes: source4/scripting/python/samba/netcmd/user.py | 15 +-- source4/setup/tests/blackbox_group.sh |4 ++-- source4/setup/tests/blackbox_newuser.sh |4 ++-- source4/setup/tests/blackbox_setpassword.sh |2 +- testprogs/blackbox/test_export_keytab.sh |2 +- testprogs/blackbox/test_kinit.sh |2 +- testprogs/blackbox/test_passwords.sh |2 +- 7 files changed, 21 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/netcmd/user.py b/source4/scripting/python/samba/netcmd/user.py index cbac5af..308b170 100644 --- a/source4/scripting/python/samba/netcmd/user.py +++ b/source4/scripting/python/samba/netcmd/user.py @@ -36,7 +36,7 @@ from samba.netcmd import ( ) -class cmd_user_add(Command): +class cmd_user_create(Command): Creates a new user synopsis = %prog username [password] [options] @@ -103,6 +103,16 @@ class cmd_user_add(Command): self.outf.write(User '%s' created successfully\n % username) +class cmd_user_add(cmd_user_create): +__doc__ = cmd_user_create.__doc__ +# take this print out after the add subcommand is removed. +# the add subcommand is deprecated but left in for now to allow people to migrate to create + +def run(self, *args, **kwargs): +self.err.write(\nNote: samba-tool user add is deprecated. Please use samba-tool user create for the same function.\n) +return super(self, cmd_user_add).run(*args, **kwargs) + + class cmd_user_delete(Command): Delete a user @@ -289,7 +299,8 @@ class cmd_user(SuperCommand): User management subcommands = {} -subcommands[add] = cmd_user_add() +subcommands[add] = cmd_user_create() +subcommands[create] = cmd_user_create() subcommands[delete] = cmd_user_delete() subcommands[enable] = cmd_user_enable() subcommands[setexpiry] = cmd_user_setexpiry() diff --git a/source4/setup/tests/blackbox_group.sh b/source4/setup/tests/blackbox_group.sh index 6c58e91..08b8e5b 100755 --- a/source4/setup/tests/blackbox_group.sh +++ b/source4/setup/tests/blackbox_group.sh @@ -20,8 +20,8 @@ samba_tool=./bin/samba-tool CONFIG=--configfile=$PREFIX/simple-dc/etc/smb.conf #creation of two test subjects -testit user add $samba_tool user add $CONFIG --given-name=User --surname=Tester --initial=UT testuser testp@ssw0Rd -testit user add $samba_tool user add $CONFIG --given-name=User1 --surname=Tester --initial=UT testuser1 testp@ssw0Rd +testit user add $samba_tool user create $CONFIG --given-name=User --surname=Tester --initial=UT testuser testp@ssw0Rd +testit user add $samba_tool user create $CONFIG --given-name=User1 --surname=Tester --initial=UT testuser1 testp@ssw0Rd #test creation of six different groups testit group add $samba_tool group add $CONFIG --group-scope='Domain' --group-type='Security' --description='DomainSecurityGroup' --mail-address='d...@samba.org' --notes='Notes' dsg diff --git a/source4/setup/tests/blackbox_newuser.sh b/source4/setup/tests/blackbox_newuser.sh index c604684..e048dcd 100755 --- a/source4/setup/tests/blackbox_newuser.sh +++ b/source4/setup/tests/blackbox_newuser.sh @@ -22,8 +22,8 @@ CONFIG=--configfile=$PREFIX/simple-dc/etc/smb.conf #two test for creating new user #newuser account is created with cn=Given Name Initials. Surname #newuser1 account is created using cn=username -testit user add $samba_tool user add $CONFIG --given-name=User --surname=Tester --initials=T --profile-path=myserver\\my\\profile --script-path=myserver\\my\\script --home-directory=myserver\\my\\homedir --job-title=Tester --department=Testing --company=Samba.org --description=Description --mail-address=tes...@samba.org --internet-address=http://samba.org; --telephone-number=001122334455
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f5fde21 s4-socket: do not segfault if the socket is NULL via d95826c s4-join: Send ReplicaUpdateRefs at the end of the join via 3cdfcb9 s4-domain-join: do not add DFSR entries when joining, this should be done in the code handling DFSR replication via dba46ca s4-vampire: Fix the output of fetched object for the schema-dn from 4b67a10 Simplify handling of user add command. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f5fde21ec15c7086311ed297601471b75f03c917 Author: Matthieu Patou m...@matws.net Date: Wed Oct 26 23:58:15 2011 +0200 s4-socket: do not segfault if the socket is NULL Autobuild-User: Matthieu Patou m...@samba.org Autobuild-Date: Tue Nov 1 19:02:52 CET 2011 on sn-devel-104 commit d95826c218413e4add17c70184bfee7e38de97ff Author: Matthieu Patou m...@matws.net Date: Tue Oct 25 20:16:38 2011 +0200 s4-join: Send ReplicaUpdateRefs at the end of the join commit 3cdfcb93949bcee15b489e089156eeca84f39483 Author: Matthieu Patou m...@matws.net Date: Sun Oct 23 22:27:08 2011 +0200 s4-domain-join: do not add DFSR entries when joining, this should be done in the code handling DFSR replication commit dba46ca771fcf1ba77db68f6436c6564e5a7e1b6 Author: Matthieu Patou m...@matws.net Date: Sun Oct 23 15:01:29 2011 +0200 s4-vampire: Fix the output of fetched object for the schema-dn --- Summary of changes: source4/lib/socket/socket.c|3 +++ source4/libnet/libnet_vampire.c| 10 -- source4/scripting/python/samba/join.py | 29 +++-- 3 files changed, 30 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/socket/socket.c b/source4/lib/socket/socket.c index 2dbdaad..42eb53a 100644 --- a/source4/lib/socket/socket.c +++ b/source4/lib/socket/socket.c @@ -352,6 +352,9 @@ _PUBLIC_ struct tsocket_address *socket_address_to_tsocket_address(TALLOC_CTX *m struct tsocket_address *r; int ret; + if (!a) { + return NULL; + } if (a-sockaddr) { ret = tsocket_address_bsd_from_sockaddr(mem_ctx, a-sockaddr, diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index ef531a4..a11c9cb 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -519,6 +519,7 @@ NTSTATUS libnet_vampire_cb_schema_chunk(void *private_data, WERROR status; const struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr; uint32_t nc_object_count; + uint32_t nc_total_received = 0; uint32_t object_count; struct drsuapi_DsReplicaObjectListItemEx *first_object; struct drsuapi_DsReplicaObjectListItemEx *cur; @@ -549,13 +550,18 @@ NTSTATUS libnet_vampire_cb_schema_chunk(void *private_data, return NT_STATUS_INVALID_PARAMETER; } + if (!s-schema_part.first_object) { + nc_total_received = object_count; + } else { + nc_total_received = s-schema_part.object_count + object_count; + } if (nc_object_count) { DEBUG(0,(Schema-DN[%s] objects[%u/%u] linked_values[%u/%u]\n, - c-partition-nc.dn, object_count, nc_object_count, + c-partition-nc.dn, nc_total_received, nc_object_count, linked_attributes_count, nc_linked_attributes_count)); } else { DEBUG(0,(Schema-DN[%s] objects[%u] linked_values[%u]\n, - c-partition-nc.dn, object_count, linked_attributes_count)); + c-partition-nc.dn, nc_total_received, linked_attributes_count)); } if (!s-self_made_schema) { diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py index 6a8ac97..b01ac0c 100644 --- a/source4/scripting/python/samba/join.py +++ b/source4/scripting/python/samba/join.py @@ -30,7 +30,6 @@ from samba.credentials import Credentials, DONT_USE_KERBEROS from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS, FILL_SUBDOMAIN from samba.schema import Schema from samba.net import Net -from samba.dcerpc import security import logging import talloc import random @@ -471,15 +470,6 @@ class dc_join(object): fromServer : ctx.dc_ntds_dn} ctx.samdb.add(rec) -if ctx.topology_dn and ctx.acct_dn: -print Adding %s % ctx.topology_dn -rec = { -dn : ctx.topology_dn, -objectclass : msDFSR-Member, -msDFSR-ComputerReference : ctx.acct_dn, -serverReference : ctx.ntds_dn} -ctx.samdb.add(rec) - if
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via bcf1198 WHATSNEW: Update changes since 3.5.11. from a7224ca Fix bug #8542 - smbclient posix_open command fails to return correct info on open file. (cherry picked from commit d27f5a277ef47c5ff94e402930680b37e8f4d592) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit bcf1198b1c03b3f0dd8032df93ff1b30074d37f2 Author: Karolin Seeger ksee...@samba.org Date: Tue Nov 1 19:51:08 2011 +0100 WHATSNEW: Update changes since 3.5.11. Karolin --- Summary of changes: WHATSNEW.txt |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2bf5d6c..4805d17 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,6 +1,6 @@ == Release Notes for Samba 3.5.12 - October 26, 2011 + November 2, 2011 == @@ -29,6 +29,10 @@ o Jeremy Allison j...@samba.org set. * BUG 8507: Make smbd correctly honor the force create mode bits from a cifsfs create. +* BUG 8541: Fix readlink() on Linux clients if the symlink target is + outside of the share. +* BUG 8542: smbclient posix_open command fails to return correct info on + open file. o Pierre Carrier pcarr...@redhat.com -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 110ee60 Fix bug #8548 - winbind_samlogon_retry_loop ignores logon_parameters flags. from d27f5a2 Fix bug #8542 - smbclient posix_open command fails to return correct info on open file. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 110ee604f5d632a38af4a61295f7100fcfbd1d0a Author: Jeremy Allison j...@samba.org Date: Fri Oct 28 12:29:54 2011 -0700 Fix bug #8548 - winbind_samlogon_retry_loop ignores logon_parameters flags. Fix confirmed by reporter. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Oct 28 23:04:47 CEST 2011 on sn-devel-104 (cherry picked from commit f30f71c14a0b89dea296910ac9b92d3ae4016613) --- Summary of changes: source3/winbindd/winbindd_pam.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 29add8c..bde16b1 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1224,7 +1224,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, result = rpccli_netlogon_sam_network_logon_ex( netlogon_pipe, mem_ctx, - 0, + logon_parameters, server, /* server name */ username, /* user name */ domainname, /* target domain */ @@ -1238,7 +1238,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, result = rpccli_netlogon_sam_network_logon( netlogon_pipe, mem_ctx, - 0, + logon_parameters, server, /* server name */ username, /* user name */ domainname, /* target domain */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 3b4268f s3-netlogon: Fix setting the machinge account password. from 110ee60 Fix bug #8548 - winbind_samlogon_retry_loop ignores logon_parameters flags. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 3b4268ff0929740a2845a02a5b6f2596ff31f7f9 Author: Andreas Schneider a...@samba.org Date: Thu Oct 27 11:21:08 2011 +0200 s3-netlogon: Fix setting the machinge account password. This bug has been found with uid wrapper. (cherry picked from commit bda9752b1036c4d4db76a526a79a091419bf757c) Fix bug #8550 (Calls inside netr_set_machine_account_password() to set the machine account password must be done as root). --- Summary of changes: source3/rpc_server/netlogon/srv_netlog_nt.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index aa424e0..ecdfac7 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1120,6 +1120,7 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, goto out; } + become_root(); status = samr_find_machine_account(mem_ctx, h, account_name, @@ -1127,6 +1128,7 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, NULL, NULL, user_handle); + unbecome_root(); if (!NT_STATUS_IS_OK(status)) { goto out; } @@ -1170,12 +1172,14 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, info-info18 = info18; + become_root(); status = dcerpc_samr_SetUserInfo2(h, mem_ctx, user_handle, UserInternal1Information, info, result); + unbecome_root(); if (!NT_STATUS_IS_OK(status)) { goto out; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cde73e2 Remove opendir() VFS code from ACL modules. via a763eda Call check_parent_access() on readdir. via a11c0a4 Change function signature of check_parent_access() to take char * instead of struct smb_filename. from f5fde21 s4-socket: do not segfault if the socket is NULL http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cde73e2ecec75f0b068555203962b43a4438d349 Author: Jeremy Allison j...@samba.org Date: Mon Oct 31 12:38:36 2011 -0700 Remove opendir() VFS code from ACL modules. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Nov 2 02:13:51 CET 2011 on sn-devel-104 commit a763edaf9c76afe2546c035fc090370301dd347b Author: Jeremy Allison j...@samba.org Date: Mon Oct 31 12:38:20 2011 -0700 Call check_parent_access() on readdir. commit a11c0a41a35aa2b1c14333552045a65e3e50df1e Author: Jeremy Allison j...@samba.org Date: Mon Oct 31 12:37:39 2011 -0700 Change function signature of check_parent_access() to take char * instead of struct smb_filename. Expose it so it can be called from directory code. --- Summary of changes: source3/modules/vfs_acl_common.c | 48 -- source3/modules/vfs_acl_tdb.c|1 - source3/modules/vfs_acl_xattr.c |1 - source3/smbd/dir.c | 13 ++ source3/smbd/open.c | 12 source3/smbd/proto.h |4 +++ 6 files changed, 23 insertions(+), 56 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index 14ac6f7..aebf0ae 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -564,41 +564,6 @@ static NTSTATUS get_parent_acl_common(vfs_handle_struct *handle, return status; } -static NTSTATUS check_parent_acl_common(vfs_handle_struct *handle, - const char *path, - uint32_t access_mask, - struct security_descriptor **pp_parent_desc) -{ - char *parent_name = NULL; - struct security_descriptor *parent_desc = NULL; - uint32_t access_granted = 0; - NTSTATUS status; - - status = get_parent_acl_common(handle, path, parent_desc); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - if (pp_parent_desc) { - *pp_parent_desc = parent_desc; - } - status = smb1_file_se_access_check(handle-conn, - parent_desc, - get_current_nttok(handle-conn), - access_mask, - access_granted); - if(!NT_STATUS_IS_OK(status)) { - DEBUG(10,(check_parent_acl_common: access check - on directory %s for - path %s for mask 0x%x returned %s\n, - parent_name, - path, - access_mask, - nt_errstr(status) )); - return status; - } - return NT_STATUS_OK; -} - /* Fetch a security descriptor given an fsp. */ @@ -701,19 +666,6 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, return NT_STATUS_OK; } -static SMB_STRUCT_DIR *opendir_acl_common(vfs_handle_struct *handle, - const char *fname, const char *mask, uint32 attr) -{ - NTSTATUS status = check_parent_acl_common(handle, fname, - SEC_DIR_LIST, NULL); - - if (!NT_STATUS_IS_OK(status)) { - errno = map_errno_from_nt_status(status); - return NULL; - } - return SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr); -} - static int acl_common_remove_object(vfs_handle_struct *handle, const char *path, bool is_directory) diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c index a4869c0..647d133 100644 --- a/source3/modules/vfs_acl_tdb.c +++ b/source3/modules/vfs_acl_tdb.c @@ -400,7 +400,6 @@ static int sys_acl_set_fd_tdb(vfs_handle_struct *handle, static struct vfs_fn_pointers vfs_acl_tdb_fns = { .connect_fn = connect_acl_tdb, .disconnect = disconnect_acl_tdb, - .opendir = opendir_acl_common, .rmdir = rmdir_acl_tdb, .create_file = create_file_acl_common, .unlink = unlink_acl_tdb, diff --git a/source3/modules/vfs_acl_xattr.c