[Samba] Winbind in Samba 4 suite and the template homedir parameter
Hi! The command samba-tool testparm -v returns template homedir = /home/%WORKGROUP%/%ACCOUNTNAME%. Is there other variables that can be used? It is possible to add one or more uPNSuffixes to Samba 4 AD DC to alter the userPrincipalName. Both on the domain level (cn=uPNSuffixes,cn=Partitions,...) and on OU-level (cn=uPNSuffixes,ou=example.org,dc=...) But is it possible to return the dns domain part, %UPNSUFFIXES%, in winbind? And use it for domain separated paths to home directories? For example: uPNSuffixes = example.org, example.net [global] template homedir = /home/%UPNSUFFIXES%/%ACCOUNTNAME% And winbind returns /home/example.org/username and /home/example.net/username respectivly. Regards Davor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] dns query not giving back all registers
Hello list. If I query my samba4 Active Directory domain with dig mydomain ANY or MX it answers just with SOA and NS records, but not MX or some others I have already defined. Is it right?? I've tried from the own samba4 server and from another linux host. My samba4 is up-to-date. Using bind9.7.3 with samba_dlz. Thanks in advance. Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 PDC to Samba4 DC works great, Win2003 PDC to Samba4 DC not so great
I've posted before about this but I'll add more info. I've set up two Samba DCs in a domain, using both 4.0.7 and 4.1RC1, and all works great including Forest and Domain DNS repl in both directions. When I add a Samba 4.0.7 or 4.1RC1 DC to an existing Win2003 PDC with Forest level of 2003, Forest and Domain DNS repl is only from PDC to DC, never in the other direction. I've followed just about every thread on this topic but never with any success. This has to work in order to demote the WinPDC and use Samba as the only DCs in the domain. Has anyone successfully done this? Should this work? If not, is there another way to do this? I've even looked at LDIFDE as a possibility but I don't think that'll do it. Any help/advice greatly appreciated. Thanx, Garth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shares on failover IP
Hi, Anyone has any thought why I could not acces the shares on the failover IP? Robert 2013-07-18 14:46 keltezéssel, Sandbox írta: Hi, I have a failover configuration. The domain controller's IP: 10.23.14.150 as dc01 The failover IP is: 10.23.14.155 as dcha I added an A and a CNAME record to the dns for the failover IP. It is working, i can see the shares, but I could not enter to any share as user, as Administrator it works. I tried to add the interface variable (i am not sure this is available in samba4), that wasn't helped. Thanks, Robert -- Kind regards: Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-07-19-1145/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-07-19-1145/samba3.stderr http://git.samba.org/autobuild.flakey/2013-07-19-1145/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-07-19-1145/samba.stderr http://git.samba.org/autobuild.flakey/2013-07-19-1145/samba.stdout The top commit at the time of the failure was: commit 51c68c28b27cd1644187af32cc4f630a7471cd28 Author: Shekhar Amlekar samle...@in.ibm.com Date: Thu Jul 11 21:12:29 2013 +0530 librpc: srvsvc.idl: define level 1005 share info flags define level 1005 share info flags. Reviewed-by: Günther Deschner g...@samba.org Autobuild-User(master): Günther Deschner g...@samba.org Autobuild-Date(master): Thu Jul 18 16:35:51 CEST 2013 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bb21fc5 Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list. via 5d54ac4 Reply with correct trans2 message on a setpathinfo with a bad EA name. via b50b006 Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE. via 4a43600 Ensure we can't create a file using NTTRANS with an invalid EA list. via 66fb5ee Ensure we can't create a file using TRANS2_OPEN with an invalid EA list. via fe542fc Add error map of STATUS_INVALID_EA_NAME - ERRDOS, ERRbadfile via 50a288c Add the ability to send an NTSTATUS result back with a trans2 reply so we can return a parameter block with an error code. via 21c9296 Ensure we can't create a file using SMB2_CREATE with an invalid EA list. via 66e7b15 Ensure we never return an EA name to a Windows client it can't handle. via f246d69 Ensure set_ea cannot set invalid Windows EA names. via 1766f9e Add ea_list_has_invalid_name() function. from 51c68c2 librpc: srvsvc.idl: define level 1005 share info flags http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bb21fc51e42c830d7fab4e89d83f8ef4d122fa1a Author: Jeremy Allison j...@samba.org Date: Tue Jul 9 16:37:48 2013 -0700 Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list. Add torture tests to probe the set of invalid Windows EA names. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104 commit 5d54ac414f2130fcbd434b7c96e1efe4a22cc1ff Author: Jeremy Allison j...@samba.org Date: Tue Jul 16 09:14:12 2013 -0700 Reply with correct trans2 message on a setpathinfo with a bad EA name. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit b50b006ace92bb0781173b1244e84ae7bf64732f Author: Jeremy Allison j...@samba.org Date: Tue Jul 16 11:05:10 2013 -0700 Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 4a4360070589a314667166f86c395878659123e1 Author: Jeremy Allison j...@samba.org Date: Tue Jul 9 15:54:39 2013 -0700 Ensure we can't create a file using NTTRANS with an invalid EA list. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 66fb5eeb968e12049381337d7c01401815537a34 Author: Jeremy Allison j...@samba.org Date: Tue Jul 9 15:59:53 2013 -0700 Ensure we can't create a file using TRANS2_OPEN with an invalid EA list. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit fe542fc170053a370092fcf442075dc44189f23e Author: Jeremy Allison j...@samba.org Date: Wed Jul 10 12:18:36 2013 -0700 Add error map of STATUS_INVALID_EA_NAME - ERRDOS, ERRbadfile (from Windows2012 tests). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 50a288cb6a9bfff1d16cf488bbc0eedcb6ad4602 Author: Jeremy Allison j...@samba.org Date: Wed Jul 10 12:38:41 2013 -0700 Add the ability to send an NTSTATUS result back with a trans2 reply so we can return a parameter block with an error code. This is needed when returning a STATUS_INVALID_NAME result (tested from Windows 2012). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 21c92969b8d0ad7a77028d24c5b3fea63264e473 Author: Jeremy Allison j...@samba.org Date: Tue Jul 9 16:02:50 2013 -0700 Ensure we can't create a file using SMB2_CREATE with an invalid EA list. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing : Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 44429f9 s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444). from bb21fc5 Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 44429f948b72e7bcf968da492592c57864f211c7 Author: Günther Deschner g...@samba.org Date: Fri Jul 19 15:10:05 2013 +0200 s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444). Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): Günther Deschner g...@samba.org Autobuild-Date(master): Fri Jul 19 17:53:08 CEST 2013 on sn-devel-104 --- Summary of changes: source3/printing/nt_printing_ads.c | 13 + 1 files changed, 13 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing_ads.c b/source3/printing/nt_printing_ads.c index dcd31b7..5d5f564 100644 --- a/source3/printing/nt_printing_ads.c +++ b/source3/printing/nt_printing_ads.c @@ -417,6 +417,7 @@ WERROR nt_printer_publish(TALLOC_CTX *mem_ctx, ADS_STATUS ads_rc; ADS_STRUCT *ads = NULL; WERROR win_rc; + char *old_krb5ccname = NULL; sinfo2 = talloc_zero(mem_ctx, struct spoolss_SetPrinterInfo2); if (!sinfo2) { @@ -454,6 +455,7 @@ WERROR nt_printer_publish(TALLOC_CTX *mem_ctx, win_rc = WERR_SERVER_UNAVAILABLE; goto done; } + old_krb5ccname = getenv(KRB5_ENV_CCNAME); setenv(KRB5_ENV_CCNAME, MEMORY:prtpub_cache, 1); SAFE_FREE(ads-auth.password); ads-auth.password = secrets_fetch_machine_password(lp_workgroup(), @@ -479,6 +481,11 @@ WERROR nt_printer_publish(TALLOC_CTX *mem_ctx, done: ads_destroy(ads); + ads_kdestroy(MEMORY:prtpub_cache); + unsetenv(KRB5_ENV_CCNAME); + if (old_krb5ccname) { + setenv(KRB5_ENV_CCNAME, old_krb5ccname, 0); + } return win_rc; } @@ -493,6 +500,7 @@ WERROR check_published_printers(struct messaging_context *msg_ctx) struct spoolss_PrinterInfo2 *pinfo2; NTSTATUS status; WERROR result; + char *old_krb5ccname = NULL; tmp_ctx = talloc_new(NULL); if (!tmp_ctx) return WERR_NOMEM; @@ -502,6 +510,7 @@ WERROR check_published_printers(struct messaging_context *msg_ctx) DEBUG(3, (ads_init() failed\n)); return WERR_SERVER_UNAVAILABLE; } + old_krb5ccname = getenv(KRB5_ENV_CCNAME); setenv(KRB5_ENV_CCNAME, MEMORY:prtpub_cache, 1); SAFE_FREE(ads-auth.password); ads-auth.password = secrets_fetch_machine_password(lp_workgroup(), @@ -546,6 +555,10 @@ WERROR check_published_printers(struct messaging_context *msg_ctx) done: ads_destroy(ads); ads_kdestroy(MEMORY:prtpub_cache); + unsetenv(KRB5_ENV_CCNAME); + if (old_krb5ccname) { + setenv(KRB5_ENV_CCNAME, old_krb5ccname, 0); + } talloc_free(tmp_ctx); return result; } -- Samba Shared Repository