[Samba] migrate samba3 to samba4 fail with new git sources
Hello, I've migrated successfully samba3 to samba4 by using samba-tool. Today, i did git pull, ran make clean, make and make install and the command : /usr/local/samba/bin/samba-tool domain samba3upgrade --dbdir=/root/samba3/samba/ --realm=sc.isc84.org /root/samba3/etc/smb.conf which gave : no talloc stackframe around, leaking memory You are not root or your system do not support xattr, using tdb backend for attributes. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs. Reading smb.conf Provisioning Exporting account policy Exporting groups Ignoring group 'Administrators' S-1-5-32-544 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Account Operators' S-1-5-32-548 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Replicators' S-1-5-32-552 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Exporting users Skipping wellknown rid=500 (for username=root) Ignoring group memberships of 'nobody' S-1-5-21-1031258178-388409940-3248586695-2998: Unable to enumerate group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION) Skipping inter-domain trust from domain radiotherapie, this trust must be re-created as an AD trust Next rid = 7063 ERROR(type 'exceptions.AttributeError'): uncaught exception - 'NoneType' object has no attribute 'get' File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 160, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py, line 926, in run useeadb=eadb) File /usr/local/samba/lib/python2.7/site-packages/samba/upgrade.py, line 675, in upgrade_from_samba3 useeadb=useeadb, dns_backend=dns_backend) File /usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py, line 1666, in provision file = tempfile.NamedTemporaryFile(dir=os.path.abspath(os.path.dirname(lp.get(private dir Thanks -- Hervé Hénoch Responsable informatique Institut Sainte Catherine 1750, chemin du Lavarin, 84000 Avignon Téléphone : 04.90.27.57.44 Messagerie : h.hen...@isc84.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Bad configuration file
On 14:13:34 wrote Cédric Carlen: Hello everyone, I'm writing you a topic because i have a problem with smaba and LDAP. This is my problem, when I type in the shell slapcat, i've got this message try: slapcat -c str2entry: invalid value for attributeType objectClass #1 (syntax 1.3.6.1.4.1.1466.115.121.1.38) slapcat: bad configuration file! Which openldap version? I am pretty sure you use schema files from an other (older) openldap version. There is my slapd.conf : include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema include /etc/ldap/schema/ppolicy.schema modulepath /usr/lib/ldap moduleload back_bdbn moduleload ppolicy.la moduleload smbk5pwd.la overlay smbk5pwd smbk5pwd-enable samba overlay ppolicy ppolicy_default ou=default,ou=policies,dc=my,dc=test ppolicy_use_lockout ppolicy_hash_cleartext Please help :( Flake -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] migrate samba3 to samba4 fail with new git sources
On 6/4/2012 2:09 AM, Hervé Hénoch wrote: Hello, I've migrated successfully samba3 to samba4 by using samba-tool. Today, i did git pull, ran make clean, make and make install and the command : /usr/local/samba/bin/samba-tool domain samba3upgrade --dbdir=/root/samba3/samba/ --realm=sc.isc84.org /root/samba3/etc/smb.conf which gave : no talloc stackframe around, leaking memory You are not root or your system do not support xattr, using tdb backend for attributes. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs. Reading smb.conf Provisioning Exporting account policy Exporting groups Ignoring group 'Administrators' S-1-5-32-544 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Account Operators' S-1-5-32-548 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Replicators' S-1-5-32-552 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Exporting users Skipping wellknown rid=500 (for username=root) Ignoring group memberships of 'nobody' S-1-5-21-1031258178-388409940-3248586695-2998: Unable to enumerate group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION) Skipping inter-domain trust from domain radiotherapie, this trust must be re-created as an AD trust Next rid = 7063 ERROR(type 'exceptions.AttributeError'): uncaught exception - 'NoneType' object has no attribute 'get' File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 160, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py, line 926, in run useeadb=eadb) File /usr/local/samba/lib/python2.7/site-packages/samba/upgrade.py, line 675, in upgrade_from_samba3 useeadb=useeadb, dns_backend=dns_backend) File /usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py, line 1666, in provision file = tempfile.NamedTemporaryFile(dir=os.path.abspath(os.path.dirname(lp.get(private dir Thanks What do you have in '/etc/fstab'? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.6.5 build errors
On 6/3/2012 12:26 AM, Jorell wrote: On 6/2/2012 6:50 PM, Derek Lewis wrote: Hello, I am rebuilding my Ubuntu 10.04 NAS to use Samba 3.6.5 for file sharing. Starting from the current stable tar file, I was able to configure although ran into problems when building. I get a list of error messages of the form undefined reference: Do I need to wait for a patch or am I missing some libraries? Also, is there a list of the dependencies and their sources? Would prefer Debian packages if at all possible instead another source compile. Thank you, Derek This is the list that I use: apt-get -y install libkrb5-dev krb5-user libldap2-dev libacl1-dev libcups2-dev libtalloc-dev libtdb-dev libwbclient0 libpam-krb5 acl attr xinetd stunnel cups cups-pdf smbldap-tools libcap-ng-dev keyutils libkeyutils1 libkeyutils-dev libreadline-dev libpam0g-dev uuid-dev autoconf; and if your curious: cd samba-${sambaVersion}/source3; \ ./autogen.sh \ ./configure --with-automount --with-dnsupdate --with-winbind --with-ads --with-pam --with-acl-support Jorell, Thanks for the build info, I am on travel now but try it out when I get home. Also, how do you test your Samba install to make sure it functions as expected? It joins a Samba4 AD. Windows 7 can browse the shares of the samba server using credentials from the domain. ACLs are present for the correct users. Attributes are present. Oh, and it starts and doesn't crash... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migrating to new hardware
I'm looking for confirmation that what I am about to do will work. My intent is to decommission the existing Samba PDC hardware and put in its place the new hardware. I intend on having the users see no difference, in terms of what they have/had and will continue to have available. Right now I will be copying everything from the /etc/samba directory into the same on the new server, moving from Samba 3.2x to Samba 3.6x I also intend on copying over the passwd, shadow and group files. Am I missing anything? Thanks. -- Regards, Robert Adkins II -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] migrate samba3 to samba4 fail with new git sources
On 6/4/2012 5:59 AM, Hervé Hénoch wrote: Hello i'm on a vserver: none/procprocdefaults0 0 none/tmptmpfssize=32m,mode=17770 0 none/dev/ptsdevptsgid=5,mode=6200 0 Regard Le 04/06/2012 14:35, Jorell a écrit : On 6/4/2012 2:09 AM, Hervé Hénoch wrote: Hello, I've migrated successfully samba3 to samba4 by using samba-tool. Today, i did git pull, ran make clean, make and make install and the command : /usr/local/samba/bin/samba-tool domain samba3upgrade --dbdir=/root/samba3/samba/ --realm=sc.isc84.org /root/samba3/etc/smb.conf which gave : no talloc stackframe around, leaking memory You are not root or your system do not support xattr, using tdb backend for attributes. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs. Reading smb.conf Provisioning Exporting account policy Exporting groups Ignoring group 'Administrators' S-1-5-32-544 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Account Operators' S-1-5-32-548 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Ignoring group 'Replicators' S-1-5-32-552 listed but then not found: Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS) Exporting users Skipping wellknown rid=500 (for username=root) Ignoring group memberships of 'nobody' S-1-5-21-1031258178-388409940-3248586695-2998: Unable to enumerate group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION) Skipping inter-domain trust from domain radiotherapie, this trust must be re-created as an AD trust Next rid = 7063 ERROR(type 'exceptions.AttributeError'): uncaught exception - 'NoneType' object has no attribute 'get' File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 160, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py, line 926, in run useeadb=eadb) File /usr/local/samba/lib/python2.7/site-packages/samba/upgrade.py, line 675, in upgrade_from_samba3 useeadb=useeadb, dns_backend=dns_backend) File /usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py, line 1666, in provision file = tempfile.NamedTemporaryFile(dir=os.path.abspath(os.path.dirname(lp.get(private dir Thanks What do you have in '/etc/fstab'? As far as I know you need to enable 'acl' and 'user_xattr' for whatever partition that you virtual OS is using. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migrating to new hardware
Run testparm -v - you will probably want to copy over the /var/samba/locks directory lock directory = /var/samba/locks state directory = /var/samba/locks cache directory = /var/samba/locks pid directory = /var/samba/locks You also want to make sure your netlogon and profile directories are replicated. I ran into some issues migrating from 3.0.x to 3.4.x. I am not sure if these changes are already in placed in 3.2.x. In 3.4.x. I needed to explicitly defined a unix nobody user. guest account = smb_nobody I also had to explicitly grant admin perms to the domain admins group so that they had sufficient privileges on local PC's. But I think I had made some error somewhere else, so I don't think you will encounter this. I have an ldap backend, and I found with 3.4.x or 3.5.x. that joining the machine to the domain had some issues relating to ldap attributes being created or set properly. On 06/04/12 09:30, Robert Adkins II wrote: I'm looking for confirmation that what I am about to do will work. My intent is to decommission the existing Samba PDC hardware and put in its place the new hardware. I intend on having the users see no difference, in terms of what they have/had and will continue to have available. Right now I will be copying everything from the /etc/samba directory into the same on the new server, moving from Samba 3.2x to Samba 3.6x I also intend on copying over the passwd, shadow and group files. Am I missing anything? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migrating to new hardware
Yeah, my plan is to scoot over the netlogin and the profiles directories as well (and all of the data currently shared on the fileserver too). Thanks. -- Regards, Robert Adkins II -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Gaiseric Vandal Sent: Monday, June 04, 2012 10:07 AM To: samba@lists.samba.org Subject: Re: [Samba] Migrating to new hardware Run testparm -v - you will probably want to copy over the /var/samba/locks directory lock directory = /var/samba/locks state directory = /var/samba/locks cache directory = /var/samba/locks pid directory = /var/samba/locks You also want to make sure your netlogon and profile directories are replicated. I ran into some issues migrating from 3.0.x to 3.4.x. I am not sure if these changes are already in placed in 3.2.x. In 3.4.x. I needed to explicitly defined a unix nobody user. guest account = smb_nobody I also had to explicitly grant admin perms to the domain admins group so that they had sufficient privileges on local PC's. But I think I had made some error somewhere else, so I don't think you will encounter this. I have an ldap backend, and I found with 3.4.x or 3.5.x. that joining the machine to the domain had some issues relating to ldap attributes being created or set properly. On 06/04/12 09:30, Robert Adkins II wrote: I'm looking for confirmation that what I am about to do will work. My intent is to decommission the existing Samba PDC hardware and put in its place the new hardware. I intend on having the users see no difference, in terms of what they have/had and will continue to have available. Right now I will be copying everything from the /etc/samba directory into the same on the new server, moving from Samba 3.2x to Samba 3.6x I also intend on copying over the passwd, shadow and group files. Am I missing anything? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] idmap_hash SID mapping limit
Hello. hash_rid() in idmap_hash.c[0] has a comment saying the rid is hashed to 20 bit for supporting 100K SIDs: 66 static uint32_t hash_rid(uint32_t rid) 67 { 68 /* 20 bits for the rid which allows us to support 69the first 100K users/groups in a domain */ 70 71 return (rid 0x0007); But 0x7 is 19 bit, and also wouldn't 20 bit allow for 1M SIDs (2^20), not just 100K? Even if it is 19 bit that should support 512K. I haven't read the whole source and codepath so I guess I can be easily missing something, but could someone clarify and confirm what the limit is? Thanks. [0]: http://git.samba.org/?p=samba.git;a=blob;f=source3/winbindd/idmap_hash/idmap_hash.c;h=1f36b217ef1ebbb19ffee8e5ba8557a30954ca13;hb=HEAD -- (nil) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error
Sometimes things appear to get a little confused if objects have been moved around. It often helps to run: git clean -x -f -d I've had times when I have actually removed the entire samba-master directory and pulled from scratch. Obviously, this assumes that you haven't actually made any source changes or applied scripts outside of git. On Sat, Jun 2, 2012 at 11:01 AM, sandy.napo...@eccmg.cupet.cu wrote: Hello list, after somes days I have this error when I run git pull in samba4 error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git Cannot obtain needed blob 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae while processing commit 1a596076697624545f415eb558c4647267cfe46c. error: Fetch failed. root@jupiter:/home/run# error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git^C What mean it?, What can I do? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ “Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal.” - Ralph D. Winter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] AUTO: Eitan Ben-Amos is prepared for DELETION (FREEZE) (returning 19/10/2011)
I am out of the office until 19/10/2011. Eitan Ben-Amos is prepared for DELETION (FREEZE) Note: This is an automated response to your message samba Digest, Vol 114, Issue 4 sent on 4/6/2012 21:00:03. This is the only notification you will receive while this person is away. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] group policy client service failed the logon
I am in the process of implementing a new SAMBA install Version 3.6.3-34.12.1-2797-SUSE-SL12.1-x86_64 on OpenSuse 12.1 I am using LDAP as my backend and LAM to manage my LDAP accounts. Thing were going well until recently. Suddenly any newly created user can not logon (win7). Any accounts that I created prior to last week can still logon to the workstation. The only changes I recall making involve add machine script. I moved from using useradd to using smbldap-useradd so machine accounts would only be created in LDAP and not locally. Also, in yast, I changed the LDAP client Naming Context from ou=users,dc=nctschools,dc=orgto dc=nctschools,dc=org to allow the local LDAP client to find machine accounts, as they are not created in the user context. However, I don't believe any of these changes could be causing the group policy client service failed the logon. Access denied error I am receiving. I could be wrong though. Any help would be GREAT. Thanks Here is my smb.conf [global] workgroup = NEVSD map to guest = Bad User passdb backend = ldapsam:ldap://SAMBA1.nctschools.org log level = 3 log file = /var/log/samba/log.%m printcap name = cups add machine script = /usr/sbin/smbldap-useradd -t 1 -w -c Machine -d /var/lib/nobody -s /bin/false %m$ logon path = \\%L\profiles\%U logon drive = P: logon home = \\%L\%U\.9xprofile domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=Administrator,dc=nctschools,dc=org ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Machines ldap passwd sync = yes ldap suffix = dc=nctschools,dc=org ldap user suffix = ou=Users idmap config * : backend = ldap:ldap://SAMBA1.nctschools.org cups options = raw [homes] comment = Home Directories valid users = %S, %D%w%S read only = No inherit acls = Yes browseable = No [profiles] comment = Network Profiles Service path = %H read only = No create mask = 0600 directory mask = 0700 store dos attributes = Yes -- Shawn Dakin (CNE) Director of Technology Newcomerstown Schools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error
I run git clean -x -f -d and nothing happened. git pull error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git Cannot obtain needed blob 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae while processing commit 1a596076697624545f415eb558c4647267cfe46c. error: Fetch failed. Sometimes things appear to get a little confused if objects have been moved around. It often helps to run: git clean -x -f -d I've had times when I have actually removed the entire samba-master directory and pulled from scratch. Obviously, this assumes that you haven't actually made any source changes or applied scripts outside of git. On Sat, Jun 2, 2012 at 11:01 AM, sandy.napo...@eccmg.cupet.cu wrote: Hello list, after somes days I have this error when I run git pull in samba4 error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git Cannot obtain needed blob 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae while processing commit 1a596076697624545f415eb558c4647267cfe46c. error: Fetch failed. root@jupiter:/home/run# error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git^C What mean it?, What can I do? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal. - Ralph D. Winter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error
Nothing happened as in, the clean produced no messages, or it didn't fix the problem? Try to run the clean as root, since I've found that some generated files are owned by root. (likely from the make install step). Have you made any changes in the source, such as applying special patches or editing any of the source files yourself? If you haven't made any changes or applied any patches, have you tried removing the entire tree and re-initializing from git? On Mon, Jun 4, 2012 at 4:00 PM, sandy.napo...@eccmg.cupet.cu wrote: I run git clean -x -f -d and nothing happened. git pull error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git Cannot obtain needed blob 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae while processing commit 1a596076697624545f415eb558c4647267cfe46c. error: Fetch failed. Sometimes things appear to get a little confused if objects have been moved around. It often helps to run: git clean -x -f -d I've had times when I have actually removed the entire samba-master directory and pulled from scratch. Obviously, this assumes that you haven't actually made any source changes or applied scripts outside of git. On Sat, Jun 2, 2012 at 11:01 AM, sandy.napo...@eccmg.cupet.cu wrote: Hello list, after somes days I have this error when I run git pull in samba4 error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git Cannot obtain needed blob 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae while processing commit 1a596076697624545f415eb558c4647267cfe46c. error: Fetch failed. root@jupiter:/home/run# error: Unable to find 3b6a88a1a49fdc23cd956c6583e9ec56e541eeae under http://gitweb.samba.org/samba.git^C What mean it?, What can I do? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ “Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal.” - Ralph D. Winter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ “Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal.” - Ralph D. Winter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] uncaught exception - 'NoneType' object has no attribute 'get'
On Mon, 2012-06-04 at 15:40 +0200, Marc Muehlfeld wrote: Hi, I started with a fresh testing environment for s4 and when I do the migration, it breaks: # /usr/local/samba/bin/samba-tool domain samba3upgrade --dbdir=/usr/var/locks/ --use-xattrs=yes --realm=MUC.medizinische-genetik.de /etc/samba/smb3.conf no talloc stackframe around, leaking memory Reading smb.conf Provisioning Exporting account policy Exporting groups Exporting users Next rid = 17062 ERROR(type 'exceptions.AttributeError'): uncaught exception - 'NoneType' object has no attribute 'get' File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 160, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 926, in run useeadb=eadb) File /usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py, line 675, in upgrade_from_samba3 useeadb=useeadb, dns_backend=dns_backend) File /usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py, line 1666, in provision file = tempfile.NamedTemporaryFile(dir=os.path.abspath(os.path.dirname(lp.get(private dir I used the latest git version (4.0.0alpha22-GIT-0110623). Any idea what's wrong? Try these patches, which should make it into beta1. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org From f4ec3c1324cd4551776e9b22cb82083016193164 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett abart...@samba.org Date: Tue, 5 Jun 2012 09:56:53 +1000 Subject: [PATCH 1/2] s4-provision: Place xattr.tdb in the actual state directory This patch does two things: it fixes up the spelling of state dir to state directory so that we actually find the smb.conf parameter, and we move it to after we process the global settings in case this is changed in the future. Andrew Bartlett --- .../scripting/python/samba/provision/__init__.py | 27 ++- 1 files changed, 14 insertions(+), 13 deletions(-) diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 1dc69a1..a84bb5b 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -627,19 +627,6 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, #Load non-existant file if os.path.exists(smbconf): lp.load(smbconf) -if eadb: -if use_ntvfs and not lp.get(posix:eadb): -if targetdir is not None: -privdir = os.path.join(targetdir, private) -else: -privdir = lp.get(private dir) -lp.set(posix:eadb, os.path.abspath(os.path.join(privdir, eadb.tdb))) -elif not use_ntvfs and not lp.get(xattr_tdb:file): -if targetdir is not None: -statedir = os.path.join(targetdir, state) -else: -statedir = lp.get(state dir) -lp.set(xattr_tdb:file, os.path.abspath(os.path.join(statedir, xattr.tdb))) if global_param is not None: for ent in global_param: @@ -656,6 +643,20 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, lp.set(state directory, global_settings[state directory]) lp.set(cache directory, global_settings[cache directory]) +if eadb: +if use_ntvfs and not lp.get(posix:eadb): +if targetdir is not None: +privdir = os.path.join(targetdir, private) +else: +privdir = lp.get(private dir) +lp.set(posix:eadb, os.path.abspath(os.path.join(privdir, eadb.tdb))) +elif not use_ntvfs and not lp.get(xattr_tdb:file): +if targetdir is not None: +statedir = os.path.join(targetdir, state) +else: +statedir = lp.get(state directory) +lp.set(xattr_tdb:file, os.path.abspath(os.path.join(statedir, xattr.tdb))) + shares = {} if serverrole == domain controller: shares[sysvol] = os.path.join(lp.get(state directory), sysvol) -- 1.7.7.6 From 5f01932ffdb6556949c4489992057db98c1f9c48 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett abart...@samba.org Date: Tue, 5 Jun 2012 09:58:41 +1000 Subject: [PATCH 2/2] s4-provision: Test for posix ACLs in the actual sysvol path This avoids issues in the previous location where lp may not be initialised at this point and instead simply waits until we have a known sysvol path, and test for ACL support there. Andrew Bartlett --- .../scripting/python/samba/provision/__init__.py | 24 ++-- 1 files changed, 12 insertions(+), 12 deletions(-) diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index a84bb5b..7faac70 100644 ---
Re: [Samba] group policy client service failed the logon
Maybe the group membership or primary group is getting messed up for the new users? Can you compare the unix, ldap and windows group properties for a new and an older user #pbdedit -Lv username # net rpc user info username -U administrator # groups username -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Shawn Dakin Sent: Monday, June 04, 2012 3:07 PM To: samba@lists.samba.org Subject: [Samba] group policy client service failed the logon I am in the process of implementing a new SAMBA install Version 3.6.3-34.12.1-2797-SUSE-SL12.1-x86_64 on OpenSuse 12.1 I am using LDAP as my backend and LAM to manage my LDAP accounts. Thing were going well until recently. Suddenly any newly created user can not logon (win7). Any accounts that I created prior to last week can still logon to the workstation. The only changes I recall making involve add machine script. I moved from using useradd to using smbldap-useradd so machine accounts would only be created in LDAP and not locally. Also, in yast, I changed the LDAP client Naming Context from ou=users,dc=nctschools,dc=orgto dc=nctschools,dc=org to allow the local LDAP client to find machine accounts, as they are not created in the user context. However, I don't believe any of these changes could be causing the group policy client service failed the logon. Access denied error I am receiving. I could be wrong though. Any help would be GREAT. Thanks Here is my smb.conf [global] workgroup = NEVSD map to guest = Bad User passdb backend = ldapsam:ldap://SAMBA1.nctschools.org log level = 3 log file = /var/log/samba/log.%m printcap name = cups add machine script = /usr/sbin/smbldap-useradd -t 1 -w -c Machine -d /var/lib/nobody -s /bin/false %m$ logon path = \\%L\profiles\%U logon drive = P: logon home = \\%L\%U\.9xprofile domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=Administrator,dc=nctschools,dc=org ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Machines ldap passwd sync = yes ldap suffix = dc=nctschools,dc=org ldap user suffix = ou=Users idmap config * : backend = ldap:ldap://SAMBA1.nctschools.org cups options = raw [homes] comment = Home Directories valid users = %S, %D%w%S read only = No inherit acls = Yes browseable = No [profiles] comment = Network Profiles Service path = %H read only = No create mask = 0600 directory mask = 0700 store dos attributes = Yes -- Shawn Dakin (CNE) Director of Technology Newcomerstown Schools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] best way to access samba shares remotely without VPN
Hi all, I'm wondering what is the best way to access samba shares securely over the net. I saw sslbridge and davenport but they don't seem to be managed properly. I was thinking of using webdav via https. I dont want to use VPN as im using openvpn and it is not support well with Mac iOS and OSX client. webdav is supported well. Regards J -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4accd23 Fix bug #8972 - Directory group write permission bit is set if unix extensions are enabled from 0110623 libreplace: Ensure we link xattr.c on MacOS http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4accd2396e8a9ac4a7b2191a1d3bc9c84d2e0497 Author: Jeremy Allison j...@samba.org Date: Mon Jun 4 17:34:54 2012 -0700 Fix bug #8972 - Directory group write permission bit is set if unix extensions are enabled We can't manipulate file_attributes if it's a posix call. I'll look at adding a test for this asap. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Tue Jun 5 04:26:11 CEST 2012 on sn-devel-104 --- Summary of changes: source3/smbd/open.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 17721c6..a012675 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2714,8 +2714,10 @@ static NTSTATUS open_directory(connection_struct *conn, return NT_STATUS_NOT_A_DIRECTORY; } - /* Ensure we have a directory attribute. */ - file_attributes |= FILE_ATTRIBUTE_DIRECTORY; + if (!(file_attributes FILE_FLAG_POSIX_SEMANTICS)) { + /* Ensure we have a directory attribute. */ + file_attributes |= FILE_ATTRIBUTE_DIRECTORY; + } DEBUG(5,(open_directory: opening directory %s, access_mask = 0x%x, share_access = 0x%x create_options = 0x%x, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d6cd48f wintest: Fix test-s3.py to use smbclient3 under the name smbclient via 1df3982 WHATSNEW: mention FreeBSD getaddrinfo() issue via b7754f4 s3:build(autoconf): fix no AC_LANG_SOURCE call detected warnings via d99bbb5 WHATSNEW: Mention trouble with DNS replication via e3d1d6c WHATSNEW: Note FreeBSD improvements via dc799d4 s4-provision: Test for posix ACLs in the actual sysvol path via d2b635c s4-provision: Place xattr.tdb in the actual state directory via 68769c2 WHATSNEW: Update for beta1 via d561ef2 VERSION: prepare for beta1 by setting and parsing the beta version via 1a2b65c Add '--use-ntvfs' option to 'samba-tool domain join' via 9db04c4 s3-smbd: Remove support for protocols before LANMAN1 via 3a13581 Remove Manifest. The information here was outdated via edd7251 libreplace: Add copyrights to ease tracking of this file in future via 5f58359 libreplace: Remove autoconf build system from 4accd23 Fix bug #8972 - Directory group write permission bit is set if unix extensions are enabled http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d6cd48fca6bc69e7c8c5070790ec5d48a6dcf3f6 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 11:51:18 2012 +1000 wintest: Fix test-s3.py to use smbclient3 under the name smbclient Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Tue Jun 5 06:24:39 CEST 2012 on sn-devel-104 commit 1df39825e4e5e0db3654d1c2eac4697c30457ab2 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 11:41:52 2012 +1000 WHATSNEW: mention FreeBSD getaddrinfo() issue commit b7754f4bf7f1204e02baf6086c3cbbd7c6ebf1d9 Author: Martin Schwenke mar...@meltin.net Date: Fri Dec 16 12:43:34 2011 +1100 s3:build(autoconf): fix no AC_LANG_SOURCE call detected warnings Autoconf 2.68 NEWS says: ** The macros AC_PREPROC_IFELSE, AC_COMPILE_IFELSE, AC_LINK_IFELSE, and AC_RUN_IFELSE now warn if the first argument failed to use AC_LANG_SOURCE or AC_LANG_PROGRAM to generate the conftest file contents. A new macro AC_LANG_DEFINES_PROVIDED exists if you have a compelling reason why you cannot use AC_LANG_SOURCE but must avoid the warning. Signed-off-by: Martin Schwenke mar...@meltin.net commit d99bbb52e7763601a638ae24033e4b46691582be Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 11:15:21 2012 +1000 WHATSNEW: Mention trouble with DNS replication commit e3d1d6c03c04b096b1c4e19eadeb58cf8bdba135 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 10:34:27 2012 +1000 WHATSNEW: Note FreeBSD improvements commit dc799d4b42551842a9c1dc863568611d82c6168d Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 09:58:41 2012 +1000 s4-provision: Test for posix ACLs in the actual sysvol path This avoids issues in the previous location where lp may not be initialised at this point and instead simply waits until we have a known sysvol path, and test for ACL support there. Andrew Bartlett commit d2b635cc2f031364be1f25a7f8fb897a78764e5c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 09:56:53 2012 +1000 s4-provision: Place xattr.tdb in the actual state directory This patch does two things: it fixes up the spelling of state dir to state directory so that we actually find the smb.conf parameter, and we move it to after we process the global settings in case this is changed in the future. Andrew Bartlett commit 68769c26ff1bf7d6b36820c64e71169b35434061 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 09:21:15 2012 +1000 WHATSNEW: Update for beta1 commit d561ef20b5f87bd3a77939de7175daca45679e29 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 09:07:44 2012 +1000 VERSION: prepare for beta1 by setting and parsing the beta version commit 1a2b65cd31243f36f2a0a63bdad7f6d6f39afc1d Author: Andriy Syrovenko andr...@gmail.com Date: Tue Jun 5 01:32:42 2012 +0300 Add '--use-ntvfs' option to 'samba-tool domain join' commit 9db04c481d981ee0ab285e0e34f32c49a7e84641 Author: Andrew Bartlett abart...@samba.org Date: Wed May 30 12:32:56 2012 +1000 s3-smbd: Remove support for protocols before LANMAN1 This falls out of the removal of security=share, because we now require that a session setup has been performed before (essentially) all other operations. Andrew Bartlett commit 3a1358121ab0d0d950252a0ec770a08bdda90809 Author: Andrew Bartlett abart...@samba.org Date: Mon May 28 13:08:45 2012 +1000 Remove Manifest. The information here was outdated commit edd725125792e848a9c1230ae4e57246dcda4352 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 5 08:00:00 2012 +1000