Re: [Samba] problem over vpn

[Daniel Müller]

Using openvpn in bridge mode and you are up and running! No cisco would
serve the same job.

Greetings
Daniel

---
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
---
-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im
Auftrag von David González Herrera - [DGHVoIP]
Gesendet: Dienstag, 25. Juni 2013 17:23
An: Roberto Scattini
Cc: samba@lists.samba.org
Betreff: Re: [Samba] problem over vpn

On 6/25/2013 10:12 AM, Roberto Scattini wrote:
 hi david,


 On Tue, Jun 25, 2013 at 12:06 PM, David González Herrera - [DGHVoIP] 
  i...@dghvoip.com wrote:

   On 6/25/2013 9:58 AM, Roberto Scattini wrote:

 hi all,

 i have a Samba version 3.2.5 server running in a debian 5.0.8 (a 
 little old, i know...).

 the network setup is:

 -one local office using samba
 -one remote office (we call it cberg) using samba remotely over a vpn
 (linksys-cisco)

   Here's you problem don't use cisco.

   -another remote office (we call it colon) using samba remotely over 
 a vpn
 (linksys-cisco)

   Another problem

 ok, that's beyond my possibilities... :-(
No problem that was just a practical joke, just make sure that the
interfaces samba listens on do include your VPN interface if you're using
routing  on the VPN and that port forward is properly configured and the
router advertises the VPN routes to client computers.
   I would recommend using wireshark to capture the packets and verify 
 proper routing, also make sure that samba is starting after the VPN 
 link is up so it's listening on the proper interface.

 i do have the traffic capture on both ends, where i can upload them?
Well, I wouldn't know what to do with the capture because I'm no expert
reading that but there's lots of gurus here so they might guide you further.

Cheers.

 thanks




--
David Gonzalez
DGHVoIP
USA:
MOBILE: +1.646.559.6200
COL: +57.1.382.6718
COL: +57.4.247.0985
URL: www.dghvoip.com
Skype: davidgonzalezh
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] script on user add

[Vladimir A Fomkin]

Hi all!
How to set up execution of my script on user adding in AD Samba 4?

-- 
С уважением,
Фомкин Владимир Андреевич
ICQ:220967838
Skype:vladimir.fomkin
http://vaf.net.ru
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Interesting slow Samba read and write problem - GnuCash

[Bob Bob]

Interesting, but now reached the stage where I have to resolve it! Many
things have been checked and experimented with but nothing really has
provided the right answer.

The high points!
- Two Samba servers joined with an OpenVPN link over Internet. Worst
case bandwidth about 384Kbps.
- A WXP client on one of the servers LANs trying to access data on the
server at the other end of the link
- The data is a compressed GnuCash XML file around 180KB
- Reading or writing this data file (from within the app) takes around
3-5 minutes. (There are some extra things that GnuCash does of course)
- If instead of a GnuCash data file I try to read or write an Excel data
(220KB) file it takes maybe 10 seconds. Large file movements (hundreds
of MB even) work fine.
- If I mount the remote server share as NFS on the local server (with
sync/intr, tcp and udp etc) and access that as as local share, the
GnuCash read time is maybe 10 seconds, but the write time is about 30
seconds. (I didn't try to tune this. No doubt that could be a viable
workaround, but I only did it to prove GnuCash was okay. GnuCash speed
for r/w data on its the local server is fine)
- There does seem to be some kind of resolution delay before a file
movement starts. I am thinking that GnuCash actually reads and writes in
chunks that have some form of resolver time-out between each.

And;
- Debian GNU/Linux 6.0.5 (squeeze) Samba 3.56
- The Samba servers are separate domains, trusted with each other
- WINS is running on the remote end server
- Using tdbasm and idmap_tdb on both ends. The Linux UID/GID's are
exactly the same, but of course the winbind ones aren't.
- Resolved an OpenVPN fragmentation issue
- Both sites run bind and master/slave with each other
- Relevant bits of nsswitch.conf
passwd: compat winbind
group:  compat winbind
shadow: compat winbind
hosts:  files dns (use to also have wins)
networks:   files
- bind resolution/speed is fine. Tried pretty well all involved IP
addresses, and short/fqdn hostnames.
- There does seem to be a delay doing idmap/winbind resolution on the
affected files, but worst case that's maybe a second.
-  name resolve order = wins bcast

Like I said have tried lots of things. I am hoping someone will have
experienced this before and be able to point to the solution quickly. If
however anyone would like smb.conf or logs to review please ask!

Cheers Bob





-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] file server or member server?

[steve]

Hi everyone

What's the difference between a file server and a member server?

I have a 4.0.6 DC which is a file server for sysvol. I also have a 4.0.6
file server for the other folders which go out to the clients.

Do I have a member server? Or is a member server one upon which all
files are served from the DC?

Cheers, Steve
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba4 AD and mail auth

[Carsten Laun-De Lellis]

 

Thank you Davor 

I will try this solution. 

---

Mit freundlichem Gruß

Carsten Laun-De Lellis

Hauptstrasse 13
D-67705 Trippstadt

Phone: +49 6306 992140
Fax: +49 6306 992142
Mobile: +49 151 27530865
email: carsten.delel...@delellis.net

http://www.linkedin.com/in/carstenlaundelellis [2] 

Am 2013-06-29 08:26, schrieb Davor Vusir: 

 Hi Carsten!
 
 Check out this how-to: 
 http://www.iredmail.org/wiki/index.php?title=Integration/Active.Directory.iRedMail
  [1]
 
 Works like a charm!
 
 Regards
 Davor
 
 --
 From: Carsten Laun-De Lellis carsten.delel...@delellis.net
 Sent: Friday, June 28, 2013 6:49 PM
 To: Achim Gottinger ac...@ag-web.biz
 Cc: samba@lists.samba.org
 Subject: Re: [Samba] Samba4 AD and mail auth
 Hi Achim Don't wanna bothering you, but I still got error Messages. Jun 28 
 15:09:57 rv1325 dovecot: auth: Debug: auth client connected (pid=2157) Jun 28 
 15:09:57 rv1325 dovecot: auth: Debug: client in: 
 AUTH#0111#011NTLM#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432
  Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client passdb out: 
 CONT#0111#011 Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client in: 
 CONT#0111#011TlRMTVNTUAABB4IIogAGAvAjDw== 
 (previous base64 data may contain sensitive data) Jun 28 15:09:57 rv1325 
 dovecot: auth: Debug: client passdb out: 
 CONT#0111#011TlRMTVNTUAACDAAMADAFAooAzlGLZuaYgz0AABQAFAA8cgB2ADEAMwAyADUAAwAMAHIAdgAxADMAMgA1AAA=
  Jun 28 15:09:58 rv1325 dovecot: auth: Debug: client in:
CONT#0111#011TlRMTVNTUAADGAAYAHYAAADAAMAAjgBYEAAQAFgOAA4AaABOAQAABQKIAgYC8CMP6HRQNL0+o3yODw5hHqFFvHQAZQBzAHQAdQBzAGUAcgBXADAAMAAwADAAMAA1ABnluuxW4N/hRueL6TyYm30BAQAAAB2Yjc4AdM4B6LKt7eH6AGUAAwAMAHIAdgAxADMAMgA1AAgAMAAwAAEAIAAABJBPeBFKFDBXIh0KoOgHioqV/yHKS7i3O2lbwelRVv4KABkAMABpAG0AYQBwAC8AcgB2ADEAMwAyADUALgBkAGUAbABlAGwAbABpAHMALgBuAGUAdA==
 (previous base64 data may contain sensitive data) Jun 28 15:09:58 rv1325 
dovecot: auth: Debug: password(testuser,84.154.198.155,KkN8mDbgGABUmsab): 
passdb doesn't support credential lookups Jun 28 15:09:58 rv1325 dovecot: auth: 
Debug: password(testuser,84.154.198.155,KkN8mDbgGABUmsab): passdb doesn't 
support credential lookups Jun 28 15:10:00 rv1325 dovecot: auth: Debug: client 
passdb out: FAIL#0111#011user=testuser Jun 28 15:10:00 rv1325 dovecot: auth: 
Debug: client in:
AUTH#0112#011DIGEST-MD5#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432
 Jun 28 15:10:04 rv1325 dovecot: auth: Debug: client passdb out: 
CONT#0112#011cmVhbG09IiIsbm9uY2U9Ii9nZndwbWd1TTlDMlVkekhZRld0R0E9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
 Jun 28 15:10:04 rv1325 dovecot: auth: Debug: client in: 
CONT#0112#011dXNlcm5hbWU9InRlc3R1c2VyIixyZWFsbT0iIixub25jZT0iL2dmd3BtZ3VNOUMyVWR6SFlGV3RHQT09IixkaWdlc3QtdXJpPSJpbWFwL3J2MTMyNS5kZWxlbGxpcy5uZXQiLGNub25jZT0iMjQ0NTRjZjAxNjVmOTE3YmVjMTJhMjk5OTc1ZGQ0MTYiLG5jPTAwMDAwMDAxLHJlc3BvbnNlPWVjZWI4MjJhZDFiZWY4NjU1OTYzMTk0YzhlZDQ0NmYxLHFvcD1hdXRoLGNoYXJzZXQ9dXRmLTg=
 (previous base64 data may contain sensitive data) Jun 28 15:10:04 rv1325 
dovecot: auth: Debug: password(testuser,84.154.198.155,KkN8mDbgGABUmsab): 
passdb doesn't support credential lookups Jun 28 15:10:06 rv1325 dovecot: auth: 
Debug: client passdb out: FAIL#0112#011user=testuser Jun 28 15:10:06
rv1325 dovecot: auth: Debug: client in: 
AUTH#0113#011PLAIN#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432#011resp=AHRlc3R1c2VyAHRlc3R1c2Vy
 (previous base64 data may contain sensitive data) My auth.conf file Looks 
like: hosts = localhost auth_bind = yes auth_bind_userdn = 
sAMAccountName=%u,cn=Users,dc=delellis,dc=net base = 
cn=Users,dc=delellis,dc=net ldap_version = 3 pass_filter = 
((objectClass=user)(sAMAccoutName=%u)(mail=*)) And I have no idea why it 
doesn't work. --- Mit freundlichem Gruß Carsten Laun-De Lellis Hauptstrasse 13 
D-67705 Trippstadt Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 
27530865 email: carsten.delel...@delellis.net 
http://www.linkedin.com/in/carstenlaundelellis [2][2] Am 2013-06-28 14:04, 
schrieb Achim Gottinger: Am 28.06.2013 13:55, schrieb Carsten Laun-De Lellis: 
Hi Achim Thankx a lot. I will try. Have a nice Weekend. NP take a look at this
http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds [3] [1] --- Mit 
freundlichem Gruß Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt 
Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: 
carsten.delel...@delellis.net http://www.linkedin.com/in/carstenlaundelellis 
[2] [2] Am 2013-06-28 13:35, schrieb Achim Gottinger: Am 28.06.2013 13:24, 
schrieb Carsten Laun-De Lellis: Hi Achim First of all thankx for your 

[Samba] What is the difference between lock dir , state dir and cache dir in samba 4

[Stéphane PURNELLE]

Hi all?

The question is in the subject.
I need to know what is the difference betwen theses three directory ?

What directory contain persistand tdb, what direcorty will contain sysvol 
data and what directory for tempoary file and tdb.

regards

Stéphane Purnellle

---
Stéphane PURNELLE Admin. Systèmes et Réseaux 
Service Informatique   Corman S.A.   Tel : 00 32 (0)87/342467
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] What is the difference between lock dir , state dir and cache dir in samba 4

[Björn JACKE]

On 2013-07-01 at 13:34 +0200 Stéphane PURNELLE sent off:
 The question is in the subject.
 I need to know what is the difference betwen theses three directory ?
 
 What directory contain persistand tdb, what direcorty will contain sysvol 
 data and what directory for tempoary file and tdb.

have a look at http://www.pathname.com/fhs/pub/fhs-2.3.html to find out about
the different purposes of the paths like /var/{lib,lock,cache,run}.

Samba 4 puts the TDBs at the apropiate location if you or your package provider
used configure with --enable-fhs.

Björn
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Gaiseric Vandal]

On a very general level ,   a member server is joined to the domain so 
that it can use the domain accounts.A member server is typically 
a file server but does not have to be (you could be using it as a web 
server, or application server or even a workstation.)



A domain controller   can be a file server, although in many cases a 
domain controller will only provide authentication and logon 
functions.It does need to have file shares to provide access to to 
the logon scripts and profile directories used by Windows clients but 
that doesn't really make a a file server.



A server that is not a member server or a domain controller is 
considered to be a standalone server.These concepts apply to 
Windows/Samba domains whether you are running domains based on Samba 3, 
Samba 4, Windows 200x or Windows NT.



On 07/01/13 04:27, steve wrote:

Hi everyone

What's the difference between a file server and a member server?

I have a 4.0.6 DC which is a file server for sysvol. I also have a 4.0.6
file server for the other folders which go out to the clients.

Do I have a member server? Or is a member server one upon which all
files are served from the DC?

Cheers, Steve
  



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Jonathan Buzzard]

On Mon, 2013-07-01 at 09:59 -0400, Gaiseric Vandal wrote:

[SNIP]

 
 A domain controller   can be a file server, although in many cases a 
 domain controller will only provide authentication and logon 
 functions.It does need to have file shares to provide access to to 
 the logon scripts and profile directories used by Windows clients but 
 that doesn't really make a a file server.

The profile directories can be located on a server other than a domain
controller. This is true for both NT4 style PDC/BDC and Active Directory
servers.

If you have a lot of users in your domain this is highly desirable. As
the profile location is a setting in the directory, you can even have
different users profiles on different servers which allows you to shard
the profiles if you have a really large number of users.


JAB.

-- 
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Win8 account sees its home share, but does not have permissions to access

[Dale Schroeder]

Mark,

First verify that the posix permissions are good for your home 
directory: ls -lA /home/mark
If those are good, then I would try removing the hosts allow parameter 
in [global].

If that doesn't work, checking the Samba logs is always a good idea.

Dale

On 06/28/2013 6:03 PM, Mark Galeck wrote:

Hello,

I am a beginner to Samba and I RTFMd carefully but cannot get started.

I want to access my user account mark home directory on Linux, with the
same account name on Windows 8.

The user mark has the same password on Linux and Windows 8.  In addition
I did this on Linux


smbpasswd -a mark

and gave the same password.

Following the manuals on samba website I edited the samba configuration
smb.conf file so:

[global]
 hosts allow = ALL
 client signing = no
 # log files split per-machine:
 log file = /var/log/samba/log.%m
 # maximum size of 50KB per log file, then rotate:
 max log size = 50
 security = user

[homes]
 valid users = %S
 read only = No


and successfully started the samba service.

I can then see mark share on that Linux machine from Windows, I can map
it to a drive letter in Windows Explorer, and I also see this:

[root@v64-sw-dev003-mark /]# smbstatus

Samba version 3.6.12-1.fc17
PID Username  Group Machine
---
14678 mark  mark  mark-pc  (192.168.221.76)

Service  pid machine   Connected at
---
mark 14678   mark-pc   Fri Jun 28 15:56:39 2013

No locked files



This all looks very good to me, as Samba server sees my client with the
correct username, Windows machine name and IP address.


YET, when I actually try to double-click on the share in the Windows
Explorer, I get an error dialog:


Windows cannot access \\192.168.221.32\mark
You do not have permission to access \\192.168.221.32\mark\. Contact your
network administrator to request access.


192.168.221.32 is the Linux machine address.

Please, what am I doing wrong??

Thank you,

Mark



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[steve]

On Mon, 2013-07-01 at 17:04 +0100, Jonathan Buzzard wrote:
 On Mon, 2013-07-01 at 09:59 -0400, Gaiseric Vandal wrote:
 
 [SNIP]
 
  
  A domain controller   can be a file server, although in many cases a 
  domain controller will only provide authentication and logon 
  functions.It does need to have file shares to provide access to to 
  the logon scripts and profile directories used by Windows clients but 
  that doesn't really make a a file server.
 
 The profile directories can be located on a server other than a domain
 controller. 

Hi
Our profile directories are stored on what I call our file server. Does
that make it a member server?


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Gaiseric Vandal]

I don't think it necessarily makes it a member a member server BUT if it 
isn't a member server it is going to be pretty useless for serving profiles.


I have not worked with Samba4 myself-  I have worked with Samba 3 (and 
Windows 200x AD , and NT4)  so you may want to review the samba 4 
specific docn fir basic config.  In samba 3 a quick review of the 
smb.conf file (or the output of testparm -v  will reveal the type of 
setup.



Did you inherit these machines from someone else?




On 07/01/13 14:18, steve wrote:

On Mon, 2013-07-01 at 17:04 +0100, Jonathan Buzzard wrote:

On Mon, 2013-07-01 at 09:59 -0400, Gaiseric Vandal wrote:

[SNIP]


A domain controller   can be a file server, although in many cases a
domain controller will only provide authentication and logon
functions.It does need to have file shares to provide access to to
the logon scripts and profile directories used by Windows clients but
that doesn't really make a a file server.

The profile directories can be located on a server other than a domain
controller.

Hi
Our profile directories are stored on what I call our file server. Does
that make it a member server?




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[steve]

On Mon, 2013-07-01 at 14:35 -0400, Gaiseric Vandal wrote:
 I don't think it necessarily makes it a member a member server BUT if it 
 isn't a member server it is going to be pretty useless for serving profiles.

Ok, so if a samba 4 box can serve profiles, then it is called a member
server, whether that be the DC or a separate 'file server'???

 
 I have not worked with Samba4 myself-  I have worked with Samba 3 (and 
 Windows 200x AD , and NT4)  so you may want to review the samba 4 
 specific docn fir basic config.  In samba 3 a quick review of the 
 smb.conf file (or the output of testparm -v  will reveal the type of 
 setup.
 
 
 Did you inherit these machines from someone else?
 
Yes. We take stand alone machines and network them by adding a DC and
what we call a file server. What I'd like to know is why some guys here
call what seems to be what we call a file server, a member server. I
feel we're missing out on something.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] DNS replication with samba4

[Mario Almeida]

Hi Marc,

Thanks a lot, it was my mistake, I had not set correct permission on
bdc for bind.

I test with BIND and samba4 internal DNS, both works just fine without
any issue.


On Tue, Jun 25, 2013 at 8:21 AM, Marc Muehlfeld sa...@marc-muehlfeld.de wrote:
 Hello Remy,

 Am 19.06.2013 08:17, schrieb Mario Almeida:

 I have 2 samba4 DC as pdc and bdc.

 How to replicate DNS changes from pdc to bdc?

 Is it something that I have to do with bind DNS or something samba4
 will take care?


 https://wiki.samba.org/index.php/Samba4/FAQ#How_do_I_get_DNS_failover_in_a_Multi-DC_environment.3F


 Regards,
 Marc
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] string_to_sid: SID username is not in a valid format

[Frostyfrog]

I'm not quite sure why this is happening, I used to be able to connect
perfectly fine to my share. Then I updated and rebooted and now I'm greeted
with this message, and a login prompt where my credentials are never
accepted.

[http]
  comment = HTTPD Server
  path = /srv/http
  writable = no
  public = no
  browsable = no
  valid users = frostyfrog
  write list = frostyfrog
  force user = http
  force group = http

# smbd -i -d3
snip
get_referred_path: |http| in dfs path \X.X.X.X\http is not a dfs root.
Allowed connection from X.X.X.X (X.X.X.X)
string_to_sid: SID frostyfrog is not in a valid format
Forcing Primary Group to 'Domain Users' for frostyfrog
Forcing Primary Group to 'Domain Users' for http
Forced user http
Forced group http
Connect path is '/srv/http' for service [http]
string_to_sid: SID frostyfrog is not in a valid format
Forcing Primary Group to 'Domain Users' for frostyfrog
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] R2 2008 Windows Domain Contoller VS Samba

[Chillara, Rama]

Hi,

We are using samba version 3.0.28 on Sun solaris 5.10 integrated with Windows 
2003 Domain Controller.

It has been running for couple of years without any issues.

Recently the 2003 domain controllers are upgraded to 2008 R2 domain Controllers 
and the samba server that we currently have is not authenticating

With the new domain controllers. Could you please let me know which version of 
Samba works for the 2008 R2 domain controller on Sun solaris 5.10.

Thank you in advance.

Thank you,
Rama.



/preThis message is confidential, intended only for the named 
recipient(s) and may contain information that is privileged or 
exempt from disclosure under applicable law.  If you are not 
the intended recipient(s), you are notified that the 
dissemination, distribution, or copying of this message is 
strictly prohibited.  If you receive this message in error or 
are not the named recipient(s), please notify the sender by 
return email and delete this message. Thank you.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Jonathan Buzzard]

On 01/07/13 19:56, steve wrote:

[SNIP]


Yes. We take stand alone machines and network them by adding a DC and
what we call a file server. What I'd like to know is why some guys here
call what seems to be what we call a file server, a member server. I
feel we're missing out on something.


In both NT4 style and AD domains you have servers called domain servers 
that serve identification information and provide authentication 
services. These servers may also do other things such as serve files, 
but it is the identification and authentication services that make them 
domain servers. Any server providing identification and authentication 
services is a domain server regardless of anything else it does.


You can then have other servers, such as file servers, print servers, 
web servers etc. that are joined to the domain, and thus you can use 
your domain credentials to authenticate to these servers, in the case of 
an AD domain using the Kerberos ticket you got when you logged onto your 
workstation. However crucially they don't provide identification or 
authentication services. These servers are called member servers.


With larger domains it makes sense to separate out your file and print 
servers from your domain servers, so that the domain servers are 
effectively only providing the identification and authentication 
services and your file and print services are handed off to dedicated 
machines for the task. There is no way a domain server is going to cope 
at a large University for example with tens of thousands of users.


This however is very basic Windows domain terminology/knowledge which I 
would expect anyone offering advice on Samba to fully understand first.


JAB.

--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Gaiseric Vandal]

Good explanation.  Better than mine.


I tend to think of the roaming profiles as part of the logon experience, 
since they sync with your computer when you logon. Actually, I found 
roaming profiles to be more trouble than they were worth so I don't use 
them anyway.




On 07/01/13 17:36, Jonathan Buzzard wrote:

On 01/07/13 19:56, steve wrote:

[SNIP]


Yes. We take stand alone machines and network them by adding a DC and
what we call a file server. What I'd like to know is why some guys here
call what seems to be what we call a file server, a member server. I
feel we're missing out on something.


In both NT4 style and AD domains you have servers called domain 
servers that serve identification information and provide 
authentication services. These servers may also do other things such 
as serve files, but it is the identification and authentication 
services that make them domain servers. Any server providing 
identification and authentication services is a domain server 
regardless of anything else it does.


You can then have other servers, such as file servers, print servers, 
web servers etc. that are joined to the domain, and thus you can use 
your domain credentials to authenticate to these servers, in the case 
of an AD domain using the Kerberos ticket you got when you logged onto 
your workstation. However crucially they don't provide identification 
or authentication services. These servers are called member servers.


With larger domains it makes sense to separate out your file and print 
servers from your domain servers, so that the domain servers are 
effectively only providing the identification and authentication 
services and your file and print services are handed off to dedicated 
machines for the task. There is no way a domain server is going to 
cope at a large University for example with tens of thousands of users.


This however is very basic Windows domain terminology/knowledge which 
I would expect anyone offering advice on Samba to fully understand first.


JAB.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[steve]

On Mon, 2013-07-01 at 22:36 +0100, Jonathan Buzzard wrote:

Thanks for the input. But. . .
 
 In both NT4 style and AD domains you have servers called domain servers 

. . .now you've introduced yet another term. What's a domain server? I
could make a guess and I'm almost certain it would be correct. But would
I?

Can anyone simply give a plain English definition on any of these in a
samba context:
- file server
- member server
and now
- domain server

I know that language evolves, but having to move the goalposts so often
depending on what post you read is a nightmare for non native English
speakers. It would help enormously over here, if we all stuck to calling
a spade a spade.

Thanks for reading,
Steve 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] file server or member server?

[Ricky Nance]

Steve, in simplest terms, a member server is just that, a member of the
domain serving something (print services, file services, etc). A file
server is generally part of either a member server, or it can be part of
the domain server, its simply the part of the server that is handling how
the files are transferred. A domain server would be either a PDC or AD DC,
something that handles authentication, in some environments, you will find
a NT4 style PDC (Primary Domain Controller), in others you will find AD
DC's (Active Directory Domain Controllers), and still yet, there will be
others that are just simple authentication (simple file servers, mainly
used in home networks).

With all that said, you can mix and match somewhat, all DC's (Domain
Controller, AKA domain server) have the capability of serving files (file
server), but a member server MUST be part of the domain as it does not
provide authentication, it only checks with a DC to see what parts of the
file server it can access.

I feel like I am saying what has already been said, so if you could be more
specific about what kind of hierarchy you have, I could give you a more
specific answer. For the most part, if its serving files and in a domain,
but not providing authentication itself, its a 'member server', if its NOT
in a domain, but simply serving files to any and all windows clients, its a
simple file server, if its in a domain and providing the domain with
username/password authentication its a domain server (or domain controller).

Hope that helps,
Ricky


On Mon, Jul 1, 2013 at 5:34 PM, steve st...@steve-ss.com wrote:

 On Mon, 2013-07-01 at 22:36 +0100, Jonathan Buzzard wrote:

 Thanks for the input. But. . .
 
  In both NT4 style and AD domains you have servers called domain servers

 . . .now you've introduced yet another term. What's a domain server? I
 could make a guess and I'm almost certain it would be correct. But would
 I?

 Can anyone simply give a plain English definition on any of these in a
 samba context:
 - file server
 - member server
 and now
 - domain server

 I know that language evolves, but having to move the goalposts so often
 depending on what post you read is a nightmare for non native English
 speakers. It would help enormously over here, if we all stuck to calling
 a spade a spade.

 Thanks for reading,
 Steve

 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/options/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Problems building new 3.6.16: getting symbols from local sys AND ../lib/replace

[Linda W]

Shouldn't it use one or the other?

In file included from ./../nsswitch/winbind_nss_config.h:46:0,
from ../nsswitch/libwbclient/libwbclient.h:31,
from ../nsswitch/libwbclient/wbc_guid.c:26:
./../lib/replace/system/network.h:134:8: error: redefinition of ‘struct
ifaddrs’
struct ifaddrs {
^
In file included from ./../lib/replace/system/network.h:130:0,
from ./../nsswitch/winbind_nss_config.h:46,
from ../nsswitch/libwbclient/libwbclient.h:31,
from ../nsswitch/libwbclient/wbc_guid.c:26:
/usr/include/ifaddrs.h:29:8: note: originally defined here
struct ifaddrs
^
In file included from ./../nsswitch/winbind_nss_config.h:46:0,
from ../nsswitch/libwbclient/libwbclient.h:31,
from ../nsswitch/libwbclient/wbc_guid.c:26:
./../lib/replace/system/network.h:147:5: error: conflicting types for
‘rep_getifaddrs’
int rep_getifaddrs(struct ifaddrs **);
^
In file included from ../nsswitch/libwbclient/wbc_guid.c:25:0:
./../lib/replace/replace.h:538:20: note: previous declaration of
‘rep_getifaddrs’ was here
#define getifaddrs rep_getifaddrs
^
In file included from ./../nsswitch/winbind_nss_config.h:46:0,
from ../nsswitch/libwbclient/libwbclient.h:31,
from ../nsswitch/libwbclient/wbc_guid.c:26:
./../lib/replace/system/network.h:151:6: error: conflicting types for
‘rep_freeifaddrs’
void rep_freeifaddrs(struct ifaddrs *);
^
In file included from ../nsswitch/libwbclient/wbc_guid.c:25:0:
./../lib/replace/replace.h:543:21: note: previous declaration of
‘rep_freeifaddrs’ was here
#define freeifaddrs rep_freeifaddrs
^

I'm not sure which one is on, in error or which I should turn off?

=
Also configure claims the default for libaddns:

--with-libaddns Build the libaddns shared library (default=no
(undefined API))

is no. But I see:

make: *** [../lib/addns/error.o] Error 1
make: *** [../lib/addns/dnsmarshall.o] Error 1


That sorta looks like it might be building libaddns...or is that just a
coincidence?






-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Trouble Building RPMS v3.6.16

[Linda W]

Michael wrote:
 Hi,

 My system: OS: Centos 6.4  Samba: 3.6.16

 I'm trying to build the RPMS from the packaging/RHEL directory.  After I 
 patched the samba.spec file the build is successful.  All packages 
 install without an issue. But when I try to install the SSSD, its 
 dependencies get errors that it conflicts with libtalloc, libtdb and 
 libtevent. from the samba-common.


 If I try to use the external libraries,  I specify 
 --enable-external-libtalloc=yes, --enable-external-libtevent=yes and 
 --enable-external-libtdb= yes in my samba.spec file,  I now get the 
 following errors twice, while Processing files: samba-3.6.16-1.x86_64 
 and RPM build errors:


 error: File not found: 
 /username/rpmbuild/BUILDROOT/samba-3.6.16-1.x86_64/usr/bin/tdbbackup

 error: File not found: 
 /username/rpmbuild/BUILDROOT/samba-3.6.16-1.x86_64/usr/bin/tdbtools
 error: File not found: 
 /username/rpmbuild/BUILDROOT/samba-3.6.16-1.x86_64/usr/bin/tdbdump 

 error: File not found: 
 /username/rpmbuild/BUILDROOT/samba-3.6.16-1.x86_64/usr/bin/tdbrestore 

 I have install the tdb-tools but still get the error.
   

  Those look like errors from rpm not finding those files to package.

I.e. you told samba not to build them -- it didn't.  But you you are using
rpm -- did you tell rpm you weren't including them?

(i.e. need to be removed from rpmspec file)

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba Domain Rename

[Sandeep Kumar]

Hi Team,



I am using  samba 4 Domain in my production environment and everything is
working fine but now for some reason I have to rename the domain



Can you please help on this, I need to do this asap



Waiting for your response………





Many Thanks,

Sandeep Kumar

*Arbor Financial Systems Ltd*

Direct: +91 172 400 6144

Support: +44 (0) 203 070 9650

www.arborfs.com

-- 
 

www.arborfs.com

This e-mail and any attachment are confidential and contain proprietary 
information, some or all of which may be legally privileged.

It is intended solely for the use of the individual or entity to which it 
is addressed.  If you are not the intended recipient, please notify the 
author immediately by telephone or by replying to this e-mail, and then 
delete all copies of the e-mail on your system.  If you are not the 
intended recipient, you must not use, disclose, distribute, copy, print or 
rely on this e-mail.

Whilst we have taken reasonable precautions to ensure that this e-mail and 
any attachment has been checked for viruses, we cannot guarantee that they 
are virus free and we cannot accept liability for any damage sustained as a 
result of software viruses.  We would advise that you carry out your own 
virus checks, especially before opening an attachment.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba Domain Rename

[Frostyfrog]

I'm not sure which distro you are using (I use Archlinux), but these steps
should work if you have command line access (press the key surrounded in 
when there is one, don't type the  or the stuff inside):

1. Login to the server
2. type: vim /etc/samba/smb.confenter
3. type: /workgroup =enter
(If that doesn't work, try it without the equals)
4. press the arrow keys until it is placed just after the equals
5. type c$
6. type in what you want the new domain name to be
7. press esc
8. type: :wq
9. restart samba

Disclaimer: These steps are not for those who have no idea what they are
doing (although it may seem that way), please proceed with caution.

~Frostyfrog
From a friendly web page developer.
^.^


On Mon, Jul 1, 2013 at 11:24 PM, Sandeep Kumar sandeep.ku...@arborfs.comwrote:

 Hi Team,



 I am using  samba 4 Domain in my production environment and everything is
 working fine but now for some reason I have to rename the domain



 Can you please help on this, I need to do this asap



 Waiting for your response………





 Many Thanks,

 Sandeep Kumar

 *Arbor Financial Systems Ltd*

 Direct: +91 172 400 6144

 Support: +44 (0) 203 070 9650

 www.arborfs.com

 --


 www.arborfs.com

 This e-mail and any attachment are confidential and contain proprietary
 information, some or all of which may be legally privileged.

 It is intended solely for the use of the individual or entity to which it
 is addressed.  If you are not the intended recipient, please notify the
 author immediately by telephone or by replying to this e-mail, and then
 delete all copies of the e-mail on your system.  If you are not the
 intended recipient, you must not use, disclose, distribute, copy, print or
 rely on this e-mail.

 Whilst we have taken reasonable precautions to ensure that this e-mail and
 any attachment has been checked for viruses, we cannot guarantee that they
 are virus free and we cannot accept liability for any damage sustained as a
 result of software viruses.  We would advise that you carry out your own
 virus checks, especially before opening an attachment.
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/options/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] string_to_sid: SID username is not in a valid format

[Frostyfrog]

I'm not quite sure why this is happening, I used to be able to connect
perfectly fine to my share. Then I updated and rebooted and now I'm greeted
with this message, and a login prompt where my credentials are never
accepted.

[http]
  comment = HTTPD Server
  path = /srv/http
  writable = no
  public = no
  browsable = no
  valid users = frostyfrog
  write list = frostyfrog
  force user = http
  force group = http

# smbd -i -d3
snip
get_referred_path: |http| in dfs path \X.X.X.X\http is not a dfs root.
Allowed connection from X.X.X.X (X.X.X.X)
string_to_sid: SID frostyfrog is not in a valid format
Forcing Primary Group to 'Domain Users' for frostyfrog
Forcing Primary Group to 'Domain Users' for http
Forced user http
Forced group http
Connect path is '/srv/http' for service [http]
string_to_sid: SID frostyfrog is not in a valid format
Forcing Primary Group to 'Domain Users' for frostyfrog
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[SCM] Samba Shared Repository - branch v4-0-test updated

[Karolin Seeger]

The branch, v4-0-test has been updated
   via  5c8e5ba VERSION: Bump version number up to 4.0.8...
   via  5e3a301 VERSION: Disable git snapshots for the 4.0.7 release.
  from  67a77db WHATSNEW: Add release notes for Samba 4.0.7.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit 5c8e5bad4ebe100277c72f1770b3aff4302e1eb3
Author: Karolin Seeger ksee...@samba.org
Date:   Fri Jun 28 10:54:57 2013 +0200

VERSION: Bump version number up to 4.0.8...

and re-enable git snapshots.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit 5e3a3012f3083c40e70f89c1d96ffa6be91aa72a
Author: Karolin Seeger ksee...@samba.org
Date:   Fri Jun 28 10:47:42 2013 +0200

VERSION: Disable git snapshots for the 4.0.7 release.

Signed-off-by: Karolin Seeger ksee...@samba.org

---

Summary of changes:
 VERSION |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 0eb98b6..be94a07 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
 
 
 # If a official release has a serious bug  #


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Matthieu Patou]

The branch, master has been updated
   via  3d20d20 smbtorture: Make cracksname easier to debug by outputing 
the offered format
  from  74dd365 Fix a missing parenthesis in the LDAP search request

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 3d20d20c4c5a8214e8bfe67a1fee7bc1004201e5
Author: Matthieu Patou m...@matws.net
Date:   Sun Jun 30 20:40:07 2013 -0700

smbtorture: Make cracksname easier to debug by outputing the offered format

Reviewed-By: Jelmer Vernooij jel...@samba.org
Signed-off-by: Matthieu Patou m...@matws.net

Autobuild-User(master): Matthieu Patou m...@samba.org
Autobuild-Date(master): Mon Jul  1 11:22:57 CEST 2013 on sn-devel-104

---

Summary of changes:
 source4/torture/rpc/drsuapi_cracknames.c |   67 ++
 1 files changed, 49 insertions(+), 18 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/torture/rpc/drsuapi_cracknames.c 
b/source4/torture/rpc/drsuapi_cracknames.c
index f71910a..465f6db 100644
--- a/source4/torture/rpc/drsuapi_cracknames.c
+++ b/source4/torture/rpc/drsuapi_cracknames.c
@@ -87,6 +87,11 @@ static bool test_DsCrackNamesMatrix(struct torture_context 
*tctx,
r.in.req-req1.format_offered   = 
DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
r.in.req-req1.format_desired   = formats[i];
names[0].str = dn;
+   torture_comment(tctx, Testing DsCrackNames (matrix prep) with 
name '%s'
+  offered format: %d desired format:%d\n,
+   names[0].str,
+   r.in.req-req1.format_offered,
+   r.in.req-req1.format_desired);
status = dcerpc_drsuapi_DsCrackNames_r(p-binding_handle, 
mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
@@ -273,8 +278,11 @@ bool test_DsCrackNames(struct torture_context *tctx,

names[0].str = dom_sid;
 
-   torture_comment(tctx, Testing DsCrackNames with name '%s' desired 
format:%d\n,
-   names[0].str, r.in.req-req1.format_desired);
+   torture_comment(tctx, Testing DsCrackNames with name '%s'
+  offered format: %d desired format:%d\n,
+   names[0].str,
+   r.in.req-req1.format_offered,
+   r.in.req-req1.format_desired);
 
status = dcerpc_drsuapi_DsCrackNames_r(p-binding_handle, mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
@@ -295,8 +303,11 @@ bool test_DsCrackNames(struct torture_context *tctx,
 
r.in.req-req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_GUID;
 
-   torture_comment(tctx, Testing DsCrackNames with name '%s' desired 
format:%d\n,
-   names[0].str, r.in.req-req1.format_desired);
+   torture_comment(tctx, Testing DsCrackNames with name '%s'
+  offered format: %d desired format:%d\n,
+   names[0].str,
+   r.in.req-req1.format_offered,
+   r.in.req-req1.format_desired);
 
status = dcerpc_drsuapi_DsCrackNames_r(p-binding_handle, mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
@@ -318,8 +329,11 @@ bool test_DsCrackNames(struct torture_context *tctx,
 
r.in.req-req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 
-   torture_comment(tctx, Testing DsCrackNames with name '%s' desired 
format:%d\n,
-   names[0].str, r.in.req-req1.format_desired);
+   torture_comment(tctx, Testing DsCrackNames with name '%s'
+  offered format: %d desired format:%d\n,
+   names[0].str,
+   r.in.req-req1.format_offered,
+   r.in.req-req1.format_desired);
 
status = dcerpc_drsuapi_DsCrackNames_r(p-binding_handle, mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
@@ -363,8 +377,11 @@ bool test_DsCrackNames(struct torture_context *tctx,
r.in.req-req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = nt4_domain;
 
-   torture_comment(tctx, Testing DsCrackNames with name '%s' desired 
format:%d\n,
-   names[0].str, r.in.req-req1.format_desired);
+   torture_comment(tctx, Testing DsCrackNames with name '%s'
+  offered format: %d desired format:%d\n,
+   names[0].str,
+   r.in.req-req1.format_offered,
+   r.in.req-req1.format_desired);
 
status = dcerpc_drsuapi_DsCrackNames_r(p-binding_handle, mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
@@ -386,8 +403,11 @@ bool test_DsCrackNames(struct torture_context *tctx,
   

[SCM] Samba Shared Repository - branch master updated

[Jeremy Allison]

The branch, master has been updated
   via  0b58eed tsocket: Pass the full port number to getaddrinfo().
  from  3d20d20 smbtorture: Make cracksname easier to debug by outputing 
the offered format

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 0b58eed3351e207b0a0f0d32fe37ea5bee9dbc33
Author: Andreas Schneider a...@samba.org
Date:   Mon Jul 1 17:05:33 2013 +0200

tsocket: Pass the full port number to getaddrinfo().

The code stripped port numbers above  down to 4 digits.

Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org

Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Mon Jul  1 21:10:53 CEST 2013 on sn-devel-104

---

Summary of changes:
 lib/tsocket/tsocket_bsd.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index 4417f8e..fe39dfd 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -389,7 +389,7 @@ int _tsocket_address_inet_from_strings(TALLOC_CTX *mem_ctx,
return -1;
}
 
-   snprintf(port_str, sizeof(port_str) - 1, %u, port);
+   snprintf(port_str, sizeof(port_str), %u, port);
 
ret = getaddrinfo(addr, port_str, hints, result);
if (ret != 0) {


-- 
Samba Shared Repository

[SCM] CTDB repository - branch master updated - ctdb-2.2-59-gef1c4e9

[Amitay Isaacs]

The branch, master has been updated
   via  ef1c4e99ca66e7a990bc557f34abb624c315e6ba (commit)
   via  fcd5e1f04c5fe6c98399429b8f0918b8779acba6 (commit)
   via  932360992b08a5483d90c0590218ba0fd756119e (commit)
   via  741944f118e98f178b860194eecb215180949d18 (commit)
   via  ac06c46e4a80c635f6094b5ac6f0bf3e3a02db95 (commit)
   via  df30c0a05ed908fc2a997c56ff5484736b23b70f (commit)
   via  14399de1dd0bd8dabf1f48b1457e3ccb37589d8a (commit)
   via  aea12dce83ef385e9fb3bc03ac7ace0874a0e3fe (commit)
   via  ae1693905036ecdbc4594fde1f12500faae4a554 (commit)
   via  593a17678fbd3109e118154b034d43b852659518 (commit)
   via  93bcb6617e1024f810533e12390a572f51703ca0 (commit)
   via  815ddd3341b7e9db39e05a3a3fcd9a1420f053bc (commit)
   via  2396981c4bcf30530aeb7f4395093cc202105b50 (commit)
   via  38304f88e0c634e97d4687c25adef975f71537b8 (commit)
   via  a60f228f8380f222f838eb619d2ab55f96f11ac2 (commit)
   via  297d93cecc3c0655e72ecac38508e113bdbeab9c (commit)
   via  bb178338658b4ae32382a1f62f7c21cee1d4878f (commit)
   via  6a9dbb8fb0f1f6e8c206189cdc2d33bb371ea2a8 (commit)
   via  8d622660a14c929e365d306147b378ea6ab92175 (commit)
   via  34af2cdf686d5d77854cbaa7bbcd8f878e9171c7 (commit)
   via  c6f8407648abb37f2ed781afa5171dad8c9f59e9 (commit)
   via  46efe7a886f8c4c56f19536adc98a73c22db906a (commit)
   via  87716e8f504d659515d3dbcf93badbf106873bc8 (commit)
   via  478e24bceda3fedfba54ccb48faa115df726b819 (commit)
   via  4be8dff3a4451192f838497b4747273685959bed (commit)
   via  7eb2f89979360b6cc98ca9b17c48310277fa89fc (commit)
   via  4f87925a287f612a6ab3b5da1a387a31c7bea28f (commit)
  from  733fc909425860f6a02c205c2d8f34a731853922 (commit)

http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master


- Log -
commit ef1c4e99ca66e7a990bc557f34abb624c315e6ba
Author: Amitay Isaacs ami...@gmail.com
Date:   Tue Jul 2 12:40:37 2013 +1000

ctdbd: Don't ban self if init or shutdown event fails

There is no point in banning the node if init or shutdown event times
out since it's going to quit anyway.

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit fcd5e1f04c5fe6c98399429b8f0918b8779acba6
Author: Amitay Isaacs ami...@gmail.com
Date:   Thu Jun 27 17:46:43 2013 +1000

doc: The second half of monitoring is only for recovery master

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit 932360992b08a5483d90c0590218ba0fd756119e
Author: Michael Adam ob...@samba.org
Date:   Wed Jun 26 09:23:22 2013 +0200

recoverd: when the recmaster is banned, use that information when forcing 
an election

When we trigger an election because the recmaster considers itself inactive,
update our local nodemap with the recmaster's flags before calling
force_election(). This way, we don't send the inactive node freeze commands
(e.g.) that may fail and then lead to ourselves getting banned.

The theory is that this should help avoiding banning loops.

Signed-off-by: Michael Adam ob...@samba.org

commit 741944f118e98f178b860194eecb215180949d18
Author: Michael Adam ob...@samba.org
Date:   Wed Jun 26 07:11:51 2013 +0200

recoverd: fix a comment typo

Signed-off-by: Michael Adam ob...@samba.org

commit ac06c46e4a80c635f6094b5ac6f0bf3e3a02db95
Author: Michael Adam ob...@samba.org
Date:   Fri Jun 21 17:57:37 2013 +0200

recoverd: fix a comment in main_loop

Signed-off-by: Michael Adam ob...@samba.org

commit df30c0a05ed908fc2a997c56ff5484736b23b70f
Author: Michael Adam ob...@samba.org
Date:   Fri Jun 21 14:06:22 2013 +0200

recoverd: eliminate some trailing spaces from ctdb_election_win()

Signed-off-by: Michael Adam ob...@samba.org

commit 14399de1dd0bd8dabf1f48b1457e3ccb37589d8a
Author: Martin Schwenke mar...@meltin.net
Date:   Fri Jun 28 16:31:07 2013 +1000

recoverd: Don't continue if the current node gets banned

Can not continue with recovery or monitoring cluster.

Signed-off-by: Martin Schwenke mar...@meltin.net
Pair-programmed-with: Amitay Isaacs ami...@gmail.com

commit aea12dce83ef385e9fb3bc03ac7ace0874a0e3fe
Author: Amitay Isaacs ami...@gmail.com
Date:   Fri Jun 28 14:31:02 2013 +1000

recoverd: Refactor code to ban misbehaving nodes

Since we have nodemap information, there is no need to hardcode the
limit of 20.

Signed-off-by: Amitay Isaacs ami...@gmail.com
Pair-Programmed-With: Martin Schwenke mar...@meltin.net

commit ae1693905036ecdbc4594fde1f12500faae4a554
Author: Amitay Isaacs ami...@gmail.com
Date:   Thu Jun 27 16:01:16 2013 +1000

recoverd: Move code to ban other nodes after we get local node flags

If a node gets banned first, then it should not ban other nodes.

This code was moved up in main_loop to avoid waiting for nodemap
from other nodes (commit