ldapsam_nua and SAMBA_3_0 CVS

2003-03-17 Thread [EMAIL PROTECTED] 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hi,

i tried a lot of things with the current SAMBA_3_0 today.
everything is working fine, except, the ldapsam_nua passdb backend.

i've all accounts in the ldap tree and i want to provide 2 machines
running FreeBSD. one is used to be the PDC and one the BDC and nothing
more. no writing or reading of files only the domain logons.
the disadvantage is, that nss_ldap still isn't working with FreeBSD.

so i need the ldapsam_nua because i don't want to use NIS or want to put
all accounts to the local files too.

now i'm a little bit confused because everything i tried ends up with the
following message:

auth/auth_util.c:get_user_groups_from_local_sam(687)
  user XXX does not have a unix identity!

i searched a little bit in the source (but i'm not a real programmer).
normally there should be a message like:

  user has posixAcccount attributes

from 'get_unix_attributes' in pdb_ldap.c
but it seemes to me that this function is not invoked, because i get
nothing about posix in the logs.
and yes, the ldap entry really has posixAccount attributes like uidNumber,
gidNumber, homeDirectory, userPassword, gecos ...

i don't know how to fix this problem.
maybe someone of the core-developers can have a look at this.

thanks in advance
joerg

- --
  _/_/_/_/ _/_/_/   _/  _/  _/_/   Joerg Pulz
 _/   _/_/ _/_/  _/_/ _/   _/  TU Muenchen
_/   _/_/ _/ _/_/ _/  _/   ZWE-FRM-II
   _/_/_/   _/_/_/   _/  _/  _/ _/_/_/ Lichtenbergstrasse 1
  _/   _/_/ _/  _/_/   85747 Garching
 _/   _/  _/   _/  _/  _/  Tel.: +49 (0)89-289-14708
_/   _/_/ _/  _/ _/_/_/_/  Fax : +49 (0)89-289-14666
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+djevSPOsGF+KA+MRApzmAJ9cnBCEmqZhR1PHjL5+OG630GDxtgCeN25Y
klDwFe/2O9iOotfHmN/M9EA=
=NzYR
-END PGP SIGNATURE-

Memory allocation without check

2002-12-28 Thread [EMAIL PROTECTED] 
Hello,

in libads of samba 3.0 I have found the following lines where memory is
allocated, but there is no check if the allocation failed.

Bye and a happy new year

Andreas

ldap.c line 328


value = talloc_zero(ctx, sizeof(struct berval));
if (in_val-bv_len == 0) return value;

value-bv_len = in_val-bv_len;


ldap.c line 1545,

   ret = talloc(mem_ctx, sizeof(char *) * (n+1));

for (i=0;in;i++) {
if (pull_utf8_talloc(mem_ctx, ret[i], values[i]) == -1) {
return NULL;
}
}
ret[i] = NULL;


ldap.c line 1658,

(*sids) = talloc(mem_ctx, sizeof(DOM_SID) * i);

count = 0;
for (i=0; values[i]; i++) {
ret = sid_parse(values[i]-bv_val, values[i]-bv_len,
(*sids)[count]);
if (ret) count++;
}

ads_struct.c line 44

ret = malloc(len);
strlcpy(ret,field, len);

krb5_setpw.c line 141

packet-data = (char *)malloc(ap_req-length + cipherpw.length + 6);

/* see the RFC for details */
p = packet-data + 2;
RSSVAL(p, 0, 0xff80); p += 2;

krb5_setpw.c line 403

chpw_rep.data = (char *) malloc(chpw_rep.length);

ret = read(sock, chpw_rep.data, chpw_rep.length)

Patch for Smbldap-tools and problems on Samba3.0 a20

2002-10-25 Thread [EMAIL PROTECTED] 
Hi,
During our test on the the migration from the AS/U /Advanced Server for 
Unix) based domain to a Samba-ldap based domain, we have found and 
fixed some bugs on the smbldap tools of Idealx. In attachment you would 
find the improved tools package. The main changes are:
-   smbldap-migrate-accounts.pl  :  the user's rid was added.
-   smbldap-useradd.pl : improved the PrimaryGroupID setting, added 
the option for trusting domain add.
-   smbldap-usermod.pl : fixed the bug on acctFlags setting.
-   smbldap-groupdel.pl : fixed the problem for group names that 
included  the blank.
-   smbldap_tools.pm : for all listed above.

We are using Samba 3.0 Alpha20 on a RedHat 7.3 system to test our 
migration 
and we found that  the Samba  has some problems to enumerate the domain 
group´s members. 
Following were what happened during our test:
We logged onto the domain, where the PDC was Samba 3.0 Alpha20, from a 
NT machine with a normal user samba20, then we connected to a share 
directory of the PDC using net use After that, we used the 
windows explorer to access that share directory and tried to view the 
members of a domain group Gruppo from the security permissions of a 
directory or a file following the step: Proprieties - Security -  
Permissions - Add - On the group Gruppo 
- Members, we got the Access is denied.
The user Samba20 is the member of  Domain Users group that was 
mapped also to the unix group. From the debug logs we have seen that 
the function se_access_check that was called from 
the _samr_open_group failed due to the mismatch between the 
access_desired and access_requested, but I think that the user has the 
right to show the group´s members.  

Jianliang LU
TieSse s.p.a
 

Jianliang Lu
E-mail: [EMAIL PROTECTED]
Phone: 0125 757061
Mobile: 0333 2839559


smbldap-tools-0.7-2.i386.rpm
Description: Binary data

Patch for Smbldap-tools and problems on Samba3.0 a20

2002-10-23 Thread [EMAIL PROTECTED] 
Hi,
During our test on the the migration from the AS/U /Advanced Server for 
Unix) based domain to a Samba-ldap based domain, we have found and 
fixed some bugs on the smbldap tools of Idealx. In attachment you would 
find the improved tools package. The main changes are:
-   smbldap-migrate-accounts.pl  :  the user “rid” was added
-   smbldap-useradd.pl : improved the PrimaryGroupID setting, added 
the option for “trusting domain” add
-   smbldap-usermod.pl : fixed the bug on acctFlags setting
-   smbldap-groupdel.pl : fixed the problem for group names that 
included  the blank
-   smbldap_tools.pm : for all listed above

We are using Samba 3.0 Alpha20 on a RedHat 7.3 system to test our 
migration and we found that  the Samba  has some problems to enumerate 
the domain group’s members. 
Following were what happened during our test:
We logged onto the domain, where the PDC was Samba 3.0 Alpha20, from a 
NT machine with a normal user samba20, then we connected to a share 
directory of the PDC using net use After that, we used the 
windows explorer to access that share directory and tried to view the 
members of a domain group Gruppo from the security permissions of a 
directory or a file following the step: Proprieties - Security -  
Permissions - Add - On the group Gruppo - Members, we got 
the Access is denied.
The user Samba20 is the member of  Domain Users group that was 
mapped also to the unix group. From the debug logs we have seen that 
the function se_access_check that was called from 
the _samr_open_group failed due to the mismatch between the 
access_desired and access_requested, but I think that the user has the 
right to show the group’s members.  
In attchment you would find the debug logs.


Jianliang Lu
E-mail: [EMAIL PROTECTED]
Phone: 0125 757061
Mobile: 0333 2839559


smbldap-tools-0.7-2.i386.rpm
Description: Binary data

{ ¼ºÀα¤°í } Ä®¶ó ÇÚµåÆù ¹× PDAÀ» ¹«·á·Î µå¸³´Ï´Ù.

2002-05-12 Thread [EMAIL PROTECTED] 
Title: realsex




 

  
 * º» ¸ÞÀÏÀº Á¤º¸Åë½ÅºÎ ±Ç°í»çÇ׿¡
ÀÇ°Å(±¤°í)ÀÓÀ» ¹àÈü´Ï´Ù. Çã¶ô¾øÀÌ È«º¸¸ÞÀÏÀ» 
  º¸³»µå·Á Á˼ÛÇÕ´Ï´Ù.
  ±ÍÇÏÀÇ E-Mail Àº °Ô½ÃÆÇ µî ÀÎÅÍ³Ý »ó¿¡¼­ ¾Ë°Ô µÇ¾úÀ¸¸ç,
E-Mail À» Á¦¿ÜÇÑ ¾î¶°ÇÑ Á¤º¸µµ ¾ËÁö 
  ¸øÇÔÀ» ¹àÈü´Ï´Ù. ¼ö½Å°ÅºÎ¸¦ ¿øÇϽøé 
  ¾Æ·¡¿¡¼­ ¼ö½Å°ÅºÎ ÇØ ÁÖ¼¼¿ä.°ÅºÎÇϽŠºÐµé¿¡°Ô´Â ´Ù½Ã´Â º¸³»Áö ¾ÊÀ»
°ÍÀÔ´Ï´Ù.Á¤º¸¸¦ ¿øÄ¡ ¾Ê´Â ºÐ²²´Â ´ë´ÜÈ÷ Á˼Û
ÇÕ´Ï´Ù.
  
		
		
		
  
 
  

   

  


  

  


   

   
 
  

  
  16È­À½¸á·Îµð
n.topµ¿¿µ»óÁö¿ø 
³ë·¡¹æ ±â´É



  
  

  

 
  
 
  
   
16È­À½ 
  º§¼Ò¸® 
  65.000color
  full 
  Ä÷¯±×·¡ÇÈ
  ¸Þ´º


 
  
  

  

  
   
 
  
 
  
  CDMA2000Áö¿ø
16È­À½¸á·Îµð
»çÁø ´Ù¿î·Îµå
±â´É

 
  
  

  

 
  
 
  
  E-mail¼­ºñ½º
Áõ±Ç °Å·¡
¹«¼± ÀÎÅͳÝ

 
  
  

  

  

  

  

  



   
   
¼ö½Å°ÅºÎ