[Samba] Invalid listing, samba 3.6.6
Hello list, i do have a problem with Amanda and Smbclient again. Im trying to backup some shares and I do get some errors which i cannot fix: ? smbclient: Error reading file \Dtel\El\2009-11 u TEST\2009-11\Logos\meeting, England\P1020272.MOV : NT_STATUS_OK ? smbclient: Didn't get entire file. size=86525282, nread=61719840 ? smbclient: NT_STATUS_OK opening remote file \Dr\P1020273.JPG (\Dnd\File) ? smbclient: NT_STATUS_CONNECTION_INVALID listing \Drittmittel\Directory\* I have no idea how to solve this. Im using Samba 3.6.6 with Debian Wheezy, the share is on a Windows Server 2008 R2. Please help if you can. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 - error during classicupgrade
My main Administrator account is Administrateur because my workstations language is french. Administrator account is for server (Windows 2003 and Windows 2008) I have two administrator accounts for according to profile and language. If you log a french profile on a english workstation, profile will be modify for add english menu (Accessoires - accessories)... and this is not good. I already tried to modify python script for ignore -500 test but when script read my administrator account, script hang because administrator alread exist (created by full provision I suppose) regards Stéphane Purnelle --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 Andrew Bartlett abart...@samba.org wrote on 14/07/2013 14:16:28: De : Andrew Bartlett abart...@samba.org A : Stéphane PURNELLE stephane.purne...@corman.be, Cc : samba@lists.samba.org Date : 14/07/2013 14:36 Objet : Re: [Samba] samba4 - error during classicupgrade On Tue, 2013-07-09 at 14:49 +0200, Stéphane PURNELLE wrote: Hi all, I found the problem, unsupported character in displayName prjLeudi+, samba don't like the charecter + in displayName. The bug here is that we should have escaped this value before we put it into the DN. Next problem: SID on user Administrator. samba-tool classicupgrade don't terminate correcly because I saw that Administrator user don't have the correct SID (ending -500). We have 2 administrator user (in french and in english) : Administrateur Administrator SID S-1-5-21-4023731279-819928261-1073345436-500 is on user Administrateur. How can I force samba to by pass this test ? What is happening here is that we simply ignore the -500 user from your import, and then re-add the administrator. The issue is that we add it in english, so if you have a second administrator (a bad idea in my view) it will collide. Just remove that from the import source before you start. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] no log on servers on ubuntu clients (Samba4)
here is my smb.conf [global] security = ads realm = HOME.NET # password server = 192.168.9.227 workgroup = HOME idmap uid = 1-2 idmap gid = 1-2 winbind refresh tickets = yes winbind enum users = yes winbind enum groups = yes winbind cache time = 15 winbind use default domain = yes template homedir = /home/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = true restrict anonymous = 2 # Logging information log level = 2 max log size = 100 log file = /var/log/samba/samba.log%m -- View this message in context: http://samba.2283325.n4.nabble.com/no-log-on-servers-on-ubuntu-clients-Samba4-tp4651010p4651102.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PLEASE TEST] Samba AD DC winbind hangs and timeouts
Hi Andrew (sorry for the delay,: holidays) I tested that now with Version 4.2.0pre1-GIT-940395d wbinfo --uid-info 300 returns, as waited, WBC_ERR_DOMAIN_NOT_FOUND, and there are no delays anymore, no crash, all seems to be ok now. MANY thanks !! but I made some 'getent' tests, and found : samba-tool user add u2 samba-tool group add g2 samba-tool group addmembers g2 u2 # is ok : samba-tool group listmembers g2 u2 # is ok uid=326(TEST\u2) gid=100(users) groups=100(users),327(TEST\g2) # is NOT ok : does not return group membership getent group g2 TEST\g2:*:327: is that normal with samba4 ? thanks and regards Philippe -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Thursday, July 11, 2013 12:13 AM To: Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE Cc: me...@samba.org; sa...@samba.org; samba-techni...@samba.org Subject: [PLEASE TEST] Samba AD DC winbind hangs and timeouts A number of patches aimed at fixing the nasty set of hangs, timeouts and crashes hitting our winbind implementation in the AD DC have been merged into master. It would be really, really helpful if you could re-test master and see if your specific problem has been addressed. (It turns out there are multiple overlapping issues here, which all seem to have been uncovered by the one interfaces patch). If not, we will continue to chase this down, otherwise this should allow us to merge the fixes into 4.0 and the new 4.1 branch. Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Sync - sysvol and getfacl
Hi i'm pretty sure this has the same cause as https://bugzilla.samba.org/show_bug.cgi?id=9820 Philippe -Original Message- From: samba-boun...@lists.samba.org [mailto:samba- boun...@lists.samba.org] On Behalf Of Sandbox Sent: Wednesday, July 10, 2013 8:30 AM To: samba@lists.samba.org Subject: [Samba] Sync - sysvol and getfacl Hi, I'm using Samba 4.0.5 and when I use ls -la or getfacl on eg: sysvol/Policies directory Samba dies with this error message: == samba/samba.log == [2013/07/10 07:49:30, 0] ../lib/util/fault.c:72(fault_report) === [2013/07/10 07:49:30, 0] ../lib/util/fault.c:73(fault_report) INTERNAL ERROR: Signal 11 in pid 3222 (4.0.5) Please read the Trouble-Shooting section of the Samba HOWTO [2013/07/10 07:49:30, 0] ../lib/util/fault.c:75(fault_report) === but the command gave this info: # file: Policies/ # owner: root # group: 300 user::rwx user:root:rwx group::rwx group:300:rwx group:301:r-x group:302:rwx group:303:r-x group:304:rwx mask::rwx other::--- default:user::rwx default:user:root:rwx default:group::--- default:group:300:rwx default:group:301:r-x default:group:302:rwx default:group:303:r-x default:group:304:rwx default:mask::rwx default:other::--- It is interesting because I dont have that kind of groups with those ID's (according to getent group and wbinfo -g) except 304 which is Group Policy Creator Owners. I suppose the other four groups are (checked from windows side): Administrators, Server Operators, SYSTEM and Authenticated Users. Can I do anything with this? My next question is: sysvol sync. My PDC's and BDC's user and group ID's are totaly different. Is it possible to set my PDC/BDC ID's equal, because as I see BDC couldn't do his job while this isn't solved. Regards, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 - File Share
Hi Natalia i have the same problem with samba4 (assign share rights to groups, e.g. read list = @RG). I don't know if it is binded, but getent group don't give me the group membership (as samba 3.6 did). i need that to make some 'SIMPLES' share (with force-user / force group) without dealing with file / directory ownership. I hope it's just a bug and will stay supported in samba4 ... regards Philippe -Original Message- From: samba-boun...@lists.samba.org [mailto:samba- boun...@lists.samba.org] On Behalf Of Natália Vaz Sent: Wednesday, July 10, 2013 4:00 PM To: samba Subject: [Samba] Samba4 - File Share Hi. I'm trying to set up a file server in a Samba4 domain, but when I use permission groups, I can't access the directories. How can I set the shares with restricted groups? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] need soms tips for adding samba4 to windows 2008R2 domain
Hai, After lots of google-ing, reading the mailinglists, im lost. i want to do the following. 1) keep my existing windows 2008 domain. ( contains dhcp + dns + AD ) its a clean domain, no users yet. dhcp+dns is used already. 2) add samba4 to the windows domain dc as secondairy DC. ( this server wil be my zarafa mail server ) 3) add samba3/4 servers tot this domain als domain members. ( i know this for samba3 ) 4) for my remote location i also want to add samba4 servers, which wil get there own share for profiles. ( this i know ) my old environment is running samba3 +Ldap. I do not need the old info with clasic upgrade, because some pc's have same sid's, and im setting this up for windows 7 pc's. Question here is, do i need the registry fixes for windows 7, if my windows 2008 DC if domain controller. I know my way with bind ntp etc. Can someone give me some good pointers howto setup this, would be great. Im going to use the sernet packages on ubuntu 12.04 LTS ( or debian wheezy ) Best regards, Louis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Forest and Domain DNS Replication with 2003 AD
I have been unable to get forest and domain DNS bi-directional replication working between Win2003 PDC and Samba 4.0.7 DC after having followed many threads about this topic. This is the only remaining issue with demoting the Win DC. Has anyone had any success with replicating these zones and, if so, would you mind sending me what you did to make it work? The one strange error I get is the the DNS MMC on the 2003 box will not detect that the Samba box is a valid DNS server when I try to add it to the list of DNS servers stating the it is not an Active Directory server even tho all replication is working and FSMO roles have been transferred. The Samba DC also shows up in the Admin tools on the Win DC. Any help greatly appreciated... Garth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Messed up SIDs: How to change machine SID?
I could fix the SID issues. However the other errors and warinings remain. Struggeling hard to find the cause for not being able to join a domain, getting Access Denied SMB log: [2013/07/12 15:48:03.439574, 2] auth/auth.c:309(check_ntlm_password) check_ntlm_password: authentication for user [admin] - [admin] - [admin] succeeded [2013/07/12 15:48:03.442335, 3] groupdb/mapping.c:772(pdb_create_builtin_alias) pdb_create_builtin_alias: Could not get a gid out of winbind [2013/07/12 15:48:03.442450, 2] auth/token_util.c:455(finalize_local_nt_token) WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids? [2013/07/12 15:48:03.54, 3] groupdb/mapping.c:772(pdb_create_builtin_alias) pdb_create_builtin_alias: Could not get a gid out of winbind [2013/07/12 15:48:03.444555, 2] auth/token_util.c:479(finalize_local_nt_token) WARNING: Failed to create BUILTIN\Users group! Can Winbind allocate gids? ... [2013/07/12 15:48:03.191990, 0] rpc_server/netlogon/srv_netlog_nt.c:931(_netr_ServerAuthenticate3) _netr_ServerAuthenticate: no challenge sent to client N666 ... [2013/07/12 15:48:03.587205, 3] smbd/connection.c:35(yield_connection) Yielding connection to IPC$ [2013/07/12 15:48:03.589351, 3] smbd/server_exit.c:181(exit_server_common) Server exit (failed to receive smb request) Questions: Is it mandatory that Domain Admins Domain Users Domain Guests Domain Computers are spelled exactly like that. In GOsa I'm only allowed to use lower case letters and no spaces. Hence I got domainadmins... and so forth. I don't know how to change the windows group name only. Is a root user mandatory or may I use admin? Since I got no root in LDAP, but tried it last week, didn't help. Which of the domain and builtin groups are mandatory? As far as I know only Domain Admins 512 Domain Users513 Domain Guests 514 and From the builtin domain (didn't know that there is a built in domain until now) Administrators 544 Users 545 Guests 546 Thanks for any help in advance! Setting up a PDC seems not too hard, but I have to use our existing LDAP directory and operate on a production system :( Cheers, Marcus I have an LDAP backend. In LDAP, the machine accounts for my windows and linux clients so show the same base SID as the domain SID (ie.. all but the last digits.) However I also have the mismatch with net getdomainsid - which definately explains why they don't behave as I would expect. You may want to try fixing this with net setlocalsid. I guess when you joing unix or linux member server to the domain the localsid is not updated. Re the BUILTIN groups you may want to explicitly map these to unix groups rather than relying on winbind to do it e.g. I created unix groups #getent group Builtin Admins::544: Builtin Users::545: Builtin Guests::546: Then mapped the well know built-in Windows groups to the unix groups #net groupmap add ntgroup=Administrators unixgroup=544 sid=S-1-5-32-544 type=builtin #net groupmap add ntgroup=Users unixgroup=545 sid=S-1-5-32-545 type=builtin #net groupmap add ntgroup=Guests unixgroup=546 sid=S-1-5-32-546 type=builtin # net groupmap list | grep -i builtin Administrators (S-1-5-32-544) - Builtin Admins Users (S-1-5-32-545) - Builtin Users Guests (S-1-5-32-546) - Builtin Guests The linux samba member servers I use mostly for IT use anyway so I never shook out all the bugs. On 07/03/13 11:49, Marcus Mundt wrote: Dear Samba Gurus, I got the following errors: tail -f /var/log/samba/log.wb-DOM1 [2013/07/02 15:49:19.990168, 2] winbindd/winbindd_rpc.c:320(rpc_name_to_sid) name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED log.smbd [2013/07/02 15:40:51.809516, 2] auth/token_util.c:455(finalize_local_nt_token) WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids? [2013/07/02 15:40:51.811330, 2] auth/token_util.c:479(finalize_local_nt_token) WARNING: Failed to create BUILTIN\Users group! Can Winbind allocate gids? I guess the reason might be this: net getdomainsid SID for local machine M1 is: S-1-5-21-3981825222-1828954701-2606613544 SID for domain DOM1 is: S-1-5-21-2762780445-1763757571-3541238449 net getdomainsid SID for local machine M2 is: S-1-5-21-2913448378-2543514743-1508345481 SID for domain DOM1 is: S-1-5-21-2762780445-1763757571-3541238449 Shouldn't the SIDs be the same except the last digits??? Cheers, Marcus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WARNING to those running Samba on OpenIndiana or other Illumos based systems with 16 groups
On Sun, Jul 14, 2013 at 09:50:29AM -0400, Ira Cooper wrote: On Sun, Jul 14, 2013 at 8:23 AM, Andrew Bartlett abart...@samba.org wrote: On Wed, 2013-04-24 at 10:31 +1000, Andrew Bartlett wrote: Just a heads-up, because this bug took me absolutely ages to chase down, and I want to save others the same pain. Samba is perhaps the most prominent reason why you might find a user in more than 16 groups on a Unix system, and so this bug may at first appear to be a 'Samba issue' (that certainly is why it found it's way to my attention :-) https://www.illumos.org/issues/3691 In short, unless the group list we supply to setgroups() is sorted, if there are more than 16 groups, the Illumos kernel fails to honour some of the groups. Presumably there is a bisection search being done. The symptom for Samba users is that as a user is added to more groups, they loose access to folders they previously had access too. Attached is a total hack that appears to resolve the issue, but the real fix needs to be in glibc or the kernel. Just as a follow-up, if you experience this please also see https://www.illumos.org/issues/3577 and https://bugzilla.samba.org/show_bug.cgi?id=7588 for WORKAROUNDS if you cannot fix/change your host OS. There is a patch for nss_winbind and smbd attached to that bug, both of which are required to ensure both Samba and other unix applications see all the windows groups. As we have now had success getting this fixed upstream I've not had time to get back to applying these to Samba when we run on Solaris, but the view was that for the small cost of a qsort we probably should. If a DENY ACL is involved, this may also be a SECURITY issue, which is how we finally got the route cause addressed upstream. Andrew, As the upstream developer who fixed the issue: The fix had nothing to do with security. It had to do with Bjorn posting the root cause, and that frankly I found sorting the list in samba beyond fugly. May be beyong fugly, but I think Andrew was perfectly correct in doing so :-). I look at the fact you sorted the list in samba and just shake my head... The same qsort put in the illumos kernel fixes the issue for good. Not everyone has the same familiarity with kernel programming as you :-). Given our past history with such bugs, I'd expect we'll tell people to upgrade their OS. Yeah, but not everyone can do that easily. Having a fix for Samba only is A GOOD THING (tm) even if you think it's horrible :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem logon on WinXP : returning logon svr \\EASYBOURSE domain EB code 13 token=ffff
HI ! I have a problem with nmbd, i can't logon on a WinXP machine (wfassi-PC ,everything was alright until at a moment user coudnt connect anymore) , here is log.nmbd : [2013/07/15 16:39:26, 5] libsmb/nmblib.c:797(read_packet) Received a packet of len 50 from (192.168.0.89) port 137 [2013/07/15 16:39:26, 4] libsmb/nmblib.c:106(debug_nmb_packet) nmb packet from 192.168.0.89(137) header: id=32801 opcode=Query(0) response=No header: flags: bcast=Yes rec_avail=No rec_des=Yes trunc=No auth=No header: rcode=0 qdcount=1 ancount=0 nscount=0 arcount=0 question: q_name=EB1c q_type=32 q_class=1 [2013/07/15 16:39:26, 3] nmbd/nmbd_incomingrequests.c:453(process_name_query_request) process_name_query_request: Name query from 192.168.0.89 on subnet 192.168.0.251 for name EB1c [2013/07/15 16:39:26, 3] nmbd/nmbd_incomingrequests.c:568(process_name_query_request) OK [2013/07/15 16:39:26, 4] nmbd/nmbd_packets.c:945(reply_netbios_packet) reply_netbios_packet: sending a reply of packet type: nmb_query EB1c to ip 192.168.0.89 for id 32801 [2013/07/15 16:39:26, 4] libsmb/nmblib.c:106(debug_nmb_packet) nmb packet from 192.168.0.89(137) header: id=32801 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=EB1c rr_type=32 rr_class=1 ttl=259200 answers 0 char .. hex E000C0A800FB [2013/07/15 16:39:26, 5] libsmb/nmblib.c:819(send_udp) Sending a packet of len 62 to (192.168.0.89) on port 137 [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet 192.168.0.251: found. [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet UNICAST_SUBNET: found. [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet UNICAST_SUBNET: found. [2013/07/15 16:39:26, 5] libsmb/nmblib.c:797(read_packet) Received a packet of len 266 from (192.168.0.89) port 138 *[2013/07/15 16:39:26, 4] nmbd/nmbd_packets.c:1281(process_dgram)** ** process_dgram: datagram from WFASSI-PC00 to EB1c IP 192.168.0.89 for \MAILSLOT\NET\NETLOGON of type 18 len=92* [2013/07/15 16:39:26, 4] nmbd/nmbd_processlogon.c:116(process_logon_packet) process_logon_packet: Logon from 192.168.0.89: code = 0x12 [2013/07/15 16:39:26, 5] nmbd/nmbd_processlogon.c:354(process_logon_packet) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 24, len = 92 [2013/07/15 16:39:26, 5] nmbd/nmbd_processlogon.c:361(process_logon_packet) process_logon_packet: len = 92 PTR_DIFF(q, buf) = 84 [2013/07/15 16:39:26, 3] nmbd/nmbd_processlogon.c:386(process_logon_packet) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 24 ntv 11 [2013/07/15 16:39:26, 5] nmbd/nmbd_processlogon.c:395(process_logon_packet) process_logon_packet: LOGON_SAM_LOGON_REQUEST user *[2013/07/15 16:39:26, 5] nmbd/nmbd_processlogon.c:402(process_logon_packet)** ** process_logon_packet: LOGON_SAM_LOGON_REQUEST request from WFASSI-PC(192.168.0.89) for , returning logon svr \\EASYBOURSE domain EB code 13 token=* [2013/07/15 16:39:26, 4] ../lib/util/util.c:304(_dump_data) [] 15 00 5C 00 5C 00 45 00 41 00 53 00 59 00 42 00 ..\.\.E. A.S.Y.B. [0010] 4F 00 55 00 52 00 53 00 45 00 00 00 00 00 45 00 O.U.R.S. E.E. [0020] 42 00 00 00 01 00 00 00 FF FF FF FF B... [2013/07/15 16:39:26, 3] nmbd/nmbd_processlogon.c:667(process_logon_packet) process_logon_packet: processing delayed initial logon reply for client WFASSI-PC(192.168.0.89) *[2013/07/15 16:39:26, 4] nmbd/nmbd_packets.c:1972(send_mailslot)** ** send_mailslot: Sending to mailslot \MAILSLOT\NET\GETDC042 from EASYBOURSE00 IP 192.168.0.251 to WFASSI-PC00 IP 192.168.0.89* [2013/07/15 16:39:26, 4] nmbd/nmbd_packets.c:95(debug_browse_data) debug_browse_data(): 0 char ..\.\.E.A.S.Y.B. hex 15 00 5c 00 5c 00 45 00 41 00 53 00 59 00 42 00 10 char O.U.R.S.E.E. hex 4f 00 55 00 52 00 53 00 45 00 00 00 00 00 45 00 20 char B... hex 42 00 00 00 01 00 00 00 ff ff ff ff [2013/07/15 16:39:26, 5] libsmb/nmblib.c:819(send_udp) Sending a packet of len 218 to (192.168.0.89) on port 138 [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet 192.168.0.251: found. [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet UNICAST_SUBNET: found. [2013/07/15 16:39:26, 4] nmbd/nmbd_workgroupdb.c:170(find_workgroup_on_subnet) find_workgroup_on_subnet: workgroup search for EB on subnet UNICAST_SUBNET: found. [2013/07/15 16:39:26, 5] libsmb/nmblib.c:797(read_packet)
Re: [Samba] need soms tips for adding samba4 to windows 2008R2 domain
Hello Louis, Am 15.07.2013 12:48, schrieb L.P.H. van Belle: 1) keep my existing windows 2008 domain. ( contains dhcp + dns + AD ) its a clean domain, no users yet. dhcp+dns is used already. 2) add samba4 to the windows domain dc as secondairy DC. ( this server wil be my zarafa mail server ) Setup and joining a Samba machine as DC you can find here: http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC 3) add samba3/4 servers tot this domain als domain members. ( i know this for samba3 ) http://wiki.samba.org/index.php/Samba4/Domain_Member 4) for my remote location i also want to add samba4 servers, which wil get there own share for profiles. ( this i know ) Same as 3. But for the users who should have their profiles on the remote server, you have to specify their profile path in ADUC pointing to this server. Some information about roaming profiles: http://wiki.samba.org/index.php/Samba_%26_Windows_Profiles my old environment is running samba3 +Ldap. I do not need the old info with clasic upgrade, because some pc's have same sid's, and im setting this up for windows 7 pc's. Here's the point, where I'm not sure, if I fully understand you. In 1 you wrote, that you are having an AD, but with no users. Here you say you have a Samba NT4 style domain with users, etc. Do you want to bring them together? I mean keep your Windows Domain and migrate the Samba3 accounts to the domain? You can export your LDAP, script something around for the changes and import them in your AD. But you have to re-join your workstations then. Or do you want a trust. But this isn't possible in both directions yet: http://wiki.samba.org/index.php/FAQ#Does_Samba_support_trust_relationship_with_AD.3F Or do you skip the old domain and join the PCs to the new Windows domain? Then just follow the HowTos above. If you meant something else, please give some more details :-) Question here is, do i need the registry fixes for windows 7, if my windows 2008 DC if domain controller. No registry changes, if your Domain is provided by Windows or Samba AD. I have read that it's necessary for a Samba NT4 style domain only. But I haven't used a Samba PDC with Win7 yet myself (only Samba AD). Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Invalid listing, samba 3.6.6
Hello Simon, Am 15.07.2013 08:33, schrieb Traugott Simon: i do have a problem with Amanda and Smbclient again. Im trying to backup some shares and I do get some errors which i cannot fix: ? smbclient: Error reading file \Dtel\El\2009-11 u TEST\2009-11\Logos\meeting, England\P1020272.MOV : NT_STATUS_OK ? smbclient: Didn't get entire file. size=86525282, nread=61719840 ? smbclient: NT_STATUS_OK opening remote file \Dr\P1020273.JPG (\Dnd\File) ? smbclient: NT_STATUS_CONNECTION_INVALID listing \Drittmittel\Directory\* Are you getting errors too, if you use smbclient to directly connect to your server (without amanda) and browse the shares and retrive files? Can you add a -d 3 to the smbclient command in your amanda configuration and let it log somewhere? Maybe you get some more details what causes your problem. Regards Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Classicupgrade set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER
Hello Axel, first: To which samba version do you try to update? I recommented that you use the latest (4.0.7), because there were some improvments and patches included in the last version. Am 14.07.2013 21:17, schrieb Axel Urban: idmapping sid_to_xid failed for id[0]=S-1-5-32-544: NT_STATUS_NONE_MAPPED set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER. ERROR(runtime): uncaught exception - (-1073741734, 'NT_STATUS_INVALID_OWNER') S-1-5-32-544 is Administrators group. If it's a test environment, can you remove it and retry? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] New ADC configuration
I am in the process of moving our single Samba 3.x servers to a new 4.x AD server setup, with member servers. I have the Main ADC installed and running perfectly, machines can join with no problems. Seriously, it couldn't honestly be any easier, thanks for the Samba4 Wiki. It saved me a ton of time and stress. I'm working next on getting several test member servers working as well, and I'm a little confused with the config. According to the Samba AD DC HOWTO on the wiki, it really doesn't have anything in the config about the idmap config stuff. When adding member servers, does the idmap config options only go on the member servers, or does it have to have to be on the ADC as well? Do all member servers have the same ranges, or must they all be different? Thanks for your time. -- Matthew Daubenspeck Gentoo Linux i686 Intel(R) Xeon(R) CPU L5520 @ 2.27GHz 14:13:06 up 55 days, 3:44, 4 users, load average: 0.00, 0.05, 0.10 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
Hello Matthew, Am 15.07.2013 20:18, schrieb Matthew Daubenspeck: I'm working next on getting several test member servers working as well, and I'm a little confused with the config. According to the Samba AD DC HOWTO on the wiki, it really doesn't have anything in the config about the idmap config stuff. When adding member servers, does the idmap config options only go on the member servers, or does it have to have to be on the ADC as well? If you have multiple DCs, then the domain group/user/etc. stuff is automatically on each DC (directory replication). Member servers are getting the xID information from the DCs. And for that you need an Idmap configuration. For your member servers, I recommend to use backend AD and retrieve the xIDs from AD. Then you can edit the unix user/group information directly from ADUC, with all other account data. An example is in the HowTo: https://wiki.samba.org/index.php/Samba4/Domain_Member#Setting_up_a_basic_smb.conf Also then your user/groups have the same xIDs on all members. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Classicupgrade set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER
Hello Axel, Am 15.07.2013 22:00, schrieb Axel Urban: I used the 4.0.7 tar.gz. I removed the groupmap.tdb before. Does this change anything when you do the classicupgrade? Is there anything more I can do? Does samba read the /etc/group-File during classicupgrade? I'm not sure on that. I only did upgrades from LDAP backend yet - not from tdb. When you run the classicupgrade, can you run it with a higher debug level (-d 5) and see if there's anything else interesting around the error message? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Invalid listing, samba 3.6.6
Hello Marc, of course i can do that, i will post the logs tomorrow. Yes i do get the errors even when i transfer the files manually. See you tomorrow. Greetings Marc Muehlfeld sa...@marc-muehlfeld.de hat geschrieben:Hello Simon, Am 15.07.2013 08:33, schrieb Traugott Simon: i do have a problem with Amanda and Smbclient again. Im trying to backup some shares and I do get some errors which i cannot fix: ? smbclient: Error reading file \Dtel\El\2009-11 u TEST\2009-11\Logos\meeting, England\P1020272.MOV : NT_STATUS_OK ? smbclient: Didn't get entire file. size=86525282, nread=61719840 ? smbclient: NT_STATUS_OK opening remote file \Dr\P1020273.JPG (\Dnd\File) ? smbclient: NT_STATUS_CONNECTION_INVALID listing \Drittmittel\Directory\* Are you getting errors too, if you use smbclient to directly connect to your server (without amanda) and browse the shares and retrive files? Can you add a -d 3 to the smbclient command in your amanda configuration and let it log somewhere? Maybe you get some more details what causes your problem. Regards Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 - error during classicupgrade
On Mon, 2013-07-15 at 10:01 +0200, Stéphane PURNELLE wrote: My main Administrator account is Administrateur because my workstations language is french. Administrator account is for server (Windows 2003 and Windows 2008) I have two administrator accounts for according to profile and language. If you log a french profile on a english workstation, profile will be modify for add english menu (Accessoires - accessories)... and this is not good. I already tried to modify python script for ignore -500 test but when script read my administrator account, script hang because administrator alread exist (created by full provision I suppose) Just rename 'Administrator' to 'English Administrator' and then after then upgrade, rename 'administrator' to Administrateur. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] removing dead samba4 dc
On 07/12/2013 12:54 AM, Tom Seeley wrote: Hi, I have a small but live samba4 AD (pure samba4, no Windows servers). My secondary (the one that was added 2nd) DC has expired, so I need to remove it from the domain. However the traditional Windows mechanism for doing this (deleting the entry from ADUC) doesn't work. I'm not sure if this was supposed to work, but the error I get is: Windows cannot delete object LDAP://primarydcaddress/CN=2nddcname,OU=Domain Controllers,DC=orgname,DC=tld because: The specified module could not be found. My guess is that method is not supposed to work. Well it should work, so I would bump the log level on the dc1 to 4 and see in the log what the DC complains about. Which version of Samba 4 your DC are running ? Matthieu. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Win2003 DC fails to detect Samba 4 DC
On 07/13/2013 02:08 PM, Garth Keesler wrote: Well, I read several threads on this issue but none solved what I have going so I'll re-ask the question: Should I be able to join a Samba 4.0.7 server to a Windows 2003R2 AD that has been raised to the forest level of 2003 and then be able to demote the Win DC? As stated below, the Win Admin tools recognize the Samba DC as one of two DCs in the domain but the Win DC will not recognize Samba as such when trying to demote the Win DC. The FSMO roles will move to the Samba server but the DNS MMC will not recognize the Samba DC as a DC either. Normally it should be the case, I would have a look at the samba box for error related to DNS (ie. impossible to bind on port 53). Which kind of DNS setup do you have ? (internal, bind 9.x dlz, flat file) ? Which DNS server ip the *nix box running Samba 4.0.x is using ? Is there an easy way to orphan the Win DC after just shutting it down? I'd be willing to do that. Yes. From the Active Directory User and Computer you select the DC and remove it, you might have to go to Active Directory Domain and Site and remove the links to the old DC as well. But if the s4 DC is working well the demote should work well. Matthieu Thanx, Garth On 07/13/2013 11:17 AM, Garth Keesler wrote: Starting over and following a couple of threads on this topic so please ignore. Thanx, Garth On 07/13/2013 08:49 AM, Garth Keesler wrote: I have an (apparently) valid Samba4 DC to which I have transferred all FSMO roles in preparation for running dcpromo and demoting the Win DC. All of the logs look good on the Samba DC and showrepl indicates no errors. Unfortunately, the Win DC does not seem to detect the Samba DC when I attempt to run dcpromo and it throws a nasty warning about AD data being lost. If I run Sites and Services, both DCs show up and are viewable. Also, in Users and Computers, both DCs correctly show up in Domain Controllers. Not sure what to do next. Help appreciated. Thanx, Garth -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0529b59 s3-winbind: Do not delete an existing valid credential cache. from 940395d smbd: Fix a 100% loop at shutdown time http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0529b59fbe3f96509893fc4e93a75d6928b5a532 Author: Andreas Schneider a...@samba.org Date: Thu Jul 11 13:44:53 2013 +0200 s3-winbind: Do not delete an existing valid credential cache. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994 Thanks to David Woodhouse dw...@infradead.org. Reviewed-by: Günther Deschner g...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_pam.c |8 1 files changed, 8 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 158a7c4..aed4741 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -685,6 +685,14 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; failed: + /* +* Do not delete an existing valid credential cache, if the user +* e.g. enters a wrong password +*/ + if ((strequal(krb5_cc_type, FILE) || strequal(krb5_cc_type, WRFILE)) +user_ccache_file != NULL) { + return result; + } /* we could have created a new credential cache with a valid tgt in it * but we werent able to get or verify the service ticket for this -- Samba Shared Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-07-15-1543/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-07-15-1543/samba3.stderr http://git.samba.org/autobuild.flakey/2013-07-15-1543/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-07-15-1543/samba.stderr http://git.samba.org/autobuild.flakey/2013-07-15-1543/samba.stdout The top commit at the time of the failure was: commit 0529b59fbe3f96509893fc4e93a75d6928b5a532 Author: Andreas Schneider a...@samba.org Date: Thu Jul 11 13:44:53 2013 +0200 s3-winbind: Do not delete an existing valid credential cache. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994 Thanks to David Woodhouse dw...@infradead.org. Reviewed-by: Günther Deschner g...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via ed120ed lib/param: sync debug related options with source3/param via ba584a5 lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10 via 42cb71b lib/ldb-samba: make use of DBGC_LDB via 89644f4 lib/util: add 'ldb' debug class via 580740d debug: Add debugclass for DNS server via a56ccfb dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly via afab702 smbd: Fix a 100% loop at shutdown time via f31f55b s3-smbstatus: display [u|g]id of -1 as -1 in connection list via c286950 s3-lib: hide incomplete smbXsrv_tcon_global records via d15f6a8 s3-lib: fix segf while reading incomplete session info (bug #10003) from 0b80e93 vfs_streams_xattr: Do not attempt to write empty attribute twice http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit ed120ed4fc6e86d35a40206ad69813dee308d727 Author: Stefan Metzmacher me...@samba.org Date: Thu Jul 4 18:11:02 2013 +0200 lib/param: sync debug related options with source3/param The most important change is debug hires timestamp = Yes and syslog = 1. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Björn Jacke b...@sernet.de Autobuild-User(master): Björn Jacke b...@sernet.de Autobuild-Date(master): Tue Jul 9 17:15:15 CEST 2013 on sn-devel-104 (cherry picked from commit cd36a3e902813c065e14059d325f7628b06595aa) The last 5 patches address bug #10015 - Fix/Improve debug options. Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-0-test): Mon Jul 15 22:56:13 CEST 2013 on sn-devel-104 commit ba584a5ce8e7795b3359435860b5f213fcfc87e4 Author: Stefan Metzmacher me...@samba.org Date: Tue Jul 9 13:56:35 2013 +0200 lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Björn Jacke b...@sernet.de (cherry picked from commit 5f93822ede7ec3dc79a8057174342b2c6bb94a3b) commit 42cb71be5da8788c0294d960bcb541b627c24076 Author: Stefan Metzmacher me...@samba.org Date: Tue Jul 9 13:56:08 2013 +0200 lib/ldb-samba: make use of DBGC_LDB Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Björn Jacke b...@sernet.de (cherry picked from commit 8e0752f4d6feea35304377222d3dd487355e4120) commit 89644f40d77a71b25c0a5f50f8ae6bfbe0ddd2db Author: Stefan Metzmacher me...@samba.org Date: Tue Jul 9 13:55:44 2013 +0200 lib/util: add 'ldb' debug class Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Björn Jacke b...@sernet.de (cherry picked from commit baecc863de0ceb64187c6eb3545bf28706bd84fc) commit 580740dd7fe8fcdf6fa307744087344f7533cfab Author: Kai Blin k...@samba.org Date: Mon Jan 14 01:13:47 2013 +0100 debug: Add debugclass for DNS server Signed-off-by: Kai Blin k...@samba.org Reviewed-By: Amitay Isaacs ami...@gmail.com (cherry picked from commit 4b010997486b059b90be1f69783a451f400d7df7) commit a56ccfbe9786c57ba0b02440a957a6b6b6334b65 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 22 19:30:50 2013 +1000 dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly A patch by Cove Schneider cov...@yahoo.com who reports: I noticed that the RID numbers seem to increase incrementally, then will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't RID pool allocations just be 500 at a time? e.g. Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6): 1596 1597 1598 1599 126100 126101 126102 ... 126599 251100 ... 251599 376100 ... The problem is that this complicates using sssd's AD integration, as that it doesn't expect the RIDs to increase in a single domain so quickly. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104 (cherry picked from commit 2763cad409430c183f7f1f6f57bc6b38ae616ed9) Fix bug #10014 - Excessive RID allocation. commit afab702a7d319a9dd6ba4e6f607d3868a4f8dbb8 Author: Volker Lendecke v...@samba.org Date: Thu Jul 11 16:22:26 2013 +0200 smbd: Fix a 100% loop at shutdown time In the destructor of fsp-aio_requests[0] we put another request into fsp-aio_requests[0]. Don't overwrite that with TALLOC_FREE. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Thu Jul 11 20:56:42 CEST 2013 on sn-devel-104 (cherry picked
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 4e74c61 smbd: Fix a 100% loop at shutdown time via 54ee31e s3-smbstatus: display [u|g]id of -1 as -1 in connection list via d07b694 s3-lib: hide incomplete smbXsrv_tcon_global records via 38841bb s3-lib: fix segf while reading incomplete session info (bug #10003) from d95ed7f VERSION: Bump version number up to 4.1.0rc2... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 4e74c615d56465b5a57f65e6815cbdf0d0b2928a Author: Volker Lendecke v...@samba.org Date: Thu Jul 11 16:22:26 2013 +0200 smbd: Fix a 100% loop at shutdown time In the destructor of fsp-aio_requests[0] we put another request into fsp-aio_requests[0]. Don't overwrite that with TALLOC_FREE. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Thu Jul 11 20:56:42 CEST 2013 on sn-devel-104 (cherry picked from commit 940395d38bcc348eb5f1be7ba03cd554d9d3bc93) Fix bug #10013 - 940395d from master needs porting to 4.0 and 4.1. Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-1-test): Mon Jul 15 23:04:19 CEST 2013 on sn-devel-104 commit 54ee31eae52e72373d28b9666e5680da5bd99da8 Author: Björn Baumbach b...@sernet.de Date: Tue Jul 9 12:32:34 2013 +0200 s3-smbstatus: display [u|g]id of -1 as -1 in connection list In order to avoid displayed uid or gid of 4294967295 instead of -1, we need to fetch the special case -1. The id can be -1 if we are reading e.g. incomplete session information. Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Wed Jul 10 01:18:30 CEST 2013 on sn-devel-104 (cherry picked from commit 577cef82c776759c9f3cad7d33057ac865c40769) The last 3 patches address bug #10003 - s3-lib:segmentation fault while reading incomplete session info. commit d07b694f85c31a461d5697b56494c8ee4000925f Author: Stefan Metzmacher me...@samba.org Date: Mon Jul 8 16:31:13 2013 +0200 s3-lib: hide incomplete smbXsrv_tcon_global records Part of fix for bug #10003 Pair-programmed-with: Björn Baumbach b...@sernet.de Signed-off-by: Stefan Metzmacher me...@samba.org Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Jeremy Allison j...@samba.org (cherry picked from commit c52e61f7ba215da28cbb7b8e328aea110ad79b11) commit 38841bb0dbee310dc2eafdb78482a72cf906644f Author: Björn Baumbach b...@sernet.de Date: Fri Jul 5 13:19:59 2013 +0200 s3-lib: fix segf while reading incomplete session info (bug #10003) Pair-programmed-with: Stefan Metzmacher me...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Jeremy Allison j...@samba.org (cherry picked from commit 53aa069b97070c73b782e2868b9b9686abe353cc) --- Summary of changes: source3/lib/conn_tdb.c | 22 -- source3/lib/sessionid_tdb.c | 15 ++- source3/smbd/close.c|7 +-- source3/utils/status.c | 24 4 files changed, 55 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c index a7e7cf0..b218831 100644 --- a/source3/lib/conn_tdb.c +++ b/source3/lib/conn_tdb.c @@ -53,8 +53,13 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global, uint32_t id = global-session_global_id; struct connections_forall_session sess; - sess.uid = global-auth_session_info-unix_token-uid; - sess.gid = global-auth_session_info-unix_token-gid; + if (global-auth_session_info == NULL) { + sess.uid = -1; + sess.gid = -1; + } else { + sess.uid = global-auth_session_info-unix_token-uid; + sess.gid = global-auth_session_info-unix_token-gid; + } strncpy(sess.machine, global-channels[0].remote_name, sizeof(sess.machine)); strncpy(sess.addr, global-channels[0].remote_address, sizeof(sess.addr)); @@ -86,6 +91,19 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0 *global, TDB_DATA val = tdb_null; + /* +* Note: that share_name is defined as array without a pointer. +* that's why it's always a valid pointer here. +*/ + if (strlen(global-share_name) == 0) { + /* +* when a smbXsrv_tcon is created it's created +* with emtpy share_name
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9b2aa35 s3: Remove old mode special substitution. via 4a9e5d2 s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknown via ca90681 s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknown via a061b6f s3:idmap_autorid: Use ARRAY_SIZE where appropriate from 0529b59 s3-winbind: Do not delete an existing valid credential cache. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9b2aa351ceb756d6ea63f3158f0e983ae7262da8 Author: Alexander Werth alexander.we...@de.ibm.com Date: Tue Jul 9 17:14:08 2013 +0200 s3: Remove old mode special substitution. The mode special substitution now happens in a separate function. The substitution at this point is unnecessary. Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Christian Ambach a...@samba.org Autobuild-User(master): Christian Ambach a...@samba.org Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104 commit 4a9e5d24749f7d8571f107c20ee66092ce7ab21d Author: Volker Lendecke v...@samba.org Date: Thu Jul 11 13:10:25 2013 +0200 s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknown Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Christian Ambach a...@samba.org commit ca9068189e00ce1714790933250080ab1c310ee5 Author: Volker Lendecke v...@samba.org Date: Thu Jul 11 13:08:39 2013 +0200 s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknown We initialize everything later anyway Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Christian Ambach a...@samba.org commit a061b6fe43f3e00dadb5c23244c68e5bc241dfce Author: Volker Lendecke v...@samba.org Date: Thu Jul 11 13:07:52 2013 +0200 s3:idmap_autorid: Use ARRAY_SIZE where appropriate Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Christian Ambach a...@samba.org --- Summary of changes: source3/modules/nfs4_acls.c | 15 ++- source3/winbindd/idmap_autorid.c |8 ++-- 2 files changed, 8 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 255741c..dab1a2a 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -739,20 +739,9 @@ static bool smbacl4_fill_ace4( if (sid_to_gid(ace_nt-trustee, gid)) { ace_v4-aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - - if (params-mode==e_special gid==ownerGID) { - ace_v4-flags |= SMB_ACE4_ID_SPECIAL; - ace_v4-who.special_id = SMB_ACE4_WHO_GROUP; - } else { - ace_v4-who.gid = gid; - } + ace_v4-who.gid = gid; } else if (sid_to_uid(ace_nt-trustee, uid)) { - if (params-mode==e_special uid==ownerUID) { - ace_v4-flags |= SMB_ACE4_ID_SPECIAL; - ace_v4-who.special_id = SMB_ACE4_WHO_OWNER; - } else { - ace_v4-who.uid = uid; - } + ace_v4-who.uid = uid; } else { DEBUG(1, (nfs4_acls.c: file [%s]: could not convert %s to uid or gid\n, diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 391a314..16f609d 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -834,15 +834,19 @@ static NTSTATUS idmap_autorid_preallocate_wellknown(struct idmap_domain *dom) return NT_STATUS_OK; } - num = sizeof(groups)/sizeof(char*); + num = ARRAY_SIZE(groups); - maps = talloc_zero_array(talloc_tos(), struct id_map*, num+1); + maps = talloc_array(talloc_tos(), struct id_map*, num+1); if (!maps) { return NT_STATUS_NO_MEMORY; } for (i = 0; i num; i++) { maps[i] = talloc(maps, struct id_map); + if (maps[i] == NULL) { + talloc_free(maps); + return NT_STATUS_NO_MEMORY; + } maps[i]-xid.type = ID_TYPE_GID; maps[i]-sid = dom_sid_parse_talloc(maps, groups[i]); } -- Samba Shared Repository