Is it a bug? Is it a feature? Samba 2.2.6-pre vs. Samba 3.0.alpha
Hi, I thought about asking this question on the list, since it seems to me that it more of a bug rather than a feature. SETUP: I've got a Samba server that acts as PDC for say domain A. Authentication is done via Kerberos5. However, for some reason, the W2K/XP orc-stations refuse to play nice with the shares, hence the next server. The other Samba server authenticates to a MS-AD in domain B. This way, the W2K/XP clients can get their shares nicely. WHAT HAPPENS: Case "Samba 3.0" Win9x clients still pertaining to the domain A will authenticate to the Samba PDC but will mount the shares from the second Samba server. The W2K/XP clients are already in domain B so they have no problem whatsoever. Case "Samba 2.2.6" Replacing the Samba 3.0 ( the one that does MS-AD in domain B) with Samba 2.2.6-pre I get the W2K/XP authentication allright, but the W9X will fail. Apparently Samba 2.2.6 passes on to the MS-AD the domain name as well, along with the username and password. Here is the error message I am receiving: 2002/08/12 11:32:31, 0] smbd/password.c:domain_client_validate(1605) domain_client_validate: unable to validate password for user in domain to Domain controller . Error was NT_STATUS_NO_SUCH_USER. As far as I know, users from one domain can use resources from a different domain as long as 1).there is no trust relationship in between the domains and 2).the user has the same username and password in both domains. My question is: why is Samba 2.2.6 different? it seems to me that when it goes for authentication to the MS-AD server it basically asks for \DOMAIN_NAME\USERNAME:PASSWORD and of course - the authentication server will say "bugger off - I don't know anything about your \DOMAIN_NAME\USERNAME". Regards, Bogdan. -- I have seen things you people wouldn't believe. Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhauser Gate. All those moments will be lost in time, like tears in rain. Time to die.
Prepending "\" to user name w/Win98 Domain Login
Using samba as a PDC, logins from win98 don't seem to send a domain name
with the user name when using a domain login. As a result, there's some
kind of null domain which causes a leading slash to be prepended to the
user name. I believe this is the separator character of \
syntax.
If the domain is somhow blank, as shown in Domain=[], I would expect the
user name to just be not <\user>, which fails login every time
:) Works OK on win2K.
[2002/08/11 12:21:44, 3] smbd/sec_ctx.c:set_sec_ctx(314)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/08/11 12:21:44, 3] smbd/reply.c:reply_sesssetup_and_X(858)
Domain=[] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2002/08/11 12:21:44, 3] smbd/reply.c:reply_sesssetup_and_X(868)
sesssetupX:name=[JEFF]
[2002/08/11 12:21:44, 3] smbd/reply.c:reply_sesssetup_and_X(929)
Using unix username \JEFF
[2002/08/11 12:21:44, 2] smbd/reply.c:reply_sesssetup_and_X(982)
Defaulting to Lanman password for \jeff
[2002/08/11 12:21:44, 1] smbd/password.c:pass_check_smb(545)
Couldn't find user '\jeff' in passdb.
[2002/08/11 12:21:44, 1] smbd/reply.c:reply_sesssetup_and_X(998)
Rejecting user '\jeff': authentication failed
[2002/08/11 12:21:44, 3] smbd/error.c:error_packet(91)
error string = No such file or directory
[2002/08/11 12:21:44, 3] smbd/error.c:error_packet(126)
error packet at smbd/reply.c(1000) cmd=115 (SMBsesssetupX) eclass=2
ecode=2
[2002/08/11 12:21:44, 3] smbd/process.c:timeout_processing(1102)
end of file from client
[2002/08/11 12:21:44, 3] smbd/sec_ctx.c:set_sec_ctx(314)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/08/11 12:21:44, 2] smbd/server.c:exit_server(461)
Closing connections
[2002/08/11 12:21:44, 3] smbd/connection.c:yield_connection(48)
Yielding connection to
[2002/08/11 12:21:44, 3] smbd/server.c:exit_server(495)
Server exit (normal exit)
I made a change to reply.c in 2.2.2, but the funcion has been changed
and no longer take two args.
root@mp5# diff reply.c reply.c.orig
737,739c737
< DEBUG(3,("Not PROTOCOL_NT1 user=[%s]\n", user));
< pstrcpy(user,dos_to_unix(user,False));
< DEBUG(3,("Not PROTOCOL_NT1 dos_to_unix user=[%s]\n", user));
---
> pstrcpy(user,dos_to_unix(user,False));
744,746d741
<
<
<
927d921
< DEBUG(3,("Using username %s\n", user));
930d923
< DEBUG(3,("Using dom_user %s\n", dom_user));
932c925
< if (sys_getpwnam(dom_user) != NULL && strlen(domain) > 0 ) {
---
> if (sys_getpwnam(dom_user) != NULL) {
Ideas?
Thanks,
Jeff
Re: FW: Fixed: queryaliasmem always fails in V2.2.5 redhat 7.3 andre dhat 7.2
On Sun, 2002-08-11 at 13:57, Phill Bertolus wrote: > Hi List, > > I think I'm posting to the right place. It appears [EMAIL PROTECTED] is > now dead. samba-bugs is not dead but it is reserved to be used only for bugs signaling for stable releases _and_ through the web interface, patches must be sent in diff -u format to [EMAIL PROTECTED] I still try to sort out as much as I can from samba-bugs, sending to the right people the messages I think are valid. Simo -- Simo Sorce - [EMAIL PROTECTED] Samba Team - http://www.samba.org
FW: Fixed: queryaliasmem always fails in V2.2.5 redhat 7.3 and redhat 7.2
Hi List,
I think I'm posting to the right place. It appears [EMAIL PROTECTED] is
now dead.
Posting this cause it may help. I probably won't keep a record of this as I
prefer not to fiddle with source code (except when cornered).
-Original Message-
From: Phill Bertolus
To: '[EMAIL PROTECTED]'
Sent: 8/11/2002 8:36 PM
Subject: Fixed: queryaliasmem always fails in V2.2.5 redhat 7.3 and redhat
7.2
Further to the ealier report, here is how I fixed the issue. It seems
that smb_io_dom_sid2 places data into the DOM_SID2 structure. No
structure is allocated when this happens... results are unpredictable.
Allocating some space to take the results seems to work. The local
results are then copied to some memory allocated on the "heap" and
returned (this is in the original code). Seems the programmer merely
forgot to allocate the space since everything else is in place which
inturn implies the space is there.
I'm not convinced that I've fixed this correctly. It needs to be checked
by the author to ensure a better degree of quality.
Sorry I don't know how to use the diff stuff otherwise I would have done
a patch (I'd better learn I guess). The source I used was cvs'ed today
(date of this email) using the command on the web page for the SAMBA 2.2
version.
Hope this helps.
Regs
Phill Bertolus
/* Query alias members */
NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX
*mem_ctx,
POLICY_HND *alias_pol, uint32 *num_mem,
DOM_SID **sids)
{
prs_struct qbuf, rbuf;
SAMR_Q_QUERY_ALIASMEM q;
SAMR_R_QUERY_ALIASMEM r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 i;
>>ADDED>>>DOM_SID2 sid2[MAX_LOOKUP_SIDS];
ZERO_STRUCT(q);
ZERO_STRUCT(r);
>>ADDED>>>r.sid = &sid2[0];
-Original Message-
From: Phill Bertolus
To: '[EMAIL PROTECTED]'
Sent: 8/11/2002 11:41 AM
Subject: queryaliasmem always fails in V2.2.5 redhat 7.3 and redhat 7.2
Hi Samba-bugs,
Here's what I do:
[phill@devil log]$ rpcclient -U administrator%xxx -W wombat-nt -c
"enumalsgroups domain" isis
cmd = enumalsgroups domain
group:[RAS and IAS Servers] rid:[0x229]
group:[workstation admin] rid:[0x450]
group:[outlook web access] rid:[0x495]
group:[DHCP Users] rid:[0x526]
group:[DHCP Administrators] rid:[0x527]
group:[DnsAdmins] rid:[0x528]
[phill@devil log]$
Then I try to use the rids like so:
[phill@devil log]$ rpcclient -U administrator%xxx -W wombat-nt -c
"queryaliasmem 0x495" isis
cmd = queryaliasmem 0x495
result was NT_STATUS_UNSUCCESSFUL
[phill@devil log]$
It doesn't matter which rid I use it always fails. I've this on two
networks.
1) Win2K Advanced Server FP2.
2) WinNT4 Server
same result on both,
All other functions I've tried seem to work fine.
Here's the last part of the debug trace. I think the error occurs is
cli_samr_query_aliasmem around where the memory is allocated to hold the
sids that come back:
*num_mem = r.num_sids;
if (!(*sids = talloc(mem_ctx, sizeof(DOM_SID) * *num_mem))) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
I think this is the case because the number of sids appears to be 1 (if
I understand what's going on correctly). I think number 1 could be valid
shown below for the sid count.
rpc_api_pipe: len left: 32 smbtrans read: 44
rpc_read: data_to_read: 32 rdata offset: 44 extra_data_size: 32
rpc_read: grew buffer by 32 bytes to 76
size=92
smb_com=0x2e
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=40963
smb_pid=5102
smb_uid=16387
smb_mid=1
smt_wct=12
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=32 (0x20)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_bcc=33
rpc_read: num_read = 32, read offset: 0, to read: 32
18 samr_io_r_query_aliasmem
0018 num_sids : 0001
001c ptr: 0015a460
0020 num_sids1: 0001
0024 : 0015a464
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=40963
smb_pid=5102
smb_uid=16387
smb_mid=1
smt_wct=0
smb_bcc=0
result was NT_STATUS_UNSUCCESSFUL
Any help most welcome.
Regs
Phill.
Clarification on file purposes.
Hi, (I hope I have the right list) I'm writing some documentation on Samba and I'm wondering as to what these files are for, and what do they individually do ? (these seem to be all from the lock directory) brlock.tdb browse.dat connections.tdb locking.tdb messages.tdb namelist.debug ntdrivers.tdb ntforms.tdb ntprinters.tdb printing.tdb share_info.tdb unexpected.tdb There is also, a secrets.tdb file in the conf directory. Am I correct in assuming this is the data file for the Machine SID's ? There is also no manpage for tdbbackup -- and I'm a little hesitant to see what happens when I run it on my Samba network = ) Some explanation on its operation would be teriffic. Thanks in advance.
Re: unknown RPC opcodes during join+logon
>The only other weird frame is later (not appended below) a NTLMSSP DCERPC >auth request which may be optional. Could be setting up the NETLOGON secure channel; what is the RPC authentication flavor? 0x44? You can disable this in the registry with the usual instructions. >After join the boot and logon includes only two frames that require >further analysis - the DCE/RPC request to the NETLOGON pipe for unknown >opcode 0x1a (once during boot, once during logon) and request to NETLOGON >pipe for unknown opcode 0x1D (during boot I think). 0x1A may be NetrServerAuthenticate3(). Note sure about 0x1D; could it be the PAC verification RPC? Fairly sure we saw it at domain logon. -- Luke -- Luke Howard | lukehoward.com PADL Software | www.padl.com
cvs HEAD compile warnings.
Hello, I downloaded and compiled the latest HEAD source from cvs this morning. My system is RedHat 7.0, kernel 2.2.19-7.0.16 I compiled with the following options: ./configure --sbindir=/usr/local/samba/bin --with-logfilebase=/var/log/samba 3 --with-smbmount --with-ldapsam --with-acl-support There were no errors, but I did notice the following warnings: smbd/mangle_hash2.c: In function `cache_insert': smbd/mangle_hash2.c:172: warning: assignment makes pointer from integer without a cast smbd/mangle_hash2.c: In function `is_mangled': smbd/mangle_hash2.c:263: warning: initialization makes pointer from integer without a cast passdb/secrets.c: In function `secrets_fetch': passdb/secrets.c:61: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_store': passdb/secrets.c:77: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_delete': passdb/secrets.c:93: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_get_trusted_domains': passdb/secrets.c:480: warning: assignment makes pointer from integer without a cast passdb/pdb_ldap.c: In function `ldapsam_search_one_user': passdb/pdb_ldap.c:424: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type passdb/pdb_ldap.c: In function `search_top_nua_rid': passdb/pdb_ldap.c:1097: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type passdb/pdb_ldap.c: In function `ldapsam_setsampwent': passdb/pdb_ldap.c:1195: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type lib/util_str.c: In function `str_list_make': lib/util_str.c:1148: warning: passing arg 3 of `next_token' discards qualifiers from pointer target type libads/ldap.c: In function `ads_do_paged_search': libads/ldap.c:410: warning: passing arg 2 of `str_list_copy' from incompatible pointer type libads/ldap.c: In function `ads_do_search': libads/ldap.c:633: warning: passing arg 2 of `str_list_copy' from incompatible pointer type libads/ldap_printer.c: In function `ads_mod_printer_entry': libads/ldap_printer.c:80: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:96: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:99: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/kerberos.c: In function `kerberos_kinit_password': libads/kerberos.c:76: warning: passing arg 6 of `krb5_get_init_creds_password' discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_user': utils/net_ads.c:370: warning: passing arg 6 of `ads_do_search_all_fn' from incompatible pointer type utils/net_ads.c: In function `net_ads_group': utils/net_ads.c:477: warning: passing arg 6 of `ads_do_search_all_fn' from incompatible pointer type utils/net_ads.c: In function `net_ads_printer_info': utils/net_ads.c:695: warning: passing arg 3 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_ads.c:695: warning: passing arg 4 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_publish': utils/net_ads.c:747: warning: assignment discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_remove': utils/net_ads.c:785: warning: assignment discards qualifiers from pointer target type utils/net_ads.c:789: warning: passing arg 3 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_rpc_join.c: In function `net_rpc_join_ok': utils/net_rpc_join.c:64: warning: passing arg 1 of `secrets_fetch_trust_account_password' discards qualifiers from pointer target type Just to let you know. Greetings, Eddie Lania.
