from:"Martin Bahlinger"

patch: additional parameter for domain mapping

2002-10-24 Thread Martin Bahlinger

Hi!

Our samba servers here are members of a win2k domain and authenticate
users against the win2k domain controllers. So when connecting to a
samba share you have to supply the Username AND the correct domain name.

Well, everything is fine when connecting from computers belonging to the
same domain. But when connecting from anywhere else, you have to supply
your Username like "DOMAIN\user". This is a problem with pc's running
win95 or win98. They supply automatically their own Domain and you
cannot choose a different one.

Therefore I added the boolean smb.conf parameter "map domains". When
set, all connections will be treated as having supplied the Domain the
samba server belongs to.

In the case of anyone also being in need of this feature...
here is the patch for 2.2.6:


diff -ru samba-2.2.6/source/include/proto.h samba-2.2.6-map-domains/source/include/proto.h
--- samba-2.2.6/source/include/proto.h	Wed Oct 16 06:30:55 2002
+++ samba-2.2.6-map-domains/source/include/proto.h	Wed Oct 23 13:45:11 2002
@@ -2021,6 +2021,7 @@
 BOOL lp_nt_status_support(void);
 BOOL lp_stat_cache(void);
 BOOL lp_allow_trusted_domains(void);
+BOOL lp_map_domains(void);
 BOOL lp_restrict_anonymous(void);
 BOOL lp_lanman_auth(void);
 BOOL lp_host_msdfs(void);
Only in samba-2.2.6-map-domains/source/include: proto.h~
diff -ru samba-2.2.6/source/param/loadparm.c samba-2.2.6-map-domains/source/param/loadparm.c
--- samba-2.2.6/source/param/loadparm.c	Wed Oct 16 06:30:57 2002
+++ samba-2.2.6-map-domains/source/param/loadparm.c	Wed Oct 23 13:45:11 2002
@@ -276,6 +276,7 @@
 	BOOL bStatCache;
 	BOOL bKernelOplocks;
 	BOOL bAllowTrustedDomains;
+ 
BOOL bMapDomains;
 	BOOL bRestrictAnonymous;
 	BOOL bLanmanAuth;
 	BOOL bDebugHiresTimestamp;
@@ -734,6 +735,7 @@
 	{"encrypt passwords", P_BOOL, P_GLOBAL, &Globals.bEncryptPasswords, NULL, NULL, FLAG_BASIC | FLAG_WIZARD},
 	{"update encrypted", P_BOOL, P_GLOBAL, &Globals.bUpdateEncrypt, NULL, NULL, FLAG_BASIC},
 	{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, 0},
+ 
{"map domains", P_BOOL, P_GLOBAL, &Globals.bMapDomains, NULL, NULL, 0},
 	{"alternate permissions", P_BOOL, P_LOCAL, &sDefault.bAlternatePerm, NULL, NULL, FLAG_GLOBAL | FLAG_DEPRECATED},
 	{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, 0},
 	{"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, 0},
@@ -1668,6 +1670,7 @@
 FN_GLOBAL_BOOL(lp_nt_status_support, &Globals.bNTStatusSupport)
 FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache)
 FN_GLOBAL_BOOL(lp_allow_trusted_domains, &Globals.bAllowTrustedDomains)
+FN_GLOBAL_BOOL(lp_map_domains, &Globals.bMapDomains)
 FN_GLOBAL_BOOL(lp_restrict_anonymous, &Globals.bRestrictAnonymous)
 FN_GLOBAL_BOOL(lp_lanman_auth, &Globals.bLanmanAuth)
 FN_GLOBAL_BOOL(lp_host_msdfs, &Globals.bHostMSDfs)
Only in samba-2.2.6-map-domains/source/param: loadparm.c~
diff -ru samba-2.2.6/source/smbd/reply.c samba-2.2.6-map-domains/source/smbd/reply.c
--- samba-2.2.6/source/smbd/reply.c	Wed Oct  9 22:27:23 2002
+++ samba-2.2.6-map-domains/source/smbd/reply.c	Wed Oct 23 13:45:11 2002
@@ -853,7 +853,10 @@
  * to UNIX.
  */
 pstrcpy(user,dos_to_unix_static(user));
-fstrcpy(domain, dos_to_unix_static(p));
+if (lp_map_domains())
+  fstrcpy(domain, dos_to_unix_static(lp_workgroup()));
+else
+  fstrcpy(domain, dos_to_unix_static(p));
 DEBUG(3,("Domain=[%s]  NativeOS=[%s] NativeLanMan=[%s]\n",
 	 domain,skip_string(p,1),skip_string(p,2)));
   }

Re: patch: additional parameter for domain mapping

2002-10-24 Thread Martin Bahlinger

On Thu, 24 Oct 2002, Martin Bahlinger wrote:

> Hi!
>
> Our samba servers here are members of a win2k domain and authenticate
> users against the win2k domain controllers. So when connecting to a
> samba share you have to supply the Username AND the correct domain name.
>
> Well, everything is fine when connecting from computers belonging to the
> same domain. But when connecting from anywhere else, you have to supply
> your Username like "DOMAIN\user". This is a problem with pc's running
> win95 or win98. They supply automatically their own Domain and you
> cannot choose a different one.
>
> Therefore I added the boolean smb.conf parameter "map domains". When
> set, all connections will be treated as having supplied the Domain the
> samba server belongs to.
>
> In the case of anyone also being in need of this feature...
> here is the patch for 2.2.6:

Sorry, mozilla messed up the code block.
I attached it as a plain text file now.

bye
  Martin



-- 
Martin Bahlinger <[EMAIL PROTECTED]>   (PGP-ID: 0x98C32AC5)

diff -ru samba-2.2.6/source/include/proto.h 
samba-2.2.6-map-domains/source/include/proto.h
--- samba-2.2.6/source/include/proto.h  Wed Oct 16 06:30:55 2002
+++ samba-2.2.6-map-domains/source/include/proto.h  Wed Oct 23 13:45:11 2002
@@ -2021,6 +2021,7 @@
 BOOL lp_nt_status_support(void);
 BOOL lp_stat_cache(void);
 BOOL lp_allow_trusted_domains(void);
+BOOL lp_map_domains(void);
 BOOL lp_restrict_anonymous(void);
 BOOL lp_lanman_auth(void);
 BOOL lp_host_msdfs(void);
Only in samba-2.2.6-map-domains/source/include: proto.h~
diff -ru samba-2.2.6/source/param/loadparm.c 
samba-2.2.6-map-domains/source/param/loadparm.c
--- samba-2.2.6/source/param/loadparm.c Wed Oct 16 06:30:57 2002
+++ samba-2.2.6-map-domains/source/param/loadparm.c Wed Oct 23 13:45:11 2002
@@ -276,6 +276,7 @@
BOOL bStatCache;
BOOL bKernelOplocks;
BOOL bAllowTrustedDomains;
+   BOOL bMapDomains;
BOOL bRestrictAnonymous;
BOOL bLanmanAuth;
BOOL bDebugHiresTimestamp;
@@ -734,6 +735,7 @@
{"encrypt passwords", P_BOOL, P_GLOBAL, &Globals.bEncryptPasswords, NULL, 
NULL, FLAG_BASIC | FLAG_WIZARD},
{"update encrypted", P_BOOL, P_GLOBAL, &Globals.bUpdateEncrypt, NULL, NULL, 
FLAG_BASIC},
{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, 
NULL, NULL, 0},
+   {"map domains", P_BOOL, P_GLOBAL, &Globals.bMapDomains, NULL, NULL, 0},
{"alternate permissions", P_BOOL, P_LOCAL, &sDefault.bAlternatePerm, NULL, 
NULL, FLAG_GLOBAL | FLAG_DEPRECATED},
{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, 0},
{"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, 
NULL, 0},
@@ -1668,6 +1670,7 @@
 FN_GLOBAL_BOOL(lp_nt_status_support, &Globals.bNTStatusSupport)
 FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache)
 FN_GLOBAL_BOOL(lp_allow_trusted_domains, &Globals.bAllowTrustedDomains)
+FN_GLOBAL_BOOL(lp_map_domains, &Globals.bMapDomains)
 FN_GLOBAL_BOOL(lp_restrict_anonymous, &Globals.bRestrictAnonymous)
 FN_GLOBAL_BOOL(lp_lanman_auth, &Globals.bLanmanAuth)
 FN_GLOBAL_BOOL(lp_host_msdfs, &Globals.bHostMSDfs)
Only in samba-2.2.6-map-domains/source/param: loadparm.c~
diff -ru samba-2.2.6/source/smbd/reply.c samba-2.2.6-map-domains/source/smbd/reply.c
--- samba-2.2.6/source/smbd/reply.c Wed Oct  9 22:27:23 2002
+++ samba-2.2.6-map-domains/source/smbd/reply.c Wed Oct 23 13:45:11 2002
@@ -853,7 +853,10 @@
  * to UNIX.
  */
 pstrcpy(user,dos_to_unix_static(user));
-fstrcpy(domain, dos_to_unix_static(p));
+if (lp_map_domains())
+  fstrcpy(domain, dos_to_unix_static(lp_workgroup()));
+else
+  fstrcpy(domain, dos_to_unix_static(p));
 DEBUG(3,("Domain=[%s]  NativeOS=[%s] NativeLanMan=[%s]\n",
 domain,skip_string(p,1),skip_string(p,2)));
   }

Re: 2.2.5 crashes in cli_errstr

2002-08-29 Thread Martin Bahlinger

1)
   socket option SO_RCVBUF = 16384
[2002/08/29 15:11:42, 5, pid=12863] 
lib/util_sock.c:print_socket_options(111)
   socket option SO_SNDLOWAT = 1
[2002/08/29 15:11:42, 5, pid=12863] 
lib/util_sock.c:print_socket_options(111)
   socket option SO_RCVLOWAT = 1
[2002/08/29 15:11:42, 5, pid=12863] 
lib/util_sock.c:print_socket_options(111)
   socket option SO_SNDTIMEO = 0
[2002/08/29 15:11:42, 5, pid=12863] 
lib/util_sock.c:print_socket_options(111)
   socket option SO_RCVTIMEO = 0
[2002/08/29 15:11:42, 6, pid=12863] lib/util_sock.c:write_socket(518)
   write_socket(21,72)
[2002/08/29 15:11:42, 6, pid=12863] lib/util_sock.c:write_socket(521)
   write_socket(21,72) wrote 72
[2002/08/29 15:11:42, 5, pid=12863] 
libsmb/cliconnect.c:cli_session_request(674)
   Sent session request
[2002/08/29 15:11:42, 10, pid=12863] 
lib/util_sock.c:read_smb_length_return_keepalive(559)
   got smb length of 1
[2002/08/29 15:11:42, 5, pid=12863] lib/util.c:show_msg(275)
   size=1
   smb_com=0x0
   smb_rcls=0
   smb_reh=0
   smb_err=0
   smb_flg=0
   smb_flg2=0
[2002/08/29 15:11:42, 5, pid=12863] lib/util.c:show_msg(281)
   smb_tid=0
   smb_pid=0
   smb_uid=0
   smb_mid=0
   smt_wct=0
[2002/08/29 15:11:42, 5, pid=12863] lib/util.c:show_msg(291)
   smb_bcc=0
[2002/08/29 15:11:42, 3, pid=12863] lib/util_sock.c:open_socket_out(845)
   Connecting to 172.21.63.142 at port 445
[2002/08/29 15:11:42, 1, pid=12863] lib/util_sock.c:open_socket_out(860)
   timeout connecting to 172.21.63.142:445
[2002/08/29 15:11:42, 3, pid=12863] lib/util_sock.c:open_socket_out(845)
   Connecting to 172.21.63.142 at port 139
[2002/08/29 15:11:42, 1, pid=12863] lib/util_sock.c:open_socket_out(860)
   timeout connecting to 172.21.63.142:139
[2002/08/29 15:11:42, 1, pid=12863] libsmb/cliconnect.c:cli_connect(782)
   Error connecting to 172.21.63.142 (Operation now in progress)
[2002/08/29 15:11:42, 0, pid=12863] 
libsmb/cliconnect.c:attempt_netbios_session_request(1098)
[2002/08/29 15:11:42, 0, pid=12863] lib/fault.c:fault_report(38)
   ===
[2002/08/29 15:11:42, 0, pid=12863] lib/fault.c:fault_report(39)
   INTERNAL ERROR: Signal 11 in pid 12863 (2.2.6pre2)
   Please read the file BUGS.txt in the distribution
[2002/08/29 15:11:42, 0, pid=12863] lib/fault.c:fault_report(41)
   ===
[2002/08/29 15:11:42, 0, pid=12863] lib/util.c:smb_panic(1094)
   PANIC: internal error





-- 
Martin Bahlinger <[EMAIL PROTECTED]>   (PGP-ID: 0x98C32AC5)

Re: 2.2.5 crashes in cli_errstr

2002-08-28 Thread Martin Bahlinger


Volker Lendecke wrote:
> On Fri, Aug 23, 2002 at 01:19:18PM +0200, Martin Bahlinger wrote:
> 
>>I discovered that when the network reports "No route to host" (tested 
>>with "route add DC_IP reject") everything works fine. But when I get the 
>>error "Operation already in progress" (tested with "route add DC_IP lo") 
>>smbd crashes.
> 
> 
> I just tried to reproduce this. I had to set an iptables rule to drop outgoing
> 139 traffic, as the get_dc had to get through. I did not get a crash. Can you
> give more details? Maybe a debug level 10 log?

I was wrong. When setting a drop rule it just gets stuck. And after 
removing the drop rule, smbd does not recover. The smbd panic occurs 
when the domain controller is rebooted. In this case smbd does not 
recover, too.

Today I added a route to nowhere for the DC, some clients connected and 
got no authentication. Even after removing the misleading route, smbd 
gets stuck after resolving the name (see log at 16:50). And at 17:08 I 
rebooted the DC. Here are the 2.2.4 logs:


[2002/08/28 16:50:18, 6, pid=1054] 
param/loadparm.c:lp_file_list_changed(2272)
   lp_file_list_changed()
   file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Wed 
Aug 28 16:46:20 2002

[2002/08/28 16:50:18, 3, pid=1054] smbd/oplock.c:init_oplocks(1184)
   open_oplock_ipc: opening loopback UDP socket.
[2002/08/28 16:50:18, 3, pid=1054] lib/util_sock.c:open_socket_in(811)
   bind succeeded on port 0
[2002/08/28 16:50:18, 3, pid=1054] 
smbd/oplock_linux.c:linux_init_kernel_oplocks(295)
   Linux kernel oplocks enabled
[2002/08/28 16:50:18, 3, pid=1054] smbd/oplock.c:init_oplocks(1215)
   open_oplock ipc: pid = 1054, global_oplock_port = 44759
[2002/08/28 16:50:18, 4, pid=1054] lib/time.c:get_serverzone(122)
   Serverzone is -7200
[2002/08/28 16:50:18, 10, pid=1054] 
lib/util_sock.c:read_smb_length_return_keepalive(557)
   got smb length of 72
[2002/08/28 16:50:18, 10, pid=1054] lib/access.c:check_access(304)
   check_access: allow = , deny =
[2002/08/28 16:50:18, 6, pid=1054] smbd/process.c:process_smb(865)
   got message type 0x81 of len 0x48
[2002/08/28 16:50:18, 3, pid=1054] smbd/process.c:process_smb(866)
   Transaction 0 of length 76
[2002/08/28 16:50:18, 2, pid=1054] smbd/reply.c:reply_special(92)
   netbios connect: name1=RZ-SMB2  name2=MICROAT8
[2002/08/28 16:50:18, 2, pid=1054] smbd/reply.c:reply_special(111)
   netbios connect: local=rz-smb2 remote=microat8
[2002/08/28 16:50:18, 6, pid=1054] 
param/loadparm.c:lp_file_list_changed(2272)
   lp_file_list_changed()
   file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Wed 
Aug 28 16:46:20 2002

[2002/08/28 16:50:18, 5, pid=1054] smbd/connection.c:claim_connection(156)
   claiming  0
[2002/08/28 16:50:18, 5, pid=1054] smbd/reply.c:reply_special(152)
   init msg_type=0x81 msg_flags=0x0
[2002/08/28 16:50:18, 6, pid=1054] lib/util_sock.c:write_socket(516)
   write_socket(14,4)
[2002/08/28 16:50:18, 6, pid=1054] lib/util_sock.c:write_socket(519)
   write_socket(14,4) wrote 4
[2002/08/28 16:50:18, 10, pid=1054] 
lib/util_sock.c:read_smb_length_return_keepalive(557)
   got smb length of 164
[2002/08/28 16:50:18, 6, pid=1054] smbd/process.c:process_smb(865)
   got message type 0x0 of len 0xa4
[2002/08/28 16:50:18, 3, pid=1054] smbd/process.c:process_smb(866)
   Transaction 1 of length 168
[2002/08/28 16:50:18, 5, pid=1054] lib/util.c:show_msg(275)
   size=164
   smb_com=0x72
   smb_rcls=0
   smb_reh=0
   smb_err=0
   smb_flg=8
   smb_flg2=1
[2002/08/28 16:50:18, 5, pid=1054] lib/util.c:show_msg(281)
   smb_tid=0
   smb_pid=18417
   smb_uid=0
   smb_mid=1
   smt_wct=0
[2002/08/28 16:50:18, 5, pid=1054] lib/util.c:show_msg(291)
   smb_bcc=129
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1529)
   [000] 02 50 43 20 4E 45 54 57  4F 52 4B 20 50 52 4F 47  .PC NETW ORK PROG
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [010] 52 41 4D 20 31 2E 30 00  02 4D 49 43 52 4F 53 4F  RAM 1.0. .MICROSO
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [020] 46 54 20 4E 45 54 57 4F  52 4B 53 20 31 2E 30 33  FT NETWO RKS 1.03
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [030] 00 02 4D 49 43 52 4F 53  4F 46 54 20 4E 45 54 57  ..MICROS OFT NETW
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [040] 4F 52 4B 53 20 33 2E 30  00 02 4C 41 4E 4D 41 4E  ORKS 3.0 ..LANMAN
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [050] 31 2E 30 00 02 4C 4D 31  2E 32 58 30 30 32 00 02  1.0..LM1 .2X002..
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [060] 53 61 6D 62 61 00 02 4E  54 20 4C 41 4E 4D 41 4E  Samba..N T LANMAN
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [070] 20 31 2E 30 00 02 4E 54  20 4C 4D 20 30 2E 31 32   1.0..NT  LM 0.12
[2002/08/28 16:50:18, 10, pid=1054] lib/util.c:dump_data(1537)
   [080]

Re: 2.2.5 crashes in cli_errstr

2002-08-26 Thread Martin Bahlinger


Volker Lendecke schrieb:

>On Fri, Aug 23, 2002 at 01:19:18PM +0200, Martin Bahlinger wrote:
>  
>
>>I discovered that when the network reports "No route to host" (tested 
>>with "route add DC_IP reject") everything works fine. But when I get the 
>>error "Operation already in progress" (tested with "route add DC_IP lo") 
>>smbd crashes.
>>
>>
>
>I just tried to reproduce this. I had to set an iptables rule to drop outgoing
>139 traffic, as the get_dc had to get through. I did not get a crash. Can you
>give more details? Maybe a debug level 10 log?
>
>BTW, I tried with latest 2_2 CVS, which is about to become 2.2.6 soon.
>  
>
I will be able to submit you some 2.2.4 logs in the next days.

bye
  Martin

patch: additional parameter for domain mapping

Re: patch: additional parameter for domain mapping

Re: 2.2.5 crashes in cli_errstr

Re: 2.2.5 crashes in cli_errstr

Re: 2.2.5 crashes in cli_errstr

5 matches

Site Navigation

Mail list logo

Footer information